From: Apple Date: Fri, 31 Aug 2007 20:51:57 +0000 (+0000) Subject: network_cmds-306.tar.gz X-Git-Tag: mac-os-x-105^0 X-Git-Url: https://git.saurik.com/apple/network_cmds.git/commitdiff_plain/b8dff1509d79abed3d82c4d8bfb2e73c7d0f1d1a network_cmds-306.tar.gz --- diff --git a/Makefile b/Makefile index a8d381a..d2e301e 100644 --- a/Makefile +++ b/Makefile @@ -12,30 +12,33 @@ NAME = network_cmds PROJECTVERSION = 2.8 PROJECT_TYPE = Aggregate -SUBPROJECTS = timed.tproj bootparams - -TOOLS = arp.tproj domainname.tproj \ - rpc_lockd.tproj rpc_statd.tproj \ - ifconfig.tproj logger.tproj netstat.tproj\ - nfsd.tproj nfsiod.tproj nfsstat.tproj ping.tproj rarpd.tproj\ - rcp.tproj rexecd.tproj rlogin.tproj rlogind.tproj\ - route.tproj routed.tproj rpcinfo.tproj rsh.tproj rshd.tproj\ - ruptime.tproj rwho.tproj rwhod.tproj slattach.tproj spray.tproj\ - talk.tproj talkd.tproj telnet.tproj telnetd.tproj tftp.tproj\ - tftpd.tproj traceroute.tproj trpt.tproj wall.tproj\ - ypbind.tproj ypcat.tproj ypmatch.tproj yppoll.tproj\ - yppush.tproj ypserv.tproj ypset.tproj ypwhich.tproj\ - ypxfr.tproj makedbm.tproj revnetgroup.tproj rpc_yppasswdd.tproj\ - stdethers.tproj stdhosts.tproj natd.tproj ipfw.tproj\ - setkey.tproj racoon.tproj eaytest.tproj\ +Embedded=$(shell tconf --test TARGET_OS_EMBEDDED) + +ifeq "$(Embedded)" "YES" +TOOLS = arp.tproj \ + ifconfig.tproj netstat.tproj\ + ping.tproj\ + route.tproj\ + traceroute.tproj +else +SUBPROJECTS = bootparams + +TOOLS = arp.tproj \ + ifconfig.tproj netstat.tproj\ + ping.tproj rarpd.tproj\ + route.tproj routed.tproj\ + slattach.tproj spray.tproj\ + traceroute.tproj trpt.tproj\ + natd.tproj ipfw.tproj\ ping6.tproj traceroute6.tproj rtsol.tproj ndp.tproj rtadvd.tproj\ ip6conf.tproj ip6fw.tproj kdumpd.tproj -LIBRARIES = alias ipsec +LIBRARIES = alias +endif -LEGACIES = ypinit.tproj +LEGACIES = -OTHERSRCS = Makefile Makefile.include Makefile.preamble +OTHERSRCS = Makefile Makefile.include Makefile.preamble Makefile.postamble MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles CODE_GEN_STYLE = DYNAMIC diff --git a/Makefile.postamble b/Makefile.postamble new file mode 100644 index 0000000..d47434b --- /dev/null +++ b/Makefile.postamble @@ -0,0 +1,3 @@ +ifeq "$(shell tconf --test TARGET_OS_EMBEDDED)" "YES" +OTHER_CFLAGS += -dead_strip +endif diff --git a/PB.project b/PB.project index c634242..a574212 100644 --- a/PB.project +++ b/PB.project @@ -3,67 +3,20 @@ OTHER_SOURCES = (Makefile, Makefile.include, Makefile.preamble); SUBPROJECTS = ( alias, - timed.tproj, arp.tproj, bootparams, - domainname.tproj, - identd.tproj, - rpc_lockd.tproj, - rpc_statd.tproj, ifconfig.tproj, - inetd.tproj, - logger.tproj, netstat.tproj, - nfsd.tproj, - nfsiod.tproj, - nfsstat.tproj, ping.tproj, rarpd.tproj, - rcp.tproj, - rexecd.tproj, - rlogin.tproj, - rlogind.tproj, route.tproj, routed.tproj, - rpcinfo.tproj, - rsh.tproj, - rshd.tproj, - ruptime.tproj, - rwho.tproj, - rwhod.tproj, slattach.tproj, spray.tproj, - talk.tproj, - talkd.tproj, - telnet.tproj, - telnetd.tproj, - tftp.tproj, - tftpd.tproj, traceroute.tproj, trpt.tproj, - wall.tproj, - ypbind.tproj, - ypcat.tproj, - ypinit.tproj, - ypmatch.tproj, - yppoll.tproj, - yppush.tproj, - ypserv.tproj, - ypset.tproj, - ypwhich.tproj, - ypxfr.tproj, - makedbm.tproj, - revnetgroup.tproj, - rpc_yppasswdd.tproj, - stdethers.tproj, - stdhosts.tproj, natd.tproj, ipfw.tproj, - ipsec, - setkey.tproj, - racoon.tproj, - racoonctl.tproj, - eaytest.tproj, ping6.tproj, traceroute6.tproj, rtsol.tproj, diff --git a/alias/Makefile.preamble b/alias/Makefile.preamble index f02898c..c1624b4 100644 --- a/alias/Makefile.preamble +++ b/alias/Makefile.preamble @@ -39,7 +39,6 @@ # OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen # OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc # OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex -OTHER_LDFLAGS += -seg1addr 0xf9300000 # These variables provide hooks enabling you to add behavior at almost every # stage of the make: diff --git a/alias/alias_ftp.c b/alias/alias_ftp.c index 7985a95..9c88606 100644 --- a/alias/alias_ftp.c +++ b/alias/alias_ftp.c @@ -530,7 +530,7 @@ NewFtpMessage(struct ip *pip, case FTP_PORT_COMMAND: case FTP_227_REPLY: /* Decompose alias port into pair format. */ - ptr = (char *) &alias_port; + ptr = (u_char *) &alias_port; p1 = *ptr++; p2=*ptr; if (ftp_message_type == FTP_PORT_COMMAND) { diff --git a/alias/alias_proxy.c b/alias/alias_proxy.c index 67299c0..3ba958f 100644 --- a/alias/alias_proxy.c +++ b/alias/alias_proxy.c @@ -354,7 +354,7 @@ ProxyEncodeTcpStream(struct alias_link *link, if (dlen == 0) return; - p = (char *) pip; + p = (u_char *) pip; p += hlen; memmove(p + slen, p, dlen); diff --git a/arp.tproj/Makefile.preamble b/arp.tproj/Makefile.preamble index c7802b8..175778d 100644 --- a/arp.tproj/Makefile.preamble +++ b/arp.tproj/Makefile.preamble @@ -16,7 +16,8 @@ ## (e.g. change -O to -O2), see Makefile.postamble. # Flags passed to compiler (in addition to -g, -O, etc) -#OTHER_CFLAGS = +OTHER_CFLAGS += -mdynamic-no-pic + # Flags passed to ld (in addition to -ObjC, etc.) OTHER_LDFLAGS = diff --git a/arp.tproj/arp.c b/arp.tproj/arp.c index 4835bbd..e1273c1 100644 --- a/arp.tproj/arp.c +++ b/arp.tproj/arp.c @@ -510,9 +510,7 @@ print_entry(struct sockaddr_dl *sdl, { const char *host; struct hostent *hp; - struct iso88025_sockaddr_dl_data *trld; char ifname[IF_NAMESIZE]; - int seg; if (nflag == 0) hp = gethostbyaddr((caddr_t)&(addr->sin_addr), diff --git a/bootparams/bootparamd.tproj/bootparamd.8 b/bootparams/bootparamd.tproj/bootparamd.8 index ff28b4f..1666c6b 100644 --- a/bootparams/bootparamd.tproj/bootparamd.8 +++ b/bootparams/bootparamd.tproj/bootparamd.8 @@ -1,6 +1,6 @@ .Dd Oct 27, 20023 .Dt bootparamd 8 -.Os Mac OS X +.Os "Mac OS X" .Sh NAME .Nm bootparamd .Nd boot parameter server diff --git a/bootparams/bootparamd.tproj/bootparamd.c b/bootparams/bootparamd.tproj/bootparamd.c index e76bd42..f38bb41 100644 --- a/bootparams/bootparamd.tproj/bootparamd.c +++ b/bootparams/bootparamd.tproj/bootparamd.c @@ -36,6 +36,7 @@ #include "bootparam_prot.h" #include #include +#include #include #include #include diff --git a/bootparams/bpwhoami.tproj/bpwhoami.1 b/bootparams/bpwhoami.tproj/bpwhoami.1 index cc2aa11..a964e4f 100644 --- a/bootparams/bpwhoami.tproj/bpwhoami.1 +++ b/bootparams/bpwhoami.tproj/bpwhoami.1 @@ -2,7 +2,7 @@ .\" .Dd August 7, 1997 .Dt BPWHOAMI 1 -.Os Mac OS X +.Os "Mac OS X" .Sh NAME .Nm bpwhoami .Nd print the output of a bootparams whoami call diff --git a/domainname.tproj/Makefile b/domainname.tproj/Makefile deleted file mode 100644 index 5be6c01..0000000 --- a/domainname.tproj/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = domainname - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = domainname.c - -OTHERSRCS = Makefile.dist Makefile.postamble domainname.1 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /bin -WINDOWS_INSTALLDIR = /bin -PDO_UNIX_INSTALLDIR = /bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/domainname.tproj/Makefile.dist b/domainname.tproj/Makefile.dist deleted file mode 100644 index 7f04161..0000000 --- a/domainname.tproj/Makefile.dist +++ /dev/null @@ -1,6 +0,0 @@ -# from: @(#)Makefile 5.3 (Berkeley) 5/11/90 -# $Id: Makefile.dist,v 1.1 1999/05/02 03:57:38 wsanchez Exp $ - -PROG= domainname - -.include diff --git a/domainname.tproj/Makefile.postamble b/domainname.tproj/Makefile.postamble deleted file mode 100644 index d979753..0000000 --- a/domainname.tproj/Makefile.postamble +++ /dev/null @@ -1,3 +0,0 @@ -after_install: - install -o root -m 755 -d $(DSTROOT)/usr/share/man/man1 - install -o root -m 644 -c domainname.1 $(DSTROOT)/usr/share/man/man1 diff --git a/domainname.tproj/PB.project b/domainname.tproj/PB.project deleted file mode 100644 index b16d0b9..0000000 --- a/domainname.tproj/PB.project +++ /dev/null @@ -1,36 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (); - M_FILES = (); - OTHER_LINKED = (domainname.c); - OTHER_SOURCES = (Makefile.dist, domainname.1); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = domainname; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/domainname.tproj/domainname.1 b/domainname.tproj/domainname.1 deleted file mode 100644 index b89e57e..0000000 --- a/domainname.tproj/domainname.1 +++ /dev/null @@ -1,56 +0,0 @@ -.\" Copyright (c) 1983, 1988, 1990 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" from: @(#)domainname.1 6.8 (Berkeley) 7/27/91 -.\" $Id: domainname.1,v 1.3 2003/12/03 21:22:17 rbraun Exp $ -.\" -.Dd July 27, 1991 -.Dt DOMAINNAME 1 -.Os BSD 4.2 -.Sh NAME -.Nm domainname -.Nd set or print the name of the current NIS domain -.Sh SYNOPSIS -.Nm domainname -.Op Ar name-of-domain -.Sh DESCRIPTION -.Nm Domainname -prints the NIS domain name of the current host. -The super-user can set the domain name by supplying an argument. -.Sh SEE ALSO -.Xr hostname 1 , -.Xr getdomainname 2 , -.Xr setdomainname 2 -.Sh HISTORY -The -.Nm domainname -command appeared in -.Bx 4.2 . diff --git a/domainname.tproj/domainname.c b/domainname.tproj/domainname.c deleted file mode 100644 index 4e0eb96..0000000 --- a/domainname.tproj/domainname.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1992/3 Theo de Raadt - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char rcsid[] = "$Id: domainname.c,v 1.1 1999/05/02 03:57:38 wsanchez Exp $"; -#endif /* not lint */ - -#include -#include -#include -#include -#include - -static void usage __P((void)); - -main(argc, argv) - int argc; - char **argv; -{ - char dom[MAXHOSTNAMELEN]; - - if( argc>2 ) { - usage (); - /* NOTREACHED */ - } - - if( argc==2 ) { - if( setdomainname(argv[1], strlen(argv[1])+1) == -1) { - perror("setdomainname"); - exit(1); - } - } else { - if( getdomainname(dom, sizeof(dom)) == -1) { - perror("getdomainname"); - exit(1); - } - printf("%s\n", dom); - } - - exit(0); -} - -static void -usage () -{ - (void)fprintf(stderr, "usage: domainname [name-of-domain]\n"); - exit(1); -} diff --git a/eaytest.tproj/Makefile b/eaytest.tproj/Makefile deleted file mode 100644 index 73483e3..0000000 --- a/eaytest.tproj/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# -# Generated by the Apple Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = eaytest - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = crypto_openssl.h misc.h str2val.h vmbuf.h rijndael-alg-fst.h\ - rijndael-api-fst.h sha2.h - -CFILES = crypto_openssl.c eaytest.c misc.c rijndael-alg-fst.c\ - rijndael-api-fst.c sha2.c str2val.c vmbuf.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /Library/Executables -PDO_UNIX_INSTALLDIR = /bin -LIBS = -lcrypto -lipsec -lssl -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(JDKBINDIR)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/eaytest.tproj/Makefile.postamble b/eaytest.tproj/Makefile.postamble deleted file mode 100644 index 411cde6..0000000 --- a/eaytest.tproj/Makefile.postamble +++ /dev/null @@ -1,100 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGES: langages in which the project is written (default "English") -# English_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# diff --git a/eaytest.tproj/Makefile.preamble b/eaytest.tproj/Makefile.preamble deleted file mode 100644 index a96500c..0000000 --- a/eaytest.tproj/Makefile.preamble +++ /dev/null @@ -1,146 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex -OTHER_CFLAGS=-DHAVE_FUNCTION_MACRO=1 -DENABLE_IPV6=1 -DADVAPI=1 -DHAVE_GETADDRINFO=1 \ --DHAVE_GETNAMEINFO=1 -DHAVE_LIBSSL=1 -DHAVE_LIBCRYPTO=1 -DHAVE_LIBL=1 -DHAVE_LIBY=1 \ --DSTDC_HEADERS=1 -DHAVE_SYS_WAIT_H=1 -DHAVE_LIMITS_H=1 -DHAVE_SYS_TIME_H=1 -DHAVE_UNISTD_H=1 \ --DHAVE_STDARG_H=1 -DHAVE_VARARGS_H=1 -DHAVE_OPENSSL_RSA_H=1 -DHAVE_OPENSSL_PEM_H=1 \ --DHAVE_OPENSSL_EVP_H=1 -DHAVE_OPENSSL_X509_H=1 -DHAVE_SIGNING_C=1 -DHAVE_OPENSSL_OPENSSLV_H=1 \ --DTIME_WITH_SYS_TIME=1 -DRETSIGTYPE=void -DHAVE_VPRINTF=1 -DHAVE_GETTIMEOFDAY=1 -DHAVE_SELECT=1 \ --DHAVE_SOCKET=1 -DHAVE_STRERROR=1 -DHAVE_STRTOL=1 -DHAVE_STRTOUL=1 -DHAVE_STRDUP=1 \ --DHAVE_GETIFADDRS=1 -DINET6 -DHAVE_PFKEYV2 -O -DYIPS_DEBUG -DIPSEC -Dss_family=__ss_family \ --Dss_len=__ss_len -DSYSCONFDIR=\"/etc\" -DYY_NO_UNPUT -I../racoon.tproj -DNOUSE_PLOG -DEAYDEBUG - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. For library projects you should -# set this to something like /Developer/Headers/$(NAME). Do not set -# this variable for framework projects unless you do not want the -# header files included in the framework. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. This defaults to -# DYNAMIC. -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSIONS: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -# Uncomment to suppress generation of a KeyValueCoding index when installing -# frameworks (This index is used by WOB and IB to determine keys available -# for an object). Set to YES by default. -# PREINDEX_FRAMEWORK = NO - -# Change this definition to install projects somewhere other than the -# standard locations. NEXT_ROOT defaults to "C:/Apple" on Windows systems -# and "" on other systems. -DSTROOT = $(HOME) diff --git a/eaytest.tproj/PB.project b/eaytest.tproj/PB.project deleted file mode 100644 index 3ed44a1..0000000 --- a/eaytest.tproj/PB.project +++ /dev/null @@ -1,44 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = ( - crypto_openssl.h, - misc.h, - str2val.h, - vmbuf.h, - "rijndael-alg-fst.h", - "rijndael-api-fst.h", - sha2.h - ); - OTHER_LIBS = (crypto, ipsec, ssl); - OTHER_LINKED = ( - crypto_openssl.c, - eaytest.c, - misc.c, - "rijndael-alg-fst.c", - "rijndael-api-fst.c", - sha2.c, - str2val.c, - vmbuf.c - ); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble); - }; - LANGUAGE = English; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_INSTALLDIR = /bin; - PDO_UNIX_JAVA_COMPILER = "$(JDKBINDIR)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = eaytest; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_INSTALLDIR = /Library/Executables; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/eaytest.tproj/crypto_openssl.c b/eaytest.tproj/crypto_openssl.c deleted file mode 100644 index cbc2e0c..0000000 --- a/eaytest.tproj/crypto_openssl.c +++ /dev/null @@ -1,2370 +0,0 @@ -/* $KAME: crypto_openssl.c,v 1.73 2003/04/24 02:21:22 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include - -#include -#include -#include -#include - -/* get openssl/ssleay version number */ -#ifdef HAVE_OPENSSL_OPENSSLV_H -# include -#else -# error no opensslv.h found. -#endif - -#ifndef OPENSSL_VERSION_NUMBER -#error OPENSSL_VERSION_NUMBER is not defined. OpenSSL0.9.4 or later required. -#endif - -#ifdef HAVE_OPENSSL_PEM_H -#include -#endif -#ifdef HAVE_OPENSSL_EVP_H -#include -#endif -#ifdef HAVE_OPENSSL_X509_H -#include -#include -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_OPENSSL_IDEA_H -#include -#endif -#include -#ifdef HAVE_OPENSSL_RC5_H -#include -#endif -#include -#include -#ifdef HAVE_OPENSSL_RIJNDAEL_H -#include -#else -#include "rijndael-api-fst.h" -#endif -#ifdef HAVE_OPENSSL_SHA2_H -#include -#else -#include "sha2.h" -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "crypto_openssl.h" -#include "debug.h" -#include "gcmalloc.h" - -/* - * I hate to cast every parameter to des_xx into void *, but it is - * necessary for SSLeay/OpenSSL portability. It sucks. - */ - -#ifdef HAVE_SIGNING_C -static int cb_check_cert_local __P((int, X509_STORE_CTX *)); -static int cb_check_cert_remote __P((int, X509_STORE_CTX *)); -static void eay_setgentype __P((char *, int *)); -static X509 *mem2x509 __P((vchar_t *)); -#endif - -static caddr_t eay_hmac_init __P((vchar_t *, const EVP_MD *)); - -#ifdef HAVE_SIGNING_C -/* X509 Certificate */ -/* - * convert the string of the subject name into DER - * e.g. str = "C=JP, ST=Kanagawa"; - */ -vchar_t * -eay_str2asn1dn(str, len) - char *str; - int len; -{ - X509_NAME *name; - char *buf; - char *field, *value; - int i, j; - vchar_t *ret; - caddr_t p; - - buf = racoon_malloc(len + 1); - if (!buf) { - printf("failed to allocate buffer\n"); - return NULL; - } - memcpy(buf, str, len); - - name = X509_NAME_new(); - - field = &buf[0]; - value = NULL; - for (i = 0; i < len; i++) { - if (!value && buf[i] == '=') { - buf[i] = '\0'; - value = &buf[i + 1]; - continue; - } else if (buf[i] == ',' || buf[i] == '/') { - buf[i] = '\0'; -#if 0 - printf("[%s][%s]\n", field, value); -#endif - if (!X509_NAME_add_entry_by_txt(name, field, - MBSTRING_ASC, value, -1, -1, 0)) - goto err; - for (j = i + 1; j < len; j++) { - if (buf[j] != ' ') - break; - } - field = &buf[j]; - value = NULL; - continue; - } - } - buf[len] = '\0'; -#if 0 - printf("[%s][%s]\n", field, value); -#endif - if (!X509_NAME_add_entry_by_txt(name, field, - MBSTRING_ASC, value, -1, -1, 0)) - goto err; - - i = i2d_X509_NAME(name, NULL); - if (!i) - goto err; - ret = vmalloc(i); - if (!ret) - goto err; - p = ret->v; - i = i2d_X509_NAME(name, (unsigned char **)&p); - if (!i) - goto err; - - return ret; - - err: - if (buf) - racoon_free(buf); - if (name) - X509_NAME_free(name); - return NULL; -} - -/* - * compare two subjectNames. - * OUT: 0: equal - * positive: - * -1: other error. - */ -int -eay_cmp_asn1dn(n1, n2) - vchar_t *n1, *n2; -{ - X509_NAME *a = NULL, *b = NULL; - caddr_t p; - int i = -1; - - p = n1->v; - if (!d2i_X509_NAME(&a, (unsigned char **)&p, n1->l)) - goto end; - p = n2->v; - if (!d2i_X509_NAME(&b, (unsigned char **)&p, n2->l)) - goto end; - - i = X509_NAME_cmp(a, b); - - end: - if (a) - X509_NAME_free(a); - if (b) - X509_NAME_free(b); - return i; -} - -/* - * this functions is derived from apps/verify.c in OpenSSL0.9.5 - */ -int -eay_check_x509cert(cert, CApath, local) - vchar_t *cert; - char *CApath; - int local; -{ - X509_STORE *cert_ctx = NULL; - X509_LOOKUP *lookup = NULL; - X509 *x509 = NULL; -#if OPENSSL_VERSION_NUMBER >= 0x00905100L - X509_STORE_CTX *csc; -#else - X509_STORE_CTX csc; -#endif - int error = -1; - - /* XXX define only functions required. */ -#if OPENSSL_VERSION_NUMBER >= 0x00905100L - OpenSSL_add_all_algorithms(); -#else - SSLeay_add_all_algorithms(); -#endif - - cert_ctx = X509_STORE_new(); - if (cert_ctx == NULL) - goto end; - - if (local) - X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_local); - else - X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_remote); - - lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file()); - if (lookup == NULL) - goto end; - X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); /* XXX */ - - lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir()); - if (lookup == NULL) - goto end; - error = X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM); - if(!error) { - error = -1; - goto end; - } - error = -1; /* initialized */ - - /* read the certificate to be verified */ - x509 = mem2x509(cert); - if (x509 == NULL) - goto end; - -#if OPENSSL_VERSION_NUMBER >= 0x00905100L - csc = X509_STORE_CTX_new(); - if (csc == NULL) - goto end; - X509_STORE_CTX_init(csc, cert_ctx, x509, NULL); - -#if OPENSSL_VERSION_NUMBER >= 0x00907000L - X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CRL_CHECK); - X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CRL_CHECK_ALL); -#endif - - error = X509_verify_cert(csc); - X509_STORE_CTX_cleanup(csc); -#else - X509_STORE_CTX_init(&csc, cert_ctx, x509, NULL); - error = X509_verify_cert(&csc); - X509_STORE_CTX_cleanup(&csc); -#endif - - /* - * if x509_verify_cert() is successful then the value of error is - * set non-zero. - */ - error = error ? 0 : -1; - - end: - if (error) - printf("%s\n", eay_strerror()); - if (cert_ctx != NULL) - X509_STORE_free(cert_ctx); - if (x509 != NULL) - X509_free(x509); - - return(error); -} - -/* - * callback function for verifing certificate. - * Derived from cb() in openssl/apps/s_server.c - * - * This one is called for certificates obtained from - * 'peers_certfile' directive. - */ -static int -cb_check_cert_local(ok, ctx) - int ok; - X509_STORE_CTX *ctx; -{ - char buf[256]; - int log_tag; - - if (!ok) { - X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), - buf, - 256); - /* - * since we are just checking the certificates, it is - * ok if they are self signed. But we should still warn - * the user. - */ - switch (ctx->error) { - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: -#if OPENSSL_VERSION_NUMBER >= 0x00905100L - case X509_V_ERR_INVALID_PURPOSE: - case X509_V_ERR_UNABLE_TO_GET_CRL: -#endif - ok = 1; - log_tag = LLV_WARNING; - break; - - default: - log_tag = LLV_ERROR; - } - - -#ifndef EAYDEBUG - plog(log_tag, LOCATION, NULL, - "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, - buf); -#else - printf("%d: %s(%d) at depth:%d SubjectName:%s\n", - log_tag, - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, - buf); -#endif - } - ERR_clear_error(); - - return ok; -} - -/* - * Similar to cb_check_cert_local() but this one is called - * for certificates obtained from the IKE payload. - */ -static int -cb_check_cert_remote(ok, ctx) - int ok; - X509_STORE_CTX *ctx; -{ - char buf[256]; - int log_tag; - - if (!ok) { - X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), - buf, - 256); - switch (ctx->error) { - case X509_V_ERR_UNABLE_TO_GET_CRL: - ok = 1; - log_tag = LLV_WARNING; - break; - default: - log_tag = LLV_ERROR; - } -#ifndef EAYDEBUG - plog(log_tag, LOCATION, NULL, - "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, - buf); -#else - printf("%d: %s(%d) at depth:%d SubjectName:%s\n", - log_tag, - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, - buf); -#endif - } - ERR_clear_error(); - - return ok; -} - -/* - * get a subjectAltName from X509 certificate. - */ -vchar_t * -eay_get_x509asn1subjectname(cert) - vchar_t *cert; -{ - X509 *x509 = NULL; - u_char *bp; - vchar_t *name = NULL; - int len; - int error = -1; - - bp = cert->v; - - x509 = mem2x509(cert); - if (x509 == NULL) - goto end; - - /* get the length of the name */ - len = i2d_X509_NAME(x509->cert_info->subject, NULL); - name = vmalloc(len); - if (!name) - goto end; - /* get the name */ - bp = name->v; - len = i2d_X509_NAME(x509->cert_info->subject, &bp); - - error = 0; - - end: - if (error) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#else - printf("%s\n", eay_strerror()); -#endif - if (name) { - vfree(name); - name = NULL; - } - } - if (x509) - X509_free(x509); - - return name; -} - -/* - * get the subjectAltName from X509 certificate. - * the name is terminated by '\0'. - */ -#include -int -eay_get_x509subjectaltname(cert, altname, type, pos) - vchar_t *cert; - char **altname; - int *type; - int pos; -{ - X509 *x509 = NULL; - X509_EXTENSION *ext; - X509V3_EXT_METHOD *method = NULL; - STACK_OF(GENERAL_NAME) *name; - CONF_VALUE *cval = NULL; - STACK_OF(CONF_VALUE) *nval = NULL; - u_char *bp; - int i, len; - int error = -1; - - *altname = NULL; - *type = GENT_OTHERNAME; - - bp = cert->v; - - x509 = mem2x509(cert); - if (x509 == NULL) - goto end; - - i = X509_get_ext_by_NID(x509, NID_subject_alt_name, -1); - if (i < 0) - goto end; - ext = X509_get_ext(x509, i); - method = X509V3_EXT_get(ext); - if(!method) - goto end; - - bp = ext->value->data; - name = method->d2i(NULL, &bp, ext->value->length); - if(!name) - goto end; - - nval = method->i2v(method, name, NULL); - method->ext_free(name); - name = NULL; - if(!nval) - goto end; - - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - /* skip the name */ - if (i + 1 != pos) - continue; - cval = sk_CONF_VALUE_value(nval, i); - len = strlen(cval->value) + 1; /* '\0' included */ - *altname = racoon_malloc(len); - if (!*altname) { - sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); - goto end; - } - strlcpy(*altname, cval->value, len); - - /* set type of the name */ - eay_setgentype(cval->name, type); - } - - sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); - - error = 0; - - end: - if (error) { - if (*altname) { - racoon_free(*altname); - *altname = NULL; - } -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#else - printf("%s\n", eay_strerror()); -#endif - } - if (x509) - X509_free(x509); - - return error; -} - -static void -eay_setgentype(name, type) - char *name; - int *type; -{ - /* XXX It's needed effective code */ - if(!memcmp(name, "email", strlen("email"))) { - *type = GENT_EMAIL; - } else if(!memcmp(name, "URI", strlen("URI"))) { - *type = GENT_URI; - } else if(!memcmp(name, "DNS", strlen("DNS"))) { - *type = GENT_DNS; - } else if(!memcmp(name, "RID", strlen("RID"))) { - *type = GENT_RID; - } else if(!memcmp(name, "IP", strlen("IP"))) { - *type = GENT_IPADD; - } else { - *type = GENT_OTHERNAME; - } -} - -/* - * decode a X509 certificate and make a readable text terminated '\n'. - * return the buffer allocated, so must free it later. - */ -char * -eay_get_x509text(cert) - vchar_t *cert; -{ - X509 *x509 = NULL; - BIO *bio = NULL; - char *text = NULL; - u_char *bp = NULL; - int len = 0; - int error = -1; - - x509 = mem2x509(cert); - if (x509 == NULL) - goto end; - - bio = BIO_new(BIO_s_mem()); - if (bio == NULL) - goto end; - - error = X509_print(bio, x509); - if (error != 1) { - error = -1; - goto end; - } - - len = BIO_get_mem_data(bio, &bp); - text = racoon_malloc(len + 1); - if (text == NULL) - goto end; - memcpy(text, bp, len); - text[len] = '\0'; - - error = 0; - - end: - if (error) { - if (text) { - racoon_free(text); - text = NULL; - } -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#else - printf("%s\n", eay_strerror()); -#endif - } - if (bio) - BIO_free(bio); - if (x509) - X509_free(x509); - - return text; -} - -/* get X509 structure from buffer. */ -static X509 * -mem2x509(cert) - vchar_t *cert; -{ - X509 *x509; - -#ifndef EAYDEBUG - { - u_char *bp; - - bp = cert->v; - - x509 = d2i_X509(NULL, &bp, cert->l); - } -#else - { - BIO *bio; - int len; - - bio = BIO_new(BIO_s_mem()); - if (bio == NULL) - return NULL; - len = BIO_write(bio, cert->v, cert->l); - if (len == -1) - return NULL; - x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); - BIO_free(bio); - } -#endif - return x509; -} - -/* - * get a X509 certificate from local file. - * a certificate must be PEM format. - * Input: - * path to a certificate. - * Output: - * NULL if error occured - * other is the cert. - */ -vchar_t * -eay_get_x509cert(path) - char *path; -{ - FILE *fp; - X509 *x509; - vchar_t *cert; - u_char *bp; - int len; - int error; - - /* Read private key */ - fp = fopen(path, "r"); - if (fp == NULL) - return NULL; -#if OPENSSL_VERSION_NUMBER >= 0x00904100L - x509 = PEM_read_X509(fp, NULL, NULL, NULL); -#else - x509 = PEM_read_X509(fp, NULL, NULL); -#endif - fclose (fp); - - if (x509 == NULL) - return NULL; - - len = i2d_X509(x509, NULL); - cert = vmalloc(len); - if (cert == NULL) { - X509_free(x509); - return NULL; - } - bp = cert->v; - error = i2d_X509(x509, &bp); - X509_free(x509); - - if (error == 0) - return NULL; - - return cert; -} - -/* - * sign a souce by X509 signature. - * XXX: to be get hash type from my cert ? - * to be handled EVP_dss(). - */ -vchar_t * -eay_get_x509sign(source, privkey, cert) - vchar_t *source; - vchar_t *privkey; - vchar_t *cert; -{ - vchar_t *sig = NULL; - - sig = eay_rsa_sign(source, privkey); - - return sig; -} - -/* - * check a X509 signature - * XXX: to be get hash type from my cert ? - * to be handled EVP_dss(). - * OUT: return -1 when error. - * 0 - */ -int -eay_check_x509sign(source, sig, cert) - vchar_t *source; - vchar_t *sig; - vchar_t *cert; -{ - X509 *x509; - u_char *bp; - EVP_PKEY *evp; - - bp = cert->v; - - x509 = d2i_X509(NULL, &bp, cert->l); - if (x509 == NULL) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#endif - return -1; - } - - evp = X509_get_pubkey(x509); - if (!evp) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "X509_get_pubkey: %s\n", eay_strerror()); -#endif - return -1; - } - - return eay_rsa_verify(source, sig, evp); -} - -/* - * check a signature by signed with PKCS7 certificate. - * XXX: to be get hash type from my cert ? - * to be handled EVP_dss(). - * OUT: return -1 when error. - * 0 - */ -int -eay_check_pkcs7sign(source, sig, cert) - vchar_t *source; - vchar_t *sig; - vchar_t *cert; -{ - X509 *x509; - EVP_MD_CTX md_ctx; - EVP_PKEY *evp; - int error; - BIO *bio = BIO_new(BIO_s_mem()); - char *bp; - - if (bio == NULL) - return -1; - error = BIO_write(bio, cert->v, cert->l); - if (error != cert->l) - return -1; - - bp = cert->v; - x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); - BIO_free(bio); - if (x509 == NULL) - return -1; - - evp = X509_get_pubkey(x509); - X509_free(x509); - if (evp == NULL) - return -1; - - /* Verify the signature */ - /* XXX: to be handled EVP_dss() */ - EVP_VerifyInit(&md_ctx, EVP_sha1()); - EVP_VerifyUpdate(&md_ctx, source->v, source->l); - error = EVP_VerifyFinal(&md_ctx, sig->v, sig->l, evp); - - EVP_PKEY_free(evp); - - if (error != 1) - return -1; - - return 0; -} - -/* - * get PKCS#1 Private Key of PEM format from local file. - */ -vchar_t * -eay_get_pkcs1privkey(path) - char *path; -{ - FILE *fp; - EVP_PKEY *evp = NULL; - vchar_t *pkey = NULL; - u_char *bp; - int pkeylen; - int error = -1; - - /* Read private key */ - fp = fopen(path, "r"); - if (fp == NULL) - return NULL; - -#if OPENSSL_VERSION_NUMBER >= 0x00904100L - evp = PEM_read_PrivateKey(fp, NULL, NULL, NULL); -#else - evp = PEM_read_PrivateKey(fp, NULL, NULL); -#endif - fclose (fp); - - if (evp == NULL) - return NULL; - - pkeylen = i2d_PrivateKey(evp, NULL); - if (pkeylen == 0) - goto end; - pkey = vmalloc(pkeylen); - if (pkey == NULL) - goto end; - bp = pkey->v; - pkeylen = i2d_PrivateKey(evp, &bp); - if (pkeylen == 0) - goto end; - - error = 0; - -end: - if (evp != NULL) - EVP_PKEY_free(evp); - if (error != 0 && pkey != NULL) { - vfree(pkey); - pkey = NULL; - } - - return pkey; -} - -/* - * get PKCS#1 Public Key of PEM format from local file. - */ -vchar_t * -eay_get_pkcs1pubkey(path) - char *path; -{ - FILE *fp; - EVP_PKEY *evp = NULL; - vchar_t *pkey = NULL; - X509 *x509 = NULL; - u_char *bp; - int pkeylen; - int error = -1; - - /* Read private key */ - fp = fopen(path, "r"); - if (fp == NULL) - return NULL; - -#if OPENSSL_VERSION_NUMBER >= 0x00904100L - x509 = PEM_read_X509(fp, NULL, NULL, NULL); -#else - x509 = PEM_read_X509(fp, NULL, NULL); -#endif - fclose (fp); - - if (x509 == NULL) - return NULL; - - /* Get public key - eay */ - evp = X509_get_pubkey(x509); - if (evp == NULL) - return NULL; - - pkeylen = i2d_PublicKey(evp, NULL); - if (pkeylen == 0) - goto end; - pkey = vmalloc(pkeylen); - if (pkey == NULL) - goto end; - bp = pkey->v; - pkeylen = i2d_PublicKey(evp, &bp); - if (pkeylen == 0) - goto end; - - error = 0; -end: - if (evp != NULL) - EVP_PKEY_free(evp); - if (error != 0 && pkey != NULL) { - vfree(pkey); - pkey = NULL; - } - - return pkey; -} -#endif - -vchar_t * -eay_rsa_sign(src, privkey) - vchar_t *src, *privkey; -{ - EVP_PKEY *evp; - u_char *bp = privkey->v; - vchar_t *sig = NULL; - int len; - int pad = RSA_PKCS1_PADDING; - - /* XXX to be handled EVP_PKEY_DSA */ - evp = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &bp, privkey->l); - if (evp == NULL) - return NULL; - - /* XXX: to be handled EVP_dss() */ - /* XXX: Where can I get such parameters ? From my cert ? */ - - len = RSA_size(evp->pkey.rsa); - - sig = vmalloc(len); - if (sig == NULL) - return NULL; - - len = RSA_private_encrypt(src->l, src->v, sig->v, evp->pkey.rsa, pad); - EVP_PKEY_free(evp); - if (len == 0 || len != sig->l) { - vfree(sig); - sig = NULL; - } - - return sig; -} - -int -eay_rsa_verify(src, sig, evp) - vchar_t *src, *sig; - EVP_PKEY *evp; -{ - vchar_t *xbuf = NULL; - int pad = RSA_PKCS1_PADDING; - int len = 0; - int error; - - len = RSA_size(evp->pkey.rsa); - - xbuf = vmalloc(len); - if (xbuf == NULL) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#endif - EVP_PKEY_free(evp); - return -1; - } - - len = RSA_public_decrypt(sig->l, sig->v, xbuf->v, evp->pkey.rsa, pad); -#ifndef EAYDEBUG - if (len == 0 || len != src->l) - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#endif - EVP_PKEY_free(evp); - if (len == 0 || len != src->l) { - vfree(xbuf); - return -1; - } - - error = memcmp(src->v, xbuf->v, src->l); - vfree(xbuf); - if (error != 0) - return -1; - - return 0; -} - -/* - * get error string - * MUST load ERR_load_crypto_strings() first. - */ -char * -eay_strerror() -{ - static char ebuf[512]; - int len = 0, n; - unsigned long l; - char buf[200]; -#if OPENSSL_VERSION_NUMBER >= 0x00904100L - const char *file, *data; -#else - char *file, *data; -#endif - int line, flags; - unsigned long es; - - es = CRYPTO_thread_id(); - - while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){ - n = snprintf(ebuf + len, sizeof(ebuf) - len, - "%lu:%s:%s:%d:%s ", - es, ERR_error_string(l, buf), file, line, - (flags & ERR_TXT_STRING) ? data : ""); - if (n < 0 || n >= sizeof(ebuf) - len) - break; - len += n; - if (sizeof(ebuf) < len) - break; - } - - return ebuf; -} - -void -eay_init_error() -{ - ERR_load_crypto_strings(); -} - -/* - * DES-CBC - */ -vchar_t * -eay_des_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - des_key_schedule ks; - - if (des_key_sched((void *)key->v, ks) != 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - des_cbc_encrypt((void *)data->v, (void *)res->v, data->l, - ks, (void *)iv->v, DES_ENCRYPT); - - return res; -} - -vchar_t * -eay_des_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - des_key_schedule ks; - - if (des_key_sched((void *)key->v, ks) != 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - des_cbc_encrypt((void *)data->v, (void *)res->v, data->l, - ks, (void *)iv->v, DES_DECRYPT); - - return res; -} - -int -eay_des_weakkey(key) - vchar_t *key; -{ - return des_is_weak_key((void *)key->v); -} - -int -eay_des_keylen(len) - int len; -{ - if (len != 0 && len != 64) - return -1; - return 64; -} - -#ifdef HAVE_OPENSSL_IDEA_H -/* - * IDEA-CBC - */ -vchar_t * -eay_idea_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - IDEA_KEY_SCHEDULE ks; - - idea_set_encrypt_key(key->v, &ks); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - idea_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, IDEA_ENCRYPT); - - return res; -} - -vchar_t * -eay_idea_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - IDEA_KEY_SCHEDULE ks, dks; - - idea_set_encrypt_key(key->v, &ks); - idea_set_decrypt_key(&ks, &dks); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - idea_cbc_encrypt(data->v, res->v, data->l, - &dks, iv->v, IDEA_DECRYPT); - - return res; -} - -int -eay_idea_weakkey(key) - vchar_t *key; -{ - return 0; /* XXX */ -} - -int -eay_idea_keylen(len) - int len; -{ - if (len != 0 && len != 128) - return -1; - return 128; -} -#endif - -/* - * BLOWFISH-CBC - */ -vchar_t * -eay_bf_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - BF_KEY ks; - - BF_set_key(&ks, key->l, key->v); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - BF_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, BF_ENCRYPT); - - return res; -} - -vchar_t * -eay_bf_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - BF_KEY ks; - - BF_set_key(&ks, key->l, key->v); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - BF_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, BF_DECRYPT); - - return res; -} - -int -eay_bf_weakkey(key) - vchar_t *key; -{ - return 0; /* XXX to be done. refer to RFC 2451 */ -} - -int -eay_bf_keylen(len) - int len; -{ - if (len == 0) - return 448; - if (len < 40 || len > 448) - return -1; - return (len + 7) / 8; -} - -#ifdef HAVE_OPENSSL_RC5_H -/* - * RC5-CBC - */ -vchar_t * -eay_rc5_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - RC5_32_KEY ks; - - /* in RFC 2451, there is information about the number of round. */ - RC5_32_set_key(&ks, key->l, key->v, 16); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - RC5_32_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, RC5_ENCRYPT); - - return res; -} - -vchar_t * -eay_rc5_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - RC5_32_KEY ks; - - /* in RFC 2451, there is information about the number of round. */ - RC5_32_set_key(&ks, key->l, key->v, 16); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - RC5_32_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, RC5_DECRYPT); - - return res; -} - -int -eay_rc5_weakkey(key) - vchar_t *key; -{ - return 0; /* No known weak keys when used with 16 rounds. */ - -} - -int -eay_rc5_keylen(len) - int len; -{ - if (len == 0) - return 128; - if (len < 40 || len > 2040) - return -1; - return (len + 7) / 8; -} -#endif - -/* - * 3DES-CBC - */ -vchar_t * -eay_3des_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - des_key_schedule ks1, ks2, ks3; - - if (key->l < 24) - return NULL; - - if (des_key_sched((void *)key->v, ks1) != 0) - return NULL; - if (des_key_sched((void *)(key->v + 8), ks2) != 0) - return NULL; - if (des_key_sched((void *)(key->v + 16), ks3) != 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - des_ede3_cbc_encrypt((void *)data->v, (void *)res->v, data->l, - ks1, ks2, ks3, (void *)iv->v, DES_ENCRYPT); - - return res; -} - -vchar_t * -eay_3des_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - des_key_schedule ks1, ks2, ks3; - - if (key->l < 24) - return NULL; - - if (des_key_sched((void *)key->v, ks1) != 0) - return NULL; - if (des_key_sched((void *)(key->v + 8), ks2) != 0) - return NULL; - if (des_key_sched((void *)(key->v + 16), ks3) != 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - des_ede3_cbc_encrypt((void *)data->v, (void *)res->v, data->l, - ks1, ks2, ks3, (void *)iv->v, DES_DECRYPT); - - return res; -} - -int -eay_3des_weakkey(key) - vchar_t *key; -{ - if (key->l < 24) - return NULL; - - return (des_is_weak_key((void *)key->v) - || des_is_weak_key((void *)(key->v + 8)) - || des_is_weak_key((void *)(key->v + 16))); -} - -int -eay_3des_keylen(len) - int len; -{ - if (len != 0 && len != 192) - return -1; - return 192; -} - -/* - * CAST-CBC - */ -vchar_t * -eay_cast_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - CAST_KEY ks; - - CAST_set_key(&ks, key->l, key->v); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - CAST_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, DES_ENCRYPT); - - return res; -} - -vchar_t * -eay_cast_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - CAST_KEY ks; - - CAST_set_key(&ks, key->l, key->v); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - CAST_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, DES_DECRYPT); - - return res; -} - -int -eay_cast_weakkey(key) - vchar_t *key; -{ - return 0; /* No known weak keys. */ -} - -int -eay_cast_keylen(len) - int len; -{ - if (len == 0) - return 128; - if (len < 40 || len > 128) - return -1; - return (len + 7) / 8; -} - -/* - * AES(RIJNDAEL)-CBC - */ -vchar_t * -eay_aes_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - keyInstance k; - cipherInstance c; - - memset(&k, 0, sizeof(k)); - if (rijndael_makeKey(&k, DIR_ENCRYPT, key->l << 3, key->v) < 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* encryption data */ - memset(&c, 0, sizeof(c)); - if (rijndael_cipherInit(&c, MODE_CBC, iv->v) < 0) - return NULL; - if (rijndael_blockEncrypt(&c, &k, data->v, data->l << 3, res->v) < 0) - return NULL; - - return res; -} - -vchar_t * -eay_aes_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - keyInstance k; - cipherInstance c; - - memset(&k, 0, sizeof(k)); - if (rijndael_makeKey(&k, DIR_DECRYPT, key->l << 3, key->v) < 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - memset(&c, 0, sizeof(c)); - if (rijndael_cipherInit(&c, MODE_CBC, iv->v) < 0) - return NULL; - if (rijndael_blockDecrypt(&c, &k, data->v, data->l << 3, res->v) < 0) - return NULL; - - return res; -} - -int -eay_aes_weakkey(key) - vchar_t *key; -{ - return 0; -} - -int -eay_aes_keylen(len) - int len; -{ - if (len == 0) - return 128; - if (len != 128 && len != 192 && len != 256) - return -1; - return len; -} - -/* for ipsec part */ -int -eay_null_hashlen() -{ - return 0; -} - -int -eay_kpdk_hashlen() -{ - return 0; -} - -int -eay_twofish_keylen(len) - int len; -{ - if (len < 0 || len > 256) - return -1; - return len; -} - -int -eay_null_keylen(len) - int len; -{ - return 0; -} - -/* - * HMAC functions - */ -static caddr_t -eay_hmac_init(key, md) - vchar_t *key; - const EVP_MD *md; -{ - HMAC_CTX *c = racoon_malloc(sizeof(*c)); - - HMAC_CTX_init(c); - HMAC_Init(c, key->v, key->l, md); - - return (caddr_t)c; -} - -/* - * HMAC SHA2-512 - */ -vchar_t * -eay_hmacsha2_512_one(key, data) - vchar_t *key, *data; -{ - vchar_t *res; - caddr_t ctx; - - ctx = eay_hmacsha2_512_init(key); - eay_hmacsha2_512_update(ctx, data); - res = eay_hmacsha2_512_final(ctx); - - return(res); -} - -caddr_t -eay_hmacsha2_512_init(key) - vchar_t *key; -{ - return eay_hmac_init(key, EVP_sha2_512()); -} - -void -eay_hmacsha2_512_update(c, data) - caddr_t c; - vchar_t *data; -{ - HMAC_Update((HMAC_CTX *)c, data->v, data->l); -} - -vchar_t * -eay_hmacsha2_512_final(c) - caddr_t c; -{ - vchar_t *res; - unsigned int l; - - if ((res = vmalloc(SHA512_DIGEST_LENGTH)) == 0) - return NULL; - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; - HMAC_CTX_cleanup(c); - (void)racoon_free(c); - - if (SHA512_DIGEST_LENGTH != res->l) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "hmac sha2_512 length mismatch %d.\n", res->l); -#else - printf("hmac sha2_512 length mismatch %d.\n", res->l); -#endif - vfree(res); - return NULL; - } - - return(res); -} - -/* - * HMAC SHA2-384 - */ -vchar_t * -eay_hmacsha2_384_one(key, data) - vchar_t *key, *data; -{ - vchar_t *res; - caddr_t ctx; - - ctx = eay_hmacsha2_384_init(key); - eay_hmacsha2_384_update(ctx, data); - res = eay_hmacsha2_384_final(ctx); - - return(res); -} - -caddr_t -eay_hmacsha2_384_init(key) - vchar_t *key; -{ - return eay_hmac_init(key, EVP_sha2_384()); -} - -void -eay_hmacsha2_384_update(c, data) - caddr_t c; - vchar_t *data; -{ - HMAC_Update((HMAC_CTX *)c, data->v, data->l); -} - -vchar_t * -eay_hmacsha2_384_final(c) - caddr_t c; -{ - vchar_t *res; - unsigned int l; - - if ((res = vmalloc(SHA384_DIGEST_LENGTH)) == 0) - return NULL; - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; - HMAC_CTX_cleanup(c); - (void)racoon_free(c); - - if (SHA384_DIGEST_LENGTH != res->l) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "hmac sha2_384 length mismatch %d.\n", res->l); -#else - printf("hmac sha2_384 length mismatch %d.\n", res->l); -#endif - vfree(res); - return NULL; - } - - return(res); -} - -/* - * HMAC SHA2-256 - */ -vchar_t * -eay_hmacsha2_256_one(key, data) - vchar_t *key, *data; -{ - vchar_t *res; - caddr_t ctx; - - ctx = eay_hmacsha2_256_init(key); - eay_hmacsha2_256_update(ctx, data); - res = eay_hmacsha2_256_final(ctx); - - return(res); -} - -caddr_t -eay_hmacsha2_256_init(key) - vchar_t *key; -{ - return eay_hmac_init(key, EVP_sha2_256()); -} - -void -eay_hmacsha2_256_update(c, data) - caddr_t c; - vchar_t *data; -{ - HMAC_Update((HMAC_CTX *)c, data->v, data->l); -} - -vchar_t * -eay_hmacsha2_256_final(c) - caddr_t c; -{ - vchar_t *res; - unsigned int l; - - if ((res = vmalloc(SHA256_DIGEST_LENGTH)) == 0) - return NULL; - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; - HMAC_CTX_cleanup(c); - (void)racoon_free(c); - - if (SHA256_DIGEST_LENGTH != res->l) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "hmac sha2_256 length mismatch %d.\n", res->l); -#else - printf("hmac sha2_256 length mismatch %d.\n", res->l); -#endif - vfree(res); - return NULL; - } - - return(res); -} - -/* - * HMAC SHA1 - */ -vchar_t * -eay_hmacsha1_one(key, data) - vchar_t *key, *data; -{ - vchar_t *res; - caddr_t ctx; - - ctx = eay_hmacsha1_init(key); - eay_hmacsha1_update(ctx, data); - res = eay_hmacsha1_final(ctx); - - return(res); -} - -caddr_t -eay_hmacsha1_init(key) - vchar_t *key; -{ - return eay_hmac_init(key, EVP_sha1()); -} - -void -eay_hmacsha1_update(c, data) - caddr_t c; - vchar_t *data; -{ - HMAC_Update((HMAC_CTX *)c, data->v, data->l); -} - -vchar_t * -eay_hmacsha1_final(c) - caddr_t c; -{ - vchar_t *res; - unsigned int l; - - if ((res = vmalloc(SHA_DIGEST_LENGTH)) == 0) - return NULL; - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; - HMAC_CTX_cleanup(c); - (void)racoon_free(c); - - if (SHA_DIGEST_LENGTH != res->l) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "hmac sha1 length mismatch %d.\n", res->l); -#else - printf("hmac sha1 length mismatch %d.\n", res->l); -#endif - vfree(res); - return NULL; - } - - return(res); -} - -/* - * HMAC MD5 - */ -vchar_t * -eay_hmacmd5_one(key, data) - vchar_t *key, *data; -{ - vchar_t *res; - caddr_t ctx; - - ctx = eay_hmacmd5_init(key); - eay_hmacmd5_update(ctx, data); - res = eay_hmacmd5_final(ctx); - - return(res); -} - -caddr_t -eay_hmacmd5_init(key) - vchar_t *key; -{ - return eay_hmac_init(key, EVP_md5()); -} - -void -eay_hmacmd5_update(c, data) - caddr_t c; - vchar_t *data; -{ - HMAC_Update((HMAC_CTX *)c, data->v, data->l); -} - -vchar_t * -eay_hmacmd5_final(c) - caddr_t c; -{ - vchar_t *res; - unsigned int l; - - if ((res = vmalloc(MD5_DIGEST_LENGTH)) == 0) - return NULL; - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; - HMAC_CTX_cleanup(c); - (void)racoon_free(c); - - if (MD5_DIGEST_LENGTH != res->l) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "hmac md5 length mismatch %d.\n", res->l); -#else - printf("hmac md5 length mismatch %d.\n", res->l); -#endif - vfree(res); - return NULL; - } - - return(res); -} - -/* - * SHA2-512 functions - */ -caddr_t -eay_sha2_512_init() -{ - SHA512_CTX *c = racoon_malloc(sizeof(*c)); - - SHA512_Init(c); - - return((caddr_t)c); -} - -void -eay_sha2_512_update(c, data) - caddr_t c; - vchar_t *data; -{ - SHA512_Update((SHA512_CTX *)c, data->v, data->l); - - return; -} - -vchar_t * -eay_sha2_512_final(c) - caddr_t c; -{ - vchar_t *res; - - if ((res = vmalloc(SHA512_DIGEST_LENGTH)) == 0) - return(0); - - SHA512_Final(res->v, (SHA512_CTX *)c); - (void)racoon_free(c); - - return(res); -} - -vchar_t * -eay_sha2_512_one(data) - vchar_t *data; -{ - caddr_t ctx; - vchar_t *res; - - ctx = eay_sha2_512_init(); - eay_sha2_512_update(ctx, data); - res = eay_sha2_512_final(ctx); - - return(res); -} - -int -eay_sha2_512_hashlen() -{ - return SHA512_DIGEST_LENGTH << 3; -} - -/* - * SHA2-384 functions - */ -caddr_t -eay_sha2_384_init() -{ - SHA384_CTX *c = racoon_malloc(sizeof(*c)); - - SHA384_Init(c); - - return((caddr_t)c); -} - -void -eay_sha2_384_update(c, data) - caddr_t c; - vchar_t *data; -{ - SHA384_Update((SHA384_CTX *)c, data->v, data->l); - - return; -} - -vchar_t * -eay_sha2_384_final(c) - caddr_t c; -{ - vchar_t *res; - - if ((res = vmalloc(SHA384_DIGEST_LENGTH)) == 0) - return(0); - - SHA384_Final(res->v, (SHA384_CTX *)c); - (void)racoon_free(c); - - return(res); -} - -vchar_t * -eay_sha2_384_one(data) - vchar_t *data; -{ - caddr_t ctx; - vchar_t *res; - - ctx = eay_sha2_384_init(); - eay_sha2_384_update(ctx, data); - res = eay_sha2_384_final(ctx); - - return(res); -} - -int -eay_sha2_384_hashlen() -{ - return SHA384_DIGEST_LENGTH << 3; -} - -/* - * SHA2-256 functions - */ -caddr_t -eay_sha2_256_init() -{ - SHA256_CTX *c = racoon_malloc(sizeof(*c)); - - SHA256_Init(c); - - return((caddr_t)c); -} - -void -eay_sha2_256_update(c, data) - caddr_t c; - vchar_t *data; -{ - SHA256_Update((SHA256_CTX *)c, data->v, data->l); - - return; -} - -vchar_t * -eay_sha2_256_final(c) - caddr_t c; -{ - vchar_t *res; - - if ((res = vmalloc(SHA256_DIGEST_LENGTH)) == 0) - return(0); - - SHA256_Final(res->v, (SHA256_CTX *)c); - (void)racoon_free(c); - - return(res); -} - -vchar_t * -eay_sha2_256_one(data) - vchar_t *data; -{ - caddr_t ctx; - vchar_t *res; - - ctx = eay_sha2_256_init(); - eay_sha2_256_update(ctx, data); - res = eay_sha2_256_final(ctx); - - return(res); -} - -int -eay_sha2_256_hashlen() -{ - return SHA256_DIGEST_LENGTH << 3; -} - -/* - * SHA functions - */ -caddr_t -eay_sha1_init() -{ - SHA_CTX *c = racoon_malloc(sizeof(*c)); - - SHA1_Init(c); - - return((caddr_t)c); -} - -void -eay_sha1_update(c, data) - caddr_t c; - vchar_t *data; -{ - SHA1_Update((SHA_CTX *)c, data->v, data->l); - - return; -} - -vchar_t * -eay_sha1_final(c) - caddr_t c; -{ - vchar_t *res; - - if ((res = vmalloc(SHA_DIGEST_LENGTH)) == 0) - return(0); - - SHA1_Final(res->v, (SHA_CTX *)c); - (void)racoon_free(c); - - return(res); -} - -vchar_t * -eay_sha1_one(data) - vchar_t *data; -{ - caddr_t ctx; - vchar_t *res; - - ctx = eay_sha1_init(); - eay_sha1_update(ctx, data); - res = eay_sha1_final(ctx); - - return(res); -} - -int -eay_sha1_hashlen() -{ - return SHA_DIGEST_LENGTH << 3; -} - -/* - * MD5 functions - */ -caddr_t -eay_md5_init() -{ - MD5_CTX *c = racoon_malloc(sizeof(*c)); - - MD5_Init(c); - - return((caddr_t)c); -} - -void -eay_md5_update(c, data) - caddr_t c; - vchar_t *data; -{ - MD5_Update((MD5_CTX *)c, data->v, data->l); - - return; -} - -vchar_t * -eay_md5_final(c) - caddr_t c; -{ - vchar_t *res; - - if ((res = vmalloc(MD5_DIGEST_LENGTH)) == 0) - return(0); - - MD5_Final(res->v, (MD5_CTX *)c); - (void)racoon_free(c); - - return(res); -} - -vchar_t * -eay_md5_one(data) - vchar_t *data; -{ - caddr_t ctx; - vchar_t *res; - - ctx = eay_md5_init(); - eay_md5_update(ctx, data); - res = eay_md5_final(ctx); - - return(res); -} - -int -eay_md5_hashlen() -{ - return MD5_DIGEST_LENGTH << 3; -} - -/* - * eay_set_random - * size: number of bytes. - */ -vchar_t * -eay_set_random(size) - u_int32_t size; -{ - BIGNUM *r = NULL; - vchar_t *res = 0; - - if ((r = BN_new()) == NULL) - goto end; - BN_rand(r, size * 8, 0, 0); - eay_bn2v(&res, r); - -end: - if (r) - BN_free(r); - return(res); -} - -/* DH */ -int -eay_dh_generate(prime, g, publen, pub, priv) - vchar_t *prime, **pub, **priv; - u_int publen; - u_int32_t g; -{ - BIGNUM *p = NULL; - DH *dh = NULL; - int error = -1; - - /* initialize */ - /* pre-process to generate number */ - if (eay_v2bn(&p, prime) < 0) - goto end; - - if ((dh = DH_new()) == NULL) - goto end; - dh->p = p; - p = NULL; /* p is now part of dh structure */ - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) - goto end; - if (!BN_set_word(dh->g, g)) - goto end; - - if (publen != 0) - dh->length = publen; - - /* generate public and private number */ - if (!DH_generate_key(dh)) - goto end; - - /* copy results to buffers */ - if (eay_bn2v(pub, dh->pub_key) < 0) - goto end; - if (eay_bn2v(priv, dh->priv_key) < 0) { - vfree(*pub); - goto end; - } - - error = 0; - -end: - if (dh != NULL) - DH_free(dh); - if (p != 0) - BN_free(p); - return(error); -} - -int -eay_dh_compute(prime, g, pub, priv, pub2, key) - vchar_t *prime, *pub, *priv, *pub2, **key; - u_int32_t g; -{ - BIGNUM *dh_pub = NULL; - DH *dh = NULL; - int l; - caddr_t v = NULL; - int error = -1; - - /* make public number to compute */ - if (eay_v2bn(&dh_pub, pub2) < 0) - goto end; - - /* make DH structure */ - if ((dh = DH_new()) == NULL) - goto end; - if (eay_v2bn(&dh->p, prime) < 0) - goto end; - if (eay_v2bn(&dh->pub_key, pub) < 0) - goto end; - if (eay_v2bn(&dh->priv_key, priv) < 0) - goto end; - dh->length = pub2->l * 8; - - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) - goto end; - if (!BN_set_word(dh->g, g)) - goto end; - - if ((v = (caddr_t)racoon_calloc(prime->l, sizeof(u_char))) == NULL) - goto end; - if ((l = DH_compute_key(v, dh_pub, dh)) == -1) - goto end; - memcpy((*key)->v + (prime->l - l), v, l); - - error = 0; - -end: - if (dh_pub != NULL) - BN_free(dh_pub); - if (dh != NULL) - DH_free(dh); - if (v != NULL) - racoon_free(v); - return(error); -} - -#if 1 -int -eay_v2bn(bn, var) - BIGNUM **bn; - vchar_t *var; -{ - if ((*bn = BN_bin2bn(var->v, var->l, NULL)) == NULL) - return -1; - - return 0; -} -#else -/* - * convert vchar_t <-> BIGNUM. - * - * vchar_t: unit is u_char, network endian, most significant byte first. - * BIGNUM: unit is BN_ULONG, each of BN_ULONG is in host endian, - * least significant BN_ULONG must come first. - * - * hex value of "0x3ffe050104" is represented as follows: - * vchar_t: 3f fe 05 01 04 - * BIGNUM (BN_ULONG = u_int8_t): 04 01 05 fe 3f - * BIGNUM (BN_ULONG = u_int16_t): 0x0104 0xfe05 0x003f - * BIGNUM (BN_ULONG = u_int32_t_t): 0xfe050104 0x0000003f - */ -int -eay_v2bn(bn, var) - BIGNUM **bn; - vchar_t *var; -{ - u_char *p; - u_char *q; - BN_ULONG *r; - int l; - BN_ULONG num; - - *bn = BN_new(); - if (*bn == NULL) - goto err; - l = (var->l * 8 + BN_BITS2 - 1) / BN_BITS2; - if (bn_expand(*bn, l * BN_BITS2) == NULL) - goto err; - (*bn)->top = l; - - /* scan from least significant byte */ - p = (u_char *)var->v; - q = (u_char *)(var->v + var->l); - r = (*bn)->d; - num = 0; - l = 0; - do { - q--; - num = num | ((BN_ULONG)*q << (l++ * 8)); - if (l == BN_BYTES) { - *r++ = num; - num = 0; - l = 0; - } - } while (p < q); - if (l) - *r = num; - return 0; - -err: - if (*bn) - BN_free(*bn); - return -1; -} -#endif - -int -eay_bn2v(var, bn) - vchar_t **var; - BIGNUM *bn; -{ - *var = vmalloc(bn->top * BN_BYTES); - if (*var == NULL) - return(-1); - - (*var)->l = BN_bn2bin(bn, (*var)->v); - - return 0; -} - -const char * -eay_version() -{ - return SSLeay_version(SSLEAY_VERSION); -} diff --git a/eaytest.tproj/crypto_openssl.h b/eaytest.tproj/crypto_openssl.h deleted file mode 100644 index 7139a82..0000000 --- a/eaytest.tproj/crypto_openssl.h +++ /dev/null @@ -1,194 +0,0 @@ -/* $KAME: crypto_openssl.h,v 1.25 2002/04/25 09:48:32 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_OPENSSL_EVP_H -#include -#endif - -#ifdef HAVE_SIGNING_C -/* X509 Certificate */ -#define GENT_OTHERNAME 0 -#define GENT_EMAIL 1 -#define GENT_DNS 2 -#define GENT_X400 3 -#define GENT_DIRNAME 4 -#define GENT_EDIPARTY 5 -#define GENT_URI 6 -#define GENT_IPADD 7 -#define GENT_RID 8 - -extern vchar_t *eay_str2asn1dn __P((char *, int)); -extern int eay_cmp_asn1dn __P((vchar_t *, vchar_t *)); -extern int eay_check_x509cert __P((vchar_t *, char *, int)); -extern vchar_t *eay_get_x509asn1subjectname __P((vchar_t *)); -extern int eay_get_x509subjectaltname __P((vchar_t *, char **, int *, int)); -extern char *eay_get_x509text __P((vchar_t *)); -extern vchar_t *eay_get_x509cert __P((char *)); -extern vchar_t *eay_get_x509sign __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_check_x509sign __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_check_pkcs7sign __P((vchar_t *, vchar_t *, vchar_t *)); - -/* RSA */ -extern vchar_t *eay_rsa_sign __P((vchar_t *, vchar_t *)); -extern int eay_rsa_verify __P((vchar_t *, vchar_t *, EVP_PKEY *)); - -/* ASN.1 */ -extern vchar_t *eay_get_pkcs1privkey __P((char *)); -extern vchar_t *eay_get_pkcs1pubkey __P((char *)); -#endif - -/* string error */ -extern char *eay_strerror __P((void)); -extern void eay_init_error __P((void)); - -/* DES */ -extern vchar_t *eay_des_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_des_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_des_weakkey __P((vchar_t *)); -extern int eay_des_keylen __P((int)); - -/* IDEA */ -extern vchar_t *eay_idea_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_idea_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_idea_weakkey __P((vchar_t *)); -extern int eay_idea_keylen __P((int)); - -/* blowfish */ -extern vchar_t *eay_bf_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_bf_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_bf_weakkey __P((vchar_t *)); -extern int eay_bf_keylen __P((int)); - -/* RC5 */ -extern vchar_t *eay_rc5_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_rc5_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_rc5_weakkey __P((vchar_t *)); -extern int eay_rc5_keylen __P((int)); - -/* 3DES */ -extern vchar_t *eay_3des_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_3des_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_3des_weakkey __P((vchar_t *)); -extern int eay_3des_keylen __P((int)); - -/* CAST */ -extern vchar_t *eay_cast_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_cast_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_cast_weakkey __P((vchar_t *)); -extern int eay_cast_keylen __P((int)); - -/* AES(RIJNDAEL) */ -extern vchar_t *eay_aes_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_aes_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_aes_weakkey __P((vchar_t *)); -extern int eay_aes_keylen __P((int)); - -/* misc */ -extern int eay_null_keylen __P((int)); -extern int eay_null_hashlen __P((void)); -extern int eay_kpdk_hashlen __P((void)); -extern int eay_twofish_keylen __P((int)); - -/* hash */ -/* HMAC SHA2 */ -extern vchar_t *eay_hmacsha2_512_one __P((vchar_t *, vchar_t *)); -extern caddr_t eay_hmacsha2_512_init __P((vchar_t *)); -extern void eay_hmacsha2_512_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_hmacsha2_512_final __P((caddr_t)); -extern vchar_t *eay_hmacsha2_384_one __P((vchar_t *, vchar_t *)); -extern caddr_t eay_hmacsha2_384_init __P((vchar_t *)); -extern void eay_hmacsha2_384_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_hmacsha2_384_final __P((caddr_t)); -extern vchar_t *eay_hmacsha2_256_one __P((vchar_t *, vchar_t *)); -extern caddr_t eay_hmacsha2_256_init __P((vchar_t *)); -extern void eay_hmacsha2_256_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_hmacsha2_256_final __P((caddr_t)); -/* HMAC SHA1 */ -extern vchar_t *eay_hmacsha1_one __P((vchar_t *, vchar_t *)); -extern caddr_t eay_hmacsha1_init __P((vchar_t *)); -extern void eay_hmacsha1_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_hmacsha1_final __P((caddr_t)); -/* HMAC MD5 */ -extern vchar_t *eay_hmacmd5_one __P((vchar_t *, vchar_t *)); -extern caddr_t eay_hmacmd5_init __P((vchar_t *)); -extern void eay_hmacmd5_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_hmacmd5_final __P((caddr_t)); - -/* SHA2 functions */ -extern caddr_t eay_sha2_512_init __P((void)); -extern void eay_sha2_512_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_sha2_512_final __P((caddr_t)); -extern vchar_t *eay_sha2_512_one __P((vchar_t *)); -extern int eay_sha2_512_hashlen __P((void)); - -extern caddr_t eay_sha2_384_init __P((void)); -extern void eay_sha2_384_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_sha2_384_final __P((caddr_t)); -extern vchar_t *eay_sha2_384_one __P((vchar_t *)); -extern int eay_sha2_384_hashlen __P((void)); - -extern caddr_t eay_sha2_256_init __P((void)); -extern void eay_sha2_256_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_sha2_256_final __P((caddr_t)); -extern vchar_t *eay_sha2_256_one __P((vchar_t *)); -extern int eay_sha2_256_hashlen __P((void)); - -/* SHA functions */ -extern caddr_t eay_sha1_init __P((void)); -extern void eay_sha1_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_sha1_final __P((caddr_t)); -extern vchar_t *eay_sha1_one __P((vchar_t *)); -extern int eay_sha1_hashlen __P((void)); - -/* MD5 functions */ -extern caddr_t eay_md5_init __P((void)); -extern void eay_md5_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_md5_final __P((caddr_t)); -extern vchar_t *eay_md5_one __P((vchar_t *)); -extern int eay_md5_hashlen __P((void)); - -/* eay_set_random */ -extern vchar_t *eay_set_random __P((u_int32_t)); - -/* DH */ -extern int eay_dh_generate __P((vchar_t *, u_int32_t, u_int, vchar_t **, vchar_t **)); -extern int eay_dh_compute __P((vchar_t *, u_int32_t, vchar_t *, vchar_t *, vchar_t *, vchar_t **)); - -/* misc */ -extern int eay_revbnl __P((vchar_t *)); -#include -extern int eay_v2bn __P((BIGNUM **, vchar_t *)); -extern int eay_bn2v __P((vchar_t **, BIGNUM *)); - -extern const char *eay_version __P((void)); - -#define CBC_BLOCKLEN 8 -#define IPSEC_ENCRYPTKEYLEN 8 diff --git a/eaytest.tproj/eaytest.c b/eaytest.tproj/eaytest.c deleted file mode 100644 index 2e3a3c3..0000000 --- a/eaytest.tproj/eaytest.c +++ /dev/null @@ -1,940 +0,0 @@ -/* $KAME: eaytest.c,v 1.38 2001/11/16 04:12:59 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include - -#include "var.h" -#include "vmbuf.h" -#include "misc.h" -#include "debug.h" -#include "str2val.h" - -#include "oakley.h" -#include "dhgroup.h" -#include "crypto_openssl.h" - -#define PVDUMP(var) hexdump((var)->v, (var)->l) - -u_int32_t loglevel = 4; - -/* prototype */ - -void rsatest __P((int, char **)); -static vchar_t *pem_read_buf __P((char *)); -void certtest __P((int, char **)); -static char **getcerts __P((char *)); -void ciphertest __P((int, char **)); -void hmactest __P((int, char **)); -void sha2test __P((int, char **)); -void sha1test __P((int, char **)); -void md5test __P((int, char **)); -void dhtest __P((int, char **)); -void bntest __P((int, char **)); -void Usage __P((void)); - -/* test */ - -void -rsatest(ac, av) - int ac; - char **av; -{ - char *text = "this is test."; - vchar_t src; - vchar_t *priv, *pub, *sig; - int error; - - char *pkcs1 = -"-----BEGIN RSA PRIVATE KEY-----\n" -"MIICXQIBAAKBgQChe5/Fzk9SA0vCKBOcu9jBcLb9oLv50PeuEfQojhakY+OH8A3Q\n" -"M8A0qIDG6uhTNGPvzCWb/+mKeOB48n5HJpLxlDFyP3kyd2yXHIZ/MN8g1nh4FsB0\n" -"iTkk8QUCJkkan6FCOBrIeLEsGA5AdodzuR+khnCMt8vO+NFHZYKAQeynyQIDAQAB\n" -"AoGAOfDcnCHxjhDGrwyoNNWl6Yqi7hAtQm67YAbrH14UO7nnmxAENM9MyNgpFLaW\n" -"07v5m8IZQIcradcDXAJOUwNBN8E06UflwEYCaScIwndvr5UpVlN3e2NC6Wyg2yC7\n" -"GarxQput3zj35XNR5bK42UneU0H6zDxpHWqI1SwE+ToAHu0CQQDNl9gUJTpg0L09\n" -"HkbE5jeb8bA5I20nKqBOBP0v5tnzpwu41umQwk9I7Ru0ucD7j+DW4k8otadW+FnI\n" -"G1M1MpSjAkEAyRMt4bN8otfpOpsOQWzw4jQtouohOxRFCrQTntHhU20PrQnQLZWs\n" -"pOVzqCjRytYtkPEUA1z8QK5gGcVPcOQsowJBALmt2rwPB1NrEo5Bat7noO+Zb3Ob\n" -"WDiYWeE8xkHd95gDlSWiC53ur9aINo6ZeP556jGIgL+el/yHHecJLrQL84sCQH48\n" -"zUxq/C/cb++8UzneJGlPqusiJNTLiAENR1gpmlZfHT1c8Nb9phMsfu0vG29GAfuC\n" -"bzchVLljALCNQK+2gRMCQQCNIgN+R9mRWZhFAcC1sq++YnuSBlw4VwdL/fd1Yg9e\n" -"Ul+U98yPl/NXt8Rs4TRBFcOZjkFI8xv0hQtevTgTmgz+\n" -"-----END RSA PRIVATE KEY-----\n\n"; - char *pubkey = -"-----BEGIN PUBLIC KEY-----\n" -"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChe5/Fzk9SA0vCKBOcu9jBcLb9\n" -"oLv50PeuEfQojhakY+OH8A3QM8A0qIDG6uhTNGPvzCWb/+mKeOB48n5HJpLxlDFy\n" -"P3kyd2yXHIZ/MN8g1nh4FsB0iTkk8QUCJkkan6FCOBrIeLEsGA5AdodzuR+khnCM\n" -"t8vO+NFHZYKAQeynyQIDAQAB\n" -"-----END PUBLIC KEY-----\n\n"; - - priv = pem_read_buf(pkcs1); - - src.v = text; - src.l = strlen(text); - - /* sign */ - sig = eay_rsa_sign(&src, priv); - if (sig == NULL) - printf("sign failed. %s\n", eay_strerror()); - printf("RSA signed data.\n"); - PVDUMP(sig); - - /* verify */ - pub = pem_read_buf(pubkey); - error = eay_rsa_verify(&src, sig, pub); - if (error) - printf("verifying failed.\n"); - else - printf("verified.\n"); -} - -static vchar_t * -pem_read_buf(buf) - char *buf; -{ - BIO *bio; - char *nm = NULL, *header = NULL; - unsigned char *data = NULL; - long len; - vchar_t *ret; - int error; - - bio = BIO_new_mem_buf(buf, strlen(buf)); - error = PEM_read_bio(bio, &nm, &header, &data, &len); - if (error == 0) - errx(1, "%s", eay_strerror()); - ret = vmalloc(len); - if (ret == NULL) - err(1, "vmalloc"); - memcpy(ret->v, data, len); - - return ret; -} - -void -certtest(ac, av) - int ac; - char **av; -{ - char *certpath; - char **certs; - int type; - int error; - - printf("\n**Test for Certificate.**\n"); - - { - char dnstr[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=Shoichi Sakane/Email=sakane@kame.net"; - vchar_t *asn1dn = NULL, asn1dn0; - char dn0[] = { - 0x30,0x81,0x9a,0x31,0x0b,0x30,0x09,0x06, - 0x03,0x55,0x04,0x06,0x13,0x02,0x4a,0x50, - 0x31,0x11,0x30,0x0f,0x06,0x03,0x55,0x04, - 0x08,0x13,0x08,0x4b,0x61,0x6e,0x61,0x67, - 0x61,0x77,0x61,0x31,0x11,0x30,0x0f,0x06, - 0x03,0x55,0x04,0x07,0x13,0x08,0x46,0x75, - 0x6a,0x69,0x73,0x61,0x77,0x61,0x31,0x15, - 0x30,0x13,0x06,0x03,0x55,0x04,0x0a,0x13, - 0x0c,0x57,0x49,0x44,0x45,0x20,0x50,0x72, - 0x6f,0x6a,0x65,0x63,0x74,0x31,0x15,0x30, - 0x13,0x06,0x03,0x55,0x04,0x0b,0x13,0x0c, - 0x4b,0x41,0x4d,0x45,0x20,0x50,0x72,0x6f, - 0x6a,0x65,0x63,0x74,0x31,0x17,0x30,0x15, - 0x06,0x03,0x55,0x04,0x03,0x13,0x0e,0x53, - 0x68,0x6f,0x69,0x63,0x68,0x69,0x20,0x53, - 0x61,0x6b,0x61,0x6e,0x65,0x31,0x1e,0x30, - 0x1c,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7, - 0x0d,0x01,0x09,0x01, - 0x0c, /* <== XXX */ - 0x0f,0x73,0x61, - 0x6b,0x61,0x6e,0x65,0x40,0x6b,0x61,0x6d, - 0x65,0x2e,0x6e,0x65,0x74, - }; - - printf("check to convert the string into subjectName.\n"); - printf("%s\n", dnstr); - - asn1dn0.v = dn0; - asn1dn0.l = sizeof(dn0); - - asn1dn = eay_str2asn1dn(dnstr, sizeof(dnstr)); - if (asn1dn == NULL || asn1dn->l != asn1dn0.l) - errx(1, "asn1dn length mismatched.\n"); - - /* - * NOTE: The value pointed by "<==" above is different from the - * return of eay_str2asn1dn(). but eay_cmp_asn1dn() can distinguish - * both of the names are same name. - */ - if (eay_cmp_asn1dn(&asn1dn0, asn1dn)) - errx(1, "asn1dn mismatched.\n"); - vfree(asn1dn); - - printf("succeed.\n"); - } - - eay_init_error(); - - /* get certs */ - if (ac > 1) { - certpath = *(av + 1); - certs = getcerts(certpath); - } else { - printf("\nCAUTION: These certificates are probably invalid " - "on your environment because you don't have their " - "issuer's certs in your environment.\n\n"); - - certpath = "/usr/local/openssl/certs"; - certs = getcerts(NULL); - } - - while (*certs != NULL) { - - vchar_t c; - char *str; - vchar_t *vstr; - - printf("===CERT===\n"); - - c.v = *certs; - c.l = strlen(*certs); - - /* print text */ - str = eay_get_x509text(&c); - printf("%s", str); - racoon_free(str); - - /* print ASN.1 of subject name */ - vstr = eay_get_x509asn1subjectname(&c); - if (!vstr) - return; - PVDUMP(vstr); - printf("\n"); - vfree(vstr); - - /* print subject alt name */ - { - int pos; - for (pos = 1; ; pos++) { - error = eay_get_x509subjectaltname(&c, &str, &type, pos); - if (error) { - printf("no subjectaltname found.\n"); - break; - } - if (!str) - break; - printf("SubjectAltName: %d: %s\n", type, str); - racoon_free(str); - } - } - - error = eay_check_x509cert(&c, certpath, 1); - if (error) - printf("ERROR: cert is invalid.\n"); - printf("\n"); - - certs++; - } -} - -static char ** -getcerts(path) - char *path; -{ - char **certs = NULL, **p; - DIR *dirp; - struct dirent *dp; - struct stat sb; - char buf[512]; - int len; - int n; - int fd; - - static char *samplecerts[] = { -/* self signed */ -"-----BEGIN CERTIFICATE-----\n" -"MIICpTCCAg4CAQAwDQYJKoZIhvcNAQEEBQAwgZoxCzAJBgNVBAYTAkpQMREwDwYD\n" -"VQQIEwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUg\n" -"UHJvamVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hp\n" -"IFNha2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MB4XDTAwMDgy\n" -"NDAxMzc0NFoXDTAwMDkyMzAxMzc0NFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n" -"EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n" -"amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n" -"a2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n" -"DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n" -"SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n" -"kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n" -"twIDAQABMA0GCSqGSIb3DQEBBAUAA4GBACKs6X/BYycuHI3iop403R3XWMHHnNBN\n" -"5XTHVWiWgR1cMWkq/dp51gn+nPftpdAaYGpqGkiHGhZcXLoBaX9uON3p+7av+sQN\n" -"plXwnvUf2Zsgu+fojskS0gKcDlYiq1O8TOaBgJouFZgr1q6PiYjVEJGogAP28+HN\n" -"M4o+GBFbFoqK\n" -"-----END CERTIFICATE-----\n\n", -/* signed by SSH testing CA + CA1 + CA2 */ -"-----BEGIN X509 CERTIFICATE-----\n" -"MIICtTCCAj+gAwIBAgIEOaR8NjANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJG\n" -"STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n" -"EwhXZWIgdGVzdDEbMBkGA1UEAxMSVGVzdCBDQSAxIHN1YiBjYSAyMB4XDTAwMDgy\n" -"NDAwMDAwMFoXDTAwMTAwMTAwMDAwMFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n" -"EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n" -"amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n" -"a2FuZTEeMBwGCSqGSIb3DQEJAQwPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n" -"DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n" -"SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n" -"kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n" -"twIDAQABo18wXTALBgNVHQ8EBAMCBaAwGgYDVR0RBBMwEYEPc2FrYW5lQGthbWUu\n" -"bmV0MDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2Nh\n" -"MS0yLmNybDANBgkqhkiG9w0BAQUFAANhADtaqual41OWshF/rwCTuR6zySBJysGp\n" -"+qjkp5efCiYKhAu1L4WXlMsV/SNdzspui5tHasPBvUw8gzFsU/VW/B2zuQZkimf1\n" -"u6ZPjUb/vt8vLOPScP5MeH7xrTk9iigsqQ==\n" -"-----END X509 CERTIFICATE-----\n\n", -/* VP100 */ -"-----BEGIN CERTIFICATE-----\n" -"MIICXzCCAcigAwIBAgIEOXGBIzANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJG\n" -"STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n" -"EwhXZWIgdGVzdDESMBAGA1UEAxMJVGVzdCBDQSAxMB4XDTAwMDcxNjAwMDAwMFoX\n" -"DTAwMDkwMTAwMDAwMFowNTELMAkGA1UEBhMCanAxETAPBgNVBAoTCHRhaGl0ZXN0\n" -"MRMwEQYDVQQDEwpmdXJ1a2F3YS0xMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKB\n" -"gQDUmI2RaAuoLvtRDbASwRhbkj/Oq0BBIKgAqbFknc/EanJSQwZQu82gD88nf7gG\n" -"VEioWmKPLDuEjz5JCuM+k5f7HYHI1wWmz1KFr7UA+avZm4Kp6YKnhuH7soZp7kBL\n" -"hTiZEpL0jdmCWLW3ZXoro55rmPrBsCd+bt8VU6tRZm5dUwIBKaNZMFcwCwYDVR0P\n" -"BAQDAgWgMBYGA1UdEQQPMA2CBVZQMTAwhwQKFIaFMDAGA1UdHwQpMCcwJaAjoCGG\n" -"H2h0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2NhMS5jcmwwDQYJKoZIhvcNAQEFBQAD\n" -"gYEAKJ/2Co/KYW65mwpGG3CBvsoRL8xyUMHGt6gQpFLHiiHuAdix1ADTL6uoFuYi\n" -"4sE5omQm1wKVv2ZhS03zDtUfKoVEv0HZ7IY3AU/FZT/M5gQvbt43Dki/ma3ock2I\n" -"PPhbLsvXm+GCVh3jvkYGk1zr7VERVeTPtmT+hW63lcxfFp4=\n" -"-----END CERTIFICATE-----\n\n", -/* IKED */ -"-----BEGIN CERTIFICATE-----\n" -"MIIEFTCCA7+gAwIBAgIKYU5X6AAAAAAACTANBgkqhkiG9w0BAQUFADCBljEpMCcG\n" -"CSqGSIb3DQEJARYaeS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYT\n" -"AkpQMREwDwYDVQQIEwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNV\n" -"BAoTB0hJVEFDSEkxDDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBD\n" -"QTAeFw0wMDA3MTUwMjUxNDdaFw0wMTA3MTUwMzAxNDdaMEUxCzAJBgNVBAYTAkpQ\n" -"MREwDwYDVQQIEwhLQU5BR0FXQTEQMA4GA1UEChMHSElUQUNISTERMA8GA1UEAxMI\n" -"V0FUQU5BQkUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA6Wja5A7Ldzrtx+rMWHEB\n" -"Cyt+/ZoG0qdFQbuuUiU1vOSq+1f+ZSCYAdTq13Lrr6Xfz3jDVFEZLPID9PSTFwq+\n" -"yQIDAQABo4ICPTCCAjkwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUF\n" -"CAICMB0GA1UdDgQWBBTkv7/MH5Ra+S1zBAmnUIH5w8ZTUTCB0gYDVR0jBIHKMIHH\n" -"gBQsF2qoaTl5F3GFLKrttaxPJ8j4faGBnKSBmTCBljEpMCcGCSqGSIb3DQEJARYa\n" -"eS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n" -"EwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNVBAoTB0hJVEFDSEkx\n" -"DDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBDQYIQeccIf4GYDIBA\n" -"rS6HSUt8XjB7BgNVHR8EdDByMDagNKAyhjBodHRwOi8vZmxvcmEyMjAvQ2VydEVu\n" -"cm9sbC9JUHNlYyUyMFRlc3QlMjBDQS5jcmwwOKA2oDSGMmZpbGU6Ly9cXGZsb3Jh\n" -"MjIwXENlcnRFbnJvbGxcSVBzZWMlMjBUZXN0JTIwQ0EuY3JsMIGgBggrBgEFBQcB\n" -"AQSBkzCBkDBFBggrBgEFBQcwAoY5aHR0cDovL2Zsb3JhMjIwL0NlcnRFbnJvbGwv\n" -"ZmxvcmEyMjBfSVBzZWMlMjBUZXN0JTIwQ0EuY3J0MEcGCCsGAQUFBzAChjtmaWxl\n" -"Oi8vXFxmbG9yYTIyMFxDZXJ0RW5yb2xsXGZsb3JhMjIwX0lQc2VjJTIwVGVzdCUy\n" -"MENBLmNydDANBgkqhkiG9w0BAQUFAANBAG8yZAWHb6g3zba453Hw5loojVDZO6fD\n" -"9lCsyaxeo9/+7x1JEEcdZ6qL7KKqe7ZBwza+hIN0ITkp2WEWo22gTz4=\n" -"-----END CERTIFICATE-----\n\n", -/* From Entrust */ -"-----BEGIN CERTIFICATE-----\n" -"MIIDXTCCAsagAwIBAgIEOb6khTANBgkqhkiG9w0BAQUFADA4MQswCQYDVQQGEwJV\n" -"UzEQMA4GA1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8wHhcN\n" -"MDAwOTE4MjMwMDM3WhcNMDMwOTE4MjMzMDM3WjBTMQswCQYDVQQGEwJVUzEQMA4G\n" -"A1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8xGTAXBgNVBAMT\n" -"EFNob2ljaGkgU2FrYW5lIDIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKj3\n" -"eXSt1qXxFXzpa265B/NQYk5BZN7pNJg0tlTKBTVV3UgpQ92Bx5DoNfZh11oIv0Sw\n" -"6YnG5p9F9ma36U9HDoD3hVTjAvQKy4ssCsnU1y6v5XOU1QvYQo6UTzgsXUTaIau4\n" -"Lrccl+nyoiNzy3lG51tLR8CxuA+3OOAK9xPjszClAgMBAAGjggFXMIIBUzBABgNV\n" -"HREEOTA3gQ9zYWthbmVAa2FtZS5uZXSHBM6vIHWCHjIwNi0xNzUtMzItMTE3LnZw\n" -"bndvcmtzaG9wLmNvbTATBgNVHSUEDDAKBggrBgEFBQgCAjALBgNVHQ8EBAMCAKAw\n" -"KwYDVR0QBCQwIoAPMjAwMDA5MTgyMzAwMzdagQ8yMDAyMTAyNTExMzAzN1owWgYD\n" -"VR0fBFMwUTBPoE2gS6RJMEcxCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFbnRydXN0\n" -"MRcwFQYDVQQLEw5WUE4gSW50ZXJvcCBSTzENMAsGA1UEAxMEQ1JMMTAfBgNVHSME\n" -"GDAWgBTzVmhu0tBoWKwkZE5mXpooE9630DAdBgNVHQ4EFgQUEgBHPtXggJqei5Xz\n" -"92CrWXTJxfAwCQYDVR0TBAIwADAZBgkqhkiG9n0HQQAEDDAKGwRWNS4wAwIEsDAN\n" -"BgkqhkiG9w0BAQUFAAOBgQCIFriNGMUE8GH5LuDrTJfA8uGx8vLy2seljuo694TR\n" -"et/ojp9QnfOJ1PF9iAdGaEaSLfkwhY4fZNZzxic5HBoHLeo9BXLP7i7FByXjvOZC\n" -"Y8++0dC8NVvendIILcJBM5nbDq1TqIbb8K3SP80XhO5JLVJkoZiQftAMjo0peZPO\n" -"EQ==\n" -"-----END CERTIFICATE-----\n\n", - NULL, - }; - - if (path == NULL) - return (char **)&samplecerts; - - stat(path, &sb); - if (!(sb.st_mode & S_IFDIR)) { - printf("ERROR: %s is not directory.\n", path); - exit(0); - } - - dirp = opendir(path); - if (dirp == NULL) { - printf("opendir failed.\n"); - exit(0); - } - - n = 0; - while ((dp = readdir(dirp)) != NULL) { - if (dp->d_type != DT_REG) - continue; - if (strcmp(dp->d_name + dp->d_namlen - 4, "cert")) - continue; - snprintf(buf, sizeof(buf), "%s/%s", path, dp->d_name); - stat(buf, &sb); - - p = (char **)realloc(certs, (n + 1) * sizeof(certs)); - if (p == NULL) - err(1, "realloc"); - certs = p; - - certs[n] = malloc(sb.st_size + 1); - if (certs[n] == NULL) - err(1, "malloc"); - - fd = open(buf, O_RDONLY); - if (fd == -1) - err(1, "open"); - len = read(fd, certs[n], sb.st_size); - if (len == -1) - err(1, "read"); - if (len != sb.st_size) - errx(1, "read: length mismatch"); - certs[n][sb.st_size] = '\0'; - close(fd); - - printf("%s: %d\n", dp->d_name, (int)sb.st_size); - - n++; - } - - p = (char **)realloc(certs, (n + 1) * sizeof(certs)); - if (p == NULL) - err(1, "realloc"); - certs = p; - certs[n] = NULL; - - return certs; -} - -void -ciphertest(ac, av) - int ac; - char **av; -{ - vchar_t data; - vchar_t key; - vchar_t iv0; - vchar_t *res1, *res2, *iv; - - printf("\n**Test for CIPHER.**\n"); - - data.v = str2val("\ -06000017 03000000 73616b61 6e65406b 616d652e 6e657409 0002c104 308202b8 \ -04f05a90 \ - ", 16, &data.l); - key.v = str2val("f59bd70f 81b9b9cc 2a32c7fd 229a4b37", 16, &key.l); - iv0.v = str2val("26b68c90 9467b4ab 7ec29fa0 0b696b55", 16, &iv0.l); - - iv = vmalloc(8); - - /* des */ - printf("DES\n"); - printf("data:\n"); - PVDUMP(&data); - - memcpy(iv->v, iv0.v, 8); - res1 = eay_des_encrypt(&data, &key, iv); - printf("encrypto:\n"); - PVDUMP(res1); - - memcpy(iv->v, iv0.v, 8); - res2 = eay_des_decrypt(res1, &key, iv); - printf("decrypto:\n"); - PVDUMP(res2); - - if (memcmp(data.v, res2->v, data.l)) - printf("XXX NG XXX\n"); - vfree(res1); - vfree(res2); - -#ifdef HAVE_OPENSSL_IDEA_H - /* idea */ - printf("IDEA\n"); - printf("data:\n"); - PVDUMP(&data); - - memcpy(iv->v, iv0.v, 8); - res1 = eay_idea_encrypt(&data, &key, iv); - printf("encrypto:\n"); - PVDUMP(res1); - - memcpy(iv->v, iv0.v, 8); - res2 = eay_idea_decrypt(res1, &key, iv); - printf("decrypto:\n"); - PVDUMP(res2); - - if (memcmp(data.v, res2->v, data.l)) - printf("XXX NG XXX\n"); - vfree(res1); - vfree(res2); -#endif - - /* blowfish */ - printf("BLOWFISH\n"); - printf("data:\n"); - PVDUMP(&data); - - memcpy(iv->v, iv0.v, 8); - res1 = eay_bf_encrypt(&data, &key, iv); - printf("encrypto:\n"); - PVDUMP(res1); - - memcpy(iv->v, iv0.v, 8); - res2 = eay_bf_decrypt(res1, &key, iv); - printf("decrypto:\n"); - PVDUMP(res2); - - if (memcmp(data.v, res2->v, data.l)) - printf("XXX NG XXX\n"); - vfree(res1); - vfree(res2); - -#ifdef HAVE_OPENSSL_RC5_H - /* rc5 */ - printf("RC5\n"); - printf("data:\n"); - PVDUMP(&data); - - memcpy(iv->v, iv0.v, 8); - res1 = eay_bf_encrypt(&data, &key, iv); - printf("encrypto:\n"); - PVDUMP(res1); - - memcpy(iv->v, iv0.v, 8); - res2 = eay_bf_decrypt(res1, &key, iv); - printf("decrypto:\n"); - PVDUMP(res2); - - if (memcmp(data.v, res2->v, data.l)) - printf("XXX NG XXX\n"); - vfree(res1); - vfree(res2); -#endif - - /* 3des */ - printf("3DES\n"); - printf("data:\n"); - PVDUMP(&data); - - memcpy(iv->v, iv0.v, 8); - res1 = eay_3des_encrypt(&data, &key, iv); - printf("encrypto:\n"); - if (res1) - PVDUMP(res1); - - memcpy(iv->v, iv0.v, 8); - res2 = eay_3des_decrypt(res1, &key, iv); - printf("decrypto:\n"); - if (res1) - PVDUMP(res2); - - if (res2 && memcmp(data.v, res2->v, data.l)) - printf("XXX NG XXX\n"); - vfree(res1); - vfree(res2); - - /* cast */ - printf("CAST\n"); - printf("data:\n"); - PVDUMP(&data); - - memcpy(iv->v, iv0.v, 8); - res1 = eay_cast_encrypt(&data, &key, iv); - printf("encrypto:\n"); - PVDUMP(res1); - - memcpy(iv->v, iv0.v, 8); - res2 = eay_cast_decrypt(res1, &key, iv); - printf("decrypto:\n"); - PVDUMP(res2); - - if (memcmp(data.v, res2->v, data.l)) - printf("XXX NG XXX\n"); - vfree(res1); - vfree(res2); - - /* aes */ - iv = vrealloc(iv, 16); - - printf("AES\n"); - printf("data:\n"); - PVDUMP(&data); - - { - vchar_t *buf; - int padlen = 16 - data.l % 16; - buf = vmalloc(data.l + padlen); - memcpy(buf->v, data.v, data.l); - - memcpy(iv->v, iv0.v, 16); - res1 = eay_aes_encrypt(buf, &key, iv); - printf("encrypto:\n"); - PVDUMP(res1); - - memcpy(iv->v, iv0.v, 16); - res2 = eay_aes_decrypt(res1, &key, iv); - printf("decrypto:\n"); - PVDUMP(res2); - - if (memcmp(data.v, res2->v, data.l)) - printf("XXX NG XXX\n"); - vfree(res1); - vfree(res2); - } -} - -void -hmactest(ac, av) - int ac; - char **av; -{ - char *keyword = "hehehe test secret!"; - char *object = "d7e6a6c1876ef0488bb74958b9fee94e"; - char *object1 = "d7e6a6c1876ef048"; - char *object2 = "8bb74958b9fee94e"; - char *r_hmd5 = "5702d7d1 fd1bfc7e 210fc9fa cda7d02c"; - char *r_hsha1 = "309999aa 9779a43e ebdea839 1b4e7ee1 d8646874"; - char *r_hsha2 = "d47262d8 a5b6f39d d8686939 411b3e79 ed2e27f9 2c4ea89f dd0a06ae 0c0aa396"; - vchar_t *key, *data, *data1, *data2, *res; - vchar_t mod; - caddr_t ctx; - - printf("\n**Test for HMAC MD5 & SHA1.**\n"); - - key = vmalloc(strlen(keyword)); - memcpy(key->v, keyword, key->l); - - data = vmalloc(strlen(object)); - data1 = vmalloc(strlen(object1)); - data2 = vmalloc(strlen(object2)); - memcpy(data->v, object, data->l); - memcpy(data1->v, object1, data1->l); - memcpy(data2->v, object2, data2->l); - - /* HMAC MD5 */ - printf("HMAC MD5 by eay_hmacmd5_one()\n"); - res = eay_hmacmd5_one(key, data); - PVDUMP(res); - mod.v = str2val(r_hmd5, 16, &mod.l); - if (memcmp(res->v, mod.v, mod.l)) - printf(" XXX NG XXX\n"); - free(mod.v); - vfree(res); - - /* HMAC MD5 */ - printf("HMAC MD5 by eay_hmacmd5_xxx()\n"); - ctx = eay_hmacmd5_init(key); - eay_hmacmd5_update(ctx, data1); - eay_hmacmd5_update(ctx, data2); - res = eay_hmacmd5_final(ctx); - PVDUMP(res); - mod.v = str2val(r_hmd5, 16, &mod.l); - if (memcmp(res->v, mod.v, mod.l)) - printf(" XXX NG XXX\n"); - free(mod.v); - vfree(res); - - /* HMAC SHA2 */ - printf("HMAC SHA2 by eay_hmacsha2_256_one()\n"); - res = eay_hmacsha2_256_one(key, data); - PVDUMP(res); - mod.v = str2val(r_hsha2, 16, &mod.l); - if (memcmp(res->v, mod.v, mod.l)) - printf(" XXX NG XXX\n"); - free(mod.v); - vfree(res); - - /* HMAC SHA1 */ - printf("HMAC SHA1 by eay_hmacsha1_one()\n"); - res = eay_hmacsha1_one(key, data); - PVDUMP(res); - mod.v = str2val(r_hsha1, 16, &mod.l); - if (memcmp(res->v, mod.v, mod.l)) - printf(" XXX NG XXX\n"); - free(mod.v); - vfree(res); - - /* HMAC MD5 */ - printf("HMAC SHA1 by eay_hmacsha1_xxx()\n"); - ctx = eay_hmacsha1_init(key); - eay_hmacsha1_update(ctx, data1); - eay_hmacsha1_update(ctx, data2); - res = eay_hmacsha1_final(ctx); - PVDUMP(res); - mod.v = str2val(r_hsha1, 16, &mod.l); - if (memcmp(res->v, mod.v, mod.l)) - printf(" XXX NG XXX\n"); - free(mod.v); - vfree(res); - - vfree(data); - vfree(data1); - vfree(data2); - vfree(key); -} - -void -sha1test(ac, av) - int ac; - char **av; -{ - char *word1 = "1234567890", *word2 = "12345678901234567890"; - caddr_t ctx; - vchar_t *buf, *res; - - printf("\n**Test for SHA1.**\n"); - - ctx = eay_sha1_init(); - buf = vmalloc(strlen(word1)); - memcpy(buf->v, word1, buf->l); - eay_sha1_update(ctx, buf); - eay_sha1_update(ctx, buf); - res = eay_sha1_final(ctx); - PVDUMP(res); - vfree(res); - vfree(buf); - - ctx = eay_sha1_init(); - buf = vmalloc(strlen(word2)); - memcpy(buf->v, word2, buf->l); - eay_sha1_update(ctx, buf); - res = eay_sha1_final(ctx); - PVDUMP(res); - vfree(res); - - res = eay_sha1_one(buf); - PVDUMP(res); - vfree(res); - vfree(buf); -} - -void -md5test(ac, av) - int ac; - char **av; -{ - char *word1 = "1234567890", *word2 = "12345678901234567890"; - caddr_t ctx; - vchar_t *buf, *res; - - printf("\n**Test for MD5.**\n"); - - ctx = eay_md5_init(); - buf = vmalloc(strlen(word1)); - memcpy(buf->v, word1, buf->l); - eay_md5_update(ctx, buf); - eay_md5_update(ctx, buf); - res = eay_md5_final(ctx); - PVDUMP(res); - vfree(res); - vfree(buf); - - ctx = eay_md5_init(); - buf = vmalloc(strlen(word2)); - memcpy(buf->v, word2, buf->l); - eay_md5_update(ctx, buf); - res = eay_md5_final(ctx); - PVDUMP(res); - vfree(res); - - res = eay_md5_one(buf); - PVDUMP(res); - vfree(res); - vfree(buf); -} - -void -dhtest(ac, av) - int ac; - char **av; -{ - static struct { - char *name; - char *p; - } px[] = { - { "modp768", OAKLEY_PRIME_MODP768, }, - { "modp1024", OAKLEY_PRIME_MODP1024, }, - { "modp1536", OAKLEY_PRIME_MODP1536, }, - { "modp2048", OAKLEY_PRIME_MODP2048, }, - { "modp3072", OAKLEY_PRIME_MODP3072, }, - { "modp4096", OAKLEY_PRIME_MODP4096, }, - { "modp6144", OAKLEY_PRIME_MODP6144, }, - { "modp8192", OAKLEY_PRIME_MODP8192, }, - }; - vchar_t p1, *pub1, *priv1, *gxy1; - vchar_t p2, *pub2, *priv2, *gxy2; - int i; - - printf("\n**Test for DH.**\n"); - - for (i = 0; i < sizeof(px)/sizeof(px[0]); i++) { - printf("\n**Test for DH %s.**\n", px[i].name); - - p1.v = str2val(px[i].p, 16, &p1.l); - p2.v = str2val(px[i].p, 16, &p2.l); - printf("prime number = \n"); PVDUMP(&p1); - - if (eay_dh_generate(&p1, 2, 96, &pub1, &priv1) < 0) { - printf("error\n"); - return; - } - printf("private key for user 1 = \n"); PVDUMP(priv1); - printf("public key for user 1 = \n"); PVDUMP(pub1); - - if (eay_dh_generate(&p2, 2, 96, &pub2, &priv2) < 0) { - printf("error\n"); - return; - } - printf("private key for user 2 = \n"); PVDUMP(priv2); - printf("public key for user 2 = \n"); PVDUMP(pub2); - - /* process to generate key for user 1 */ - gxy1 = vmalloc(p1.l); - memset(gxy1->v, 0, gxy1->l); - eay_dh_compute(&p1, 2, pub1, priv1, pub2, &gxy1); - printf("sharing gxy1 of user 1 = \n"); PVDUMP(gxy1); - - /* process to generate key for user 2 */ - gxy2 = vmalloc(p1.l); - memset(gxy2->v, 0, gxy2->l); - eay_dh_compute(&p2, 2, pub2, priv2, pub1, &gxy2); - printf("sharing gxy2 of user 2 = \n"); PVDUMP(gxy2); - - if (memcmp(gxy1->v, gxy2->v, gxy1->l)) - printf("ERROR: sharing gxy mismatched.\n"); - - vfree(pub1); - vfree(pub2); - vfree(priv1); - vfree(priv2); - vfree(gxy1); - vfree(gxy2); - } - - return; -} - -void -bntest(ac, av) - int ac; - char **av; -{ - vchar_t *rn; - - printf("\n**Test for generate a random number.**\n"); - - rn = eay_set_random((u_int32_t)96); - PVDUMP(rn); - vfree(rn); -} - -struct { - char *name; - void (*func) __P((int, char **)); -} func[] = { - { "random", bntest, }, - { "dh", dhtest, }, - { "md5", md5test, }, - { "sha1", sha1test, }, - { "hmac", hmactest, }, - { "cipher", ciphertest, }, - { "cert", certtest, }, - { "rsa", rsatest, }, -}; - -int -main(ac, av) - int ac; - char **av; -{ - int i; - int len = sizeof(func)/sizeof(func[0]); - - if (strcmp(*av, "-h") == 0) { - printf("Usage: eaytest ["); - for (i = 0; i < len; i++) { - printf("%s", func[i].name); - if (i != len) - printf("|"); - } - printf("]\n"); - Usage(); - } - - ac--; - av++; - - if (ac == 0) { - for (i = 0; i < len; i++) - (func[i].func)(ac, av); - } else { - for (i = 0; i < len; i++) { - if (strcmp(*av, func[i].name) == 0) { - (func[i].func)(ac, av); - break; - } - } - if (i == len) - Usage(); - } - - exit(0); -} - -void -Usage() -{ - printf("Usage: eaytest [dh|md5|sha1|hmac|cipher]\n"); - printf(" eaytest cert [cert_directory]\n"); - exit(0); -} diff --git a/eaytest.tproj/misc.c b/eaytest.tproj/misc.c deleted file mode 100644 index 8906017..0000000 --- a/eaytest.tproj/misc.c +++ /dev/null @@ -1,167 +0,0 @@ -/* $KAME: misc.c,v 1.22 2001/07/14 05:48:33 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "debug.h" - -#if 0 -static int bindump __P((void *, size_t)); - -static int -bindump(buf0, len) - void *buf0; - size_t len; -{ - unsigned char *buf = (unsigned char *)buf0; - size_t i; - - for (i = 0; i < len; i++) { - if ((buf[i] & 0x80) || !isprint(buf[i])) - printf("\\x%x", buf[i]); - else - printf("%c", buf[i]); - } - printf("\n"); - - return 0; -} -#endif - -int -hexdump(buf0, len) - void *buf0; - size_t len; -{ - caddr_t buf = (caddr_t)buf0; - size_t i; - - for (i = 0; i < len; i++) { - if (i != 0 && i % 32 == 0) - printf("\n"); - if (i % 4 == 0) - printf(" "); - printf("%02x", (unsigned char)buf[i]); - } - printf("\n"); - - return 0; -} - -char * -bit2str(n, bl) - int n, bl; -{ -#define MAXBITLEN 128 - static char b[MAXBITLEN + 1]; - int i; - - if (bl > MAXBITLEN) - return "Failed to convert."; /* NG */ - memset(b, '0', bl); - b[bl] = '\0'; - - for (i = 0; i < bl; i++) { - if (n & (1 << i)) - b[bl - 1 - i] = '1'; - } - - return b; -} - -const char * -debug_location(file, line, func) - const char *file; - int line; - const char *func; -{ - static char buf[1024]; - const char *p; - - /* truncate pathname */ - p = strrchr(file, '/'); - if (p) - p++; - else - p = file; - - if (func) - snprintf(buf, sizeof(buf), "%s:%d:%s()", p, line, func); - else - snprintf(buf, sizeof(buf), "%s:%d", p, line); - - return buf; -} - -/* - * get file size. - * -1: error occured. - */ -int -getfsize(path) - char *path; -{ - struct stat st; - - if (stat(path, &st) != 0) - return -1; - else - return st.st_size; -} - -/* - * calculate the difference between two times. - * t1: start - * t2: end - */ -double -timedelta(t1, t2) - struct timeval *t1, *t2; -{ - if (t2->tv_usec >= t1->tv_usec) - return t2->tv_sec - t1->tv_sec + - (double)(t2->tv_usec - t1->tv_usec) / 1000000; - - return t2->tv_sec - t1->tv_sec - 1 + - (double)(1000000 + t2->tv_usec - t1->tv_usec) / 1000000; -} diff --git a/eaytest.tproj/misc.h b/eaytest.tproj/misc.h deleted file mode 100644 index c5f2846..0000000 --- a/eaytest.tproj/misc.h +++ /dev/null @@ -1,46 +0,0 @@ -/* $KAME: misc.h,v 1.11 2001/07/14 05:48:33 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define BIT2STR(b) bit2str(b, sizeof(b)<<3) - -#ifdef HAVE_FUNCTION_MACRO -#define LOCATION debug_location(__FILE__, __LINE__, __FUNCTION__) -#else -#define LOCATION debug_location(__FILE__, __LINE__, NULL) -#endif - -extern int hexdump __P((void *, size_t)); -extern char *bit2str __P((int, int)); -extern void *get_newbuf __P((void *, size_t)); -extern const char *debug_location __P((const char *, int, const char *)); -extern int getfsize __P((char *)); -struct timeval; -extern double timedelta __P((struct timeval *, struct timeval *)); diff --git a/eaytest.tproj/rijndael-alg-fst.c b/eaytest.tproj/rijndael-alg-fst.c deleted file mode 100644 index 19f0651..0000000 --- a/eaytest.tproj/rijndael-alg-fst.c +++ /dev/null @@ -1,492 +0,0 @@ -/* $KAME: rijndael-alg-fst.c,v 1.9 2001/06/19 15:21:05 itojun Exp $ */ - -/* - * rijndael-alg-fst.c v2.3 April '2000 - * - * Optimised ANSI C code - * - * authors: v1.0: Antoon Bosselaers - * v2.0: Vincent Rijmen - * v2.3: Paulo Barreto - * - * This code is placed in the public domain. - */ - -#include -#include -#ifdef _KERNEL -#include -#else -#include -#endif -#include -#include - -#include - -#include -#define bcopy(a, b, c) memcpy((b), (a), (c)) -#define bzero(a, b) memset((a), 0, (b)) -#define panic(a) err(1, (a)) - -int rijndaelKeySched(word8 k[MAXKC][4], word8 W[MAXROUNDS+1][4][4], int ROUNDS) { - /* Calculate the necessary round keys - * The number of calculations depends on keyBits and blockBits - */ - int j, r, t, rconpointer = 0; - union { - word8 x8[MAXKC][4]; - word32 x32[MAXKC]; - } xtk; -#define tk xtk.x8 - int KC = ROUNDS - 6; - - for (j = KC-1; j >= 0; j--) { - *((word32*)tk[j]) = *((word32*)k[j]); - } - r = 0; - t = 0; - /* copy values into round key array */ - for (j = 0; (j < KC) && (r < ROUNDS + 1); ) { - for (; (j < KC) && (t < 4); j++, t++) { - *((word32*)W[r][t]) = *((word32*)tk[j]); - } - if (t == 4) { - r++; - t = 0; - } - } - - while (r < ROUNDS + 1) { /* while not enough round key material calculated */ - /* calculate new values */ - tk[0][0] ^= S[tk[KC-1][1]]; - tk[0][1] ^= S[tk[KC-1][2]]; - tk[0][2] ^= S[tk[KC-1][3]]; - tk[0][3] ^= S[tk[KC-1][0]]; - tk[0][0] ^= rcon[rconpointer++]; - - if (KC != 8) { - for (j = 1; j < KC; j++) { - *((word32*)tk[j]) ^= *((word32*)tk[j-1]); - } - } else { - for (j = 1; j < KC/2; j++) { - *((word32*)tk[j]) ^= *((word32*)tk[j-1]); - } - tk[KC/2][0] ^= S[tk[KC/2 - 1][0]]; - tk[KC/2][1] ^= S[tk[KC/2 - 1][1]]; - tk[KC/2][2] ^= S[tk[KC/2 - 1][2]]; - tk[KC/2][3] ^= S[tk[KC/2 - 1][3]]; - for (j = KC/2 + 1; j < KC; j++) { - *((word32*)tk[j]) ^= *((word32*)tk[j-1]); - } - } - /* copy values into round key array */ - for (j = 0; (j < KC) && (r < ROUNDS + 1); ) { - for (; (j < KC) && (t < 4); j++, t++) { - *((word32*)W[r][t]) = *((word32*)tk[j]); - } - if (t == 4) { - r++; - t = 0; - } - } - } - return 0; -#undef tk -} - -int rijndaelKeyEncToDec(word8 W[MAXROUNDS+1][4][4], int ROUNDS) { - int r; - word8 *w; - - for (r = 1; r < ROUNDS; r++) { - w = W[r][0]; - *((word32*)w) = - *((const word32*)U1[w[0]]) - ^ *((const word32*)U2[w[1]]) - ^ *((const word32*)U3[w[2]]) - ^ *((const word32*)U4[w[3]]); - - w = W[r][1]; - *((word32*)w) = - *((const word32*)U1[w[0]]) - ^ *((const word32*)U2[w[1]]) - ^ *((const word32*)U3[w[2]]) - ^ *((const word32*)U4[w[3]]); - - w = W[r][2]; - *((word32*)w) = - *((const word32*)U1[w[0]]) - ^ *((const word32*)U2[w[1]]) - ^ *((const word32*)U3[w[2]]) - ^ *((const word32*)U4[w[3]]); - - w = W[r][3]; - *((word32*)w) = - *((const word32*)U1[w[0]]) - ^ *((const word32*)U2[w[1]]) - ^ *((const word32*)U3[w[2]]) - ^ *((const word32*)U4[w[3]]); - } - return 0; -} - -/** - * Encrypt a single block. - */ -int rijndaelEncrypt(word8 in[16], word8 out[16], word8 rk[MAXROUNDS+1][4][4], int ROUNDS) { - int r; - union { - word8 x8[16]; - word32 x32[4]; - } xa, xb; -#define a xa.x8 -#define b xb.x8 - union { - word8 x8[4][4]; - word32 x32[4]; - } xtemp; -#define temp xtemp.x8 - - memcpy(a, in, sizeof a); - - *((word32*)temp[0]) = *((word32*)(a )) ^ *((word32*)rk[0][0]); - *((word32*)temp[1]) = *((word32*)(a+ 4)) ^ *((word32*)rk[0][1]); - *((word32*)temp[2]) = *((word32*)(a+ 8)) ^ *((word32*)rk[0][2]); - *((word32*)temp[3]) = *((word32*)(a+12)) ^ *((word32*)rk[0][3]); - *((word32*)(b )) = *((const word32*)T1[temp[0][0]]) - ^ *((const word32*)T2[temp[1][1]]) - ^ *((const word32*)T3[temp[2][2]]) - ^ *((const word32*)T4[temp[3][3]]); - *((word32*)(b + 4)) = *((const word32*)T1[temp[1][0]]) - ^ *((const word32*)T2[temp[2][1]]) - ^ *((const word32*)T3[temp[3][2]]) - ^ *((const word32*)T4[temp[0][3]]); - *((word32*)(b + 8)) = *((const word32*)T1[temp[2][0]]) - ^ *((const word32*)T2[temp[3][1]]) - ^ *((const word32*)T3[temp[0][2]]) - ^ *((const word32*)T4[temp[1][3]]); - *((word32*)(b +12)) = *((const word32*)T1[temp[3][0]]) - ^ *((const word32*)T2[temp[0][1]]) - ^ *((const word32*)T3[temp[1][2]]) - ^ *((const word32*)T4[temp[2][3]]); - for (r = 1; r < ROUNDS-1; r++) { - *((word32*)temp[0]) = *((word32*)(b )) ^ *((word32*)rk[r][0]); - *((word32*)temp[1]) = *((word32*)(b+ 4)) ^ *((word32*)rk[r][1]); - *((word32*)temp[2]) = *((word32*)(b+ 8)) ^ *((word32*)rk[r][2]); - *((word32*)temp[3]) = *((word32*)(b+12)) ^ *((word32*)rk[r][3]); - - *((word32*)(b )) = *((const word32*)T1[temp[0][0]]) - ^ *((const word32*)T2[temp[1][1]]) - ^ *((const word32*)T3[temp[2][2]]) - ^ *((const word32*)T4[temp[3][3]]); - *((word32*)(b + 4)) = *((const word32*)T1[temp[1][0]]) - ^ *((const word32*)T2[temp[2][1]]) - ^ *((const word32*)T3[temp[3][2]]) - ^ *((const word32*)T4[temp[0][3]]); - *((word32*)(b + 8)) = *((const word32*)T1[temp[2][0]]) - ^ *((const word32*)T2[temp[3][1]]) - ^ *((const word32*)T3[temp[0][2]]) - ^ *((const word32*)T4[temp[1][3]]); - *((word32*)(b +12)) = *((const word32*)T1[temp[3][0]]) - ^ *((const word32*)T2[temp[0][1]]) - ^ *((const word32*)T3[temp[1][2]]) - ^ *((const word32*)T4[temp[2][3]]); - } - /* last round is special */ - *((word32*)temp[0]) = *((word32*)(b )) ^ *((word32*)rk[ROUNDS-1][0]); - *((word32*)temp[1]) = *((word32*)(b+ 4)) ^ *((word32*)rk[ROUNDS-1][1]); - *((word32*)temp[2]) = *((word32*)(b+ 8)) ^ *((word32*)rk[ROUNDS-1][2]); - *((word32*)temp[3]) = *((word32*)(b+12)) ^ *((word32*)rk[ROUNDS-1][3]); - b[ 0] = T1[temp[0][0]][1]; - b[ 1] = T1[temp[1][1]][1]; - b[ 2] = T1[temp[2][2]][1]; - b[ 3] = T1[temp[3][3]][1]; - b[ 4] = T1[temp[1][0]][1]; - b[ 5] = T1[temp[2][1]][1]; - b[ 6] = T1[temp[3][2]][1]; - b[ 7] = T1[temp[0][3]][1]; - b[ 8] = T1[temp[2][0]][1]; - b[ 9] = T1[temp[3][1]][1]; - b[10] = T1[temp[0][2]][1]; - b[11] = T1[temp[1][3]][1]; - b[12] = T1[temp[3][0]][1]; - b[13] = T1[temp[0][1]][1]; - b[14] = T1[temp[1][2]][1]; - b[15] = T1[temp[2][3]][1]; - *((word32*)(b )) ^= *((word32*)rk[ROUNDS][0]); - *((word32*)(b+ 4)) ^= *((word32*)rk[ROUNDS][1]); - *((word32*)(b+ 8)) ^= *((word32*)rk[ROUNDS][2]); - *((word32*)(b+12)) ^= *((word32*)rk[ROUNDS][3]); - - memcpy(out, b, sizeof b /* XXX out */); - - return 0; -#undef a -#undef b -#undef temp -} - -#ifdef INTERMEDIATE_VALUE_KAT -/** - * Encrypt only a certain number of rounds. - * Only used in the Intermediate Value Known Answer Test. - */ -int rijndaelEncryptRound(word8 a[4][4], word8 rk[MAXROUNDS+1][4][4], int ROUNDS, int rounds) { - int r; - word8 temp[4][4]; - - /* make number of rounds sane */ - if (rounds > ROUNDS) { - rounds = ROUNDS; - } - - *((word32*)a[0]) = *((word32*)a[0]) ^ *((word32*)rk[0][0]); - *((word32*)a[1]) = *((word32*)a[1]) ^ *((word32*)rk[0][1]); - *((word32*)a[2]) = *((word32*)a[2]) ^ *((word32*)rk[0][2]); - *((word32*)a[3]) = *((word32*)a[3]) ^ *((word32*)rk[0][3]); - - for (r = 1; (r <= rounds) && (r < ROUNDS); r++) { - *((word32*)temp[0]) = *((const word32*)T1[a[0][0]]) - ^ *((const word32*)T2[a[1][1]]) - ^ *((const word32*)T3[a[2][2]]) - ^ *((const word32*)T4[a[3][3]]); - *((word32*)temp[1]) = *((const word32*)T1[a[1][0]]) - ^ *((const word32*)T2[a[2][1]]) - ^ *((const word32*)T3[a[3][2]]) - ^ *((const word32*)T4[a[0][3]]); - *((word32*)temp[2]) = *((const word32*)T1[a[2][0]]) - ^ *((const word32*)T2[a[3][1]]) - ^ *((const word32*)T3[a[0][2]]) - ^ *((const word32*)T4[a[1][3]]); - *((word32*)temp[3]) = *((const word32*)T1[a[3][0]]) - ^ *((const word32*)T2[a[0][1]]) - ^ *((const word32*)T3[a[1][2]]) - ^ *((const word32*)T4[a[2][3]]); - *((word32*)a[0]) = *((word32*)temp[0]) ^ *((word32*)rk[r][0]); - *((word32*)a[1]) = *((word32*)temp[1]) ^ *((word32*)rk[r][1]); - *((word32*)a[2]) = *((word32*)temp[2]) ^ *((word32*)rk[r][2]); - *((word32*)a[3]) = *((word32*)temp[3]) ^ *((word32*)rk[r][3]); - } - if (rounds == ROUNDS) { - /* last round is special */ - temp[0][0] = T1[a[0][0]][1]; - temp[0][1] = T1[a[1][1]][1]; - temp[0][2] = T1[a[2][2]][1]; - temp[0][3] = T1[a[3][3]][1]; - temp[1][0] = T1[a[1][0]][1]; - temp[1][1] = T1[a[2][1]][1]; - temp[1][2] = T1[a[3][2]][1]; - temp[1][3] = T1[a[0][3]][1]; - temp[2][0] = T1[a[2][0]][1]; - temp[2][1] = T1[a[3][1]][1]; - temp[2][2] = T1[a[0][2]][1]; - temp[2][3] = T1[a[1][3]][1]; - temp[3][0] = T1[a[3][0]][1]; - temp[3][1] = T1[a[0][1]][1]; - temp[3][2] = T1[a[1][2]][1]; - temp[3][3] = T1[a[2][3]][1]; - *((word32*)a[0]) = *((word32*)temp[0]) ^ *((word32*)rk[ROUNDS][0]); - *((word32*)a[1]) = *((word32*)temp[1]) ^ *((word32*)rk[ROUNDS][1]); - *((word32*)a[2]) = *((word32*)temp[2]) ^ *((word32*)rk[ROUNDS][2]); - *((word32*)a[3]) = *((word32*)temp[3]) ^ *((word32*)rk[ROUNDS][3]); - } - - return 0; -} -#endif /* INTERMEDIATE_VALUE_KAT */ - -/** - * Decrypt a single block. - */ -int rijndaelDecrypt(word8 in[16], word8 out[16], word8 rk[MAXROUNDS+1][4][4], int ROUNDS) { - int r; - union { - word8 x8[16]; - word32 x32[4]; - } xa, xb; -#define a xa.x8 -#define b xb.x8 - union { - word8 x8[4][4]; - word32 x32[4]; - } xtemp; -#define temp xtemp.x8 - - memcpy(a, in, sizeof a); - - *((word32*)temp[0]) = *((word32*)(a )) ^ *((word32*)rk[ROUNDS][0]); - *((word32*)temp[1]) = *((word32*)(a+ 4)) ^ *((word32*)rk[ROUNDS][1]); - *((word32*)temp[2]) = *((word32*)(a+ 8)) ^ *((word32*)rk[ROUNDS][2]); - *((word32*)temp[3]) = *((word32*)(a+12)) ^ *((word32*)rk[ROUNDS][3]); - - *((word32*)(b )) = *((const word32*)T5[temp[0][0]]) - ^ *((const word32*)T6[temp[3][1]]) - ^ *((const word32*)T7[temp[2][2]]) - ^ *((const word32*)T8[temp[1][3]]); - *((word32*)(b+ 4)) = *((const word32*)T5[temp[1][0]]) - ^ *((const word32*)T6[temp[0][1]]) - ^ *((const word32*)T7[temp[3][2]]) - ^ *((const word32*)T8[temp[2][3]]); - *((word32*)(b+ 8)) = *((const word32*)T5[temp[2][0]]) - ^ *((const word32*)T6[temp[1][1]]) - ^ *((const word32*)T7[temp[0][2]]) - ^ *((const word32*)T8[temp[3][3]]); - *((word32*)(b+12)) = *((const word32*)T5[temp[3][0]]) - ^ *((const word32*)T6[temp[2][1]]) - ^ *((const word32*)T7[temp[1][2]]) - ^ *((const word32*)T8[temp[0][3]]); - for (r = ROUNDS-1; r > 1; r--) { - *((word32*)temp[0]) = *((word32*)(b )) ^ *((word32*)rk[r][0]); - *((word32*)temp[1]) = *((word32*)(b+ 4)) ^ *((word32*)rk[r][1]); - *((word32*)temp[2]) = *((word32*)(b+ 8)) ^ *((word32*)rk[r][2]); - *((word32*)temp[3]) = *((word32*)(b+12)) ^ *((word32*)rk[r][3]); - *((word32*)(b )) = *((const word32*)T5[temp[0][0]]) - ^ *((const word32*)T6[temp[3][1]]) - ^ *((const word32*)T7[temp[2][2]]) - ^ *((const word32*)T8[temp[1][3]]); - *((word32*)(b+ 4)) = *((const word32*)T5[temp[1][0]]) - ^ *((const word32*)T6[temp[0][1]]) - ^ *((const word32*)T7[temp[3][2]]) - ^ *((const word32*)T8[temp[2][3]]); - *((word32*)(b+ 8)) = *((const word32*)T5[temp[2][0]]) - ^ *((const word32*)T6[temp[1][1]]) - ^ *((const word32*)T7[temp[0][2]]) - ^ *((const word32*)T8[temp[3][3]]); - *((word32*)(b+12)) = *((const word32*)T5[temp[3][0]]) - ^ *((const word32*)T6[temp[2][1]]) - ^ *((const word32*)T7[temp[1][2]]) - ^ *((const word32*)T8[temp[0][3]]); - } - /* last round is special */ - *((word32*)temp[0]) = *((word32*)(b )) ^ *((word32*)rk[1][0]); - *((word32*)temp[1]) = *((word32*)(b+ 4)) ^ *((word32*)rk[1][1]); - *((word32*)temp[2]) = *((word32*)(b+ 8)) ^ *((word32*)rk[1][2]); - *((word32*)temp[3]) = *((word32*)(b+12)) ^ *((word32*)rk[1][3]); - b[ 0] = S5[temp[0][0]]; - b[ 1] = S5[temp[3][1]]; - b[ 2] = S5[temp[2][2]]; - b[ 3] = S5[temp[1][3]]; - b[ 4] = S5[temp[1][0]]; - b[ 5] = S5[temp[0][1]]; - b[ 6] = S5[temp[3][2]]; - b[ 7] = S5[temp[2][3]]; - b[ 8] = S5[temp[2][0]]; - b[ 9] = S5[temp[1][1]]; - b[10] = S5[temp[0][2]]; - b[11] = S5[temp[3][3]]; - b[12] = S5[temp[3][0]]; - b[13] = S5[temp[2][1]]; - b[14] = S5[temp[1][2]]; - b[15] = S5[temp[0][3]]; - *((word32*)(b )) ^= *((word32*)rk[0][0]); - *((word32*)(b+ 4)) ^= *((word32*)rk[0][1]); - *((word32*)(b+ 8)) ^= *((word32*)rk[0][2]); - *((word32*)(b+12)) ^= *((word32*)rk[0][3]); - - memcpy(out, b, sizeof b /* XXX out */); - - return 0; -#undef a -#undef b -#undef temp -} - - -#ifdef INTERMEDIATE_VALUE_KAT -/** - * Decrypt only a certain number of rounds. - * Only used in the Intermediate Value Known Answer Test. - * Operations rearranged such that the intermediate values - * of decryption correspond with the intermediate values - * of encryption. - */ -int rijndaelDecryptRound(word8 a[4][4], word8 rk[MAXROUNDS+1][4][4], int ROUNDS, int rounds) { - int r, i; - word8 temp[4], shift; - - /* make number of rounds sane */ - if (rounds > ROUNDS) { - rounds = ROUNDS; - } - /* first round is special: */ - *(word32 *)a[0] ^= *(word32 *)rk[ROUNDS][0]; - *(word32 *)a[1] ^= *(word32 *)rk[ROUNDS][1]; - *(word32 *)a[2] ^= *(word32 *)rk[ROUNDS][2]; - *(word32 *)a[3] ^= *(word32 *)rk[ROUNDS][3]; - for (i = 0; i < 4; i++) { - a[i][0] = Si[a[i][0]]; - a[i][1] = Si[a[i][1]]; - a[i][2] = Si[a[i][2]]; - a[i][3] = Si[a[i][3]]; - } - for (i = 1; i < 4; i++) { - shift = (4 - i) & 3; - temp[0] = a[(0 + shift) & 3][i]; - temp[1] = a[(1 + shift) & 3][i]; - temp[2] = a[(2 + shift) & 3][i]; - temp[3] = a[(3 + shift) & 3][i]; - a[0][i] = temp[0]; - a[1][i] = temp[1]; - a[2][i] = temp[2]; - a[3][i] = temp[3]; - } - /* ROUNDS-1 ordinary rounds */ - for (r = ROUNDS-1; r > rounds; r--) { - *(word32 *)a[0] ^= *(word32 *)rk[r][0]; - *(word32 *)a[1] ^= *(word32 *)rk[r][1]; - *(word32 *)a[2] ^= *(word32 *)rk[r][2]; - *(word32 *)a[3] ^= *(word32 *)rk[r][3]; - - *((word32*)a[0]) = - *((const word32*)U1[a[0][0]]) - ^ *((const word32*)U2[a[0][1]]) - ^ *((const word32*)U3[a[0][2]]) - ^ *((const word32*)U4[a[0][3]]); - - *((word32*)a[1]) = - *((const word32*)U1[a[1][0]]) - ^ *((const word32*)U2[a[1][1]]) - ^ *((const word32*)U3[a[1][2]]) - ^ *((const word32*)U4[a[1][3]]); - - *((word32*)a[2]) = - *((const word32*)U1[a[2][0]]) - ^ *((const word32*)U2[a[2][1]]) - ^ *((const word32*)U3[a[2][2]]) - ^ *((const word32*)U4[a[2][3]]); - - *((word32*)a[3]) = - *((const word32*)U1[a[3][0]]) - ^ *((const word32*)U2[a[3][1]]) - ^ *((const word32*)U3[a[3][2]]) - ^ *((const word32*)U4[a[3][3]]); - for (i = 0; i < 4; i++) { - a[i][0] = Si[a[i][0]]; - a[i][1] = Si[a[i][1]]; - a[i][2] = Si[a[i][2]]; - a[i][3] = Si[a[i][3]]; - } - for (i = 1; i < 4; i++) { - shift = (4 - i) & 3; - temp[0] = a[(0 + shift) & 3][i]; - temp[1] = a[(1 + shift) & 3][i]; - temp[2] = a[(2 + shift) & 3][i]; - temp[3] = a[(3 + shift) & 3][i]; - a[0][i] = temp[0]; - a[1][i] = temp[1]; - a[2][i] = temp[2]; - a[3][i] = temp[3]; - } - } - if (rounds == 0) { - /* End with the extra key addition */ - *(word32 *)a[0] ^= *(word32 *)rk[0][0]; - *(word32 *)a[1] ^= *(word32 *)rk[0][1]; - *(word32 *)a[2] ^= *(word32 *)rk[0][2]; - *(word32 *)a[3] ^= *(word32 *)rk[0][3]; - } - return 0; -} -#endif /* INTERMEDIATE_VALUE_KAT */ diff --git a/eaytest.tproj/rijndael-alg-fst.h b/eaytest.tproj/rijndael-alg-fst.h deleted file mode 100644 index 4f02543..0000000 --- a/eaytest.tproj/rijndael-alg-fst.h +++ /dev/null @@ -1,33 +0,0 @@ -/* $KAME: rijndael-alg-fst.h,v 1.4 2000/10/02 17:14:26 itojun Exp $ */ - -/* - * rijndael-alg-fst.h v2.3 April '2000 - * - * Optimised ANSI C code - * - * #define INTERMEDIATE_VALUE_KAT to generate the Intermediate Value Known Answer Test. - */ - -#ifndef __RIJNDAEL_ALG_FST_H -#define __RIJNDAEL_ALG_FST_H - -#define RIJNDAEL_MAXKC (256/32) -#define RIJNDAEL_MAXROUNDS 14 - -int rijndaelKeySched(u_int8_t k[RIJNDAEL_MAXKC][4], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS); - -int rijndaelKeyEncToDec(u_int8_t W[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS); - -int rijndaelEncrypt(u_int8_t a[16], u_int8_t b[16], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS); - -#ifdef INTERMEDIATE_VALUE_KAT -int rijndaelEncryptRound(u_int8_t a[4][4], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS, int rounds); -#endif /* INTERMEDIATE_VALUE_KAT */ - -int rijndaelDecrypt(u_int8_t a[16], u_int8_t b[16], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS); - -#ifdef INTERMEDIATE_VALUE_KAT -int rijndaelDecryptRound(u_int8_t a[4][4], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS, int rounds); -#endif /* INTERMEDIATE_VALUE_KAT */ - -#endif /* __RIJNDAEL_ALG_FST_H */ diff --git a/eaytest.tproj/rijndael-api-fst.c b/eaytest.tproj/rijndael-api-fst.c deleted file mode 100644 index a3104c2..0000000 --- a/eaytest.tproj/rijndael-api-fst.c +++ /dev/null @@ -1,495 +0,0 @@ -/* $KAME: rijndael-api-fst.c,v 1.1.1.1 2001/08/08 09:56:23 sakane Exp $ */ - -/* - * rijndael-api-fst.c v2.3 April '2000 - * - * Optimised ANSI C code - * - * authors: v1.0: Antoon Bosselaers - * v2.0: Vincent Rijmen - * v2.1: Vincent Rijmen - * v2.2: Vincent Rijmen - * v2.3: Paulo Barreto - * v2.4: Vincent Rijmen - * - * This code is placed in the public domain. - */ - -#include -#include -#ifdef _KERNEL -#include -#include -#else -#include -#endif -#include -#include -#include - -#include -#define bcopy(a, b, c) memcpy(b, a, c) -#define bzero(a, b) memset(a, 0, b) -#define panic(a) err(1, (a)) - -int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen, char *keyMaterial) { - word8 k[MAXKC][4]; - int i; - char *keyMat; - - if (key == NULL) { - return BAD_KEY_INSTANCE; - } - - if ((direction == DIR_ENCRYPT) || (direction == DIR_DECRYPT)) { - key->direction = direction; - } else { - return BAD_KEY_DIR; - } - - if ((keyLen == 128) || (keyLen == 192) || (keyLen == 256)) { - key->keyLen = keyLen; - } else { - return BAD_KEY_MAT; - } - - if (keyMaterial != NULL) { - bcopy(keyMaterial, key->keyMaterial, keyLen/8); - } - - key->ROUNDS = keyLen/32 + 6; - - /* initialize key schedule: */ - keyMat = key->keyMaterial; - for (i = 0; i < key->keyLen/8; i++) { - k[i >> 2][i & 3] = (word8)keyMat[i]; - } - rijndaelKeySched(k, key->keySched, key->ROUNDS); - if (direction == DIR_DECRYPT) { - rijndaelKeyEncToDec(key->keySched, key->ROUNDS); - } - - return TRUE; -} - -int rijndael_cipherInit(cipherInstance *cipher, BYTE mode, char *IV) { - if ((mode == MODE_ECB) || (mode == MODE_CBC) || (mode == MODE_CFB1)) { - cipher->mode = mode; - } else { - return BAD_CIPHER_MODE; - } - if (IV != NULL) { - bcopy(IV, cipher->IV, MAX_IV_SIZE); - } else { - bzero(cipher->IV, MAX_IV_SIZE); - } - return TRUE; -} - -int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputLen, BYTE *outBuffer) { - int i, k, numBlocks; - word8 block[16], iv[4][4]; - - if (cipher == NULL || - key == NULL || - key->direction == DIR_DECRYPT) { - return BAD_CIPHER_STATE; - } - if (input == NULL || inputLen <= 0) { - return 0; /* nothing to do */ - } - - numBlocks = inputLen/128; - - switch (cipher->mode) { - case MODE_ECB: - for (i = numBlocks; i > 0; i--) { - rijndaelEncrypt(input, outBuffer, key->keySched, key->ROUNDS); - input += 16; - outBuffer += 16; - } - break; - - case MODE_CBC: -#if 0 /*STRICT_ALIGN*/ - bcopy(cipher->IV, block, 16); - bcopy(input, iv, 16); - ((word32*)block)[0] ^= ((word32*)iv)[0]; - ((word32*)block)[1] ^= ((word32*)iv)[1]; - ((word32*)block)[2] ^= ((word32*)iv)[2]; - ((word32*)block)[3] ^= ((word32*)iv)[3]; -#else - ((word32*)block)[0] = ((word32*)cipher->IV)[0] ^ ((word32*)input)[0]; - ((word32*)block)[1] = ((word32*)cipher->IV)[1] ^ ((word32*)input)[1]; - ((word32*)block)[2] = ((word32*)cipher->IV)[2] ^ ((word32*)input)[2]; - ((word32*)block)[3] = ((word32*)cipher->IV)[3] ^ ((word32*)input)[3]; -#endif - rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); - input += 16; - for (i = numBlocks - 1; i > 0; i--) { -#if 0 /*STRICT_ALIGN*/ - bcopy(outBuffer, block, 16); - ((word32*)block)[0] ^= ((word32*)iv)[0]; - ((word32*)block)[1] ^= ((word32*)iv)[1]; - ((word32*)block)[2] ^= ((word32*)iv)[2]; - ((word32*)block)[3] ^= ((word32*)iv)[3]; -#else - ((word32*)block)[0] = ((word32*)outBuffer)[0] ^ ((word32*)input)[0]; - ((word32*)block)[1] = ((word32*)outBuffer)[1] ^ ((word32*)input)[1]; - ((word32*)block)[2] = ((word32*)outBuffer)[2] ^ ((word32*)input)[2]; - ((word32*)block)[3] = ((word32*)outBuffer)[3] ^ ((word32*)input)[3]; -#endif - outBuffer += 16; - rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); - input += 16; - } - break; - - case MODE_CFB1: -#if 0 /*STRICT_ALIGN*/ - bcopy(cipher->IV, iv, 16); -#else /* !STRICT_ALIGN */ - *((word32*)iv[0]) = *((word32*)(cipher->IV )); - *((word32*)iv[1]) = *((word32*)(cipher->IV+ 4)); - *((word32*)iv[2]) = *((word32*)(cipher->IV+ 8)); - *((word32*)iv[3]) = *((word32*)(cipher->IV+12)); -#endif /* ?STRICT_ALIGN */ - for (i = numBlocks; i > 0; i--) { - for (k = 0; k < 128; k++) { - *((word32*) block ) = *((word32*)iv[0]); - *((word32*)(block+ 4)) = *((word32*)iv[1]); - *((word32*)(block+ 8)) = *((word32*)iv[2]); - *((word32*)(block+12)) = *((word32*)iv[3]); - rijndaelEncrypt(block, block, key->keySched, key->ROUNDS); - outBuffer[k/8] ^= (block[0] & 0x80) >> (k & 7); - iv[0][0] = (iv[0][0] << 1) | (iv[0][1] >> 7); - iv[0][1] = (iv[0][1] << 1) | (iv[0][2] >> 7); - iv[0][2] = (iv[0][2] << 1) | (iv[0][3] >> 7); - iv[0][3] = (iv[0][3] << 1) | (iv[1][0] >> 7); - iv[1][0] = (iv[1][0] << 1) | (iv[1][1] >> 7); - iv[1][1] = (iv[1][1] << 1) | (iv[1][2] >> 7); - iv[1][2] = (iv[1][2] << 1) | (iv[1][3] >> 7); - iv[1][3] = (iv[1][3] << 1) | (iv[2][0] >> 7); - iv[2][0] = (iv[2][0] << 1) | (iv[2][1] >> 7); - iv[2][1] = (iv[2][1] << 1) | (iv[2][2] >> 7); - iv[2][2] = (iv[2][2] << 1) | (iv[2][3] >> 7); - iv[2][3] = (iv[2][3] << 1) | (iv[3][0] >> 7); - iv[3][0] = (iv[3][0] << 1) | (iv[3][1] >> 7); - iv[3][1] = (iv[3][1] << 1) | (iv[3][2] >> 7); - iv[3][2] = (iv[3][2] << 1) | (iv[3][3] >> 7); - iv[3][3] = (iv[3][3] << 1) | ((outBuffer[k/8] >> (7-(k&7))) & 1); - } - } - break; - - default: - return BAD_CIPHER_STATE; - } - - return 128*numBlocks; -} - -/** - * Encrypt data partitioned in octets, using RFC 2040-like padding. - * - * @param input data to be encrypted (octet sequence) - * @param inputOctets input length in octets (not bits) - * @param outBuffer encrypted output data - * - * @return length in octets (not bits) of the encrypted output buffer. - */ -int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputOctets, BYTE *outBuffer) { - int i, numBlocks, padLen; - word8 block[16], *iv, *cp; - - if (cipher == NULL || - key == NULL || - key->direction == DIR_DECRYPT) { - return BAD_CIPHER_STATE; - } - if (input == NULL || inputOctets <= 0) { - return 0; /* nothing to do */ - } - - numBlocks = inputOctets/16; - - switch (cipher->mode) { - case MODE_ECB: - for (i = numBlocks; i > 0; i--) { - rijndaelEncrypt(input, outBuffer, key->keySched, key->ROUNDS); - input += 16; - outBuffer += 16; - } - padLen = 16 - (inputOctets - 16*numBlocks); - if (padLen > 0 && padLen <= 16) - panic("rijndael_padEncrypt(ECB)"); - bcopy(input, block, 16 - padLen); - for (cp = block + 16 - padLen; cp < block + 16; cp++) - *cp = padLen; - rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); - break; - - case MODE_CBC: - iv = cipher->IV; - for (i = numBlocks; i > 0; i--) { - ((word32*)block)[0] = ((word32*)input)[0] ^ ((word32*)iv)[0]; - ((word32*)block)[1] = ((word32*)input)[1] ^ ((word32*)iv)[1]; - ((word32*)block)[2] = ((word32*)input)[2] ^ ((word32*)iv)[2]; - ((word32*)block)[3] = ((word32*)input)[3] ^ ((word32*)iv)[3]; - rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); - iv = outBuffer; - input += 16; - outBuffer += 16; - } -#if 0 /*XXX i'm not sure that is correct. sakane@kame.net */ - padLen = 16 - (inputOctets - 16*numBlocks); -#else - padLen = 16 - inputOctets % 16; - if (padLen == 16) - padLen = 0; -#endif - if (padLen > 0 && padLen <= 16) - panic("rijndael_padEncrypt(CBC)"); - for (i = 0; i < 16 - padLen; i++) { - block[i] = input[i] ^ iv[i]; - } - for (i = 16 - padLen; i < 16; i++) { - block[i] = (BYTE)padLen ^ iv[i]; - } - rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); - break; - - default: - return BAD_CIPHER_STATE; - } - - return 16*(numBlocks + 1); -} - -int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputLen, BYTE *outBuffer) { - int i, k, numBlocks; - word8 block[16], iv[4][4]; - - if (cipher == NULL || - key == NULL || - (cipher->mode != MODE_CFB1 && key->direction == DIR_ENCRYPT)) { - return BAD_CIPHER_STATE; - } - if (input == NULL || inputLen <= 0) { - return 0; /* nothing to do */ - } - - numBlocks = inputLen/128; - - switch (cipher->mode) { - case MODE_ECB: - for (i = numBlocks; i > 0; i--) { - rijndaelDecrypt(input, outBuffer, key->keySched, key->ROUNDS); - input += 16; - outBuffer += 16; - } - break; - - case MODE_CBC: -#if 0 /*STRICT_ALIGN */ - bcopy(cipher->IV, iv, 16); -#else - *((word32*)iv[0]) = *((word32*)(cipher->IV )); - *((word32*)iv[1]) = *((word32*)(cipher->IV+ 4)); - *((word32*)iv[2]) = *((word32*)(cipher->IV+ 8)); - *((word32*)iv[3]) = *((word32*)(cipher->IV+12)); -#endif - for (i = numBlocks; i > 0; i--) { - rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); - ((word32*)block)[0] ^= *((word32*)iv[0]); - ((word32*)block)[1] ^= *((word32*)iv[1]); - ((word32*)block)[2] ^= *((word32*)iv[2]); - ((word32*)block)[3] ^= *((word32*)iv[3]); -#if 0 /*STRICT_ALIGN*/ - bcopy(input, iv, 16); - bcopy(block, outBuffer, 16); -#else - *((word32*)iv[0]) = ((word32*)input)[0]; ((word32*)outBuffer)[0] = ((word32*)block)[0]; - *((word32*)iv[1]) = ((word32*)input)[1]; ((word32*)outBuffer)[1] = ((word32*)block)[1]; - *((word32*)iv[2]) = ((word32*)input)[2]; ((word32*)outBuffer)[2] = ((word32*)block)[2]; - *((word32*)iv[3]) = ((word32*)input)[3]; ((word32*)outBuffer)[3] = ((word32*)block)[3]; -#endif - input += 16; - outBuffer += 16; - } - break; - - case MODE_CFB1: -#if 0 /*STRICT_ALIGN */ - bcopy(cipher->IV, iv, 16); -#else - *((word32*)iv[0]) = *((word32*)(cipher->IV)); - *((word32*)iv[1]) = *((word32*)(cipher->IV+ 4)); - *((word32*)iv[2]) = *((word32*)(cipher->IV+ 8)); - *((word32*)iv[3]) = *((word32*)(cipher->IV+12)); -#endif - for (i = numBlocks; i > 0; i--) { - for (k = 0; k < 128; k++) { - *((word32*) block ) = *((word32*)iv[0]); - *((word32*)(block+ 4)) = *((word32*)iv[1]); - *((word32*)(block+ 8)) = *((word32*)iv[2]); - *((word32*)(block+12)) = *((word32*)iv[3]); - rijndaelEncrypt(block, block, key->keySched, key->ROUNDS); - iv[0][0] = (iv[0][0] << 1) | (iv[0][1] >> 7); - iv[0][1] = (iv[0][1] << 1) | (iv[0][2] >> 7); - iv[0][2] = (iv[0][2] << 1) | (iv[0][3] >> 7); - iv[0][3] = (iv[0][3] << 1) | (iv[1][0] >> 7); - iv[1][0] = (iv[1][0] << 1) | (iv[1][1] >> 7); - iv[1][1] = (iv[1][1] << 1) | (iv[1][2] >> 7); - iv[1][2] = (iv[1][2] << 1) | (iv[1][3] >> 7); - iv[1][3] = (iv[1][3] << 1) | (iv[2][0] >> 7); - iv[2][0] = (iv[2][0] << 1) | (iv[2][1] >> 7); - iv[2][1] = (iv[2][1] << 1) | (iv[2][2] >> 7); - iv[2][2] = (iv[2][2] << 1) | (iv[2][3] >> 7); - iv[2][3] = (iv[2][3] << 1) | (iv[3][0] >> 7); - iv[3][0] = (iv[3][0] << 1) | (iv[3][1] >> 7); - iv[3][1] = (iv[3][1] << 1) | (iv[3][2] >> 7); - iv[3][2] = (iv[3][2] << 1) | (iv[3][3] >> 7); - iv[3][3] = (iv[3][3] << 1) | ((input[k/8] >> (7-(k&7))) & 1); - outBuffer[k/8] ^= (block[0] & 0x80) >> (k & 7); - } - } - break; - - default: - return BAD_CIPHER_STATE; - } - - return 128*numBlocks; -} - -int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputOctets, BYTE *outBuffer) { - int i, numBlocks, padLen; - word8 block[16]; - word32 iv[4]; - - if (cipher == NULL || - key == NULL || - key->direction == DIR_ENCRYPT) { - return BAD_CIPHER_STATE; - } - if (input == NULL || inputOctets <= 0) { - return 0; /* nothing to do */ - } - if (inputOctets % 16 != 0) { - return BAD_DATA; - } - - numBlocks = inputOctets/16; - - switch (cipher->mode) { - case MODE_ECB: - /* all blocks but last */ - for (i = numBlocks - 1; i > 0; i--) { - rijndaelDecrypt(input, outBuffer, key->keySched, key->ROUNDS); - input += 16; - outBuffer += 16; - } - /* last block */ - rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); - padLen = block[15]; - if (padLen >= 16) { - return BAD_DATA; - } - for (i = 16 - padLen; i < 16; i++) { - if (block[i] != padLen) { - return BAD_DATA; - } - } - bcopy(block, outBuffer, 16 - padLen); - break; - - case MODE_CBC: - bcopy(cipher->IV, iv, 16); - /* all blocks but last */ - for (i = numBlocks - 1; i > 0; i--) { - rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); - ((word32*)block)[0] ^= iv[0]; - ((word32*)block)[1] ^= iv[1]; - ((word32*)block)[2] ^= iv[2]; - ((word32*)block)[3] ^= iv[3]; - bcopy(input, iv, 16); - bcopy(block, outBuffer, 16); - input += 16; - outBuffer += 16; - } - /* last block */ - rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); - ((word32*)block)[0] ^= iv[0]; - ((word32*)block)[1] ^= iv[1]; - ((word32*)block)[2] ^= iv[2]; - ((word32*)block)[3] ^= iv[3]; - padLen = block[15]; - if (padLen <= 0 || padLen > 16) { - return BAD_DATA; - } - for (i = 16 - padLen; i < 16; i++) { - if (block[i] != padLen) { - return BAD_DATA; - } - } - bcopy(block, outBuffer, 16 - padLen); - break; - - default: - return BAD_CIPHER_STATE; - } - - return 16*numBlocks - padLen; -} - -#ifdef INTERMEDIATE_VALUE_KAT -/** - * cipherUpdateRounds: - * - * Encrypts/Decrypts exactly one full block a specified number of rounds. - * Only used in the Intermediate Value Known Answer Test. - * - * Returns: - * TRUE - on success - * BAD_CIPHER_STATE - cipher in bad state (e.g., not initialized) - */ -int rijndael_cipherUpdateRounds(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputLen, BYTE *outBuffer, int rounds) { - int j; - word8 block[4][4]; - - if (cipher == NULL || key == NULL) { - return BAD_CIPHER_STATE; - } - - for (j = 3; j >= 0; j--) { - /* parse input stream into rectangular array */ - *((word32*)block[j]) = *((word32*)(input+4*j)); - } - - switch (key->direction) { - case DIR_ENCRYPT: - rijndaelEncryptRound(block, key->keySched, key->ROUNDS, rounds); - break; - - case DIR_DECRYPT: - rijndaelDecryptRound(block, key->keySched, key->ROUNDS, rounds); - break; - - default: - return BAD_KEY_DIR; - } - - for (j = 3; j >= 0; j--) { - /* parse rectangular array into output ciphertext bytes */ - *((word32*)(outBuffer+4*j)) = *((word32*)block[j]); - } - - return TRUE; -} -#endif /* INTERMEDIATE_VALUE_KAT */ diff --git a/eaytest.tproj/rijndael-api-fst.h b/eaytest.tproj/rijndael-api-fst.h deleted file mode 100644 index 75b99c3..0000000 --- a/eaytest.tproj/rijndael-api-fst.h +++ /dev/null @@ -1,103 +0,0 @@ -/* $KAME: rijndael-api-fst.h,v 1.6 2001/05/27 00:23:23 itojun Exp $ */ - -/* - * rijndael-api-fst.h v2.3 April '2000 - * - * Optimised ANSI C code - * - * #define INTERMEDIATE_VALUE_KAT to generate the Intermediate Value Known Answer Test. - */ - -#ifndef __RIJNDAEL_API_FST_H -#define __RIJNDAEL_API_FST_H - -#include - -/* Defines: - Add any additional defines you need -*/ - -#define DIR_ENCRYPT 0 /* Are we encrpyting? */ -#define DIR_DECRYPT 1 /* Are we decrpyting? */ -#define MODE_ECB 1 /* Are we ciphering in ECB mode? */ -#define MODE_CBC 2 /* Are we ciphering in CBC mode? */ -#define MODE_CFB1 3 /* Are we ciphering in 1-bit CFB mode? */ -#define TRUE 1 -#define FALSE 0 -#define BITSPERBLOCK 128 /* Default number of bits in a cipher block */ - -/* Error Codes - CHANGE POSSIBLE: inclusion of additional error codes */ -#define BAD_KEY_DIR -1 /* Key direction is invalid, e.g., unknown value */ -#define BAD_KEY_MAT -2 /* Key material not of correct length */ -#define BAD_KEY_INSTANCE -3 /* Key passed is not valid */ -#define BAD_CIPHER_MODE -4 /* Params struct passed to cipherInit invalid */ -#define BAD_CIPHER_STATE -5 /* Cipher in wrong state (e.g., not initialized) */ -#define BAD_BLOCK_LENGTH -6 -#define BAD_CIPHER_INSTANCE -7 -#define BAD_DATA -8 /* Data contents are invalid, e.g., invalid padding */ -#define BAD_OTHER -9 /* Unknown error */ - -/* CHANGE POSSIBLE: inclusion of algorithm specific defines */ -#define MAX_KEY_SIZE 64 /* # of ASCII char's needed to represent a key */ -#define MAX_IV_SIZE 16 /* # bytes needed to represent an IV */ - -/* Typedefs: - - Typedef'ed data storage elements. Add any algorithm specific -parameters at the bottom of the structs as appropriate. -*/ - -/* The structure for key information */ -typedef struct { - u_int8_t direction; /* Key used for encrypting or decrypting? */ - int keyLen; /* Length of the key */ - char keyMaterial[MAX_KEY_SIZE+1]; /* Raw key data in ASCII, e.g., user input or KAT values */ - /* The following parameters are algorithm dependent, replace or add as necessary */ - int ROUNDS; /* key-length-dependent number of rounds */ - int blockLen; /* block length */ - union { - u_int8_t xkS8[RIJNDAEL_MAXROUNDS+1][4][4]; /* key schedule */ - u_int32_t xkS32[RIJNDAEL_MAXROUNDS+1][4]; /* key schedule */ - } xKeySched; -#define keySched xKeySched.xkS8 -} keyInstance; - -/* The structure for cipher information */ -typedef struct { /* changed order of the components */ - u_int8_t mode; /* MODE_ECB, MODE_CBC, or MODE_CFB1 */ - u_int8_t IV[MAX_IV_SIZE]; /* A possible Initialization Vector for ciphering */ - /* Add any algorithm specific parameters needed here */ - int blockLen; /* Sample: Handles non-128 bit block sizes (if available) */ -} cipherInstance; - -/* Function prototypes */ -/* CHANGED: nothing - TODO: implement the following extensions to setup 192-bit and 256-bit block lengths: - makeKeyEx(): parameter blockLen added - -- this parameter is absolutely necessary if you want to - setup the round keys in a variable block length setting - cipherInitEx(): parameter blockLen added (for obvious reasons) - */ - -int rijndael_makeKey(keyInstance *key, u_int8_t direction, int keyLen, char *keyMaterial); - -int rijndael_cipherInit(cipherInstance *cipher, u_int8_t mode, char *IV); - -int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key, - u_int8_t *input, int inputLen, u_int8_t *outBuffer); - -int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key, - u_int8_t *input, int inputOctets, u_int8_t *outBuffer); - -int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key, - u_int8_t *input, int inputLen, u_int8_t *outBuffer); - -int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key, - u_int8_t *input, int inputOctets, u_int8_t *outBuffer); - -#ifdef INTERMEDIATE_VALUE_KAT -int rijndael_cipherUpdateRounds(cipherInstance *cipher, keyInstance *key, - u_int8_t *input, int inputLen, u_int8_t *outBuffer, int Rounds); -#endif /* INTERMEDIATE_VALUE_KAT */ - -#endif /* __RIJNDAEL_API_FST_H */ diff --git a/eaytest.tproj/sha2.c b/eaytest.tproj/sha2.c deleted file mode 100644 index 80deb6a..0000000 --- a/eaytest.tproj/sha2.c +++ /dev/null @@ -1,1102 +0,0 @@ -/* $KAME: sha2.c,v 1.4 2001/09/02 08:59:55 itojun Exp $ */ - -/* - * sha2.c - * - * Version 1.0.0beta1 - * - * Written by Aaron D. Gifford - * - * Copyright 2000 Aaron D. Gifford. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the copyright holder nor the names of contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTOR(S) BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - - -#include -#include -#include -#include -#include - -#include -#include -#define bcopy(a, b, c) memcpy((b), (a), (c)) -#define bzero(a, b) memset((a), 0, (b)) -#define panic(a) err(1, (a)) - -/* - * ASSERT NOTE: - * Some sanity checking code is included using assert(). On my FreeBSD - * system, this additional code can be removed by compiling with NDEBUG - * defined. Check your own systems manpage on assert() to see how to - * compile WITHOUT the sanity checking code on your system. - * - * UNROLLED TRANSFORM LOOP NOTE: - * You can define SHA2_UNROLL_TRANSFORM to use the unrolled transform - * loop version for the hash transform rounds (defined using macros - * later in this file). Either define on the command line, for example: - * - * cc -DSHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c - * - * or define below: - * - * #define SHA2_UNROLL_TRANSFORM - * - */ - -#define assert(x) - - -/*** SHA-256/384/512 Machine Architecture Definitions *****************/ -/* - * BYTE_ORDER NOTE: - * - * Please make sure that your system defines BYTE_ORDER. If your - * architecture is little-endian, make sure it also defines - * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are - * equivilent. - * - * If your system does not define the above, then you can do so by - * hand like this: - * - * #define LITTLE_ENDIAN 1234 - * #define BIG_ENDIAN 4321 - * - * And for little-endian machines, add: - * - * #define BYTE_ORDER LITTLE_ENDIAN - * - * Or for big-endian machines: - * - * #define BYTE_ORDER BIG_ENDIAN - * - * The FreeBSD machine this was written on defines BYTE_ORDER - * appropriately by including (which in turn includes - * where the appropriate definitions are actually - * made). - */ -#if !defined(BYTE_ORDER) || (BYTE_ORDER != LITTLE_ENDIAN && BYTE_ORDER != BIG_ENDIAN) -#error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN -#endif - -/* - * Define the followingsha2_* types to types of the correct length on - * the native archtecture. Most BSD systems and Linux define u_intXX_t - * types. Machines with very recent ANSI C headers, can use the - * uintXX_t definintions from inttypes.h by defining SHA2_USE_INTTYPES_H - * during compile or in the sha.h header file. - * - * Machines that support neither u_intXX_t nor inttypes.h's uintXX_t - * will need to define these three typedefs below (and the appropriate - * ones in sha.h too) by hand according to their system architecture. - * - * Thank you, Jun-ichiro itojun Hagino, for suggesting using u_intXX_t - * types and pointing out recent ANSI C support for uintXX_t in inttypes.h. - */ -#if 0 /*def SHA2_USE_INTTYPES_H*/ - -typedef uint8_t sha2_byte; /* Exactly 1 byte */ -typedef uint32_t sha2_word32; /* Exactly 4 bytes */ -typedef uint64_t sha2_word64; /* Exactly 8 bytes */ - -#else /* SHA2_USE_INTTYPES_H */ - -typedef u_int8_t sha2_byte; /* Exactly 1 byte */ -typedef u_int32_t sha2_word32; /* Exactly 4 bytes */ -typedef u_int64_t sha2_word64; /* Exactly 8 bytes */ - -#endif /* SHA2_USE_INTTYPES_H */ - - -/*** SHA-256/384/512 Various Length Definitions ***********************/ -/* NOTE: Most of these are in sha2.h */ -#define SHA256_SHORT_BLOCK_LENGTH (SHA256_BLOCK_LENGTH - 8) -#define SHA384_SHORT_BLOCK_LENGTH (SHA384_BLOCK_LENGTH - 16) -#define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16) - - -/*** ENDIAN REVERSAL MACROS *******************************************/ -#if BYTE_ORDER == LITTLE_ENDIAN -#define REVERSE32(w,x) { \ - sha2_word32 tmp = (w); \ - tmp = (tmp >> 16) | (tmp << 16); \ - (x) = ((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8); \ -} -#define REVERSE64(w,x) { \ - sha2_word64 tmp = (w); \ - tmp = (tmp >> 32) | (tmp << 32); \ - tmp = ((tmp & 0xff00ff00ff00ff00ULL) >> 8) | \ - ((tmp & 0x00ff00ff00ff00ffULL) << 8); \ - (x) = ((tmp & 0xffff0000ffff0000ULL) >> 16) | \ - ((tmp & 0x0000ffff0000ffffULL) << 16); \ -} -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - -/* - * Macro for incrementally adding the unsigned 64-bit integer n to the - * unsigned 128-bit integer (represented using a two-element array of - * 64-bit words): - */ -#define ADDINC128(w,n) { \ - (w)[0] += (sha2_word64)(n); \ - if ((w)[0] < (n)) { \ - (w)[1]++; \ - } \ -} - -/*** THE SIX LOGICAL FUNCTIONS ****************************************/ -/* - * Bit shifting and rotation (used by the six SHA-XYZ logical functions: - * - * NOTE: The naming of R and S appears backwards here (R is a SHIFT and - * S is a ROTATION) because the SHA-256/384/512 description document - * (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this - * same "backwards" definition. - */ -/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */ -#define R(b,x) ((x) >> (b)) -/* 32-bit Rotate-right (used in SHA-256): */ -#define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b)))) -/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */ -#define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b)))) - -/* Two of six logical functions used in SHA-256, SHA-384, and SHA-512: */ -#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) -#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) - -/* Four of six logical functions used in SHA-256: */ -#define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x))) -#define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x))) -#define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x))) -#define sigma1_256(x) (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x))) - -/* Four of six logical functions used in SHA-384 and SHA-512: */ -#define Sigma0_512(x) (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x))) -#define Sigma1_512(x) (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x))) -#define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x))) -#define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x))) - -/*** INTERNAL FUNCTION PROTOTYPES *************************************/ -/* NOTE: These should not be accessed directly from outside this - * library -- they are intended for private internal visibility/use - * only. - */ -void SHA512_Last(SHA512_CTX*); -void SHA256_Transform(SHA256_CTX*, const sha2_word32*); -void SHA512_Transform(SHA512_CTX*, const sha2_word64*); - - -/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/ -/* Hash constant words K for SHA-256: */ -const static sha2_word32 K256[64] = { - 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, - 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, - 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, - 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL, - 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL, - 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, - 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, - 0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL, - 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL, - 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, - 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, - 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, - 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL, - 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL, - 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, - 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL -}; - -/* Initial hash value H for SHA-256: */ -const static sha2_word32 sha256_initial_hash_value[8] = { - 0x6a09e667UL, - 0xbb67ae85UL, - 0x3c6ef372UL, - 0xa54ff53aUL, - 0x510e527fUL, - 0x9b05688cUL, - 0x1f83d9abUL, - 0x5be0cd19UL -}; - -/* Hash constant words K for SHA-384 and SHA-512: */ -const static sha2_word64 K512[80] = { - 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, - 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, - 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, - 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, - 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL, - 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, - 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, - 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL, - 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, - 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, - 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, - 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, - 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, - 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, - 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, - 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, - 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, - 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, - 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, - 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, - 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, - 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, - 0xd192e819d6ef5218ULL, 0xd69906245565a910ULL, - 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, - 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, - 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, - 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, - 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, - 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, - 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, - 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, - 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, - 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, - 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, - 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, - 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, - 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, - 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL, - 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, - 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL -}; - -/* Initial hash value H for SHA-384 */ -const static sha2_word64 sha384_initial_hash_value[8] = { - 0xcbbb9d5dc1059ed8ULL, - 0x629a292a367cd507ULL, - 0x9159015a3070dd17ULL, - 0x152fecd8f70e5939ULL, - 0x67332667ffc00b31ULL, - 0x8eb44a8768581511ULL, - 0xdb0c2e0d64f98fa7ULL, - 0x47b5481dbefa4fa4ULL -}; - -/* Initial hash value H for SHA-512 */ -const static sha2_word64 sha512_initial_hash_value[8] = { - 0x6a09e667f3bcc908ULL, - 0xbb67ae8584caa73bULL, - 0x3c6ef372fe94f82bULL, - 0xa54ff53a5f1d36f1ULL, - 0x510e527fade682d1ULL, - 0x9b05688c2b3e6c1fULL, - 0x1f83d9abfb41bd6bULL, - 0x5be0cd19137e2179ULL -}; - -/* - * Constant used by SHA256/384/512_End() functions for converting the - * digest to a readable hexadecimal character string: - */ -static const char *sha2_hex_digits = "0123456789abcdef"; - - -/*** SHA-256: *********************************************************/ -void SHA256_Init(SHA256_CTX* context) { - if (context == (SHA256_CTX*)0) { - return; - } - bcopy(sha256_initial_hash_value, context->state, SHA256_DIGEST_LENGTH); - bzero(context->buffer, SHA256_BLOCK_LENGTH); - context->bitcount = 0; -} - -#ifdef SHA2_UNROLL_TRANSFORM - -/* Unrolled SHA-256 round macros: */ - -#if BYTE_ORDER == LITTLE_ENDIAN - -#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \ - REVERSE32(*data++, W256[j]); \ - T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \ - K256[j] + W256[j]; \ - (d) += T1; \ - (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ - j++ - - -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - -#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \ - T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \ - K256[j] + (W256[j] = *data++); \ - (d) += T1; \ - (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ - j++ - -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - -#define ROUND256(a,b,c,d,e,f,g,h) \ - s0 = W256[(j+1)&0x0f]; \ - s0 = sigma0_256(s0); \ - s1 = W256[(j+14)&0x0f]; \ - s1 = sigma1_256(s1); \ - T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + K256[j] + \ - (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \ - (d) += T1; \ - (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ - j++ - -void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) { - sha2_word32 a, b, c, d, e, f, g, h, s0, s1; - sha2_word32 T1, *W256; - int j; - - W256 = (sha2_word32*)context->buffer; - - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; - - j = 0; - do { - /* Rounds 0 to 15 (unrolled): */ - ROUND256_0_TO_15(a,b,c,d,e,f,g,h); - ROUND256_0_TO_15(h,a,b,c,d,e,f,g); - ROUND256_0_TO_15(g,h,a,b,c,d,e,f); - ROUND256_0_TO_15(f,g,h,a,b,c,d,e); - ROUND256_0_TO_15(e,f,g,h,a,b,c,d); - ROUND256_0_TO_15(d,e,f,g,h,a,b,c); - ROUND256_0_TO_15(c,d,e,f,g,h,a,b); - ROUND256_0_TO_15(b,c,d,e,f,g,h,a); - } while (j < 16); - - /* Now for the remaining rounds to 64: */ - do { - ROUND256(a,b,c,d,e,f,g,h); - ROUND256(h,a,b,c,d,e,f,g); - ROUND256(g,h,a,b,c,d,e,f); - ROUND256(f,g,h,a,b,c,d,e); - ROUND256(e,f,g,h,a,b,c,d); - ROUND256(d,e,f,g,h,a,b,c); - ROUND256(c,d,e,f,g,h,a,b); - ROUND256(b,c,d,e,f,g,h,a); - } while (j < 64); - - /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; - - /* Clean up */ - a = b = c = d = e = f = g = h = T1 = 0; -} - -#else /* SHA2_UNROLL_TRANSFORM */ - -void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) { - sha2_word32 a, b, c, d, e, f, g, h, s0, s1; - sha2_word32 T1, T2, *W256; - int j; - - W256 = (sha2_word32*)context->buffer; - - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; - - j = 0; - do { -#if BYTE_ORDER == LITTLE_ENDIAN - /* Copy data while converting to host byte order */ - REVERSE32(*data++,W256[j]); - /* Apply the SHA-256 compression function to update a..h */ - T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j]; -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - /* Apply the SHA-256 compression function to update a..h with copy */ - T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + (W256[j] = *data++); -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - T2 = Sigma0_256(a) + Maj(a, b, c); - h = g; - g = f; - f = e; - e = d + T1; - d = c; - c = b; - b = a; - a = T1 + T2; - - j++; - } while (j < 16); - - do { - /* Part of the message block expansion: */ - s0 = W256[(j+1)&0x0f]; - s0 = sigma0_256(s0); - s1 = W256[(j+14)&0x0f]; - s1 = sigma1_256(s1); - - /* Apply the SHA-256 compression function to update a..h */ - T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + - (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); - T2 = Sigma0_256(a) + Maj(a, b, c); - h = g; - g = f; - f = e; - e = d + T1; - d = c; - c = b; - b = a; - a = T1 + T2; - - j++; - } while (j < 64); - - /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; - - /* Clean up */ - a = b = c = d = e = f = g = h = T1 = T2 = 0; -} - -#endif /* SHA2_UNROLL_TRANSFORM */ - -void SHA256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) { - unsigned int freespace, usedspace; - - if (len == 0) { - /* Calling with no data is valid - we do nothing */ - return; - } - - /* Sanity check: */ - assert(context != (SHA256_CTX*)0 && data != (sha2_byte*)0); - - usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH; - if (usedspace > 0) { - /* Calculate how much free space is available in the buffer */ - freespace = SHA256_BLOCK_LENGTH - usedspace; - - if (len >= freespace) { - /* Fill the buffer completely and process it */ - bcopy(data, &context->buffer[usedspace], freespace); - context->bitcount += freespace << 3; - len -= freespace; - data += freespace; - SHA256_Transform(context, (sha2_word32*)context->buffer); - } else { - /* The buffer is not yet full */ - bcopy(data, &context->buffer[usedspace], len); - context->bitcount += len << 3; - /* Clean up: */ - usedspace = freespace = 0; - return; - } - } - while (len >= SHA256_BLOCK_LENGTH) { - /* Process as many complete blocks as we can */ - SHA256_Transform(context, (const sha2_word32*)data); - context->bitcount += SHA256_BLOCK_LENGTH << 3; - len -= SHA256_BLOCK_LENGTH; - data += SHA256_BLOCK_LENGTH; - } - if (len > 0) { - /* There's left-overs, so save 'em */ - bcopy(data, context->buffer, len); - context->bitcount += len << 3; - } - /* Clean up: */ - usedspace = freespace = 0; -} - -void SHA256_Final(sha2_byte digest[], SHA256_CTX* context) { - sha2_word32 *d = (sha2_word32*)digest; - unsigned int usedspace; - - /* Sanity check: */ - assert(context != (SHA256_CTX*)0); - - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (sha2_byte*)0) { - usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH; -#if BYTE_ORDER == LITTLE_ENDIAN - /* Convert FROM host byte order */ - REVERSE64(context->bitcount,context->bitcount); -#endif - if (usedspace > 0) { - /* Begin padding with a 1 bit: */ - context->buffer[usedspace++] = 0x80; - - if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) { - /* Set-up for the last transform: */ - bzero(&context->buffer[usedspace], SHA256_SHORT_BLOCK_LENGTH - usedspace); - } else { - if (usedspace < SHA256_BLOCK_LENGTH) { - bzero(&context->buffer[usedspace], SHA256_BLOCK_LENGTH - usedspace); - } - /* Do second-to-last transform: */ - SHA256_Transform(context, (sha2_word32*)context->buffer); - - /* And set-up for the last transform: */ - bzero(context->buffer, SHA256_SHORT_BLOCK_LENGTH); - } - } else { - /* Set-up for the last transform: */ - bzero(context->buffer, SHA256_SHORT_BLOCK_LENGTH); - - /* Begin padding with a 1 bit: */ - *context->buffer = 0x80; - } - /* Set the bit count: */ - *(sha2_word64*)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount; - - /* Final transform: */ - SHA256_Transform(context, (sha2_word32*)context->buffer); - -#if BYTE_ORDER == LITTLE_ENDIAN - { - /* Convert TO host byte order */ - int j; - for (j = 0; j < 8; j++) { - REVERSE32(context->state[j],context->state[j]); - *d++ = context->state[j]; - } - } -#else - bcopy(context->state, d, SHA256_DIGEST_LENGTH); -#endif - } - - /* Clean up state data: */ - bzero(context, sizeof(context)); - usedspace = 0; -} - -char *SHA256_End(SHA256_CTX* context, char buffer[]) { - sha2_byte digest[SHA256_DIGEST_LENGTH], *d = digest; - int i; - - /* Sanity check: */ - assert(context != (SHA256_CTX*)0); - - if (buffer != (char*)0) { - SHA256_Final(digest, context); - - for (i = 0; i < SHA256_DIGEST_LENGTH; i++) { - *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; - *buffer++ = sha2_hex_digits[*d & 0x0f]; - d++; - } - *buffer = (char)0; - } else { - bzero(context, sizeof(context)); - } - bzero(digest, SHA256_DIGEST_LENGTH); - return buffer; -} - -char* SHA256_Data(const sha2_byte* data, size_t len, char digest[SHA256_DIGEST_STRING_LENGTH]) { - SHA256_CTX context; - - SHA256_Init(&context); - SHA256_Update(&context, data, len); - return SHA256_End(&context, digest); -} - - -/*** SHA-512: *********************************************************/ -void SHA512_Init(SHA512_CTX* context) { - if (context == (SHA512_CTX*)0) { - return; - } - bcopy(sha512_initial_hash_value, context->state, SHA512_DIGEST_LENGTH); - bzero(context->buffer, SHA512_BLOCK_LENGTH); - context->bitcount[0] = context->bitcount[1] = 0; -} - -#ifdef SHA2_UNROLL_TRANSFORM - -/* Unrolled SHA-512 round macros: */ -#if BYTE_ORDER == LITTLE_ENDIAN - -#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \ - REVERSE64(*data++, W512[j]); \ - T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \ - K512[j] + W512[j]; \ - (d) += T1, \ - (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)), \ - j++ - - -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - -#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \ - T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \ - K512[j] + (W512[j] = *data++); \ - (d) += T1; \ - (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \ - j++ - -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - -#define ROUND512(a,b,c,d,e,f,g,h) \ - s0 = W512[(j+1)&0x0f]; \ - s0 = sigma0_512(s0); \ - s1 = W512[(j+14)&0x0f]; \ - s1 = sigma1_512(s1); \ - T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + K512[j] + \ - (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \ - (d) += T1; \ - (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \ - j++ - -void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) { - sha2_word64 a, b, c, d, e, f, g, h, s0, s1; - sha2_word64 T1, *W512 = (sha2_word64*)context->buffer; - int j; - - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; - - j = 0; - do { - ROUND512_0_TO_15(a,b,c,d,e,f,g,h); - ROUND512_0_TO_15(h,a,b,c,d,e,f,g); - ROUND512_0_TO_15(g,h,a,b,c,d,e,f); - ROUND512_0_TO_15(f,g,h,a,b,c,d,e); - ROUND512_0_TO_15(e,f,g,h,a,b,c,d); - ROUND512_0_TO_15(d,e,f,g,h,a,b,c); - ROUND512_0_TO_15(c,d,e,f,g,h,a,b); - ROUND512_0_TO_15(b,c,d,e,f,g,h,a); - } while (j < 16); - - /* Now for the remaining rounds up to 79: */ - do { - ROUND512(a,b,c,d,e,f,g,h); - ROUND512(h,a,b,c,d,e,f,g); - ROUND512(g,h,a,b,c,d,e,f); - ROUND512(f,g,h,a,b,c,d,e); - ROUND512(e,f,g,h,a,b,c,d); - ROUND512(d,e,f,g,h,a,b,c); - ROUND512(c,d,e,f,g,h,a,b); - ROUND512(b,c,d,e,f,g,h,a); - } while (j < 80); - - /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; - - /* Clean up */ - a = b = c = d = e = f = g = h = T1 = 0; -} - -#else /* SHA2_UNROLL_TRANSFORM */ - -void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) { - sha2_word64 a, b, c, d, e, f, g, h, s0, s1; - sha2_word64 T1, T2, *W512 = (sha2_word64*)context->buffer; - int j; - - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; - - j = 0; - do { -#if BYTE_ORDER == LITTLE_ENDIAN - /* Convert TO host byte order */ - REVERSE64(*data++, W512[j]); - /* Apply the SHA-512 compression function to update a..h */ - T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j]; -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - /* Apply the SHA-512 compression function to update a..h with copy */ - T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + (W512[j] = *data++); -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - T2 = Sigma0_512(a) + Maj(a, b, c); - h = g; - g = f; - f = e; - e = d + T1; - d = c; - c = b; - b = a; - a = T1 + T2; - - j++; - } while (j < 16); - - do { - /* Part of the message block expansion: */ - s0 = W512[(j+1)&0x0f]; - s0 = sigma0_512(s0); - s1 = W512[(j+14)&0x0f]; - s1 = sigma1_512(s1); - - /* Apply the SHA-512 compression function to update a..h */ - T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + - (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); - T2 = Sigma0_512(a) + Maj(a, b, c); - h = g; - g = f; - f = e; - e = d + T1; - d = c; - c = b; - b = a; - a = T1 + T2; - - j++; - } while (j < 80); - - /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; - - /* Clean up */ - a = b = c = d = e = f = g = h = T1 = T2 = 0; -} - -#endif /* SHA2_UNROLL_TRANSFORM */ - -void SHA512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) { - unsigned int freespace, usedspace; - - if (len == 0) { - /* Calling with no data is valid - we do nothing */ - return; - } - - /* Sanity check: */ - assert(context != (SHA512_CTX*)0 && data != (sha2_byte*)0); - - usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH; - if (usedspace > 0) { - /* Calculate how much free space is available in the buffer */ - freespace = SHA512_BLOCK_LENGTH - usedspace; - - if (len >= freespace) { - /* Fill the buffer completely and process it */ - bcopy(data, &context->buffer[usedspace], freespace); - ADDINC128(context->bitcount, freespace << 3); - len -= freespace; - data += freespace; - SHA512_Transform(context, (sha2_word64*)context->buffer); - } else { - /* The buffer is not yet full */ - bcopy(data, &context->buffer[usedspace], len); - ADDINC128(context->bitcount, len << 3); - /* Clean up: */ - usedspace = freespace = 0; - return; - } - } - while (len >= SHA512_BLOCK_LENGTH) { - /* Process as many complete blocks as we can */ - SHA512_Transform(context, (const sha2_word64*)data); - ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3); - len -= SHA512_BLOCK_LENGTH; - data += SHA512_BLOCK_LENGTH; - } - if (len > 0) { - /* There's left-overs, so save 'em */ - bcopy(data, context->buffer, len); - ADDINC128(context->bitcount, len << 3); - } - /* Clean up: */ - usedspace = freespace = 0; -} - -void SHA512_Last(SHA512_CTX* context) { - unsigned int usedspace; - - usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH; -#if BYTE_ORDER == LITTLE_ENDIAN - /* Convert FROM host byte order */ - REVERSE64(context->bitcount[0],context->bitcount[0]); - REVERSE64(context->bitcount[1],context->bitcount[1]); -#endif - if (usedspace > 0) { - /* Begin padding with a 1 bit: */ - context->buffer[usedspace++] = 0x80; - - if (usedspace <= SHA512_SHORT_BLOCK_LENGTH) { - /* Set-up for the last transform: */ - bzero(&context->buffer[usedspace], SHA512_SHORT_BLOCK_LENGTH - usedspace); - } else { - if (usedspace < SHA512_BLOCK_LENGTH) { - bzero(&context->buffer[usedspace], SHA512_BLOCK_LENGTH - usedspace); - } - /* Do second-to-last transform: */ - SHA512_Transform(context, (sha2_word64*)context->buffer); - - /* And set-up for the last transform: */ - bzero(context->buffer, SHA512_BLOCK_LENGTH - 2); - } - } else { - /* Prepare for final transform: */ - bzero(context->buffer, SHA512_SHORT_BLOCK_LENGTH); - - /* Begin padding with a 1 bit: */ - *context->buffer = 0x80; - } - /* Store the length of input data (in bits): */ - *(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1]; - *(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0]; - - /* Final transform: */ - SHA512_Transform(context, (sha2_word64*)context->buffer); -} - -void SHA512_Final(sha2_byte digest[], SHA512_CTX* context) { - sha2_word64 *d = (sha2_word64*)digest; - - /* Sanity check: */ - assert(context != (SHA512_CTX*)0); - - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (sha2_byte*)0) { - SHA512_Last(context); - - /* Save the hash data for output: */ -#if BYTE_ORDER == LITTLE_ENDIAN - { - /* Convert TO host byte order */ - int j; - for (j = 0; j < 8; j++) { - REVERSE64(context->state[j],context->state[j]); - *d++ = context->state[j]; - } - } -#else - bcopy(context->state, d, SHA512_DIGEST_LENGTH); -#endif - } - - /* Zero out state data */ - bzero(context, sizeof(context)); -} - -char *SHA512_End(SHA512_CTX* context, char buffer[]) { - sha2_byte digest[SHA512_DIGEST_LENGTH], *d = digest; - int i; - - /* Sanity check: */ - assert(context != (SHA512_CTX*)0); - - if (buffer != (char*)0) { - SHA512_Final(digest, context); - - for (i = 0; i < SHA512_DIGEST_LENGTH; i++) { - *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; - *buffer++ = sha2_hex_digits[*d & 0x0f]; - d++; - } - *buffer = (char)0; - } else { - bzero(context, sizeof(context)); - } - bzero(digest, SHA512_DIGEST_LENGTH); - return buffer; -} - -char* SHA512_Data(const sha2_byte* data, size_t len, char digest[SHA512_DIGEST_STRING_LENGTH]) { - SHA512_CTX context; - - SHA512_Init(&context); - SHA512_Update(&context, data, len); - return SHA512_End(&context, digest); -} - - -/*** SHA-384: *********************************************************/ -void SHA384_Init(SHA384_CTX* context) { - if (context == (SHA384_CTX*)0) { - return; - } - bcopy(sha384_initial_hash_value, context->state, SHA512_DIGEST_LENGTH); - bzero(context->buffer, SHA384_BLOCK_LENGTH); - context->bitcount[0] = context->bitcount[1] = 0; -} - -void SHA384_Update(SHA384_CTX* context, const sha2_byte* data, size_t len) { - SHA512_Update((SHA512_CTX*)context, data, len); -} - -void SHA384_Final(sha2_byte digest[], SHA384_CTX* context) { - sha2_word64 *d = (sha2_word64*)digest; - - /* Sanity check: */ - assert(context != (SHA384_CTX*)0); - - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (sha2_byte*)0) { - SHA512_Last((SHA512_CTX*)context); - - /* Save the hash data for output: */ -#if BYTE_ORDER == LITTLE_ENDIAN - { - /* Convert TO host byte order */ - int j; - for (j = 0; j < 6; j++) { - REVERSE64(context->state[j],context->state[j]); - *d++ = context->state[j]; - } - } -#else - bcopy(context->state, d, SHA384_DIGEST_LENGTH); -#endif - } - - /* Zero out state data */ - bzero(context, sizeof(context)); -} - -char *SHA384_End(SHA384_CTX* context, char buffer[]) { - sha2_byte digest[SHA384_DIGEST_LENGTH], *d = digest; - int i; - - /* Sanity check: */ - assert(context != (SHA384_CTX*)0); - - if (buffer != (char*)0) { - SHA384_Final(digest, context); - - for (i = 0; i < SHA384_DIGEST_LENGTH; i++) { - *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; - *buffer++ = sha2_hex_digits[*d & 0x0f]; - d++; - } - *buffer = (char)0; - } else { - bzero(context, sizeof(context)); - } - bzero(digest, SHA384_DIGEST_LENGTH); - return buffer; -} - -char* SHA384_Data(const sha2_byte* data, size_t len, char digest[SHA384_DIGEST_STRING_LENGTH]) { - SHA384_CTX context; - - SHA384_Init(&context); - SHA384_Update(&context, data, len); - return SHA384_End(&context, digest); -} - -/*glue*/ -static struct env_md_st sha2_256_md = { - 0, /*NID_sha1*/ - 0, /*NID_sha1WithRSAEncryption*/ - SHA256_DIGEST_LENGTH, - SHA256_Init, - SHA256_Update, - SHA256_Final, - NULL, NULL, {0, 0, 0, 0}, - SHA256_BLOCK_LENGTH, - sizeof(struct env_md_st *) + sizeof(SHA256_CTX), -}; - -struct env_md_st *EVP_sha2_256(void) -{ - return(&sha2_256_md); -} - -static struct env_md_st sha2_384_md = { - 0, /*NID_sha1*/ - 0, /*NID_sha1WithRSAEncryption*/ - SHA384_DIGEST_LENGTH, - SHA384_Init, - SHA384_Update, - SHA384_Final, - NULL, NULL, {0, 0, 0, 0}, - SHA384_BLOCK_LENGTH, - sizeof(struct env_md_st *) + sizeof(SHA384_CTX), -}; - -struct env_md_st *EVP_sha2_384(void) -{ - return(&sha2_384_md); -} - -static struct env_md_st sha2_512_md = { - 0, /*NID_sha1*/ - 0, /*NID_sha1WithRSAEncryption*/ - SHA512_DIGEST_LENGTH, - SHA512_Init, - SHA512_Update, - SHA512_Final, - NULL, NULL, {0, 0, 0, 0}, /*EVP_PKEY_RSA_method*/ - SHA512_BLOCK_LENGTH, - sizeof(struct env_md_st *) + sizeof(SHA512_CTX), -}; - -struct env_md_st *EVP_sha2_512(void) -{ - return(&sha2_512_md); -} diff --git a/eaytest.tproj/sha2.h b/eaytest.tproj/sha2.h deleted file mode 100644 index 65f1d45..0000000 --- a/eaytest.tproj/sha2.h +++ /dev/null @@ -1,144 +0,0 @@ -/* $KAME: sha2.h,v 1.1.1.1 2001/08/08 09:56:28 sakane Exp $ */ - -/* - * sha2.h - * - * Version 1.0.0beta1 - * - * Written by Aaron D. Gifford - * - * Copyright 2000 Aaron D. Gifford. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the copyright holder nor the names of contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTOR(S) BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#ifndef __SHA2_H__ -#define __SHA2_H__ - -#ifdef __cplusplus -extern "C" { -#endif - - -/*** SHA-256/384/512 Various Length Definitions ***********************/ -#define SHA256_BLOCK_LENGTH 64 -#define SHA256_DIGEST_LENGTH 32 -#define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1) -#define SHA384_BLOCK_LENGTH 128 -#define SHA384_DIGEST_LENGTH 48 -#define SHA384_DIGEST_STRING_LENGTH (SHA384_DIGEST_LENGTH * 2 + 1) -#define SHA512_BLOCK_LENGTH 128 -#define SHA512_DIGEST_LENGTH 64 -#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1) - - -/*** SHA-256/384/512 Context Structures *******************************/ -/* NOTE: If your architecture does not define either u_intXX_t types or - * uintXX_t (from inttypes.h), you may need to define things by hand - * for your system: - */ -#if 0 -typedef unsigned char u_int8_t; /* 1-byte (8-bits) */ -typedef unsigned int u_int32_t; /* 4-bytes (32-bits) */ -typedef unsigned long long u_int64_t; /* 8-bytes (64-bits) */ -#endif -/* - * Most BSD systems already define u_intXX_t types, as does Linux. - * Some systems, however, like Compaq's Tru64 Unix instead can use - * uintXX_t types defined by very recent ANSI C standards and included - * in the file: - * - * #include - * - * If you choose to use then please define: - * - * #define SHA2_USE_INTTYPES_H - * - * Or on the command line during compile: - * - * cc -DSHA2_USE_INTTYPES_H ... - */ -#if 0 /*def SHA2_USE_INTTYPES_H*/ - -typedef struct _SHA256_CTX { - uint32_t state[8]; - uint64_t bitcount; - uint8_t buffer[SHA256_BLOCK_LENGTH]; -} SHA256_CTX; -typedef struct _SHA512_CTX { - uint64_t state[8]; - uint64_t bitcount[2]; - uint8_t buffer[SHA512_BLOCK_LENGTH]; -} SHA512_CTX; - -#else /* SHA2_USE_INTTYPES_H */ - -typedef struct _SHA256_CTX { - u_int32_t state[8]; - u_int64_t bitcount; - u_int8_t buffer[SHA256_BLOCK_LENGTH]; -} SHA256_CTX; -typedef struct _SHA512_CTX { - u_int64_t state[8]; - u_int64_t bitcount[2]; - u_int8_t buffer[SHA512_BLOCK_LENGTH]; -} SHA512_CTX; - -#endif /* SHA2_USE_INTTYPES_H */ - -typedef SHA512_CTX SHA384_CTX; - - -/*** SHA-256/384/512 Function Prototypes ******************************/ - -void SHA256_Init __P((SHA256_CTX *)); -void SHA256_Update __P((SHA256_CTX*, const u_int8_t*, size_t)); -void SHA256_Final __P((u_int8_t[SHA256_DIGEST_LENGTH], SHA256_CTX*)); -char* SHA256_End __P((SHA256_CTX*, char[SHA256_DIGEST_STRING_LENGTH])); -char* SHA256_Data __P((const u_int8_t*, size_t, char[SHA256_DIGEST_STRING_LENGTH])); - -void SHA384_Init __P((SHA384_CTX*)); -void SHA384_Update __P((SHA384_CTX*, const u_int8_t*, size_t)); -void SHA384_Final __P((u_int8_t[SHA384_DIGEST_LENGTH], SHA384_CTX*)); -char* SHA384_End __P((SHA384_CTX*, char[SHA384_DIGEST_STRING_LENGTH])); -char* SHA384_Data __P((const u_int8_t*, size_t, char[SHA384_DIGEST_STRING_LENGTH])); - -void SHA512_Init __P((SHA512_CTX*)); -void SHA512_Update __P((SHA512_CTX*, const u_int8_t*, size_t)); -void SHA512_Final __P((u_int8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*)); -char* SHA512_End __P((SHA512_CTX*, char[SHA512_DIGEST_STRING_LENGTH])); -char* SHA512_Data __P((const u_int8_t*, size_t, char[SHA512_DIGEST_STRING_LENGTH])); - -struct env_md_st *EVP_sha2_256 __P((void)); -struct env_md_st *EVP_sha2_384 __P((void)); -struct env_md_st *EVP_sha2_512 __P((void)); - -#ifdef __cplusplus -} -#endif /* __cplusplus */ - -#endif /* __SHA2_H__ */ - diff --git a/eaytest.tproj/str2val.c b/eaytest.tproj/str2val.c deleted file mode 100644 index 72aee51..0000000 --- a/eaytest.tproj/str2val.c +++ /dev/null @@ -1,122 +0,0 @@ -/* $KAME: str2val.c,v 1.10 2001/04/03 15:51:57 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include - -#include "str2val.h" -#include "gcmalloc.h" - -/* - * exchange a value to a hex string. - * must free buffer allocated later. - */ -caddr_t -val2str(buf, mlen) - const char *buf; - size_t mlen; -{ - caddr_t new; - size_t len = (mlen * 2) + mlen / 8 + 10; - size_t i, j; - - if ((new = racoon_malloc(len)) == 0) return(0); - - for (i = 0, j = 0; i < mlen; i++) { - snprintf(&new[j], len - j, "%02x", (u_char)buf[i]); - j += 2; - if (i % 8 == 7) { - new[j++] = ' '; - new[j] = '\0'; - } - } - new[j] = '\0'; - - return(new); -} - -/* - * exchange a string based "base" to a value. - */ -char * -str2val(str, base, len) - const char *str; - int base; - size_t *len; -{ - int f; - size_t i; - char *dst; - char *rp; - const char *p; - char b[3]; - - i = 0; - for (p = str; *p != '\0'; p++) { - if (isxdigit(*p)) - i++; - else if (isspace(*p)) - ; - else - return NULL; - } - if (i == 0 || (i % 2) != 0) - return NULL; - i /= 2; - - if ((dst = racoon_malloc(i)) == NULL) - return NULL; - - i = 0; - f = 0; - for (rp = dst, p = str; *p != '\0'; p++) { - if (isxdigit(*p)) { - if (!f) { - b[0] = *p; - f = 1; - } else { - b[1] = *p; - b[2] = '\0'; - *rp++ = (char)strtol(b, NULL, base); - i++; - f = 0; - } - } - } - - *len = i; - - return(dst); -} diff --git a/eaytest.tproj/str2val.h b/eaytest.tproj/str2val.h deleted file mode 100644 index 15f5245..0000000 --- a/eaytest.tproj/str2val.h +++ /dev/null @@ -1,33 +0,0 @@ -/* $KAME: str2val.h,v 1.5 2000/10/04 17:41:04 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -extern caddr_t val2str __P((const char *, size_t)); -extern char *str2val __P((const char *, int, size_t *)); diff --git a/eaytest.tproj/vmbuf.c b/eaytest.tproj/vmbuf.c deleted file mode 100644 index cdb4110..0000000 --- a/eaytest.tproj/vmbuf.c +++ /dev/null @@ -1,115 +0,0 @@ -/* $KAME: vmbuf.c,v 1.10 2001/04/03 15:51:57 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define NONEED_DRM -#include -#include - -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "debug.h" -#include "gcmalloc.h" - -vchar_t * -vmalloc(size) - size_t size; -{ - vchar_t *var; - - if ((var = (vchar_t *)racoon_malloc(sizeof(*var))) == NULL) - return NULL; - - var->l = size; - var->v = (caddr_t)racoon_calloc(1, size); - if (var->v == NULL) { - (void)racoon_free(var); - return NULL; - } - - return var; -} - -vchar_t * -vrealloc(ptr, size) - vchar_t *ptr; - size_t size; -{ - caddr_t v; - - if (ptr != NULL) { - if ((v = (caddr_t)racoon_realloc(ptr->v, size)) == NULL) { - (void)vfree(ptr); - return NULL; - } - memset(v + ptr->l, 0, size - ptr->l); - ptr->v = v; - ptr->l = size; - } else { - if ((ptr = vmalloc(size)) == NULL) - return NULL; - } - - return ptr; -} - -void -vfree(var) - vchar_t *var; -{ - if (var == NULL) - return; - - if (var->v) - (void)racoon_free(var->v); - - (void)racoon_free(var); - - return; -} - -vchar_t * -vdup(src) - vchar_t *src; -{ - vchar_t *new; - - if ((new = vmalloc(src->l)) == NULL) - return NULL; - - memcpy(new->v, src->v, src->l); - - return new; -} diff --git a/eaytest.tproj/vmbuf.h b/eaytest.tproj/vmbuf.h deleted file mode 100644 index 2ebdb3f..0000000 --- a/eaytest.tproj/vmbuf.h +++ /dev/null @@ -1,63 +0,0 @@ -/* $KAME: vmbuf.h,v 1.7 2000/10/04 17:41:05 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * bp v - * v v - * ........................ - * <--------------> l - * <----------------------> bl - */ -typedef struct _vchar_t_ { -#if notyet - u_int32_t t; /* type of the value */ - vchar_t *n; /* next vchar_t buffer */ - size_t bl; /* length of the buffer */ - caddr_t bp; /* pointer to the buffer */ -#endif - size_t l; /* length of the value */ - caddr_t v; /* place holder to the pointer to the value */ -} vchar_t; - -#define VPTRINIT(p) \ -do { \ - if (p) { \ - vfree(p); \ - (p) = NULL; \ - } \ -} while(0); - -#define vfree vmbuf_free - -extern vchar_t *vmalloc __P((size_t)); -extern vchar_t *vrealloc __P((vchar_t *, size_t)); -extern void vfree __P((vchar_t *)); -extern vchar_t *vdup __P((vchar_t *)); diff --git a/ifconfig.tproj/Makefile.preamble b/ifconfig.tproj/Makefile.preamble index 1c986d6..467e5eb 100644 --- a/ifconfig.tproj/Makefile.preamble +++ b/ifconfig.tproj/Makefile.preamble @@ -1,3 +1,3 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include -OTHER_CFLAGS += -DUSE_IF_MEDIA -DINET6 -DNO_IPX -DUSE_VLANS -DUSE_BONDS +OTHER_CFLAGS += -DUSE_IF_MEDIA -DINET6 -DNO_IPX -DUSE_VLANS -DUSE_BONDS -mdynamic-no-pic diff --git a/ifconfig.tproj/ifbond.c b/ifconfig.tproj/ifbond.c index 6a3fc5b..21858a6 100644 --- a/ifconfig.tproj/ifbond.c +++ b/ifconfig.tproj/ifbond.c @@ -103,6 +103,8 @@ bond_status(int s, struct rt_addrinfo * info __unused) struct if_bond_req ibr; struct if_bond_status * ibs_p; struct if_bond_status_req * ibsr_p; + char mode_buf[16]; + const char * mode_str; bzero((char *)&ibr, sizeof(ibr)); ibr.ibr_op = IF_BOND_OP_GET_STATUS; @@ -114,10 +116,23 @@ bond_status(int s, struct rt_addrinfo * info __unused) if (ioctl(s, SIOCGIFBOND, (caddr_t)&ifr) < 0) { return; } + switch (ibsr_p->ibsr_mode) { + case IF_BOND_MODE_LACP: + mode_str = "lacp"; + break; + case IF_BOND_MODE_STATIC: + mode_str = "static"; + break; + default: + snprintf(mode_buf, sizeof(mode_buf), "%d", ibsr_p->ibsr_mode); + mode_str = mode_buf; + break; + } if (ibsr_p->ibsr_total == 0) { if (bond_details) { - printf("\tbond key: 0x%04x interfaces: \n", - ibsr_p->ibsr_key); + printf("\tbond mode: %s\n" + "\tbond key: 0x%04x interfaces: ", + mode_str, ibsr_p->ibsr_key); } else { printf("\tbond interfaces: \n"); @@ -135,8 +150,9 @@ bond_status(int s, struct rt_addrinfo * info __unused) } if (ibsr_p->ibsr_total > 0) { if (bond_details) { - printf("\tbond key: 0x%04x interfaces:", - ibsr_p->ibsr_key); + printf("\tbond mode: %s\n" + "\tbond key: 0x%04x interfaces:", + mode_str, ibsr_p->ibsr_key); } else { printf("\tbond interfaces:"); @@ -157,8 +173,9 @@ bond_status(int s, struct rt_addrinfo * info __unused) } } else if (bond_details) { - printf("\tbond key: 0x%04x interfaces: \n", - ibsr_p->ibsr_key); + printf("\tbond mode: %s\n" + "\tbond key: 0x%04x interfaces: \n", + mode_str, ibsr_p->ibsr_key); } else { printf("\tbond interfaces: \n"); @@ -207,3 +224,39 @@ unsetbonddev(const char *val, int d, int s, const struct afswtch * afp) return; } +void +setbondmode(const char *val, int d, int s, const struct afswtch * afp) +{ + struct if_bond_req ibr; + int mode; + + if (strcmp(val, "lacp") == 0) { + mode = IF_BOND_MODE_LACP; + } + else if (strcmp(val, "static") == 0) { + mode = IF_BOND_MODE_STATIC; + } + else { + mode = strtoul(val, NULL, 0); + if (errno != 0) { + errx(1, "invalid mode value " + "(must be either \"lacp\" or \"static\")"); + } + } + + bzero((char *)&ibr, sizeof(ibr)); + if ((unsigned int)snprintf(ibr.ibr_ibru.ibru_if_name, + sizeof(ibr.ibr_ibru.ibru_if_name), + "%s", val) >= IFNAMSIZ) { + errx(1, "interface name too long"); + } + ibr.ibr_op = IF_BOND_OP_SET_MODE; + ibr.ibr_ibru.ibru_int_val = mode; + ifr.ifr_data = (caddr_t)&ibr; + if (ioctl(s, SIOCSIFBOND, (caddr_t)&ifr) == -1) + err(1, "SIOCSIFBOND set mode"); + + return; +} + + diff --git a/ifconfig.tproj/ifconfig.8 b/ifconfig.tproj/ifconfig.8 index 348d63b..63a5292 100644 --- a/ifconfig.tproj/ifconfig.8 +++ b/ifconfig.tproj/ifconfig.8 @@ -89,6 +89,10 @@ .Ar interface .Cm -bonddev .Ar iface +.Nm +.Ar interface +.Cm bondmode +.Ar lacp | static .Sh DESCRIPTION .Nm Ifconfig is used to assign an address @@ -216,8 +220,10 @@ Disable the use of the Address Resolution Protocol .It Cm bonddev Ar iface If the interface is a bond pseudo device, associate physical interface .Ar iface -with it. The bond pseudo device conforms -to the IEEE 802.3ad Link Aggregation specification. +with it. By default, the bond pseudo device is in LACP +(Link Aggregation Control Protocol) mode (see \fBbondmode\fR below). In +this mode, the device conforms to the IEEE 802.3ad Link Aggregation +specification. .Pp If this is the first physical interface to be associated with the bond interface, the bond interface inherits the ethernet address from the @@ -270,6 +276,22 @@ no longer aggregatable. If the physical .Ar iface is the last interface in the bond, the bond interface clears its link address. +.It bondmode Ar lacp | static +If the interface is a bond pseudo device, this option will set the \fImode\fR +on the bond interface. The two currently supported modes are +.Ar lacp +and +.Ar static . +The default mode is +.Ar lacp . +.Pp +To enable static mode (and turn off LACP), specify +.Ar static . +In static mode, a member interface is made an active part of the +link aggregate as long as the link status is active. +.Pp +To re-enable LACP mode, specify +.Ar lacp . .It Cm broadcast (Inet only.) Specify the address to use to represent broadcasts to the @@ -598,6 +620,15 @@ Only the super-user may modify the configuration of a network interface. .Sh NOTES The media selection system is relatively new and only some drivers support it (or have need for it). +.Pp +.Nm ifconfig +does not change the network settings permanently, it should be used only in a test and debug context. +The permanent network settings can be modified using the Network Preferences pane. +In addition on Mac OS X Server the permanent network settings can be changed with the +.Xr networksetup 8 +command. +Otherwise public APIs in the SystemConfiguration framework are currently the only supported +way to access and control the state of network settings. .Sh DIAGNOSTICS Messages indicating the specified interface does not exist, the requested address is unknown, or the user is not privileged and @@ -615,6 +646,9 @@ So, such manual deletions are strongly discouraged. .\" .Xr eon 5 , .Xr rc 8 , .Xr routed 8 +.Pp +.Xr networksetup 8 +on Mac OS X Server .Sh HISTORY The .Nm diff --git a/ifconfig.tproj/ifconfig.c b/ifconfig.tproj/ifconfig.c index 09f5c33..e4904d8 100644 --- a/ifconfig.tproj/ifconfig.c +++ b/ifconfig.tproj/ifconfig.c @@ -235,6 +235,7 @@ struct cmd { #ifdef USE_BONDS { "bonddev", NEXTARG, setbonddev }, { "-bonddev", NEXTARG, unsetbonddev }, + { "bondmode", NEXTARG, setbondmode }, #endif #if 0 /* XXX `create' special-cased below */ diff --git a/ifconfig.tproj/ifconfig.h b/ifconfig.tproj/ifconfig.h index 39fbc02..de31ef1 100644 --- a/ifconfig.tproj/ifconfig.h +++ b/ifconfig.tproj/ifconfig.h @@ -50,6 +50,7 @@ extern void setvlandev(const char *, int, int, const struct afswtch *rafp); extern void unsetvlandev(const char *, int, int, const struct afswtch *rafp); extern void vlan_status(int s, struct rt_addrinfo *); -extern void setbonddev(const char *, int, int,const struct afswtch * rafp); +extern void setbonddev(const char *, int, int, const struct afswtch * rafp); extern void unsetbonddev(const char *, int, int, const struct afswtch * rafp); +extern void setbondmode(const char *, int, int, const struct afswtch * rafp); extern void bond_status(int s, struct rt_addrinfo *); diff --git a/ip6conf.tproj/Makefile.preamble b/ip6conf.tproj/Makefile.preamble index 6e6f709..387cf80 100644 --- a/ip6conf.tproj/Makefile.preamble +++ b/ip6conf.tproj/Makefile.preamble @@ -1,3 +1,4 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include AFTER_INSTALL += install-man-page install-config-file install-script +OTHER_CFLAGS += -mdynamic-no-pic diff --git a/ip6fw.tproj/Makefile.preamble b/ip6fw.tproj/Makefile.preamble index a4606c6..3bb2a83 100644 --- a/ip6fw.tproj/Makefile.preamble +++ b/ip6fw.tproj/Makefile.preamble @@ -138,3 +138,4 @@ DSTROOT = $(HOME) AFTER_INSTALL += install-man-page +OTHER_CFLAGS += -mdynamic-no-pic diff --git a/ip6fw.tproj/ip6fw.c b/ip6fw.tproj/ip6fw.c index f54b916..7f78a9f 100644 --- a/ip6fw.tproj/ip6fw.c +++ b/ip6fw.tproj/ip6fw.c @@ -16,7 +16,7 @@ * * NEW command line interface for IP firewall facility * - * $Id: ip6fw.c,v 1.2 2003/02/28 07:01:29 mscopp Exp $ + * $Id: ip6fw.c,v 1.3 2006/02/07 06:22:17 lindak Exp $ * $FreeBSD: src/sbin/ip6fw/ip6fw.c,v 1.1.2.6 2001/08/01 06:52:18 obrien Exp $ */ @@ -417,7 +417,8 @@ list(ac, av) struct ip6_fw *r, *rules; int l,i; unsigned long rulenum; - int nalloc, bytes, maxbytes; + int nalloc, maxbytes; + socklen_t bytes; /* extract rules from kernel, resizing array as necessary */ rules = NULL; @@ -548,7 +549,7 @@ fill_ip6(ipno, mask, acp, avp) *p++ = '\0'; } - if (lookup_host(*av, ipno, AF_INET6) != 0) + if (lookup_host(*av, (u_char *)ipno, AF_INET6) != 0) show_usage("hostname ``%s'' unknown", *av); switch (md) { case '/': diff --git a/ipfw.tproj/Makefile.preamble b/ipfw.tproj/Makefile.preamble index a4606c6..809ab68 100644 --- a/ipfw.tproj/Makefile.preamble +++ b/ipfw.tproj/Makefile.preamble @@ -138,3 +138,4 @@ DSTROOT = $(HOME) AFTER_INSTALL += install-man-page +OTHER_CFLAGS = -mdynamic-no-pic diff --git a/ipfw.tproj/ipfw.8 b/ipfw.tproj/ipfw.8 index 71f6bec..fc2c343 100644 --- a/ipfw.tproj/ipfw.8 +++ b/ipfw.tproj/ipfw.8 @@ -72,30 +72,6 @@ firewall and the traffic shaper in .Fx . .Pp -.Bd -ragged -offset XXXX -.Em NOTE: -this manual page documents the newer version of -.Nm -introduced in -.Fx -CURRENT in July 2002, also known as -.Nm ipfw2 . -.Nm ipfw2 -is a superset of the old firewall, -.Nm ipfw1 . -The differences between the two are listed in Section -.Sx IPFW2 ENHANCEMENTS , -which you are encouraged to read to revise older rulesets and possibly -write them more efficiently. -See Section -.Sx USING IPFW2 IN FreeBSD-STABLE -for instructions on how to run -.Nm ipfw2 -on -.Fx -STABLE. -.Ed -.Pp An .Nm configuration, or @@ -1724,27 +1700,6 @@ Controls whether bridged packets are passed to .Nm . Default is no. .El -.Sh USING IPFW2 IN FreeBSD-STABLE -.Nm ipfw2 -is standard in -.Fx -CURRENT, whereas -.Fx -STABLE still uses -.Nm ipfw1 -unless the kernel is compiled with -.Cm options IPFW2 , -and -.Nm /sbin/ipfw -and -.Nm /usr/lib/libalias -are recompiled with -.Cm -DIPFW2 -and reinstalled (the same effect can be achieved by adding -.Cm IPFW2=TRUE -to -.Nm /etc/make.conf -before a buildworld). .Pp .Sh IPFW2 ENHANCEMENTS This Section lists the features that have been introduced in diff --git a/ipfw.tproj/ipfw2.c b/ipfw.tproj/ipfw2.c index 87b48ac..5c0501e 100644 --- a/ipfw.tproj/ipfw2.c +++ b/ipfw.tproj/ipfw2.c @@ -1277,11 +1277,11 @@ show_ipfw(struct ip_fw *rule, int pcwidth, int bcwidth) break; case O_TCPACK: - printf(" tcpack %ld", ntohl(cmd32->d[0])); + printf(" tcpack %d", ntohl(cmd32->d[0])); break; case O_TCPSEQ: - printf(" tcpseq %ld", ntohl(cmd32->d[0])); + printf(" tcpseq %d", ntohl(cmd32->d[0])); break; case O_UID: @@ -2488,7 +2488,7 @@ end_mask: break; default: - errx(EX_DATAERR, "unrecognised option ``%s''", *av); + errx(EX_DATAERR, "unrecognised option ``%s''", *(--av)); } } if (do_pipe == 1) { diff --git a/ipsec/Makefile b/ipsec/Makefile deleted file mode 100644 index 5bb77a0..0000000 --- a/ipsec/Makefile +++ /dev/null @@ -1,61 +0,0 @@ -# -# Generated by the Apple Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = ipsec - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Library - -HFILES = ipsec_strerror.h libpfkey.h key_debug.h - -OTHERLINKED = policy_parse.y policy_token.l - -CFILES = ipsec_dump_policy.c ipsec_get_policylen.c ipsec_strerror.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble\ - ipsec_set_policy.3 ipsec_strerror.3 - -OTHERLINKEDOFILES = policy_parse.o policy_token.o - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CURRENTLY_ACTIVE_VERSION = YES -DEPLOY_WITH_VERSION_NAME = A -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = library.make -NEXTSTEP_INSTALLDIR = /usr/lib -WINDOWS_INSTALLDIR = /Developer/Libraries -PDO_UNIX_INSTALLDIR = /lib -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - -NEXTSTEP_PUBLIC_HEADERS_DIR = /Developer/Headers/$(NAME) - -WINDOWS_PUBLIC_HEADERS_DIR = /Developer/Headers/$(NAME) - -PDO_UNIX_PUBLIC_HEADERS_DIR = /Developer/Headers/$(NAME) - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(JDKBINDIR)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/ipsec/Makefile.postamble b/ipsec/Makefile.postamble deleted file mode 100644 index 09dfa14..0000000 --- a/ipsec/Makefile.postamble +++ /dev/null @@ -1,104 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGES: langages in which the project is written (default "English") -# English_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -install-man-page: - install -d "$(DSTROOT)/usr/share/man/man3" - install -c -m 644 ipsec_set_policy.3 "$(DSTROOT)/usr/share/man/man3/ipsec_set_policy.3" - install -c -m 644 ipsec_strerror.3 "$(DSTROOT)/usr/share/man/man3/ipsec_strerror.3" diff --git a/ipsec/Makefile.preamble b/ipsec/Makefile.preamble deleted file mode 100644 index 87c2727..0000000 --- a/ipsec/Makefile.preamble +++ /dev/null @@ -1,141 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex -LOCAL_CFLAGS=-g -DIPSEC_DEBUG -DIPSEC -DINET6 -LOCAL_YFLAGS=-d -p __libipsecyy -LOCAL_LFLAGS=-P__libipsecyy -olex.yy.c - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. -AFTER_INSTALL += install-man-page - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. For library projects you should -# set this to something like /Developer/Headers/$(NAME). Do not set -# this variable for framework projects unless you do not want the -# header files included in the framework. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. This defaults to -# DYNAMIC. -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSIONS: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -# Uncomment to suppress generation of a KeyValueCoding index when installing -# frameworks (This index is used by WOB and IB to determine keys available -# for an object). Set to YES by default. -# PREINDEX_FRAMEWORK = NO - -# Change this definition to install projects somewhere other than the -# standard locations. NEXT_ROOT defaults to "C:/Apple" on Windows systems -# and "" on other systems. -DSTROOT = $(HOME) diff --git a/ipsec/PB.project b/ipsec/PB.project deleted file mode 100644 index cf372f6..0000000 --- a/ipsec/PB.project +++ /dev/null @@ -1,43 +0,0 @@ -{ - CURRENTLY_ACTIVE_VERSION = YES; - DEPLOY_WITH_VERSION_NAME = A; - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (ipsec_strerror.h, libpfkey.h, key_debug.h); - OTHER_LINKED = ( - ipsec_dump_policy.c, - ipsec_get_policylen.c, - ipsec_strerror.c, - policy_parse.y, - policy_token.l - ); - OTHER_SOURCES = ( - Makefile.preamble, - Makefile, - Makefile.postamble, - ipsec_set_policy.3, - ipsec_strerror.3 - ); - }; - LANGUAGE = English; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /lib; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - NEXTSTEP_PUBLICHEADERSDIR = "/Developer/Headers/$(NAME)"; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_INSTALLDIR = /lib; - PDO_UNIX_JAVA_COMPILER = "$(JDKBINDIR)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PDO_UNIX_PUBLICHEADERSDIR = "/Developer/Headers/$(NAME)"; - PROJECTNAME = ipsec; - PROJECTTYPE = Library; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_INSTALLDIR = /Developer/Libraries; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; - WINDOWS_PUBLICHEADERSDIR = "/Developer/Headers/$(NAME)"; -} diff --git a/ipsec/ipsec_dump_policy.c b/ipsec/ipsec_dump_policy.c deleted file mode 100644 index 200a654..0000000 --- a/ipsec/ipsec_dump_policy.c +++ /dev/null @@ -1,306 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/ipsec_dump_policy.c,v 1.1.2.1 2000/07/15 07:24:04 kris Exp $ */ -/* $KAME: ipsec_dump_policy.c,v 1.11 2000/05/07 05:29:47 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include - -#include - -#include -#include -#include -#include - -#include "ipsec_strerror.h" - -static const char *ipsp_dir_strs[] = { - "any", "in", "out", -}; - -static const char *ipsp_policy_strs[] = { - "discard", "none", "ipsec", "entrust", "bypass", -}; - -static char *ipsec_dump_ipsecrequest __P((char *, size_t, - struct sadb_x_ipsecrequest *, size_t)); -static int set_addresses __P((char *, size_t, struct sockaddr *, - struct sockaddr *)); -static char *set_address __P((char *, size_t, struct sockaddr *)); - -/* - * policy is sadb_x_policy buffer. - * Must call free() later. - * When delimiter == NULL, alternatively ' '(space) is applied. - */ -char * -ipsec_dump_policy(policy, delimiter) - caddr_t policy; - char *delimiter; -{ - struct sadb_x_policy *xpl = (struct sadb_x_policy *)policy; - struct sadb_x_ipsecrequest *xisr; - size_t off, buflen; - char *buf; - char isrbuf[1024]; - char *newbuf; - - /* sanity check */ - if (policy == NULL) - return NULL; - if (xpl->sadb_x_policy_exttype != SADB_X_EXT_POLICY) { - __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; - return NULL; - } - - /* set delimiter */ - if (delimiter == NULL) - delimiter = " "; - - switch (xpl->sadb_x_policy_dir) { - case IPSEC_DIR_ANY: - case IPSEC_DIR_INBOUND: - case IPSEC_DIR_OUTBOUND: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_DIR; - return NULL; - } - - switch (xpl->sadb_x_policy_type) { - case IPSEC_POLICY_DISCARD: - case IPSEC_POLICY_NONE: - case IPSEC_POLICY_IPSEC: - case IPSEC_POLICY_BYPASS: - case IPSEC_POLICY_ENTRUST: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_POLICY; - return NULL; - } - - buflen = strlen(ipsp_dir_strs[xpl->sadb_x_policy_dir]) - + 1 /* space */ - + strlen(ipsp_policy_strs[xpl->sadb_x_policy_type]) - + 1; /* NUL */ - - if ((buf = malloc(buflen)) == NULL) { - __ipsec_errcode = EIPSEC_NO_BUFS; - return NULL; - } - snprintf(buf, buflen, "%s %s", ipsp_dir_strs[xpl->sadb_x_policy_dir], - ipsp_policy_strs[xpl->sadb_x_policy_type]); - - if (xpl->sadb_x_policy_type != IPSEC_POLICY_IPSEC) { - __ipsec_errcode = EIPSEC_NO_ERROR; - return buf; - } - - /* count length of buffer for use */ - off = sizeof(*xpl); - while (off < PFKEY_EXTLEN(xpl)) { - xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xpl + off); - off += xisr->sadb_x_ipsecrequest_len; - } - - /* validity check */ - if (off != PFKEY_EXTLEN(xpl)) { - __ipsec_errcode = EIPSEC_INVAL_SADBMSG; - free(buf); - return NULL; - } - - off = sizeof(*xpl); - while (off < PFKEY_EXTLEN(xpl)) { - xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xpl + off); - - if (ipsec_dump_ipsecrequest(isrbuf, sizeof(isrbuf), xisr, - PFKEY_EXTLEN(xpl) - off) == NULL) { - free(buf); - return NULL; - } - - buflen = strlen(buf) + strlen(delimiter) + strlen(isrbuf) + 1; - newbuf = (char *)realloc(buf, buflen); - if (newbuf == NULL) { - __ipsec_errcode = EIPSEC_NO_BUFS; - free(buf); - return NULL; - } - buf = newbuf; - snprintf(buf, buflen, "%s%s%s", buf, delimiter, isrbuf); - - off += xisr->sadb_x_ipsecrequest_len; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return buf; -} - -static char * -ipsec_dump_ipsecrequest(buf, len, xisr, bound) - char *buf; - size_t len; - struct sadb_x_ipsecrequest *xisr; - size_t bound; /* boundary */ -{ - const char *proto, *mode, *level; - char abuf[NI_MAXHOST * 2 + 2]; - - if (xisr->sadb_x_ipsecrequest_len > bound) { - __ipsec_errcode = EIPSEC_INVAL_PROTO; - return NULL; - } - - switch (xisr->sadb_x_ipsecrequest_proto) { - case IPPROTO_ESP: - proto = "esp"; - break; - case IPPROTO_AH: - proto = "ah"; - break; - case IPPROTO_IPCOMP: - proto = "ipcomp"; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_PROTO; - return NULL; - } - - switch (xisr->sadb_x_ipsecrequest_mode) { - case IPSEC_MODE_ANY: - mode = "any"; - break; - case IPSEC_MODE_TRANSPORT: - mode = "transport"; - break; - case IPSEC_MODE_TUNNEL: - mode = "tunnel"; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_MODE; - return NULL; - } - - abuf[0] = '\0'; - if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { - struct sockaddr *sa1, *sa2; - caddr_t p; - - p = (caddr_t)(xisr + 1); - sa1 = (struct sockaddr *)p; - sa2 = (struct sockaddr *)(p + sa1->sa_len); - if (sizeof(*xisr) + sa1->sa_len + sa2->sa_len != - xisr->sadb_x_ipsecrequest_len) { - __ipsec_errcode = EIPSEC_INVAL_ADDRESS; - return NULL; - } - if (set_addresses(abuf, sizeof(abuf), sa1, sa2) != 0) { - __ipsec_errcode = EIPSEC_INVAL_ADDRESS; - return NULL; - } - } - - switch (xisr->sadb_x_ipsecrequest_level) { - case IPSEC_LEVEL_DEFAULT: - level = "default"; - break; - case IPSEC_LEVEL_USE: - level = "use"; - break; - case IPSEC_LEVEL_REQUIRE: - level = "require"; - break; - case IPSEC_LEVEL_UNIQUE: - level = "unique"; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_LEVEL; - return NULL; - } - - if (xisr->sadb_x_ipsecrequest_reqid == 0) - snprintf(buf, len, "%s/%s/%s/%s", proto, mode, abuf, level); - else { - int ch; - - if (xisr->sadb_x_ipsecrequest_reqid > IPSEC_MANUAL_REQID_MAX) - ch = '#'; - else - ch = ':'; - snprintf(buf, len, "%s/%s/%s/%s%c%d", proto, mode, abuf, level, - ch, xisr->sadb_x_ipsecrequest_reqid); - } - - return buf; -} - -static int -set_addresses(buf, len, sa1, sa2) - char *buf; - size_t len; - struct sockaddr *sa1; - struct sockaddr *sa2; -{ - char tmp1[NI_MAXHOST], tmp2[NI_MAXHOST]; - - if (set_address(tmp1, sizeof(tmp1), sa1) == NULL || - set_address(tmp2, sizeof(tmp2), sa2) == NULL) - return -1; - if (strlen(tmp1) + 1 + strlen(tmp2) + 1 > len) - return -1; - snprintf(buf, len, "%s-%s", tmp1, tmp2); - return 0; -} - -static char * -set_address(buf, len, sa) - char *buf; - size_t len; - struct sockaddr *sa; -{ -#ifdef NI_WITHSCOPEID - const int niflags = NI_NUMERICHOST | NI_WITHSCOPEID; -#else - const int niflags = NI_NUMERICHOST; -#endif - - if (len < 1) - return NULL; - buf[0] = '\0'; - if (getnameinfo(sa, sa->sa_len, buf, len, NULL, 0, niflags) != 0) - return NULL; - return buf; -} diff --git a/ipsec/ipsec_get_policylen.c b/ipsec/ipsec_get_policylen.c deleted file mode 100644 index 3713cb8..0000000 --- a/ipsec/ipsec_get_policylen.c +++ /dev/null @@ -1,47 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/ipsec_get_policylen.c,v 1.1.2.1 2000/07/15 07:24:04 kris Exp $ */ -/* $KAME: ipsec_get_policylen.c,v 1.5 2000/05/07 05:25:03 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include - -#include - -#include - -#include "ipsec_strerror.h" - -int -ipsec_get_policylen(policy) - caddr_t policy; -{ - return policy ? PFKEY_EXTLEN(policy) : -1; -} diff --git a/ipsec/ipsec_set_policy.3 b/ipsec/ipsec_set_policy.3 deleted file mode 100644 index a13c30a..0000000 --- a/ipsec/ipsec_set_policy.3 +++ /dev/null @@ -1,274 +0,0 @@ -.\" $KAME: ipsec_set_policy.3,v 1.14 2001/04/06 07:00:46 itojun Exp $ -.\" $FreeBSD: src/lib/libipsec/ipsec_set_policy.3,v 1.3.2.7 2001/08/17 15:42:59 ru Exp $ -.\" -.\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of the project nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd May 5, 1998 -.Dt IPSEC_SET_POLICY 3 -.Os -.Sh NAME -.Nm ipsec_set_policy , -.Nm ipsec_get_policylen , -.Nm ipsec_dump_policy -.Nd manipulate IPsec policy specification structure from readable string -.\" -.Sh LIBRARY -.Lb libipsec -.Sh SYNOPSIS -.Fd #include -.Ft "char *" -.Fn ipsec_set_policy "char *policy" "int len" -.Ft int -.Fn ipsec_get_policylen "char *buf" -.Ft "char *" -.Fn ipsec_dump_policy "char *buf" "char *delim" -.Sh DESCRIPTION -.Fn ipsec_set_policy -generates IPsec policy specification structure, namely -.Li struct sadb_x_policy -and/or -.Li struct sadb_x_ipsecrequest -from human-readable policy specification. -Policy specification must be given as C string -.Fa policy -and length -.Fa len -of -.Fa policy . -.Fn ipsec_set_policy -will return the buffer of IPsec policy specification structure. -.Pp -You may want the length of the generated buffer such when calling -.Xr setsockopt 2 . -.Fn ipsec_get_policylen -will return the length. -.Pp -.Fn ipsec_dump_policy -converts IPsec policy structure into readable form. -Therefore, -.Fn ipsec_dump_policy -can be regarded as inverse conversion of -.Fn ipsec_set_policy . -.Fa buf -points to a IPsec policy structure, -.Li struct sadb_x_policy . -.Fa delim -is a delimiter string, which is usually a blank character. -If you set -.Fa delim -to -.Dv NULL , -single whitespace is assumed. -.Fn ipsec_dump_policy -returns pointer to dynamically allocated string. -It is caller's responsibility to reclaim the region, by using -.Xr free 3 . -.Pp -.Fa policy -is formatted as either of the following: -.Bl -tag -width "discard" -.It Ar direction Li discard -.Ar direction -must be -.Li in -or -.Li out . -.Ar direction -specifies which direction the policy needs to be applied. -With -.Li discard -policy, packets will be dropped if they match the policy. -.It Ar direction Li entrust -.Li entrust -means to consult to SPD defined by -.Xr setkey 8 . -.It Ar direction Li bypass -.Li bypass -means to be bypassed the IPsec processing. -(packet will be transmitted in clear). -This is for privileged socket. -.It Xo -.Ar direction -.Li ipsec -.Ar request ... -.Xc -.Li ipsec -means that the matching packets are subject to IPsec processing. -.Li ipsec -can be followed by one or more -.Ar request -string, which is formatted as below: -.Bl -tag -width "discard" -.It Xo -.Ar protocol -.Li / -.Ar mode -.Li / -.Ar src -.Li - -.Ar dst -.Op Ar /level -.Xc -.Ar protocol -is either -.Li ah , -.Li esp -or -.Li ipcomp . -.Pp -.Ar mode -is either -.Li transport -or -.Li tunnel . -.Pp -.Ar src -and -.Ar dst -specifies IPsec endpoint. -.Ar src -always means -.Dq sending node -and -.Ar dst -always means -.Dq receiving node . -Therefore, when -.Ar direction -is -.Li in , -.Ar dst -is this node -and -.Ar src -is the other node -(peer). -If -.Ar mode -is -.Li transport , -Both -.Ar src -and -.Ar dst -can be omited. -.Pp -.Ar level -must be set to one of the following: -.Li default , use , require -or -.Li unique . -.Li default -means that the kernel should consult the system default policy -defined by -.Xr sysctl 8 , -such as -.Li net.inet.ipsec.esp_trans_deflev . -See -.Xr ipsec 4 -regarding the system default. -.Li use -means that a relevant SA can be used when available, -since the kernel may perform IPsec operation against packets when possible. -In this case, packets can be transmitted in clear -(when SA is not available), -or encrypted -(when SA is available). -.Li require -means that a relevant SA is required, -since the kernel must perform IPsec operation against packets. -.Li unique -is the same as -.Li require , -but adds the restriction that the SA for outbound traffic is used -only for this policy. -You may need the identifier in order to relate the policy and the SA -when you define the SA by manual keying. -You can put the decimal number as the identifier after -.Li unique -like -.Li unique : number . -.Li number -must be between 1 and 32767 . -If the -.Ar request -string is kept unambiguous, -.Ar level -and slash prior to -.Ar level -can be omitted. -However, it is encouraged to specify them explicitly -to avoid unintended behaviors. -If -.Ar level -is omitted, it will be interpreted as -.Li default . -.El -.El -.Pp -Note that there is a bit difference of specification from -.Xr setkey 8 . -In specification by -.Xr setkey 8 , -both entrust and bypass are not used. -Refer to -.Xr setkey 8 -for detail. -.Pp -Here are several examples -(long lines are wrapped for readability): -.Bd -literal -offset indent -in discard -out ipsec esp/transport//require -in ipsec ah/transport//require -out ipsec esp/tunnel/10.1.1.2-10.1.1.1/use -in ipsec ipcomp/transport//use - esp/transport//use -.Ed -.Sh RETURN VALUES -.Fn ipsec_set_policy -returns a pointer to the allocated buffer of policy specification if successful; otherwise a NULL pointer is returned. -.Fn ipsec_get_policylen -returns with positive value -(meaning the buffer size) -on success, and negative value on errors. -.Fn ipsec_dump_policy -returns a pointer to dynamically allocated region on success, -and -.Dv NULL -on errors. -.Sh SEE ALSO -.Xr ipsec_strerror 3 , -.Xr ipsec 4 , -.Xr setkey 8 -.Sh HISTORY -The functions first appeared in WIDE/KAME IPv6 protocol stack kit. -.Pp -IPv6 and IPsec support based on the KAME Project (http://www.kame.net/) stack -was initially integrated into -.Fx 4.0 diff --git a/ipsec/ipsec_strerror.3 b/ipsec/ipsec_strerror.3 deleted file mode 100644 index 3d3a9f1..0000000 --- a/ipsec/ipsec_strerror.3 +++ /dev/null @@ -1,82 +0,0 @@ -.\" $KAME: ipsec_strerror.3,v 1.8 2000/11/20 00:35:14 sakane Exp $ -.\" $FreeBSD: src/lib/libipsec/ipsec_strerror.3,v 1.2.2.5 2001/07/03 11:01:14 ume Exp $ -.\" -.\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of the project nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd May 6, 1998 -.Dt IPSEC_STRERROR 3 -.Os -.\" -.Sh NAME -.Nm ipsec_strerror -.Nd error message for IPsec policy manipulation library -.\" -.Sh SYNOPSIS -.Fd #include -.Ft "const char *" -.Fn ipsec_strerror -.\" -.Sh DESCRIPTION -.Pa netinet6/ipsec.h -declares -.Pp -.Dl extern int ipsec_errcode; -.Pp -which is used to pass an error code from IPsec policy manipulation library -to an user program. -.Fn ipsec_strerror -can be used to obtain the error message string for the error code. -.Pp -The array pointed to is not to be modified by the program. -Since -.Fn ipsec_strerror -uses -.Xr strerror 3 -as underlying function, calling -.Xr strerror 3 -after -.Fn ipsec_strerror -would make the return value from -.Fn ipsec_strerror -invalid, or overwritten. -.\" -.Sh RETURN VALUES -.Fn ipsec_strerror -always return a pointer to C string. -The C string must not be overwritten by user programs. -.\" -.Sh SEE ALSO -.Xr ipsec_set_policy 3 -.\" -.Sh HISTORY -.Fn ipsec_strerror -first appeared in WIDE/KAME IPv6 protocol stack kit. -.\" -.Sh BUGS -.Fn ipsec_strerror -will return its result which may be overwritten by subsequent calls. diff --git a/ipsec/ipsec_strerror.c b/ipsec/ipsec_strerror.c deleted file mode 100644 index a4fa9b7..0000000 --- a/ipsec/ipsec_strerror.c +++ /dev/null @@ -1,88 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/ipsec_strerror.c,v 1.1.2.2 2001/07/03 11:01:14 ume Exp $ */ -/* $KAME: ipsec_strerror.c,v 1.7 2000/07/30 00:45:12 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include - -#include -#include - -#include "ipsec_strerror.h" - -int __ipsec_errcode; - -static const char *ipsec_errlist[] = { -"Success", /*EIPSEC_NO_ERROR*/ -"Not supported", /*EIPSEC_NOT_SUPPORTED*/ -"Invalid argument", /*EIPSEC_INVAL_ARGUMENT*/ -"Invalid sadb message", /*EIPSEC_INVAL_SADBMSG*/ -"Invalid version", /*EIPSEC_INVAL_VERSION*/ -"Invalid security policy", /*EIPSEC_INVAL_POLICY*/ -"Invalid address specification", /*EIPSEC_INVAL_ADDRESS*/ -"Invalid ipsec protocol", /*EIPSEC_INVAL_PROTO*/ -"Invalid ipsec mode", /*EIPSEC_INVAL_MODE*/ -"Invalid ipsec level", /*EIPSEC_INVAL_LEVEL*/ -"Invalid SA type", /*EIPSEC_INVAL_SATYPE*/ -"Invalid message type", /*EIPSEC_INVAL_MSGTYPE*/ -"Invalid extension type", /*EIPSEC_INVAL_EXTTYPE*/ -"Invalid algorithm type", /*EIPSEC_INVAL_ALGS*/ -"Invalid key length", /*EIPSEC_INVAL_KEYLEN*/ -"Invalid address family", /*EIPSEC_INVAL_FAMILY*/ -"Invalid prefix length", /*EIPSEC_INVAL_PREFIXLEN*/ -"Invalid direciton", /*EIPSEC_INVAL_DIR*/ -"SPI range violation", /*EIPSEC_INVAL_SPI*/ -"No protocol specified", /*EIPSEC_NO_PROTO*/ -"No algorithm specified", /*EIPSEC_NO_ALGS*/ -"No buffers available", /*EIPSEC_NO_BUFS*/ -"Must get supported algorithms list first", /*EIPSEC_DO_GET_SUPP_LIST*/ -"Protocol mismatch", /*EIPSEC_PROTO_MISMATCH*/ -"Family mismatch", /*EIPSEC_FAMILY_MISMATCH*/ -"Too few arguments", /*EIPSEC_FEW_ARGUMENTS*/ -NULL, /*EIPSEC_SYSTEM_ERROR*/ -"Unknown error", /*EIPSEC_MAX*/ -}; - -const char *ipsec_strerror(void) -{ - if (__ipsec_errcode < 0 || __ipsec_errcode > EIPSEC_MAX) - __ipsec_errcode = EIPSEC_MAX; - - return ipsec_errlist[__ipsec_errcode]; -} - -void __ipsec_set_strerror(const char *str) -{ - __ipsec_errcode = EIPSEC_SYSTEM_ERROR; - ipsec_errlist[EIPSEC_SYSTEM_ERROR] = str; - - return; -} diff --git a/ipsec/ipsec_strerror.h b/ipsec/ipsec_strerror.h deleted file mode 100644 index da87324..0000000 --- a/ipsec/ipsec_strerror.h +++ /dev/null @@ -1,63 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/ipsec_strerror.h,v 1.1.2.2 2001/07/03 11:01:14 ume Exp $ */ -/* $KAME: ipsec_strerror.h,v 1.8 2000/07/30 00:45:12 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -extern int __ipsec_errcode; -extern void __ipsec_set_strerror __P((const char *)); - -#define EIPSEC_NO_ERROR 0 /*success*/ -#define EIPSEC_NOT_SUPPORTED 1 /*not supported*/ -#define EIPSEC_INVAL_ARGUMENT 2 /*invalid argument*/ -#define EIPSEC_INVAL_SADBMSG 3 /*invalid sadb message*/ -#define EIPSEC_INVAL_VERSION 4 /*invalid version*/ -#define EIPSEC_INVAL_POLICY 5 /*invalid security policy*/ -#define EIPSEC_INVAL_ADDRESS 6 /*invalid address specification*/ -#define EIPSEC_INVAL_PROTO 7 /*invalid ipsec protocol*/ -#define EIPSEC_INVAL_MODE 8 /*Invalid ipsec mode*/ -#define EIPSEC_INVAL_LEVEL 9 /*invalid ipsec level*/ -#define EIPSEC_INVAL_SATYPE 10 /*invalid SA type*/ -#define EIPSEC_INVAL_MSGTYPE 11 /*invalid message type*/ -#define EIPSEC_INVAL_EXTTYPE 12 /*invalid extension type*/ -#define EIPSEC_INVAL_ALGS 13 /*Invalid algorithm type*/ -#define EIPSEC_INVAL_KEYLEN 14 /*invalid key length*/ -#define EIPSEC_INVAL_FAMILY 15 /*invalid address family*/ -#define EIPSEC_INVAL_PREFIXLEN 16 /*SPI range violation*/ -#define EIPSEC_INVAL_DIR 17 /*Invalid direciton*/ -#define EIPSEC_INVAL_SPI 18 /*invalid prefixlen*/ -#define EIPSEC_NO_PROTO 19 /*no protocol specified*/ -#define EIPSEC_NO_ALGS 20 /*No algorithm specified*/ -#define EIPSEC_NO_BUFS 21 /*no buffers available*/ -#define EIPSEC_DO_GET_SUPP_LIST 22 /*must get supported algorithm first*/ -#define EIPSEC_PROTO_MISMATCH 23 /*protocol mismatch*/ -#define EIPSEC_FAMILY_MISMATCH 24 /*family mismatch*/ -#define EIPSEC_FEW_ARGUMENTS 25 /*Too few arguments*/ -#define EIPSEC_SYSTEM_ERROR 26 /*system error*/ -#define EIPSEC_MAX 27 /*unknown error*/ diff --git a/ipsec/key_debug.h b/ipsec/key_debug.h deleted file mode 100644 index 7620da5..0000000 --- a/ipsec/key_debug.h +++ /dev/null @@ -1,95 +0,0 @@ -/* $FreeBSD: src/sys/netkey/key_debug.h,v 1.5.2.2 2001/07/03 11:01:59 ume Exp $ */ -/* $KAME: key_debug.h,v 1.7 2000/07/04 04:08:16 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _NETKEY_KEY_DEBUG_H_ -#define _NETKEY_KEY_DEBUG_H_ - -#if !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG)) - -/* debug flags */ -#define KEYDEBUG_STAMP 0x00000001 /* path */ -#define KEYDEBUG_DATA 0x00000002 /* data */ -#define KEYDEBUG_DUMP 0x00000004 /* dump */ - -#define KEYDEBUG_KEY 0x00000010 /* key processing */ -#define KEYDEBUG_ALG 0x00000020 /* ciph & auth algorithm */ -#define KEYDEBUG_IPSEC 0x00000040 /* ipsec processing */ - -#define KEYDEBUG_KEY_STAMP (KEYDEBUG_KEY | KEYDEBUG_STAMP) -#define KEYDEBUG_KEY_DATA (KEYDEBUG_KEY | KEYDEBUG_DATA) -#define KEYDEBUG_KEY_DUMP (KEYDEBUG_KEY | KEYDEBUG_DUMP) -#define KEYDEBUG_ALG_STAMP (KEYDEBUG_ALG | KEYDEBUG_STAMP) -#define KEYDEBUG_ALG_DATA (KEYDEBUG_ALG | KEYDEBUG_DATA) -#define KEYDEBUG_ALG_DUMP (KEYDEBUG_ALG | KEYDEBUG_DUMP) -#define KEYDEBUG_IPSEC_STAMP (KEYDEBUG_IPSEC | KEYDEBUG_STAMP) -#define KEYDEBUG_IPSEC_DATA (KEYDEBUG_IPSEC | KEYDEBUG_DATA) -#define KEYDEBUG_IPSEC_DUMP (KEYDEBUG_IPSEC | KEYDEBUG_DUMP) - -#define KEYDEBUG(lev,arg) if ((key_debug_level & (lev)) == (lev)) { arg; } - -#ifdef _KERNEL -extern u_int32_t key_debug_level; -#endif /*_KERNEL*/ - -struct sadb_msg; -struct sadb_ext; -extern void kdebug_sadb __P((struct sadb_msg *)); -extern void kdebug_sadb_x_policy __P((struct sadb_ext *)); - -#ifdef _KERNEL -struct secpolicy; -struct secpolicyindex; -struct secasindex; -struct secasvar; -struct secreplay; -struct mbuf; -extern void kdebug_secpolicy __P((struct secpolicy *)); -extern void kdebug_secpolicyindex __P((struct secpolicyindex *)); -extern void kdebug_secasindex __P((struct secasindex *)); -extern void kdebug_secasv __P((struct secasvar *)); -extern void kdebug_mbufhdr __P((struct mbuf *)); -extern void kdebug_mbuf __P((struct mbuf *)); -#endif /*_KERNEL*/ - -struct sockaddr; -extern void kdebug_sockaddr __P((struct sockaddr *)); - -extern void ipsec_hexdump __P((caddr_t, int)); -extern void ipsec_bindump __P((caddr_t, int)); - -#else - -#define KEYDEBUG(lev,arg) - -#endif /*!defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG))*/ - -#endif /* _NETKEY_KEY_DEBUG_H_ */ diff --git a/ipsec/libpfkey.h b/ipsec/libpfkey.h deleted file mode 100644 index 28adea7..0000000 --- a/ipsec/libpfkey.h +++ /dev/null @@ -1,90 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/libpfkey.h,v 1.1.2.2 2001/07/03 11:01:14 ume Exp $ */ -/* $KAME: libpfkey.h,v 1.6 2001/03/05 18:22:17 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -struct sadb_msg; -extern void pfkey_sadump __P((struct sadb_msg *)); -extern void pfkey_spdump __P((struct sadb_msg *)); - -struct sockaddr; -struct sadb_alg; -int ipsec_check_keylen __P((u_int, u_int, u_int)); -int ipsec_check_keylen2 __P((u_int, u_int, u_int)); -int ipsec_get_keylen __P((u_int, u_int, struct sadb_alg *)); -u_int pfkey_set_softrate __P((u_int, u_int)); -u_int pfkey_get_softrate __P((u_int)); -int pfkey_send_getspi __P((int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int32_t, u_int32_t)); -int pfkey_send_update __P((int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int, - caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t, - u_int64_t, u_int64_t, u_int32_t)); -int pfkey_send_add __P((int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int, - caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t, - u_int64_t, u_int64_t, u_int32_t)); -int pfkey_send_delete __P((int, u_int, u_int, - struct sockaddr *, struct sockaddr *, u_int32_t)); -int pfkey_send_delete_all __P((int, u_int, u_int, - struct sockaddr *, struct sockaddr *)); -int pfkey_send_get __P((int, u_int, u_int, - struct sockaddr *, struct sockaddr *, u_int32_t)); -int pfkey_send_register __P((int, u_int)); -int pfkey_recv_register __P((int)); -int pfkey_set_supported __P((struct sadb_msg *, int)); -int pfkey_send_flush __P((int, u_int)); -int pfkey_send_dump __P((int, u_int)); -int pfkey_send_promisc_toggle __P((int, int)); -int pfkey_send_spdadd __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spdadd2 __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t, - caddr_t, int, u_int32_t)); -int pfkey_send_spdupdate __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spdupdate2 __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t, - caddr_t, int, u_int32_t)); -int pfkey_send_spddelete __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spddelete2 __P((int, u_int32_t)); -int pfkey_send_spdget __P((int, u_int32_t)); -int pfkey_send_spdsetidx __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spdflush __P((int)); -int pfkey_send_spddump __P((int)); - -int pfkey_open __P((void)); -void pfkey_close __P((int)); -struct sadb_msg *pfkey_recv __P((int)); -int pfkey_send __P((int, struct sadb_msg *, int)); -int pfkey_align __P((struct sadb_msg *, caddr_t *)); -int pfkey_check __P((caddr_t *)); diff --git a/ipsec/policy_parse.y b/ipsec/policy_parse.y deleted file mode 100644 index 65e7929..0000000 --- a/ipsec/policy_parse.y +++ /dev/null @@ -1,432 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/policy_parse.y,v 1.1.2.1 2000/07/15 07:24:04 kris Exp $ */ -/* $KAME: policy_parse.y,v 1.10 2000/05/07 05:25:03 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * IN/OUT bound policy configuration take place such below: - * in - * out - * - * is one of following: - * "discard", "none", "ipsec ", "entrust", "bypass", - * - * The following requests are accepted as : - * - * protocol/mode/src-dst/level - * protocol/mode/src-dst parsed as protocol/mode/src-dst/default - * protocol/mode/src-dst/ parsed as protocol/mode/src-dst/default - * protocol/transport parsed as protocol/mode/any-any/default - * protocol/transport//level parsed as protocol/mode/any-any/level - * - * You can concatenate these requests with either ' '(single space) or '\n'. - */ - -%{ -#include -#include -#include - -#include -#include - -#include -#include -#include -#include - -#include "ipsec_strerror.h" - -#define ATOX(c) \ - (isdigit(c) ? (c - '0') : (isupper(c) ? (c - 'A' + 10) : (c - 'a' + 10) )) - -static caddr_t pbuf = NULL; /* sadb_x_policy buffer */ -static int tlen = 0; /* total length of pbuf */ -static int offset = 0; /* offset of pbuf */ -static int p_dir, p_type, p_protocol, p_mode, p_level, p_reqid; -static struct sockaddr *p_src = NULL; -static struct sockaddr *p_dst = NULL; - -struct _val; -extern void yyerror __P((char *msg)); -static struct sockaddr *parse_sockaddr __P((struct _val *buf)); -static int rule_check __P((void)); -static int init_x_policy __P((void)); -static int set_x_request __P((struct sockaddr *src, struct sockaddr *dst)); -static int set_sockaddr __P((struct sockaddr *addr)); -static void policy_parse_request_init __P((void)); -static caddr_t policy_parse __P((char *msg, int msglen)); - -extern void __policy__strbuffer__init__ __P((char *msg)); -extern int yyparse __P((void)); -extern int yylex __P((void)); - -%} - -%union { - u_int num; - struct _val { - int len; - char *buf; - } val; -} - -%token DIR ACTION PROTOCOL MODE LEVEL LEVEL_SPECIFY -%token IPADDRESS -%token ME ANY -%token SLASH HYPHEN -%type DIR ACTION PROTOCOL MODE LEVEL -%type IPADDRESS LEVEL_SPECIFY - -%% -policy_spec - : DIR ACTION - { - p_dir = $1; - p_type = $2; - - if (init_x_policy()) - return -1; - } - rules - | DIR - { - p_dir = $1; - p_type = 0; /* ignored it by kernel */ - - if (init_x_policy()) - return -1; - } - ; - -rules - : /*NOTHING*/ - | rules rule { - if (rule_check() < 0) - return -1; - - if (set_x_request(p_src, p_dst) < 0) - return -1; - - policy_parse_request_init(); - } - ; - -rule - : protocol SLASH mode SLASH addresses SLASH level - | protocol SLASH mode SLASH addresses SLASH - | protocol SLASH mode SLASH addresses - | protocol SLASH mode SLASH - | protocol SLASH mode SLASH SLASH level - | protocol SLASH mode - | protocol SLASH { - __ipsec_errcode = EIPSEC_FEW_ARGUMENTS; - return -1; - } - | protocol { - __ipsec_errcode = EIPSEC_FEW_ARGUMENTS; - return -1; - } - ; - -protocol - : PROTOCOL { p_protocol = $1; } - ; - -mode - : MODE { p_mode = $1; } - ; - -level - : LEVEL { - p_level = $1; - p_reqid = 0; - } - | LEVEL_SPECIFY { - p_level = IPSEC_LEVEL_UNIQUE; - p_reqid = atol($1.buf); /* atol() is good. */ - } - ; - -addresses - : IPADDRESS { - p_src = parse_sockaddr(&$1); - if (p_src == NULL) - return -1; - } - HYPHEN - IPADDRESS { - p_dst = parse_sockaddr(&$4); - if (p_dst == NULL) - return -1; - } - | ME HYPHEN ANY { - if (p_dir != IPSEC_DIR_OUTBOUND) { - __ipsec_errcode = EIPSEC_INVAL_DIR; - return -1; - } - } - | ANY HYPHEN ME { - if (p_dir != IPSEC_DIR_INBOUND) { - __ipsec_errcode = EIPSEC_INVAL_DIR; - return -1; - } - } - /* - | ME HYPHEN ME - */ - ; - -%% - -void -yyerror(msg) - char *msg; -{ - extern char *__libipsecyytext; /*XXX*/ - - fprintf(stderr, "libipsec: %s while parsing \"%s\"\n", - msg, __libipsecyytext); - - return; -} - -static struct sockaddr * -parse_sockaddr(buf) - struct _val *buf; -{ - struct addrinfo hints, *res; - char *serv = NULL; - int error; - struct sockaddr *newaddr = NULL; - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_flags = AI_NUMERICHOST; - error = getaddrinfo(buf->buf, serv, &hints, &res); - if (error != 0) { - yyerror("invalid IP address"); - __ipsec_set_strerror(gai_strerror(error)); - return NULL; - } - - if (res->ai_addr == NULL) { - yyerror("invalid IP address"); - __ipsec_set_strerror(gai_strerror(error)); - return NULL; - } - - newaddr = malloc(res->ai_addr->sa_len); - if (newaddr == NULL) { - __ipsec_errcode = EIPSEC_NO_BUFS; - freeaddrinfo(res); - return NULL; - } - memcpy(newaddr, res->ai_addr, res->ai_addr->sa_len); - - freeaddrinfo(res); - - __ipsec_errcode = EIPSEC_NO_ERROR; - return newaddr; -} - -static int -rule_check() -{ - if (p_type == IPSEC_POLICY_IPSEC) { - if (p_protocol == IPPROTO_IP) { - __ipsec_errcode = EIPSEC_NO_PROTO; - return -1; - } - - if (p_mode != IPSEC_MODE_TRANSPORT - && p_mode != IPSEC_MODE_TUNNEL) { - __ipsec_errcode = EIPSEC_INVAL_MODE; - return -1; - } - - if (p_src == NULL && p_dst == NULL) { - if (p_mode != IPSEC_MODE_TRANSPORT) { - __ipsec_errcode = EIPSEC_INVAL_ADDRESS; - return -1; - } - } - else if (p_src->sa_family != p_dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -static int -init_x_policy() -{ - struct sadb_x_policy *p; - - tlen = sizeof(struct sadb_x_policy); - - pbuf = malloc(tlen); - if (pbuf == NULL) { - __ipsec_errcode = EIPSEC_NO_BUFS; - return -1; - } - p = (struct sadb_x_policy *)pbuf; - p->sadb_x_policy_len = 0; /* must update later */ - p->sadb_x_policy_exttype = SADB_X_EXT_POLICY; - p->sadb_x_policy_type = p_type; - p->sadb_x_policy_dir = p_dir; - p->sadb_x_policy_reserved = 0; - offset = tlen; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -static int -set_x_request(src, dst) - struct sockaddr *src, *dst; -{ - struct sadb_x_ipsecrequest *p; - int reqlen; - - reqlen = sizeof(*p) - + (src ? src->sa_len : 0) - + (dst ? dst->sa_len : 0); - tlen += reqlen; /* increment to total length */ - - pbuf = realloc(pbuf, tlen); - if (pbuf == NULL) { - __ipsec_errcode = EIPSEC_NO_BUFS; - return -1; - } - p = (struct sadb_x_ipsecrequest *)&pbuf[offset]; - p->sadb_x_ipsecrequest_len = reqlen; - p->sadb_x_ipsecrequest_proto = p_protocol; - p->sadb_x_ipsecrequest_mode = p_mode; - p->sadb_x_ipsecrequest_level = p_level; - p->sadb_x_ipsecrequest_reqid = p_reqid; - offset += sizeof(*p); - - if (set_sockaddr(src) || set_sockaddr(dst)) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -static int -set_sockaddr(addr) - struct sockaddr *addr; -{ - if (addr == NULL) { - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; - } - - /* tlen has already incremented */ - - memcpy(&pbuf[offset], addr, addr->sa_len); - - offset += addr->sa_len; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -static void -policy_parse_request_init() -{ - p_protocol = IPPROTO_IP; - p_mode = IPSEC_MODE_ANY; - p_level = IPSEC_LEVEL_DEFAULT; - p_reqid = 0; - if (p_src != NULL) { - free(p_src); - p_src = NULL; - } - if (p_dst != NULL) { - free(p_dst); - p_dst = NULL; - } - - return; -} - -static caddr_t -policy_parse(msg, msglen) - char *msg; - int msglen; -{ - int error; - pbuf = NULL; - tlen = 0; - - /* initialize */ - p_dir = IPSEC_DIR_INVALID; - p_type = IPSEC_POLICY_DISCARD; - policy_parse_request_init(); - __policy__strbuffer__init__(msg); - - error = yyparse(); /* it must be set errcode. */ - if (error) { - if (pbuf != NULL) - free(pbuf); - return NULL; - } - - /* update total length */ - ((struct sadb_x_policy *)pbuf)->sadb_x_policy_len = PFKEY_UNIT64(tlen); - - __ipsec_errcode = EIPSEC_NO_ERROR; - - return pbuf; -} - -caddr_t -ipsec_set_policy(msg, msglen) - char *msg; - int msglen; -{ - caddr_t policy; - - policy = policy_parse(msg, msglen); - if (policy == NULL) { - if (__ipsec_errcode == EIPSEC_NO_ERROR) - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return NULL; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return policy; -} - diff --git a/ipsec/policy_token.l b/ipsec/policy_token.l deleted file mode 100644 index 2a43057..0000000 --- a/ipsec/policy_token.l +++ /dev/null @@ -1,149 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/policy_token.l,v 1.2.2.2 2001/07/03 11:01:15 ume Exp $ */ -/* $KAME: policy_token.l,v 1.11 2000/12/01 10:08:29 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -%{ -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -#ifndef __NetBSD__ -#include "y.tab.h" -#else -#include "policy_parse.h" -#endif -#define yylval __libipsecyylval /* XXX */ - -int yylex __P((void)); -%} - -%option noyywrap -%option nounput - -/* common section */ -nl \n -ws [ \t]+ -digit [0-9] -hexdigit [0-9A-Fa-f] -special [()+\|\?\*,] -dot \. -comma \, -hyphen \- -colon \: -slash \/ -bcl \{ -ecl \} -blcl \[ -elcl \] -percent \% -semi \; -usec {dot}{digit}{1,6} -comment \#.* -ccomment "/*" -bracketstring \<[^>]*\> -quotedstring \"[^"]*\" -decstring {digit}+ -hexpair {hexdigit}{hexdigit} -hexstring 0[xX]{hexdigit}+ -octetstring {octet}({dot}{octet})+ -ipaddress [a-zA-Z0-9:\._][a-zA-Z0-9:\._]*(%[a-zA-Z0-9]+)? - -%% - -in { yylval.num = IPSEC_DIR_INBOUND; return(DIR); } -out { yylval.num = IPSEC_DIR_OUTBOUND; return(DIR); } - -discard { yylval.num = IPSEC_POLICY_DISCARD; return(ACTION); } -none { yylval.num = IPSEC_POLICY_NONE; return(ACTION); } -ipsec { yylval.num = IPSEC_POLICY_IPSEC; return(ACTION); } -bypass { yylval.num = IPSEC_POLICY_BYPASS; return(ACTION); } -entrust { yylval.num = IPSEC_POLICY_ENTRUST; return(ACTION); } - -esp { yylval.num = IPPROTO_ESP; return(PROTOCOL); } -ah { yylval.num = IPPROTO_AH; return(PROTOCOL); } -ipcomp { yylval.num = IPPROTO_IPCOMP; return(PROTOCOL); } - -transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } -tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } - -me { return(ME); } -any { return(ANY); } - -default { yylval.num = IPSEC_LEVEL_DEFAULT; return(LEVEL); } -use { yylval.num = IPSEC_LEVEL_USE; return(LEVEL); } -require { yylval.num = IPSEC_LEVEL_REQUIRE; return(LEVEL); } -unique{colon}{decstring} { - yylval.val.len = strlen(yytext + 7); - yylval.val.buf = yytext + 7; - return(LEVEL_SPECIFY); - } -unique { yylval.num = IPSEC_LEVEL_UNIQUE; return(LEVEL); } -{slash} { return(SLASH); } - -{ipaddress} { - yylval.val.len = strlen(yytext); - yylval.val.buf = yytext; - return(IPADDRESS); - } - -{hyphen} { return(HYPHEN); } - -{ws} { ; } -{nl} { ; } - -%% - -void __policy__strbuffer__init__ __P((char *)); - -void -__policy__strbuffer__init__(msg) - char *msg; -{ - YY_BUFFER_STATE yyb; - - if (yy_current_buffer) - yy_delete_buffer(yy_current_buffer); - yyb = (YY_BUFFER_STATE)yy_scan_string(msg); - yy_switch_to_buffer(yyb); - - return; -} - diff --git a/kdumpd.tproj/Makefile b/kdumpd.tproj/Makefile index f90da80..0a52cc1 100644 --- a/kdumpd.tproj/Makefile +++ b/kdumpd.tproj/Makefile @@ -14,7 +14,7 @@ PROJECT_TYPE = Tool CFILES = kdumpd.c kdumpsubs.c HFILES = kdump.h kdumpsubs.h -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble kdumpd.8 +OTHERSRCS = Makefile.preamble Makefile Makefile.postamble kdumpd.8 com.apple.kdumpd.plist MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles diff --git a/kdumpd.tproj/Makefile.postamble b/kdumpd.tproj/Makefile.postamble index 00ec691..459bb08 100644 --- a/kdumpd.tproj/Makefile.postamble +++ b/kdumpd.tproj/Makefile.postamble @@ -114,3 +114,5 @@ VPATH += :../kdumpd.tproj after_install: mkdir -p $(DSTROOT)/usr/share/man/man8 install -c -m 644 kdumpd.8 $(DSTROOT)/usr/share/man/man8/kdumpd.8 + mkdir -p $(DSTROOT)/System/Library/LaunchDaemons + install -c -m 644 com.apple.kdumpd.plist $(DSTROOT)/System/Library/LaunchDaemons/com.apple.kdumpd.plist diff --git a/kdumpd.tproj/Makefile.preamble b/kdumpd.tproj/Makefile.preamble index 0a00836..872e096 100644 --- a/kdumpd.tproj/Makefile.preamble +++ b/kdumpd.tproj/Makefile.preamble @@ -17,7 +17,7 @@ ## (e.g. change -O to -O2), see Makefile.postamble. # Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = +OTHER_CFLAGS += -mdynamic-no-pic # Flags passed to ld (in addition to -ObjC, etc.) OTHER_LDFLAGS = # Flags passed to libtool when building libraries diff --git a/kdumpd.tproj/com.apple.kdumpd.plist b/kdumpd.tproj/com.apple.kdumpd.plist new file mode 100644 index 0000000..a6ed8b2 --- /dev/null +++ b/kdumpd.tproj/com.apple.kdumpd.plist @@ -0,0 +1,34 @@ + + + + + Disabled + + InitGroups + + Label + com.apple.kdumpd + ProgramArguments + + /usr/libexec/kdumpd + /PanicDumps + + Sockets + + Listener + + SockServiceName + 1069 + SockType + dgram + + + UserName + nobody + inetdCompatibility + + Wait + + + + diff --git a/kdumpd.tproj/kdumpd.8 b/kdumpd.tproj/kdumpd.8 index a51e7e6..916c757 100755 --- a/kdumpd.tproj/kdumpd.8 +++ b/kdumpd.tproj/kdumpd.8 @@ -75,4 +75,3 @@ The command is based on Berkeley .Xr tftpd 8 by way of FreeBSD, with several modifications. - diff --git a/kdumpd.tproj/kdumpd.c b/kdumpd.tproj/kdumpd.c index fc21ba1..a279c28 100644 --- a/kdumpd.tproj/kdumpd.c +++ b/kdumpd.tproj/kdumpd.c @@ -85,7 +85,7 @@ int maxtimeout = 10*TIMEOUT; char buf[PKTSIZE]; char ackbuf[PKTSIZE]; struct sockaddr_in from; -int fromlen; +socklen_t fromlen; void kdump __P((struct kdumphdr *, int)); @@ -198,7 +198,8 @@ main(argc, argv) */ { int pid; - int i, j; + int i; + socklen_t j; for (i = 1; i < 20; i++) { pid = fork(); diff --git a/kdumpd.tproj/kdumpsubs.c b/kdumpd.tproj/kdumpsubs.c index 717f256..1f37ce8 100644 --- a/kdumpd.tproj/kdumpsubs.c +++ b/kdumpd.tproj/kdumpsubs.c @@ -252,7 +252,7 @@ synchnet(int f) int i, j = 0; char rbuf[PKTSIZE]; struct sockaddr_in from; - int fromlen; + socklen_t fromlen; while (1) { (void) ioctl(f, FIONREAD, &i); diff --git a/logger.tproj/Makefile b/logger.tproj/Makefile deleted file mode 100644 index c186192..0000000 --- a/logger.tproj/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = logger - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = logger.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble m.template\ - h.template logger.1 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/logger.tproj/Makefile.postamble b/logger.tproj/Makefile.postamble deleted file mode 100644 index 2461439..0000000 --- a/logger.tproj/Makefile.postamble +++ /dev/null @@ -1,127 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder project (NS3.X = 1.1, NS4.0 = 2.0) -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES - # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A - # This should be incremented as your API changes. -#COMPATIBILITY_PROJECT_VERSION = 1 - # This should be incremented as your API grows. -#CURRENT_PROJECT_VERSION = 1 - # Defaults to using the "vers_string" hack. - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wmost -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S - # for .a archives -#DYNAMIC_STRIP_OPTS = -S - # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -# Note: on MS Windows, executables, have an extension, so rules and dependencies -# for generated tools should use $(EXECUTABLE_EXT) on the end. - -after_install: - mkdir -p $(DSTROOT)/usr/share/man/man1 - install -c -m 444 logger.1 $(DSTROOT)/usr/share/man/man1/logger.1 diff --git a/logger.tproj/Makefile.preamble b/logger.tproj/Makefile.preamble deleted file mode 100644 index 74ce95a..0000000 --- a/logger.tproj/Makefile.preamble +++ /dev/null @@ -1,130 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# If you do not want any headers exported before compilations begin, -# uncomment the following line. This can be a big time saver. -#SKIP_EXPORTING_HEADERS = YES - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set these two macros if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the public header directory -# on the specified public header files with the specified additional flags. -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -# Set this for library projects if you want to publish header files. If your -# app or tool project exports headers Don't -# include $(DSTROOT); this is added for you automatically. -PUBLIC_HEADER_DIR = -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Set this for dynamic library projects on platforms where code which references -# a dynamic library must link against an import library (i.e., Windows NT) -# Don't include $(DSTROOT); this is added for you automatically. -IMPORT_LIBRARY_DIR = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Uncomment this to produce a static archive-style (.a) library -#LIBRARY_STYLE = STATIC - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = -# .x files that should have rpcgen run on them -RPCFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - diff --git a/logger.tproj/PB.project b/logger.tproj/PB.project deleted file mode 100644 index 796d25c..0000000 --- a/logger.tproj/PB.project +++ /dev/null @@ -1,34 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (); - OTHER_LINKED = (logger.c); - OTHER_SOURCES = ( - Makefile.preamble, - Makefile, - Makefile.postamble, - m.template, - h.template, - logger.1 - ); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = logger; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/logger.tproj/h.template b/logger.tproj/h.template deleted file mode 100644 index f3c1b04..0000000 --- a/logger.tproj/h.template +++ /dev/null @@ -1,11 +0,0 @@ -$$ -/* $FILENAME$ created by $USERNAME$ on $DATE$ */ - -#import - -@interface $FILENAMESANSEXTENSION$ : NSObject -{ - -} - -@end diff --git a/logger.tproj/logger.1 b/logger.tproj/logger.1 deleted file mode 100644 index 3a942e8..0000000 --- a/logger.tproj/logger.1 +++ /dev/null @@ -1,102 +0,0 @@ -.\" $OpenBSD: logger.1,v 1.2 1996/06/26 05:35:58 deraadt Exp $ -.\" $NetBSD: logger.1,v 1.4 1994/12/22 06:26:59 jtc Exp $ -.\" -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)logger.1 8.1 (Berkeley) 6/6/93 -.\" -.Dd June 6, 1993 -.Dt LOGGER 1 -.Os BSD 4.3 -.Sh NAME -.Nm logger -.Nd make entries in the system log -.Sh SYNOPSIS -.Nm logger -.Op Fl is -.Op Fl f Ar file -.Op Fl p Ar pri -.Op Fl t Ar tag -.Op Ar message ... -.Sh DESCRIPTION -.Nm Logger -provides a shell command interface to the -.Xr syslog 3 -system log module. -.Pp -Options: -.Pp -.Bl -tag -width "message" -.It Fl i -Log the process id of the logger process -with each line. -.It Fl s -Log the message to standard error, as well as the system log. -.It Fl f Ar file -Log the specified file. -.It Fl p Ar pri -Enter the message with the specified priority. -The priority may be specified numerically or as a ``facility.level'' -pair. -For example, ``\-p local3.info'' logs the message(s) as -.Ar info Ns rmational -level in the -.Ar local3 -facility. -The default is ``user.notice.'' -.It Fl t Ar tag -Mark every line in the log with the specified -.Ar tag . -.It Ar message -Write the message to log; if not specified, and the -.Fl f -flag is not -provided, standard input is logged. -.El -.Pp -The -.Nm logger -utility exits 0 on success, and >0 if an error occurs. -.Sh EXAMPLES -.Bd -literal -offset indent -compact -logger System rebooted - -logger \-p local0.notice \-t HOSTIDM \-f /dev/idmc -.Ed -.Sh SEE ALSO -.Xr syslog 3 , -.Xr syslogd 8 -.Sh STANDARDS -The -.Nm logger -utility conforms to -.St -p1003.2-92 . diff --git a/logger.tproj/logger.c b/logger.tproj/logger.c deleted file mode 100644 index 0ec8b27..0000000 --- a/logger.tproj/logger.c +++ /dev/null @@ -1,205 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include -#include - -#define SYSLOG_NAMES -#include - -int decode __P((char *, CODE *)); -int pencode __P((char *)); -void usage __P((void)); - -/* - * logger -- read and log utility - * - * Reads from an input and arranges to write the result on the system - * log. - */ -int -main(argc, argv) - int argc; - char *argv[]; -{ - int ch, logflags, pri; - char *tag, buf[1024]; - - tag = NULL; - pri = LOG_NOTICE; - logflags = 0; - while ((ch = getopt(argc, argv, "f:ip:st:")) != -1) - switch((char)ch) { - case 'f': /* file to log */ - if (freopen(optarg, "r", stdin) == NULL) { - (void)fprintf(stderr, "logger: %s: %s.\n", - optarg, strerror(errno)); - exit(1); - } - break; - case 'i': /* log process id also */ - logflags |= LOG_PID; - break; - case 'p': /* priority */ - pri = pencode(optarg); - break; - case 's': /* log to standard error */ - logflags |= LOG_PERROR; - break; - case 't': /* tag */ - tag = optarg; - break; - case '?': - default: - usage(); - } - argc -= optind; - argv += optind; - - /* setup for logging */ - openlog(tag ? tag : getlogin(), logflags, 0); - (void) fclose(stdout); - - /* log input line if appropriate */ - if (argc > 0) { - register char *p, *endp; - int len; - - for (p = buf, endp = buf + sizeof(buf) - 2; *argv;) { - len = strlen(*argv); - if (p + len > endp && p > buf) { - syslog(pri, "%s", buf); - p = buf; - } - if (len > sizeof(buf) - 1) - syslog(pri, "%s", *argv++); - else { - if (p != buf) - *p++ = ' '; - bcopy(*argv++, p, len); - *(p += len) = '\0'; - } - } - if (p != buf) - syslog(pri, "%s", buf); - } else - while (fgets(buf, sizeof(buf), stdin) != NULL) - syslog(pri, "%s", buf); - exit(0); -} - -/* - * Decode a symbolic name to a numeric value - */ -int -pencode(s) - register char *s; -{ - char *save; - int fac, lev; - - for (save = s; *s && *s != '.'; ++s); - if (*s) { - *s = '\0'; - fac = decode(save, facilitynames); - if (fac < 0) { - (void)fprintf(stderr, - "logger: unknown facility name: %s.\n", save); - exit(1); - } - *s++ = '.'; - } - else { - fac = 0; - s = save; - } - lev = decode(s, prioritynames); - if (lev < 0) { - (void)fprintf(stderr, - "logger: unknown priority name: %s.\n", save); - exit(1); - } - return ((lev & LOG_PRIMASK) | (fac & LOG_FACMASK)); -} - -int -decode(name, codetab) - char *name; - CODE *codetab; -{ - register CODE *c; - - if (isdigit(*name)) - return (atoi(name)); - - for (c = codetab; c->c_name; c++) - if (!strcasecmp(name, c->c_name)) - return (c->c_val); - - return (-1); -} - -void -usage() -{ - (void)fprintf(stderr, - "logger: [-is] [-f file] [-p pri] [-t tag] [ message ... ]\n"); - exit(1); -} diff --git a/logger.tproj/m.template b/logger.tproj/m.template deleted file mode 100644 index 1216fe5..0000000 --- a/logger.tproj/m.template +++ /dev/null @@ -1,18 +0,0 @@ -$$ Lines starting with $$ are not inserted into newly created files -$$ The following substitutions are made: -$$ -$$ $FILENAME$ e.g. foo.m -$$ $FILENAMESANSEXTENSION$ e.g. foo -$$ $DIRECTORY$ e.g. /tmp/MyNewApp -$$ $PROJECTNAME$ e.g. MyNewApp -$$ $SUBPROJECTNAME$ e.g. TheGoodPart.subproj -$$ $USERNAME$ e.g. mwagner -$$ $DATE$ e.g. Jan-1-1994 -$$ -/* $FILENAME$ created by $USERNAME$ on $DATE$ */ - -#import "$FILENAMESANSEXTENSION$.h" - -@implementation $FILENAMESANSEXTENSION$ - -@end diff --git a/makedbm.tproj/Makefile b/makedbm.tproj/Makefile deleted file mode 100644 index 599e390..0000000 --- a/makedbm.tproj/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = makedbm - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = _db.h ypdb.h ypdef.h - -CFILES = db.c makedbm.c ypdb.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble makedbm.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/makedbm.tproj/Makefile.postamble b/makedbm.tproj/Makefile.postamble deleted file mode 100644 index 2be911b..0000000 --- a/makedbm.tproj/Makefile.postamble +++ /dev/null @@ -1,105 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S -STRIPFLAGS = - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# - -install-man-page: - install -d $(DSTROOT)/usr/share/man/man8 - install -c -m 444 makedbm.8 $(DSTROOT)/usr/share/man/man8/makedbm.8 diff --git a/makedbm.tproj/Makefile.preamble b/makedbm.tproj/Makefile.preamble deleted file mode 100644 index e48625d..0000000 --- a/makedbm.tproj/Makefile.preamble +++ /dev/null @@ -1,125 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. <> -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSION: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -AFTER_INSTALL += install-man-page diff --git a/makedbm.tproj/PB.project b/makedbm.tproj/PB.project deleted file mode 100644 index 1c1cc6f..0000000 --- a/makedbm.tproj/PB.project +++ /dev/null @@ -1,27 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (db.h, ypdb.h, ypdef.h); - OTHER_LIBS = (); - OTHER_LINKED = (db.c, makedbm.c, ypdb.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, makedbm.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = makedbm; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/makedbm.tproj/_db.h b/makedbm.tproj/_db.h deleted file mode 100644 index bbcf1a1..0000000 --- a/makedbm.tproj/_db.h +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: db.h,v 1.1 1997/07/22 10:52:59 maja Exp $ */ - -/* - * Copyright (c) 1997 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _MAKEDBM_DB_H_ -#define _MAKEDBM_DB_H_ - -__BEGIN_DECLS -int db_hash_list_database __P((char *)); -__END_DECLS - -#endif /* !_MAKEDBM_DB_H_ */ - - diff --git a/makedbm.tproj/db.c b/makedbm.tproj/db.c deleted file mode 100644 index f2b8acb..0000000 --- a/makedbm.tproj/db.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: db.c,v 1.1 1997/07/22 10:52:59 maja Exp $ */ - -/* - * Copyright (c) 1997 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: db.c,v 1.1 1997/07/22 10:52:59 maja Exp $"; -#endif - -#include -#include -#include -#include -#include "_db.h" -#include "ypdb.h" - -/* - * This module was created to be able to read database files created - * by sendmail -bi. - */ - -int db_hash_list_database(database) -char *database; -{ - DB *db; - int status; - DBT key, val; - char path[MAXPATHLEN]; - - snprintf(path, sizeof(path), "%s%s", database, ".db"); - - db = dbopen(path, O_RDONLY, 0, DB_HASH, NULL); - if (db != NULL) { - status = db->seq(db, &key, &val, R_FIRST); - while (status == 0) { - printf("%*.*s %*.*s\n", - key.size-1, key.size-1, key.data, - val.size-1, val.size-1, val.data); - status = db->seq(db, &key, &val, R_NEXT); - } - db->close(db); - return(1); - } - return(0); -} - diff --git a/makedbm.tproj/makedbm.8 b/makedbm.tproj/makedbm.8 deleted file mode 100644 index 151d29f..0000000 --- a/makedbm.tproj/makedbm.8 +++ /dev/null @@ -1,97 +0,0 @@ -.\" $OpenBSD: makedbm.8,v 1.5 1997/07/22 10:53:00 maja Exp $ -.\" Copyright (c) 1994-97 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Mats O Jansson -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd July 19, 1994 -.Dt MAKEDBM 8 -.Os -.Sh NAME -.Nm makedbm -.Nd create a YP database -.Sh SYNOPSIS -.Nm makedbm -.Fl u Ar file -.Nm makedbm -.Fl U Ar file -.Nm makedbm -.Op Fl bls -.Op Fl i Ar yp_input_file -.Op Fl o Ar yp_output_file -.Op Fl d Ar yp_domain_name -.Op Fl m Ar yp_master_name -.Ar infile -.Ar outfile -.Sh DESCRIPTION -.Nm Makedbm -is the utiliy in YP that creates the database file containing the YP map. -The databse format is a slightly modified version of ndbm. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl u -Dump a database to standard output. -.It Fl U -Same as -.Fl u -but also try -.Xr db 3 -hash format. -.It Fl b -Interdomain. Include an entry in the database informing a YP server to use -DNS to get information about unknown hosts. This option will only have -effect on the two maps hosts.byname and hosts.byaddr. -.It Fl l -Lowercase. Convert all keys to lower case before adding them to the YP -database. -.It Fl s -Secure map. Include an entry in the database informing -.Xr ypxfr 8 -and -.Xr ypserv 8 -that the YP map is going to be handled as secure. -.It Fl i Ar yp_input_file -Include an entry the in the map with the key YP_INPUT_FILE and the argument -as value. -.It Fl o Ar yp_output_file -Include an entry the in the map with the key YP_OUTPUT_FILE and the argument -as value. -.It Fl d Ar yp_domain_name -Include an entry the in the map with the key YP_DOMAIN_NAME and the argument -as value. -.It Fl m Ar yp_master_name -Include an entry the in the map with the key YP_MASTER_NAME and the argument -as value. -.El -.Sh SEE ALSO -.Xr yp 8 , -.Xr db 3 , -.Xr ypxfr 8 , -.Xr ypserv 8 -.Sh AUTHOR -Mats O Jansson diff --git a/makedbm.tproj/makedbm.c b/makedbm.tproj/makedbm.c deleted file mode 100644 index 8d2f73e..0000000 --- a/makedbm.tproj/makedbm.c +++ /dev/null @@ -1,444 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: makedbm.c,v 1.9 1997/08/18 03:11:34 millert Exp $ */ - -/* - * Copyright (c) 1994-97 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: makedbm.c,v 1.9 1997/08/18 03:11:34 millert Exp $"; -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include "ypdb.h" -#include "ypdef.h" -#include "db.h" - -extern char *__progname; /* from crt0.o */ - -/* - * Read one line - */ - -static int read_line(fp, buf, size) - FILE *fp; - char *buf; - int size; -{ - int done; - - done = 0; - - do { - while (fgets(buf, size, fp)) { - int len = strlen(buf); - done += len; - if (len > 1 && buf[len-2] == '\\' && - buf[len-1] == '\n') { - int ch; - buf += len - 2; - size -= len - 2; - *buf = '\n'; buf[1] = '\0'; - - /* Skip leading white space on next line */ - while ((ch = getc(fp)) != EOF && - isascii(ch) && isspace(ch)) - ; - (void) ungetc(ch, fp); - } else { - return done; - } - } - } while (size > 0 && !feof(fp)); - - return done; -} - -void -add_record(db, str1, str2, check) - DBM *db; - char *str1, *str2; - int check; -{ - datum key,val; - int status; - - key.dptr = str1; - key.dsize = strlen(str1); - - if (check) { - val = ypdb_fetch(db,key); - - if (val.dptr != NULL) - return; /* already there */ - - } - - val.dptr = str2; - val.dsize = strlen(str2); - status = ypdb_store(db, key, val, YPDB_INSERT); - - if (status != 0) { - printf("%s: problem storing %s %s\n",__progname,str1,str2); - exit(1); - } -} - -static char * -file_date(filename) - char *filename; -{ - struct stat finfo; - static char datestr[11]; - int status; - - if (strcmp(filename,"-") == 0) { - sprintf(datestr, "%010d", time(0)); - } else { - status = stat(filename, &finfo); - if (status < 0) { - fprintf(stderr, "%s: can't stat %s\n", __progname, filename); - exit(1); - } - sprintf(datestr, "%010d", finfo.st_mtime); - } - - return datestr; -} - -void -list_database(database,Uflag) - char *database; - int Uflag; -{ - DBM *db; - datum key,val; - - db = ypdb_open(database, O_RDONLY, 0444); - - if (db == NULL) { - - if (Uflag != 0) { - - if (db_hash_list_database(database)) return; - - } - - - fprintf(stderr, "%s: can't open database %s\n", __progname, database); - exit(1); - } - - key = ypdb_firstkey(db); - - while (key.dptr != NULL) { - val = ypdb_fetch(db,key); - printf("%*.*s %*.*s\n", - key.dsize, key.dsize, key.dptr, - val.dsize, val.dsize, val.dptr); - key = ypdb_nextkey(db); - } - - ypdb_close(db); - -} - -void - -create_database(infile,database, - yp_input_file,yp_output_file, - yp_master_name,yp_domain_name, - bflag, lflag, sflag) - char *infile, *database; - char *yp_input_file, *yp_output_file; - char *yp_master_name, *yp_domain_name; - int bflag, lflag, sflag; -{ - FILE *data_file; - char data_line[4096]; /* XXX: DB bsize = 4096 in ypdb.c */ - char myname[MAXHOSTNAMELEN]; - int line_no = 0; - int len; - char *p,*k,*v; - char *slash; - DBM *new_db; - static char mapname[] = "ypdbXXXXXXXXXX"; - char db_mapname[MAXPATHLEN],db_outfile[MAXPATHLEN], - db_tempname[MAXPATHLEN]; - char empty_str[] = ""; - - if (strcmp(infile,"-") == 0) { - data_file = stdin; - } else { - data_file = fopen(infile, "r"); - if (errno != 0) { - (void)fprintf(stderr,"%s: ",__progname); - perror(infile); - exit(1); - } - } - - if (strlen(database) + strlen(YPDB_SUFFIX) > MAXPATHLEN) { - fprintf(stderr,"%s: %s: file name too long\n", - __progname, database); - exit(1); - } - snprintf(db_outfile, sizeof(db_outfile), "%s%s", database, YPDB_SUFFIX); - - slash = strrchr(database, '/'); - if (slash != NULL) - slash[1] = 0; /* truncate to dir */ - else - *database = 0; /* elminate */ - - /* note: database is now directory where map goes ! */ - - if (strlen(database) + strlen(mapname) - + strlen(YPDB_SUFFIX) > MAXPATHLEN) { - fprintf(stderr,"%s: %s: directory name too long\n", - __progname, database); - exit(1); - } - - snprintf(db_tempname, sizeof(db_tempname), "%s%s", database, - mapname); - mktemp(db_tempname); - snprintf(db_mapname, sizeof(db_mapname), "%s%s", db_tempname, - YPDB_SUFFIX); - - new_db = ypdb_open(db_tempname, O_RDWR|O_CREAT, 0444); - - while (read_line(data_file,data_line,sizeof(data_line))) { - - line_no++; - len = strlen(data_line); - - /* Check if we have the whole line */ - - if (data_line[len-1] != '\n') { - fprintf(stderr, "line %d in \"%s\" is too long", - line_no, infile); - } else { - data_line[len-1] = '\0'; - } - - p = (char *) &data_line; - - k = p; /* save start of key */ - while (!isspace(*p)) { /* find first "space" */ - if (lflag && isupper(*p)) /* if force lower case */ - *p = tolower(*p); /* fix it */ - p++; - }; - while (isspace(*p)) { /* replace space with */ - *p = '\0'; - p++; - }; - - v = p; /* save start of value */ - while(*p != '\0') { p++; }; /* find end of string */ - - add_record(new_db, k, v, TRUE); /* save record */ - - } - - if (strcmp(infile,"-") != 0) { - (void) fclose(data_file); - } - - add_record(new_db, YP_LAST_KEY, file_date(infile), FALSE); - - if (yp_input_file) { - add_record(new_db, YP_INPUT_KEY, yp_input_file, FALSE); - } - - if (yp_output_file) { - add_record(new_db, YP_OUTPUT_KEY, yp_output_file, FALSE); - } - - if (yp_master_name) { - add_record(new_db, YP_MASTER_KEY, yp_master_name, FALSE); - } else { - gethostname(myname, sizeof(myname) - 1); - add_record(new_db, YP_MASTER_KEY, myname, FALSE); - } - - if (yp_domain_name) { - add_record(new_db, YP_DOMAIN_KEY, yp_domain_name, FALSE); - } - - if (bflag) { - add_record(new_db, YP_INTERDOMAIN_KEY, empty_str, FALSE); - } - - if (sflag) { - add_record(new_db, YP_SECURE_KEY, empty_str, FALSE); - } - - ypdb_close(new_db); - if (rename(db_mapname,db_outfile) < 0) { - perror("rename"); - fprintf(stderr,"rename %s -> %s failed!\n", db_mapname, - db_outfile); - exit(1); - } - -} - -int -main (argc,argv) - int argc; - char *argv[]; -{ - int aflag, uflag, bflag, lflag, sflag, Uflag; - char *yp_input_file, *yp_output_file; - char *yp_master_name,*yp_domain_name; - char *infile,*outfile; - int usage = 0; - int ch; - - extern int optind; - - yp_input_file = yp_output_file = NULL; - yp_master_name = yp_domain_name = NULL; - aflag = uflag = bflag = lflag = sflag = Uflag = 0; - infile = outfile = NULL; - - while ((ch = getopt(argc, argv, "Ublsui:o:m:d:")) != -1) - switch (ch) { - case 'U': - uflag++; - Uflag++; - break; - case 'b': - bflag++; - aflag++; - break; - case 'l': - lflag++; - aflag++; - break; - case 's': - sflag++; - aflag++; - break; - case 'i': - yp_input_file = argv[optind]; - aflag++; - break; - case 'o': - yp_output_file = argv[optind]; - aflag++; - break; - case 'm': - yp_master_name = argv[optind]; - aflag++; - break; - case 'd': - yp_domain_name = argv[optind]; - aflag++; - break; - case 'u': - uflag++; - break; - default: - usage++; - break; - } - - if ((uflag != 0) && (aflag != 0)) { - usage++; - } else { - - if (uflag != 0) { - if (argc == (optind + 1)) { - infile = argv[optind]; - } else { - usage++; - } - } else { - if (argc == (optind + 2)) { - infile = argv[optind]; - outfile = argv[optind+1]; - } else { - usage++; - } - } - } - - if (usage) { - fprintf(stderr,"%s%s%s", - "usage:\tmakedbm [-u|-U] file\n\tmakedbm [-bls]", - " [-i YP_INPUT_FILE] [-o YP_OUTPUT_FILE]\n\t\t", - "[-d YP_DOMAIN_NAME] [-m YP_MASTER_NAME] infile outfile\n"); - exit(1); - } - - if (uflag != 0) { - list_database(infile,Uflag); - } else { - create_database(infile,outfile, - yp_input_file,yp_output_file, - yp_master_name,yp_domain_name, - bflag, lflag, sflag); - } - - return(0); - -} diff --git a/makedbm.tproj/ypdb.c b/makedbm.tproj/ypdb.c deleted file mode 100644 index c9bd178..0000000 --- a/makedbm.tproj/ypdb.c +++ /dev/null @@ -1,297 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdb.c,v 1.5 1997/02/09 09:49:36 maja Exp $ */ - -/* - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * This code is derived from ndbm module of BSD4.4 db (hash) by - * Mats O Jansson - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include "ypdb.h" - -#ifdef YPDB_PATCH -extern DBM *__hash_open(); -#else -extern DBM *__bt_open(); -#endif - -/* - * Returns: - * *DBM on success - * NULL on failure - */ - -extern DBM * -ypdb_open(file, flags, mode) - const char *file; - int flags, mode; -{ -#ifdef YPDB_PATCH - HASHINFO info; - char path[MAXPATHLEN]; - - info.bsize = 4096; - info.ffactor = 40; - info.nelem = 1; - info.cachesize = NULL; - info.hash = NULL; - info.lorder = 0; - snprintf(path, sizeof(path), "%s%s", file, YPDB_SUFFIX); - return ((DBM *)__hash_open(path, flags, mode, &info, 0)); -#else - BTREEINFO info; - char path[MAXPATHLEN]; - DBM *db; - - info.flags = 0; - info.cachesize = 0; - info.maxkeypage = 0; - info.minkeypage = 0; - info.psize = 0; - info.compare = NULL; - info.prefix = NULL; - info.lorder = 0; - snprintf(path, sizeof(path), "%s%s", file, YPDB_SUFFIX); - db = (DBM *)__bt_open(path, flags, mode, &info, 0); - return (db); -#endif -} - -/* - * Returns: - * *DBM on success - * NULL on failure - */ - -extern DBM * -ypdb_open_suf(file, flags, mode) - const char *file; - int flags, mode; -{ -#ifdef YPDB_PATCH - HASHINFO info; - - info.bsize = 4096; - info.ffactor = 40; - info.nelem = 1; - info.cachesize = NULL; - info.hash = NULL; - info.lorder = 0; - return ((DBM *)__hash_open(file, flags, mode, &info, 0)); -#else - BTREEINFO info; - DBM *db; - - info.flags = 0; - info.cachesize = 0; - info.maxkeypage = 0; - info.minkeypage = 0; - info.psize = 0; - info.compare = NULL; - info.prefix = NULL; - info.lorder = 0; - db = (DBM *)__bt_open(file, flags, mode, &info, 0); - return (db); -#endif -} - -extern void -ypdb_close(db) - DBM *db; -{ - (void)(db->close)(db); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_fetch(db, key) - DBM *db; - datum key; -{ - datum retval; - int status; - - status = (db->get)(db, (DBT *)&key, (DBT *)&retval, 0); - if (status) { - retval.dptr = NULL; - retval.dsize = 0; - } - return (retval); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_firstkey(db) - DBM *db; -{ - int status; - datum retdata, retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST); - if (status) - retkey.dptr = NULL; - return (retkey); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_nextkey(db) - DBM *db; -{ - int status; - datum retdata, retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT); - if (status) - retkey.dptr = NULL; - return (retkey); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_setkey(db, key) - DBM *db; - datum key; -{ - int status; - datum retdata; -#ifdef YPDB_PATCH - datum retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST); - if (status) - retkey.dptr = NULL; - while ((retkey.dptr != NULL) && - ((retkey.dsize != key.dsize) || - (strncmp(key.dptr,retkey.dptr,retkey.dsize) != 0))) { - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT); - if (status) - retkey.dptr = NULL; - }; - return (retkey); -#else - status = (db->seq)(db, (DBT *)&key, (DBT *)&retdata, R_CURSOR); - if (status) - key.dptr = NULL; - return (key); -#endif -} - -/* - * Returns: - * 0 on success - * <0 failure - */ - -int -ypdb_delete(db, key) - DBM *db; - datum key; -{ - int status; - - status = (db->del)(db, (DBT *)&key, 0); - if (status) - return (-1); - else - return (0); -} - -/* - * Returns: - * 0 on success - * <0 failure - * 1 if YPDB_INSERT and entry exists - */ - -int -ypdb_store(db, key, content, flags) - DBM *db; - datum key, content; - int flags; -{ - return ((db->put)(db, (DBT *)&key, (DBT *)&content, - (flags == YPDB_INSERT) ? R_NOOVERWRITE : 0)); -} - diff --git a/makedbm.tproj/ypdb.h b/makedbm.tproj/ypdb.h deleted file mode 100644 index 45b0a7f..0000000 --- a/makedbm.tproj/ypdb.h +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdb.h,v 1.5 1997/02/09 09:49:37 maja Exp $ */ - -/* - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * This code is derived from ndbm module of BSD4.4 db (hash) by - * Mats O Jansson - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPDB_H_ -#define _YPDB_H_ - -#ifndef _DB_H_ -#include -#endif - -#define YPDB_SUFFIX ".db" - -/* Flags to ypdb_store(). */ -#define YPDB_INSERT 0 -#define YPDB_REPLACE 1 - -#ifndef DATUM -typedef struct { - char *dptr; - int dsize; -} datum; -#define DATUM -#endif - -typedef DB DBM; - -__BEGIN_DECLS -void ypdb_close __P((DBM *)); -datum ypdb_fetch __P((DBM *, datum)); -datum ypdb_firstkey __P((DBM *)); -datum ypdb_nextkey __P((DBM *)); -datum ypdb_setkey __P((DBM *, datum)); -DBM *ypdb_open __P((const char *, int, int)); -DBM *ypdb_open_suf __P((const char *, int, int)); -int ypdb_store __P((DBM *, datum, datum, int)); -__END_DECLS - -#endif /* !_YPDB_H_ */ diff --git a/makedbm.tproj/ypdef.h b/makedbm.tproj/ypdef.h deleted file mode 100644 index 89970d7..0000000 --- a/makedbm.tproj/ypdef.h +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdef.h,v 1.6 1997/03/30 20:51:14 maja Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPDEF_H_ -#define _YPDEF_H_ - -#define YP_DB_PATH "/var/yp" -#define YP_LAST_KEY "YP_LAST_MODIFIED" -#define YP_LAST_LEN (sizeof(YP_LAST_KEY)-1) -#define YP_INPUT_KEY "YP_INPUT_FILE" -#define YP_INPUT_LEN (sizeof(YP_INPUT_KEY)-1) -#define YP_OUTPUT_KEY "YP_OUTPUT_FILE" -#define YP_OUTPUT_LEN (sizeof(YP_OUTPUT_KEY)-1) -#define YP_MASTER_KEY "YP_MASTER_NAME" -#define YP_MASTER_LEN (sizeof(YP_MASTER_KEY)-1) -#define YP_DOMAIN_KEY "YP_DOMAIN_NAME" -#define YP_DOMAIN_LEN (sizeof(YP_DOMAIN_KEY)-1) -#define YP_INTERDOMAIN_KEY "YP_INTERDOMAIN" -#define YP_INTERDOMAIN_LEN (sizeof(YP_INTERDOMAIN_KEY)-1) -#define YP_SECURE_KEY "YP_SECURE" -#define YP_SECURE_LEN (sizeof(YP_SECURE_KEY)-1) - -#define MAX_LAST_LEN 10 -#define MAX_MASTER_LEN 255 -#define YP_HOSTNAME "hosts.byname" -#define YP_HOSTADDR "hosts.byaddr" - -#ifndef TRUE -#define TRUE 1 -#endif - -#ifndef FALSE -#define FALSE 0 -#endif - -#define YPXFR_PROC "/usr/sbin/ypxfr" -#define YPPUSH_PROC "/usr/sbin/yppush" -#define YPSERV_PID_PATH "/var/run/ypserv.pid" -#define YP_SECURENET_FILE "/var/yp/securenet" - -#endif /* !_YPDEF_H_ */ diff --git a/natd.tproj/Makefile.preamble b/natd.tproj/Makefile.preamble index a4606c6..3bb2a83 100644 --- a/natd.tproj/Makefile.preamble +++ b/natd.tproj/Makefile.preamble @@ -138,3 +138,4 @@ DSTROOT = $(HOME) AFTER_INSTALL += install-man-page +OTHER_CFLAGS += -mdynamic-no-pic diff --git a/ndp.tproj/Makefile.preamble b/ndp.tproj/Makefile.preamble index 604fd2a..7731913 100644 --- a/ndp.tproj/Makefile.preamble +++ b/ndp.tproj/Makefile.preamble @@ -1,4 +1,5 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include LOCAL_CFLAGS= -DINET6 -DIPSEC_DEBUG -DKAME_SCOPEID +OTHER_CFLAGS += -mdynamic-no-pic AFTER_INSTALL += install-man-page diff --git a/netstat.tproj/Makefile b/netstat.tproj/Makefile index 88786fd..feb1448 100644 --- a/netstat.tproj/Makefile +++ b/netstat.tproj/Makefile @@ -12,10 +12,16 @@ NAME = netstat PROJECTVERSION = 2.8 PROJECT_TYPE = Tool +Embedded=$(shell tconf --test TARGET_OS_EMBEDDED) + HFILES = netstat.h -CFILES = data.c if.c inet.c inet6.c ipsec.c main.c mbuf.c mroute.c mroute6.c route.c\ - tp_astring.c unix.c +CFILES = data.c if.c inet.c inet6.c ipsec.c main.c mcast.c mbuf.c\ + route.c tp_astring.c unix.c + +ifeq "$(Embedded)" "NO" +CFILES += mroute.c mroute6.c +endif OTHERSRCS = Makefile.preamble Makefile Makefile.postamble netstat.1\ DERIVED_FILES diff --git a/netstat.tproj/Makefile.preamble b/netstat.tproj/Makefile.preamble index ffc363f..0dab084 100644 --- a/netstat.tproj/Makefile.preamble +++ b/netstat.tproj/Makefile.preamble @@ -1,6 +1,6 @@ CLEAN_ALL_SUBPROJECTS = YES OTHER_GENERATED_OFILES = $(VERS_OFILE) -OTHER_CFLAGS += -DINET6 -DIPSEC -DSRVCACHE +OTHER_CFLAGS += -DINET6 -DIPSEC -mdynamic-no-pic AFTER_INSTALL += install-man-page -include ../Makefile.include vpath %.c `pwd` diff --git a/netstat.tproj/PB.project b/netstat.tproj/PB.project index 420a54f..5f854f3 100644 --- a/netstat.tproj/PB.project +++ b/netstat.tproj/PB.project @@ -8,7 +8,7 @@ H_FILES = (netstat.h); LIBRARYSEARCH = (); OTHER_LIBS = (); - OTHER_LINKED = (data.c, if.c, inet.c, main.c, mbuf.c, mroute.c, route.c, tp_astring.c, unix.c); + OTHER_LINKED = (data.c, if.c, inet.c, main.c, mcast.c mbuf.c, mroute.c, route.c, tp_astring.c, unix.c); OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, netstat.1, DERIVED_FILES); SUBPROJECTS = (); }; diff --git a/netstat.tproj/if.c b/netstat.tproj/if.c index 49fab94..1ff9fd9 100644 --- a/netstat.tproj/if.c +++ b/netstat.tproj/if.c @@ -36,7 +36,7 @@ static char sccsid[] = "@(#)if.c 8.3 (Berkeley) 4/28/95"; */ static const char rcsid[] = - "$Id: if.c,v 1.6.40.1 2006/01/10 05:26:27 lindak Exp $"; + "$Id: if.c,v 1.7 2006/01/16 04:53:59 lindak Exp $"; #endif /* not lint */ #include @@ -209,11 +209,21 @@ multipr(int family, char *buf, char *lim) } #ifdef INET6 case AF_INET6: { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; + struct sockaddr_in6 sin6; + + memcpy(&sin6, sa, sizeof(struct sockaddr_in6)); + + if (IN6_IS_ADDR_LINKLOCAL(&sin6.sin6_addr) || + IN6_IS_ADDR_MC_LINKLOCAL(&sin6.sin6_addr)) { + sin6.sin6_scope_id = + ntohs(*(u_int16_t *)&sin6.sin6_addr.s6_addr[2]); + sin6.sin6_addr.s6_addr[2] = 0; + sin6.sin6_addr.s6_addr[3] = 0; + } printf("%23s %-19.19s(refs: %d)\n", "", inet_ntop(AF_INET6, - &sin6->sin6_addr, + &sin6.sin6_addr, ntop_buf, sizeof(ntop_buf)), ifmam->ifmam_refcount); @@ -506,12 +516,15 @@ sidewaysintpr() { struct iftot *total, *sum, *interesting; register int line; - int oldmask, first; + int first; int name[6]; size_t len; unsigned int ifcount, i; struct ifmibdata *ifmdall = 0; int interesting_row; + sigset_t sigset, oldsigset; + struct itimerval timer_interval; + /* Common OID prefix */ name[0] = CTL_NET; @@ -552,10 +565,14 @@ sidewaysintpr() if ((sum = calloc(1, sizeof(struct iftot))) == NULL) err(1, "malloc failed"); - + /* create a timer that fires repeatedly every interval seconds */ + timer_interval.it_value.tv_sec = interval; + timer_interval.it_value.tv_usec = 0; + timer_interval.it_interval.tv_sec = interval; + timer_interval.it_interval.tv_usec = 0; (void)signal(SIGALRM, catchalarm); signalled = NO; - (void)alarm(interval); + (void)setitimer(ITIMER_REAL, &timer_interval, NULL); first = 1; banner: printf("%17s %14s %16s", "input", @@ -662,13 +679,16 @@ loop: if (!first) putchar('\n'); fflush(stdout); - oldmask = sigblock(sigmask(SIGALRM)); - if (! signalled) { - sigpause(0); + sigemptyset(&sigset); + sigaddset(&sigset, SIGALRM); + (void)sigprocmask(SIG_BLOCK, &sigset, &oldsigset); + if (!signalled) { + sigemptyset(&sigset); + sigsuspend(&sigset); } - sigsetmask(oldmask); + (void)sigprocmask(SIG_SETMASK, &oldsigset, NULL); + signalled = NO; - (void)alarm(interval); line++; first = 0; if (line == 21) @@ -678,6 +698,37 @@ loop: /*NOTREACHED*/ } +void +intervalpr(void (*pr)(u_long, char *, int), u_long off, char *name , int af) +{ + struct itimerval timer_interval; + sigset_t sigset, oldsigset; + + /* create a timer that fires repeatedly every interval seconds */ + timer_interval.it_value.tv_sec = interval; + timer_interval.it_value.tv_usec = 0; + timer_interval.it_interval.tv_sec = interval; + timer_interval.it_interval.tv_usec = 0; + (void) signal(SIGALRM, catchalarm); + signalled = NO; + (void) setitimer(ITIMER_REAL, &timer_interval, NULL); + + for (;;) { + pr(off, name, af); + + fflush(stdout); + sigemptyset(&sigset); + sigaddset(&sigset, SIGALRM); + (void) sigprocmask(SIG_BLOCK, &sigset, &oldsigset); + if (!signalled) { + sigemptyset(&sigset); + sigsuspend(&sigset); + } + (void) sigprocmask(SIG_SETMASK, &oldsigset, NULL); + signalled = NO; + } +} + /* * Called if an interval expires before sidewaysintpr has completed a loop. * Sets a flag to not wait for the alarm. diff --git a/netstat.tproj/inet.c b/netstat.tproj/inet.c index 8644d53..4942fc0 100644 --- a/netstat.tproj/inet.c +++ b/netstat.tproj/inet.c @@ -36,7 +36,7 @@ static char sccsid[] = "@(#)inet.c 8.5 (Berkeley) 5/24/95"; */ static const char rcsid[] = - "$Id: inet.c,v 1.7 2004/08/26 23:55:22 lindak Exp $"; + "$Id: inet.c,v 1.9 2006/04/04 04:36:27 lindak Exp $"; #endif /* not lint */ #include @@ -103,7 +103,7 @@ static void _serv_cache_open() { struct servent *s; - char *key, *name; + char *key, *name, *test; if (_serv_cache != NULL) return; @@ -116,8 +116,8 @@ _serv_cache_open() key = NULL; asprintf(&key, "%hu/%s", (unsigned short)ntohs(s->s_port), s->s_proto); name = strdup(s->s_name); - name = _nc_table_find(_serv_cache, key); - if (name == NULL) _nc_table_insert(_serv_cache, key, name); + test = _nc_table_find(_serv_cache, key); + if (test == NULL) _nc_table_insert(_serv_cache, key, name); free(key); } @@ -341,7 +341,7 @@ protopr(u_long proto, /* for sysctl version we pass proto # */ vchar = ((inp->inp_vflag & INP_IPV4) != 0) ? "4 " : " "; - printf("%-3.3s%-2.2s %6ld %6ld ", name, vchar, + printf("%-3.3s%-2.2s %6u %6u ", name, vchar, so->so_rcv.sb_cc, so->so_snd.sb_cc); } @@ -436,16 +436,17 @@ protopr(u_long proto, /* for sysctl version we pass proto # */ void tcp_stats(u_long off , char *name, int af ) { + static struct tcpstat ptcpstat; struct tcpstat tcpstat; size_t len = sizeof tcpstat; - + if (sysctlbyname("net.inet.tcp.stats", &tcpstat, &len, 0, 0) < 0) { warn("sysctl: net.inet.tcp.stats"); return; } #ifdef INET6 - if (tcp_done != 0) + if (tcp_done != 0 && interval == 0) return; else tcp_done = 1; @@ -453,84 +454,93 @@ tcp_stats(u_long off , char *name, int af ) printf ("%s:\n", name); -#define p(f, m) if (tcpstat.f || sflag <= 1) \ - printf(m, tcpstat.f, plural(tcpstat.f)) -#define p1a(f, m) if (tcpstat.f || sflag <= 1) \ - printf(m, tcpstat.f) -#define p2(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ - printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2, plural(tcpstat.f2)) -#define p2a(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ - printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2) -#define p3(f, m) if (tcpstat.f || sflag <= 1) \ - printf(m, tcpstat.f, plurales(tcpstat.f)) - - p(tcps_sndtotal, "\t%lu packet%s sent\n"); +#define TCPDIFF(f) (tcpstat.f - ptcpstat.f) +#define p(f, m) if (TCPDIFF(f) || sflag <= 1) \ + printf(m, TCPDIFF(f), plural(TCPDIFF(f))) +#define p1a(f, m) if (TCPDIFF(f) || sflag <= 1) \ + printf(m, TCPDIFF(f)) +#define p2(f1, f2, m) if (TCPDIFF(f1) || TCPDIFF(f2) || sflag <= 1) \ + printf(m, TCPDIFF(f1), plural(TCPDIFF(f1)), TCPDIFF(f2), plural(TCPDIFF(f2))) +#define p2a(f1, f2, m) if (TCPDIFF(f1) || TCPDIFF(f2) || sflag <= 1) \ + printf(m, TCPDIFF(f1), plural(TCPDIFF(f1)), TCPDIFF(f2)) +#define p3(f, m) if (TCPDIFF(f) || sflag <= 1) \ + printf(m, TCPDIFF(f), plurales(TCPDIFF(f))) + + p(tcps_sndtotal, "\t%u packet%s sent\n"); p2(tcps_sndpack,tcps_sndbyte, - "\t\t%lu data packet%s (%lu byte%s)\n"); + "\t\t%u data packet%s (%u byte%s)\n"); p2(tcps_sndrexmitpack, tcps_sndrexmitbyte, - "\t\t%lu data packet%s (%lu byte%s) retransmitted\n"); - p(tcps_mturesent, "\t\t%lu resend%s initiated by MTU discovery\n"); + "\t\t%u data packet%s (%u byte%s) retransmitted\n"); + p(tcps_mturesent, "\t\t%u resend%s initiated by MTU discovery\n"); p2a(tcps_sndacks, tcps_delack, - "\t\t%lu ack-only packet%s (%lu delayed)\n"); - p(tcps_sndurg, "\t\t%lu URG only packet%s\n"); - p(tcps_sndprobe, "\t\t%lu window probe packet%s\n"); - p(tcps_sndwinup, "\t\t%lu window update packet%s\n"); - p(tcps_sndctrl, "\t\t%lu control packet%s\n"); - p(tcps_rcvtotal, "\t%lu packet%s received\n"); - p2(tcps_rcvackpack, tcps_rcvackbyte, "\t\t%lu ack%s (for %lu byte%s)\n"); - p(tcps_rcvdupack, "\t\t%lu duplicate ack%s\n"); - p(tcps_rcvacktoomuch, "\t\t%lu ack%s for unsent data\n"); + "\t\t%u ack-only packet%s (%u delayed)\n"); + p(tcps_sndurg, "\t\t%u URG only packet%s\n"); + p(tcps_sndprobe, "\t\t%u window probe packet%s\n"); + p(tcps_sndwinup, "\t\t%u window update packet%s\n"); + p(tcps_sndctrl, "\t\t%u control packet%s\n"); + p(tcps_rcvtotal, "\t%u packet%s received\n"); + p2(tcps_rcvackpack, tcps_rcvackbyte, "\t\t%u ack%s (for %u byte%s)\n"); + p(tcps_rcvdupack, "\t\t%u duplicate ack%s\n"); + p(tcps_rcvacktoomuch, "\t\t%u ack%s for unsent data\n"); p2(tcps_rcvpack, tcps_rcvbyte, - "\t\t%lu packet%s (%lu byte%s) received in-sequence\n"); + "\t\t%u packet%s (%u byte%s) received in-sequence\n"); p2(tcps_rcvduppack, tcps_rcvdupbyte, - "\t\t%lu completely duplicate packet%s (%lu byte%s)\n"); - p(tcps_pawsdrop, "\t\t%lu old duplicate packet%s\n"); + "\t\t%u completely duplicate packet%s (%u byte%s)\n"); + p(tcps_pawsdrop, "\t\t%u old duplicate packet%s\n"); p2(tcps_rcvpartduppack, tcps_rcvpartdupbyte, - "\t\t%lu packet%s with some dup. data (%lu byte%s duped)\n"); + "\t\t%u packet%s with some dup. data (%u byte%s duped)\n"); p2(tcps_rcvoopack, tcps_rcvoobyte, - "\t\t%lu out-of-order packet%s (%lu byte%s)\n"); + "\t\t%u out-of-order packet%s (%u byte%s)\n"); p2(tcps_rcvpackafterwin, tcps_rcvbyteafterwin, - "\t\t%lu packet%s (%lu byte%s) of data after window\n"); - p(tcps_rcvwinprobe, "\t\t%lu window probe%s\n"); - p(tcps_rcvwinupd, "\t\t%lu window update packet%s\n"); - p(tcps_rcvafterclose, "\t\t%lu packet%s received after close\n"); - p(tcps_rcvbadsum, "\t\t%lu discarded for bad checksum%s\n"); - p(tcps_rcvbadoff, "\t\t%lu discarded for bad header offset field%s\n"); - p1a(tcps_rcvshort, "\t\t%lu discarded because packet too short\n"); - p(tcps_connattempt, "\t%lu connection request%s\n"); - p(tcps_accepts, "\t%lu connection accept%s\n"); - p(tcps_badsyn, "\t%lu bad connection attempt%s\n"); - p(tcps_listendrop, "\t%lu listen queue overflow%s\n"); - p(tcps_connects, "\t%lu connection%s established (including accepts)\n"); + "\t\t%u packet%s (%u byte%s) of data after window\n"); + p(tcps_rcvwinprobe, "\t\t%u window probe%s\n"); + p(tcps_rcvwinupd, "\t\t%u window update packet%s\n"); + p(tcps_rcvafterclose, "\t\t%u packet%s received after close\n"); + p(tcps_badrst, "\t\t%u bad reset%s\n"); + p(tcps_rcvbadsum, "\t\t%u discarded for bad checksum%s\n"); + p(tcps_rcvbadoff, "\t\t%u discarded for bad header offset field%s\n"); + p1a(tcps_rcvshort, "\t\t%u discarded because packet too short\n"); + p(tcps_connattempt, "\t%u connection request%s\n"); + p(tcps_accepts, "\t%u connection accept%s\n"); + p(tcps_badsyn, "\t%u bad connection attempt%s\n"); + p(tcps_listendrop, "\t%u listen queue overflow%s\n"); + p(tcps_connects, "\t%u connection%s established (including accepts)\n"); p2(tcps_closed, tcps_drops, - "\t%lu connection%s closed (including %lu drop%s)\n"); - p(tcps_cachedrtt, "\t\t%lu connection%s updated cached RTT on close\n"); + "\t%u connection%s closed (including %u drop%s)\n"); + p(tcps_cachedrtt, "\t\t%u connection%s updated cached RTT on close\n"); p(tcps_cachedrttvar, - "\t\t%lu connection%s updated cached RTT variance on close\n"); + "\t\t%u connection%s updated cached RTT variance on close\n"); p(tcps_cachedssthresh, - "\t\t%lu connection%s updated cached ssthresh on close\n"); - p(tcps_conndrops, "\t%lu embryonic connection%s dropped\n"); + "\t\t%u connection%s updated cached ssthresh on close\n"); + p(tcps_conndrops, "\t%u embryonic connection%s dropped\n"); p2(tcps_rttupdated, tcps_segstimed, - "\t%lu segment%s updated rtt (of %lu attempt%s)\n"); - p(tcps_rexmttimeo, "\t%lu retransmit timeout%s\n"); - p(tcps_timeoutdrop, "\t\t%lu connection%s dropped by rexmit timeout\n"); - p(tcps_persisttimeo, "\t%lu persist timeout%s\n"); - p(tcps_persistdrop, "\t\t%lu connection%s dropped by persist timeout\n"); - p(tcps_keeptimeo, "\t%lu keepalive timeout%s\n"); - p(tcps_keepprobe, "\t\t%lu keepalive probe%s sent\n"); - p(tcps_keepdrops, "\t\t%lu connection%s dropped by keepalive\n"); - p(tcps_predack, "\t%lu correct ACK header prediction%s\n"); - p(tcps_preddat, "\t%lu correct data packet header prediction%s\n"); - p(tcps_sack_recovery_episode, "\t%lu SACK recovery episode%s\n"); + "\t%u segment%s updated rtt (of %u attempt%s)\n"); + p(tcps_rexmttimeo, "\t%u retransmit timeout%s\n"); + p(tcps_timeoutdrop, "\t\t%u connection%s dropped by rexmit timeout\n"); + p(tcps_persisttimeo, "\t%u persist timeout%s\n"); + p(tcps_persistdrop, "\t\t%u connection%s dropped by persist timeout\n"); + p(tcps_keeptimeo, "\t%u keepalive timeout%s\n"); + p(tcps_keepprobe, "\t\t%u keepalive probe%s sent\n"); + p(tcps_keepdrops, "\t\t%u connection%s dropped by keepalive\n"); + p(tcps_predack, "\t%u correct ACK header prediction%s\n"); + p(tcps_preddat, "\t%u correct data packet header prediction%s\n"); +#ifdef TCP_MAX_SACK + /* TCP_MAX_SACK indicates the header has the SACK structures */ + p(tcps_sack_recovery_episode, "\t%u SACK recovery episode%s\n"); p(tcps_sack_rexmits, - "\t%lu segment rexmit%s in SACK recovery episodes\n"); + "\t%u segment rexmit%s in SACK recovery episodes\n"); p(tcps_sack_rexmit_bytes, - "\t%lu byte rexmit%s in SACK recovery episodes\n"); + "\t%u byte rexmit%s in SACK recovery episodes\n"); p(tcps_sack_rcv_blocks, - "\t%lu SACK option%s (SACK blocks) received\n"); - p(tcps_sack_send_blocks, "\t%lu SACK option%s (SACK blocks) sent\n"); - p1a(tcps_sack_sboverflow, "\t%lu SACK scoreboard overflow\n"); + "\t%u SACK option%s (SACK blocks) received\n"); + p(tcps_sack_send_blocks, "\t%u SACK option%s (SACK blocks) sent\n"); + p1a(tcps_sack_sboverflow, "\t%u SACK scoreboard overflow\n"); +#endif /* TCP_MAX_SACK */ + + if (interval > 0) + bcopy(&tcpstat, &ptcpstat, len); +#undef TCPDIFF #undef p #undef p1a #undef p2 @@ -544,6 +554,7 @@ tcp_stats(u_long off , char *name, int af ) void udp_stats(u_long off , char *name, int af ) { + static struct udpstat pudpstat; struct udpstat udpstat; size_t len = sizeof udpstat; u_long delivered; @@ -554,39 +565,46 @@ udp_stats(u_long off , char *name, int af ) } #ifdef INET6 - if (udp_done != 0) + if (udp_done != 0 && interval == 0) return; else udp_done = 1; #endif printf("%s:\n", name); -#define p(f, m) if (udpstat.f || sflag <= 1) \ - printf(m, udpstat.f, plural(udpstat.f)) -#define p1a(f, m) if (udpstat.f || sflag <= 1) \ - printf(m, udpstat.f) - p(udps_ipackets, "\t%lu datagram%s received\n"); - p1a(udps_hdrops, "\t%lu with incomplete header\n"); - p1a(udps_badlen, "\t%lu with bad data length field\n"); - p1a(udps_badsum, "\t%lu with bad checksum\n"); + +#define UDPDIFF(f) (udpstat.f - pudpstat.f) +#define p(f, m) if (UDPDIFF(f) || sflag <= 1) \ + printf(m, UDPDIFF(f), plural(UDPDIFF(f))) +#define p1a(f, m) if (UDPDIFF(f) || sflag <= 1) \ + printf(m, UDPDIFF(f)) + p(udps_ipackets, "\t%u datagram%s received\n"); + p1a(udps_hdrops, "\t%u with incomplete header\n"); + p1a(udps_badlen, "\t%u with bad data length field\n"); + p1a(udps_badsum, "\t%u with bad checksum\n"); #ifndef __APPLE__ - p1a(udps_nosum, "\t%lu with no checksum\n"); + p1a(udps_nosum, "\t%u with no checksum\n"); #endif - p1a(udps_noport, "\t%lu dropped due to no socket\n"); + p1a(udps_noport, "\t%u dropped due to no socket\n"); p(udps_noportbcast, - "\t%lu broadcast/multicast datagram%s dropped due to no socket\n"); - p1a(udps_fullsock, "\t%lu dropped due to full socket buffers\n"); - p1a(udpps_pcbhashmiss, "\t%lu not for hashed pcb\n"); - delivered = udpstat.udps_ipackets - - udpstat.udps_hdrops - - udpstat.udps_badlen - - udpstat.udps_badsum - - udpstat.udps_noport - - udpstat.udps_noportbcast - - udpstat.udps_fullsock; + "\t%u broadcast/multicast datagram%s dropped due to no socket\n"); + p1a(udps_fullsock, "\t%u dropped due to full socket buffers\n"); + p1a(udpps_pcbhashmiss, "\t%u not for hashed pcb\n"); + delivered = UDPDIFF(udps_ipackets) - + UDPDIFF(udps_hdrops) - + UDPDIFF(udps_badlen) - + UDPDIFF(udps_badsum) - + UDPDIFF(udps_noport) - + UDPDIFF(udps_noportbcast) - + UDPDIFF(udps_fullsock); if (delivered || sflag <= 1) printf("\t%lu delivered\n", delivered); - p(udps_opackets, "\t%lu datagram%s output\n"); + p(udps_opackets, "\t%u datagram%s output\n"); + + if (interval > 0) + bcopy(&udpstat, &pudpstat, len); + +#undef UDPDIFF #undef p #undef p1a } @@ -597,6 +615,7 @@ udp_stats(u_long off , char *name, int af ) void ip_stats(u_long off , char *name, int af ) { + static struct ipstat pipstat; struct ipstat ipstat; size_t len = sizeof ipstat; @@ -607,44 +626,50 @@ ip_stats(u_long off , char *name, int af ) printf("%s:\n", name); -#define p(f, m) if (ipstat.f || sflag <= 1) \ - printf(m, ipstat.f, plural(ipstat.f)) -#define p1a(f, m) if (ipstat.f || sflag <= 1) \ - printf(m, ipstat.f) - - p(ips_total, "\t%lu total packet%s received\n"); - p(ips_badsum, "\t%lu bad header checksum%s\n"); - p1a(ips_toosmall, "\t%lu with size smaller than minimum\n"); - p1a(ips_tooshort, "\t%lu with data size < data length\n"); - p1a(ips_toolong, "\t%lu with ip length > max ip packet size\n"); - p1a(ips_badhlen, "\t%lu with header length < data size\n"); - p1a(ips_badlen, "\t%lu with data length < header length\n"); - p1a(ips_badoptions, "\t%lu with bad options\n"); - p1a(ips_badvers, "\t%lu with incorrect version number\n"); - p(ips_fragments, "\t%lu fragment%s received\n"); - p(ips_fragdropped, "\t%lu fragment%s dropped (dup or out of space)\n"); - p(ips_fragtimeout, "\t%lu fragment%s dropped after timeout\n"); - p(ips_reassembled, "\t%lu packet%s reassembled ok\n"); - p(ips_delivered, "\t%lu packet%s for this host\n"); - p(ips_noproto, "\t%lu packet%s for unknown/unsupported protocol\n"); - p(ips_forward, "\t%lu packet%s forwarded"); - p(ips_fastforward, " (%lu packet%s fast forwarded)"); - if (ipstat.ips_forward || sflag <= 1) +#define IPDIFF(f) (ipstat.f - pipstat.f) +#define p(f, m) if (IPDIFF(f) || sflag <= 1) \ + printf(m, IPDIFF(f), plural(IPDIFF(f))) +#define p1a(f, m) if (IPDIFF(f) || sflag <= 1) \ + printf(m, IPDIFF(f)) + + p(ips_total, "\t%u total packet%s received\n"); + p(ips_badsum, "\t%u bad header checksum%s\n"); + p1a(ips_toosmall, "\t%u with size smaller than minimum\n"); + p1a(ips_tooshort, "\t%u with data size < data length\n"); + p1a(ips_toolong, "\t%u with ip length > max ip packet size\n"); + p1a(ips_badhlen, "\t%u with header length < data size\n"); + p1a(ips_badlen, "\t%u with data length < header length\n"); + p1a(ips_badoptions, "\t%u with bad options\n"); + p1a(ips_badvers, "\t%u with incorrect version number\n"); + p(ips_fragments, "\t%u fragment%s received\n"); + p(ips_fragdropped, "\t%u fragment%s dropped (dup or out of space)\n"); + p(ips_fragtimeout, "\t%u fragment%s dropped after timeout\n"); + p(ips_reassembled, "\t%u packet%s reassembled ok\n"); + p(ips_delivered, "\t%u packet%s for this host\n"); + p(ips_noproto, "\t%u packet%s for unknown/unsupported protocol\n"); + p(ips_forward, "\t%u packet%s forwarded"); + p(ips_fastforward, " (%u packet%s fast forwarded)"); + if (IPDIFF(ips_forward) || sflag <= 1) putchar('\n'); - p(ips_cantforward, "\t%lu packet%s not forwardable\n"); + p(ips_cantforward, "\t%u packet%s not forwardable\n"); p(ips_notmember, - "\t%lu packet%s received for unknown multicast group\n"); - p(ips_redirectsent, "\t%lu redirect%s sent\n"); - p(ips_localout, "\t%lu packet%s sent from this host\n"); - p(ips_rawout, "\t%lu packet%s sent with fabricated ip header\n"); + "\t%u packet%s received for unknown multicast group\n"); + p(ips_redirectsent, "\t%u redirect%s sent\n"); + p(ips_localout, "\t%u packet%s sent from this host\n"); + p(ips_rawout, "\t%u packet%s sent with fabricated ip header\n"); p(ips_odropped, - "\t%lu output packet%s dropped due to no bufs, etc.\n"); - p(ips_noroute, "\t%lu output packet%s discarded due to no route\n"); - p(ips_fragmented, "\t%lu output datagram%s fragmented\n"); - p(ips_ofragments, "\t%lu fragment%s created\n"); - p(ips_cantfrag, "\t%lu datagram%s that can't be fragmented\n"); - p(ips_nogif, "\t%lu tunneling packet%s that can't find gif\n"); - p(ips_badaddr, "\t%lu datagram%s with bad address in header\n"); + "\t%u output packet%s dropped due to no bufs, etc.\n"); + p(ips_noroute, "\t%u output packet%s discarded due to no route\n"); + p(ips_fragmented, "\t%u output datagram%s fragmented\n"); + p(ips_ofragments, "\t%u fragment%s created\n"); + p(ips_cantfrag, "\t%u datagram%s that can't be fragmented\n"); + p(ips_nogif, "\t%u tunneling packet%s that can't find gif\n"); + p(ips_badaddr, "\t%u datagram%s with bad address in header\n"); + + if (interval > 0) + bcopy(&ipstat, &pipstat, len); + +#undef IPDIFF #undef p #undef p1a } @@ -677,6 +702,7 @@ static char *icmpnames[] = { void icmp_stats(u_long off , char *name, int af ) { + static struct icmpstat picmpstat; struct icmpstat icmpstat; int i, first; int mib[4]; /* CTL_NET + PF_INET + IPPROTO_ICMP + req */ @@ -694,39 +720,42 @@ icmp_stats(u_long off , char *name, int af ) printf("%s:\n", name); -#define p(f, m) if (icmpstat.f || sflag <= 1) \ - printf(m, icmpstat.f, plural(icmpstat.f)) -#define p1a(f, m) if (icmpstat.f || sflag <= 1) \ - printf(m, icmpstat.f) +#define ICMPDIFF(f) (icmpstat.f - picmpstat.f) +#define p(f, m) if (ICMPDIFF(f) || sflag <= 1) \ + printf(m, ICMPDIFF(f), plural(ICMPDIFF(f))) +#define p1a(f, m) if (ICMPDIFF(f) || sflag <= 1) \ + printf(m, ICMPDIFF(f)) - p(icps_error, "\t%lu call%s to icmp_error\n"); + p(icps_error, "\t%u call%s to icmp_error\n"); p(icps_oldicmp, - "\t%lu error%s not generated 'cuz old message was icmp\n"); + "\t%u error%s not generated 'cuz old message was icmp\n"); for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) - if (icmpstat.icps_outhist[i] != 0) { + if (ICMPDIFF(icps_outhist[i]) != 0) { if (first) { printf("\tOutput histogram:\n"); first = 0; } - printf("\t\t%s: %lu\n", icmpnames[i], - icmpstat.icps_outhist[i]); + printf("\t\t%s: %u\n", icmpnames[i], + ICMPDIFF(icps_outhist[i])); } - p(icps_badcode, "\t%lu message%s with bad code fields\n"); - p(icps_tooshort, "\t%lu message%s < minimum length\n"); - p(icps_checksum, "\t%lu bad checksum%s\n"); - p(icps_badlen, "\t%lu message%s with bad length\n"); - p1a(icps_bmcastecho, "\t%lu multicast echo requests ignored\n"); - p1a(icps_bmcasttstamp, "\t%lu multicast timestamp requests ignored\n"); + p(icps_badcode, "\t%u message%s with bad code fields\n"); + p(icps_tooshort, "\t%u message%s < minimum length\n"); + p(icps_checksum, "\t%u bad checksum%s\n"); + p(icps_badlen, "\t%u message%s with bad length\n"); + p1a(icps_bmcastecho, "\t%u multicast echo requests ignored\n"); + p1a(icps_bmcasttstamp, "\t%u multicast timestamp requests ignored\n"); for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) - if (icmpstat.icps_inhist[i] != 0) { + if (ICMPDIFF(icps_inhist[i]) != 0) { if (first) { printf("\tInput histogram:\n"); first = 0; } - printf("\t\t%s: %lu\n", icmpnames[i], - icmpstat.icps_inhist[i]); + printf("\t\t%s: %u\n", icmpnames[i], + ICMPDIFF(icps_inhist[i])); } - p(icps_reflect, "\t%lu message response%s generated\n"); + p(icps_reflect, "\t%u message response%s generated\n"); + +#undef ICMPDIFF #undef p #undef p1a mib[3] = ICMPCTL_MASKREPL; @@ -735,6 +764,9 @@ icmp_stats(u_long off , char *name, int af ) return; printf("\tICMP address mask responses are %sabled\n", i ? "en" : "dis"); + + if (interval > 0) + bcopy(&icmpstat, &picmpstat, sizeof (icmpstat)); } /* @@ -743,6 +775,7 @@ icmp_stats(u_long off , char *name, int af ) void igmp_stats(u_long off , char *name, int af ) { + static struct igmpstat pigmpstat; struct igmpstat igmpstat; size_t len = sizeof igmpstat; @@ -753,10 +786,11 @@ igmp_stats(u_long off , char *name, int af ) printf("%s:\n", name); -#define p(f, m) if (igmpstat.f || sflag <= 1) \ - printf(m, igmpstat.f, plural(igmpstat.f)) -#define py(f, m) if (igmpstat.f || sflag <= 1) \ - printf(m, igmpstat.f, igmpstat.f != 1 ? "ies" : "y") +#define IGMPDIFF(f) (igmpstat.f - pigmpstat.f) +#define p(f, m) if (IGMPDIFF(f) || sflag <= 1) \ + printf(m, IGMPDIFF(f), plural(IGMPDIFF(f))) +#define py(f, m) if (IGMPDIFF(f) || sflag <= 1) \ + printf(m, IGMPDIFF(f), IGMPDIFF(f) != 1 ? "ies" : "y") p(igps_rcv_total, "\t%u message%s received\n"); p(igps_rcv_tooshort, "\t%u message%s received with too few bytes\n"); p(igps_rcv_badsum, "\t%u message%s received with bad checksum\n"); @@ -766,6 +800,11 @@ igmp_stats(u_long off , char *name, int af ) p(igps_rcv_badreports, "\t%u membership report%s received with invalid field(s)\n"); p(igps_rcv_ourreports, "\t%u membership report%s received for groups to which we belong\n"); p(igps_snd_reports, "\t%u membership report%s sent\n"); + + if (interval > 0) + bcopy(&igmpstat, &pigmpstat, len); + +#undef IGMPDIFF #undef p #undef py } diff --git a/netstat.tproj/inet6.c b/netstat.tproj/inet6.c index 18f7038..64e5a50 100644 --- a/netstat.tproj/inet6.c +++ b/netstat.tproj/inet6.c @@ -1,3 +1,4 @@ + /* BSDI inet.c,v 2.3 1995/10/24 02:19:29 prb Exp */ /* * Copyright (c) 1983, 1988, 1993 @@ -68,7 +69,7 @@ static char sccsid[] = "@(#)inet6.c 8.4 (Berkeley) 4/20/94"; #include #include "netstat.h" -#ifdef __APPLE__ +#if defined(__APPLE__) && !defined(__unused) #define __unused #endif @@ -342,6 +343,7 @@ static char *ip6nh[] = { void ip6_stats(u_long off __unused, char *name, int af __unused) { + static struct ip6stat pip6stat; struct ip6stat ip6stat; int first, i; int mib[4]; @@ -358,10 +360,11 @@ ip6_stats(u_long off __unused, char *name, int af __unused) return; printf("%s:\n", name); -#define p(f, m) if (ip6stat.f || sflag <= 1) \ - printf(m, (unsigned long long)ip6stat.f, plural(ip6stat.f)) -#define p1a(f, m) if (ip6stat.f || sflag <= 1) \ - printf(m, (unsigned long long)ip6stat.f) +#define IP6DIFF(f) (ip6stat.f - pip6stat.f) +#define p(f, m) if (IP6DIFF(f) || sflag <= 1) \ + printf(m, (unsigned long long)IP6DIFF(f), plural(IP6DIFF(f))) +#define p1a(f, m) if (IP6DIFF(f) || sflag <= 1) \ + printf(m, (unsigned long long)IP6DIFF(f)) p(ip6s_total, "\t%llu total packet%s received\n"); p1a(ip6s_toosmall, "\t%llu with size smaller than minimum\n"); @@ -387,32 +390,32 @@ ip6_stats(u_long off __unused, char *name, int af __unused) p(ip6s_badscope, "\t%llu packet%s that violated scope rules\n"); p(ip6s_notmember, "\t%llu multicast packet%s which we don't join\n"); for (first = 1, i = 0; i < 256; i++) - if (ip6stat.ip6s_nxthist[i] != 0) { + if (IP6DIFF(ip6s_nxthist[i]) != 0) { if (first) { printf("\tInput histogram:\n"); first = 0; } printf("\t\t%s: %llu\n", ip6nh[i], - (unsigned long long)ip6stat.ip6s_nxthist[i]); + (unsigned long long)IP6DIFF(ip6s_nxthist[i])); } printf("\tMbuf statistics:\n"); - printf("\t\t%llu one mbuf\n", (unsigned long long)ip6stat.ip6s_m1); + printf("\t\t%llu one mbuf\n", (unsigned long long)IP6DIFF(ip6s_m1)); for (first = 1, i = 0; i < 32; i++) { char ifbuf[IFNAMSIZ]; - if (ip6stat.ip6s_m2m[i] != 0) { + if (IP6DIFF(ip6s_m2m[i]) != 0) { if (first) { printf("\t\ttwo or more mbuf:\n"); first = 0; } printf("\t\t\t%s= %llu\n", if_indextoname(i, ifbuf), - (unsigned long long)ip6stat.ip6s_m2m[i]); + (unsigned long long)IP6DIFF(ip6s_m2m[i])); } } printf("\t\t%llu one ext mbuf\n", - (unsigned long long)ip6stat.ip6s_mext1); + (unsigned long long)IP6DIFF(ip6s_mext1)); printf("\t\t%llu two or more ext mbuf\n", - (unsigned long long)ip6stat.ip6s_mext2m); + (unsigned long long)IP6DIFF(ip6s_mext2m)); p(ip6s_exthdrtoolong, "\t%llu packet%s whose headers are not continuous\n"); p(ip6s_nogif, "\t%llu tunneling packet%s that can't find gif\n"); @@ -436,14 +439,14 @@ ip6_stats(u_long off __unused, char *name, int af __unused) break;\ default:\ printf("\t\t%llu addresses scope=%x\n",\ - (unsigned long long)ip6stat.s, i);\ + (unsigned long long)IP6DIFF(s), i);\ }\ } while (0); p(ip6s_sources_none, "\t%llu failure%s of source address selection\n"); for (first = 1, i = 0; i < 16; i++) { - if (ip6stat.ip6s_sources_sameif[i]) { + if (IP6DIFF(ip6s_sources_sameif[i])) { if (first) { printf("\tsource addresses on an outgoing I/F\n"); first = 0; @@ -452,7 +455,7 @@ ip6_stats(u_long off __unused, char *name, int af __unused) } } for (first = 1, i = 0; i < 16; i++) { - if (ip6stat.ip6s_sources_otherif[i]) { + if (IP6DIFF(ip6s_sources_otherif[i])) { if (first) { printf("\tsource addresses on a non-outgoing I/F\n"); first = 0; @@ -461,7 +464,7 @@ ip6_stats(u_long off __unused, char *name, int af __unused) } } for (first = 1, i = 0; i < 16; i++) { - if (ip6stat.ip6s_sources_samescope[i]) { + if (IP6DIFF(ip6s_sources_samescope[i])) { if (first) { printf("\tsource addresses of same scope\n"); first = 0; @@ -470,7 +473,7 @@ ip6_stats(u_long off __unused, char *name, int af __unused) } } for (first = 1, i = 0; i < 16; i++) { - if (ip6stat.ip6s_sources_otherscope[i]) { + if (IP6DIFF(ip6s_sources_otherscope[i])) { if (first) { printf("\tsource addresses of a different scope\n"); first = 0; @@ -479,7 +482,7 @@ ip6_stats(u_long off __unused, char *name, int af __unused) } } for (first = 1, i = 0; i < 16; i++) { - if (ip6stat.ip6s_sources_deprecated[i]) { + if (IP6DIFF(ip6s_sources_deprecated[i])) { if (first) { printf("\tdeprecated source addresses\n"); first = 0; @@ -490,6 +493,11 @@ ip6_stats(u_long off __unused, char *name, int af __unused) p1a(ip6s_forward_cachehit, "\t%llu forward cache hit\n"); p1a(ip6s_forward_cachemiss, "\t%llu forward cache miss\n"); + + if (interval > 0) + bcopy(&ip6stat, &pip6stat, len); + +#undef IP6DIFF #undef p #undef p1a } @@ -815,6 +823,7 @@ static char *icmp6names[] = { void icmp6_stats(u_long off __unused, char *name, int af __unused) { + static struct icmp6stat picmp6stat; struct icmp6stat icmp6stat; register int i, first; int mib[4]; @@ -831,9 +840,10 @@ icmp6_stats(u_long off __unused, char *name, int af __unused) return; printf("%s:\n", name); -#define p(f, m) if (icmp6stat.f || sflag <= 1) \ - printf(m, (unsigned long long)icmp6stat.f, plural(icmp6stat.f)) -#define p_5(f, m) printf(m, (unsigned long long)icmp6stat.f) +#define ICMP6DIFF(f) (icmp6stat.f - picmp6stat.f) +#define p(f, m) if (ICMP6DIFF(f) || sflag <= 1) \ + printf(m, (unsigned long long)ICMP6DIFF(f), plural(ICMP6DIFF(f))) +#define p_5(f, m) printf(m, (unsigned long long)ICMP6DIFF(f)) p(icp6s_error, "\t%llu call%s to icmp_error\n"); p(icp6s_canterror, @@ -842,13 +852,13 @@ icmp6_stats(u_long off __unused, char *name, int af __unused) "\t%llu error%s not generated because rate limitation\n"); #define NELEM (sizeof(icmp6stat.icp6s_outhist)/sizeof(icmp6stat.icp6s_outhist[0])) for (first = 1, i = 0; i < NELEM; i++) - if (icmp6stat.icp6s_outhist[i] != 0) { + if (ICMP6DIFF(icp6s_outhist[i]) != 0) { if (first) { printf("\tOutput histogram:\n"); first = 0; } printf("\t\t%s: %llu\n", icmp6names[i], - (unsigned long long)icmp6stat.icp6s_outhist[i]); + (unsigned long long)ICMP6DIFF(icp6s_outhist[i])); } #undef NELEM p(icp6s_badcode, "\t%llu message%s with bad code fields\n"); @@ -857,13 +867,13 @@ icmp6_stats(u_long off __unused, char *name, int af __unused) p(icp6s_badlen, "\t%llu message%s with bad length\n"); #define NELEM (sizeof(icmp6stat.icp6s_inhist)/sizeof(icmp6stat.icp6s_inhist[0])) for (first = 1, i = 0; i < NELEM; i++) - if (icmp6stat.icp6s_inhist[i] != 0) { + if (ICMP6DIFF(icp6s_inhist[i]) != 0) { if (first) { printf("\tInput histogram:\n"); first = 0; } printf("\t\t%s: %llu\n", icmp6names[i], - (unsigned long long)icmp6stat.icp6s_inhist[i]); + (unsigned long long)ICMP6DIFF(icp6s_inhist[i])); } #undef NELEM printf("\tHistogram of error messages to be generated:\n"); @@ -890,6 +900,11 @@ icmp6_stats(u_long off __unused, char *name, int af __unused) p(icp6s_badra, "\t%qu bad router advertisement message%s\n"); p(icp6s_badredirect, "\t%qu bad redirect message%s\n"); p(icp6s_pmtuchg, "\t%llu path MTU change%s\n"); + + if (interval > 0) + bcopy(&icmp6stat, &picmp6stat, len); + +#undef ICMP6DIFF #undef p #undef p_5 } @@ -966,6 +981,7 @@ icmp6_ifstats(char *ifname) void pim6_stats(void) { + static struct pim6stat ppim6stat; struct pim6stat pim6stat; size_t len = sizeof(struct pim6stat); @@ -973,8 +989,9 @@ pim6_stats(void) return; printf("%s:\n", name); -#define p(f, m) if (pim6stat.f || sflag <= 1) \ - printf(m, (unsigned long long)pim6stat.f, plural(pim6stat.f)) +#define PIM6DIFF(f) (pim6stat.f - ppim6stat.f) +#define p(f, m) if (PIM6DIFF(f) || sflag <= 1) \ + printf(m, (unsigned long long)PIM6DIFF(f), plural(PIM6DIFF(f))) p(pim6s_rcv_total, "\t%llu message%s received\n"); p(pim6s_rcv_tooshort, "\t%llu message%s received with too few bytes\n"); p(pim6s_rcv_badsum, "\t%llu message%s received with bad checksum\n"); @@ -982,6 +999,11 @@ pim6_stats(void) p(pim6s_rcv_registers, "\t%llu register%s received\n"); p(pim6s_rcv_badregisters, "\t%llu bad register%s received\n"); p(pim6s_snd_registers, "\t%llu register%s sent\n"); + + if (interval > 0) + bcopy(&pim6stat, &ppim6stat, len); + +#undef PIM6DIFF #undef p } #endif @@ -992,6 +1014,7 @@ pim6_stats(void) void rip6_stats(u_long off __unused, char *name, int af __unused) { + static struct rip6stat prip6stat; struct rip6stat rip6stat; u_quad_t delivered; int mib[4]; @@ -1009,8 +1032,9 @@ rip6_stats(u_long off __unused, char *name, int af __unused) printf("%s:\n", name); -#define p(f, m) if (rip6stat.f || sflag <= 1) \ - printf(m, (unsigned long long)rip6stat.f, plural(rip6stat.f)) +#define RIP6DIFF(f) (rip6stat.f - prip6stat.f) +#define p(f, m) if (RIP6DIFF(f) || sflag <= 1) \ + printf(m, (unsigned long long)RIP6DIFF(f), plural(RIP6DIFF(f))) p(rip6s_ipackets, "\t%llu message%s received\n"); p(rip6s_isum, "\t%llu checksum calcuration%s on inbound\n"); p(rip6s_badsum, "\t%llu message%s with bad checksum\n"); @@ -1019,14 +1043,19 @@ rip6_stats(u_long off __unused, char *name, int af __unused) "\t%llu multicast message%s dropped due to no socket\n"); p(rip6s_fullsock, "\t%llu message%s dropped due to full socket buffers\n"); - delivered = rip6stat.rip6s_ipackets - - rip6stat.rip6s_badsum - - rip6stat.rip6s_nosock - - rip6stat.rip6s_nosockmcast - - rip6stat.rip6s_fullsock; + delivered = RIP6DIFF(rip6s_ipackets) - + RIP6DIFF(rip6s_badsum) - + RIP6DIFF(rip6s_nosock) - + RIP6DIFF(rip6s_nosockmcast) - + RIP6DIFF(rip6s_fullsock); if (delivered || sflag <= 1) printf("\t%llu delivered\n", (unsigned long long)delivered); p(rip6s_opackets, "\t%llu datagram%s output\n"); + + if (interval > 0) + bcopy(&rip6stat, &prip6stat, l); + +#undef RIP6DIFF #undef p } @@ -1091,6 +1120,9 @@ inet6name(struct in6_addr *in6p) struct hostent *hp; static char domain[MAXHOSTNAMELEN]; static int first = 1; + char hbuf[NI_MAXHOST]; + struct sockaddr_in6 sin6; + const int niflag = NI_NUMERICHOST; if (first && !nflag) { first = 0; @@ -1113,11 +1145,26 @@ inet6name(struct in6_addr *in6p) if (IN6_IS_ADDR_UNSPECIFIED(in6p)) strcpy(line, "*"); else if (cp) - strcpy(line, cp); - else - sprintf(line, "%s", - inet_ntop(AF_INET6, (void *)in6p, ntop_buf, - sizeof(ntop_buf))); + strlcpy(line, cp, sizeof(line)); + else { + memset(&sin6, 0, sizeof(sin6)); + sin6.sin6_len = sizeof(sin6); + sin6.sin6_family = AF_INET6; + sin6.sin6_addr = *in6p; + + if (IN6_IS_ADDR_LINKLOCAL(in6p) || + IN6_IS_ADDR_MC_LINKLOCAL(in6p)) { + sin6.sin6_scope_id = + ntohs(*(u_int16_t *)&in6p->s6_addr[2]); + sin6.sin6_addr.s6_addr[2] = 0; + sin6.sin6_addr.s6_addr[3] = 0; + } + + if (getnameinfo((struct sockaddr *)&sin6, sin6.sin6_len, + hbuf, sizeof(hbuf), NULL, 0, niflag) != 0) + strlcpy(hbuf, "?", sizeof(hbuf)); + strlcpy(line, hbuf, sizeof(line)); + } return (line); } #endif /*INET6*/ diff --git a/netstat.tproj/ipsec.c b/netstat.tproj/ipsec.c index 99c87e2..716732b 100644 --- a/netstat.tproj/ipsec.c +++ b/netstat.tproj/ipsec.c @@ -90,7 +90,7 @@ static const char rcsid[] = #include #include "netstat.h" -#ifdef __APPLE__ +#if defined(__APPLE__) && !defined(__unused) #define __unused #endif /* @@ -161,18 +161,20 @@ static const char *pfkey_msgtypenames[] = { "x_spdsetidx", "x_spdexpire", "x_spddelete2" }; +static struct ipsecstat pipsecstat; static struct ipsecstat ipsecstat; static void print_ipsecstats (void); static const char *pfkey_msgtype_names (int); -static void ipsec_hist (const u_quad_t *, size_t, const struct val2str *, - const char *); +static void ipsec_hist (const u_quad_t *, const u_quad_t *, size_t, + const struct val2str *, const char *); /* * Dump IPSEC statistics structure. */ static void ipsec_hist(const u_quad_t *hist, + const u_quad_t *phist, size_t histmax, const struct val2str *name, const char *title) @@ -183,7 +185,7 @@ ipsec_hist(const u_quad_t *hist, first = 1; for (proto = 0; proto < histmax; proto++) { - if (hist[proto] <= 0) + if ((hist[proto] - phist[proto]) <= 0) continue; if (first) { printf("\t%s histogram:\n", title); @@ -194,10 +196,11 @@ ipsec_hist(const u_quad_t *hist, break; } if (p && p->str) { - printf("\t\t%s: " LLU "\n", p->str, (CAST)hist[proto]); + printf("\t\t%s: " LLU "\n", p->str, + (CAST)hist[proto] - (CAST)phist[proto]); } else { printf("\t\t#%ld: " LLU "\n", (long)proto, - (CAST)hist[proto]); + (CAST)hist[proto] - (CAST)phist[proto]); } } } @@ -205,10 +208,12 @@ ipsec_hist(const u_quad_t *hist, static void print_ipsecstats(void) { -#define p(f, m) if (ipsecstat.f || sflag <= 1) \ - printf(m, (CAST)ipsecstat.f, plural(ipsecstat.f)) +#define IPSECDIFF(f) (ipsecstat.f - pipsecstat.f) +#define p(f, m) if (IPSECDIFF(f) || sflag <= 1) \ + printf(m, (CAST)IPSECDIFF(f), plural(IPSECDIFF(f))) #define hist(f, n, t) \ - ipsec_hist((f), sizeof(f)/sizeof(f[0]), (n), (t)); + ipsec_hist(ipsecstat.f, pipsecstat.f, \ + sizeof(ipsecstat.f)/sizeof(ipsecstat.f[0]), (n), (t)); p(in_success, "\t" LLU " inbound packet%s processed successfully\n"); p(in_polvio, "\t" LLU " inbound packet%s violated process security " @@ -221,9 +226,9 @@ print_ipsecstats(void) p(in_espreplay, "\t" LLU " inbound packet%s failed on ESP replay check\n"); p(in_ahauthsucc, "\t" LLU " inbound packet%s considered authentic\n"); p(in_ahauthfail, "\t" LLU " inbound packet%s failed on authentication\n"); - hist(ipsecstat.in_ahhist, ipsec_ahnames, "AH input"); - hist(ipsecstat.in_esphist, ipsec_espnames, "ESP input"); - hist(ipsecstat.in_comphist, ipsec_compnames, "IPComp input"); + hist(in_ahhist, ipsec_ahnames, "AH input"); + hist(in_esphist, ipsec_espnames, "ESP input"); + hist(in_comphist, ipsec_compnames, "IPComp input"); p(out_success, "\t" LLU " outbound packet%s processed successfully\n"); p(out_polvio, "\t" LLU " outbound packet%s violated process security " @@ -232,9 +237,10 @@ print_ipsecstats(void) p(out_inval, "\t" LLU " invalid outbound packet%s\n"); p(out_nomem, "\t" LLU " outbound packet%s failed due to insufficient memory\n"); p(out_noroute, "\t" LLU " outbound packet%s with no route\n"); - hist(ipsecstat.out_ahhist, ipsec_ahnames, "AH output"); - hist(ipsecstat.out_esphist, ipsec_espnames, "ESP output"); - hist(ipsecstat.out_comphist, ipsec_compnames, "IPComp output"); + hist(out_ahhist, ipsec_ahnames, "AH output"); + hist(out_esphist, ipsec_espnames, "ESP output"); + hist(out_comphist, ipsec_compnames, "IPComp output"); +#undef IPSECDIFF #undef p #undef hist } @@ -245,17 +251,20 @@ ipsec_stats(u_long off __unused, char *name, int af __unused) size_t len; len = sizeof(struct ipsecstat); - if (strcmp(name, "ipsec") == 0) + if (strcmp(name, "ipsec") == 0) { if (sysctlbyname("net.inet.ipsec.stats", &ipsecstat, &len, 0, 0) == -1) return; - else if (strcmp(name, "ipsec6") == 0) + } else if (strcmp(name, "ipsec6") == 0) { if (sysctlbyname("net.inet6.ipsec6.stats", &ipsecstat, &len, 0, 0) == -1) return; - else + } else return; printf ("%s:\n", name); print_ipsecstats(); + + if (interval > 0) + bcopy(&ipsecstat, &pipsecstat, len); } static const char * @@ -274,6 +283,7 @@ pfkey_msgtype_names(int x) void pfkey_stats(u_long off __unused, char *name, int af __unused) { + static struct pfkeystat ppfkeystat; struct pfkeystat pfkeystat; unsigned first, type; size_t len; @@ -283,8 +293,9 @@ pfkey_stats(u_long off __unused, char *name, int af __unused) return; printf ("%s:\n", name); -#define p(f, m) if (pfkeystat.f || sflag <= 1) \ - printf(m, (CAST)pfkeystat.f, plural(pfkeystat.f)) +#define PFKEYDIFF(f) (pfkeystat.f - ppfkeystat.f) +#define p(f, m) if (PFKEYDIFF(f) || sflag <= 1) \ + printf(m, (CAST)PFKEYDIFF(f), plural(PFKEYDIFF(f))) /* kernel -> userland */ p(out_total, "\t" LLU " request%s sent to userland\n"); @@ -292,14 +303,14 @@ pfkey_stats(u_long off __unused, char *name, int af __unused) for (first = 1, type = 0; type < sizeof(pfkeystat.out_msgtype)/sizeof(pfkeystat.out_msgtype[0]); type++) { - if (pfkeystat.out_msgtype[type] <= 0) + if (PFKEYDIFF(out_msgtype[type]) <= 0) continue; if (first) { printf("\thistogram by message type:\n"); first = 0; } printf("\t\t%s: " LLU "\n", pfkey_msgtype_names(type), - (CAST)pfkeystat.out_msgtype[type]); + (CAST)PFKEYDIFF(out_msgtype[type])); } p(out_invlen, "\t" LLU " message%s with invalid length field\n"); p(out_invver, "\t" LLU " message%s with invalid version field\n"); @@ -317,14 +328,14 @@ pfkey_stats(u_long off __unused, char *name, int af __unused) for (first = 1, type = 0; type < sizeof(pfkeystat.in_msgtype)/sizeof(pfkeystat.in_msgtype[0]); type++) { - if (pfkeystat.in_msgtype[type] <= 0) + if (PFKEYDIFF(in_msgtype[type]) <= 0) continue; if (first) { printf("\thistogram by message type:\n"); first = 0; } printf("\t\t%s: " LLU "\n", pfkey_msgtype_names(type), - (CAST)pfkeystat.in_msgtype[type]); + (CAST)PFKEYDIFF(in_msgtype[type])); } p(in_msgtarget[KEY_SENDUP_ONE], "\t" LLU " message%s toward single socket\n"); @@ -333,6 +344,10 @@ pfkey_stats(u_long off __unused, char *name, int af __unused) p(in_msgtarget[KEY_SENDUP_REGISTERED], "\t" LLU " message%s toward registered sockets\n"); p(in_nomem, "\t" LLU " message%s with memory allocation failure\n"); + + if (interval > 0) + bcopy(&pfkeystat, &ppfkeystat, len); +#undef PFKEYDIFF #undef p } #endif /*IPSEC*/ diff --git a/netstat.tproj/main.c b/netstat.tproj/main.c index db882fc..d1fc0a8 100644 --- a/netstat.tproj/main.c +++ b/netstat.tproj/main.c @@ -78,7 +78,6 @@ static const char rcsid[] = #include #include #include -#include #include #include #include @@ -91,6 +90,9 @@ static const char rcsid[] = #include #include +#ifdef __APPLE__ +#include +#endif /* * ---------------------------------------------------------------------------- @@ -343,16 +345,13 @@ static struct protox *knownname (char *); extern void _serv_cache_close(); #endif -#if 0 -static kvm_t *kvmd; -#endif -static char *nlistf = NULL, *memf = NULL; - int Aflag; /* show addresses of protocol control block */ int aflag; /* show all sockets (including servers) */ int bflag; /* show i/f total bytes in/out */ int dflag; /* show i/f dropped packets */ +#if defined(__APPLE__) && !TARGET_OS_EMBEDDED int gflag; /* show group (multicast) routing or stats */ +#endif int iflag; /* show interfaces */ int lflag; /* show routing table with use and ref */ int Lflag; /* show size of listen queues */ @@ -381,7 +380,7 @@ main(argc, argv) af = AF_UNSPEC; - while ((ch = getopt(argc, argv, "Aabdf:gI:iLlM:mN:np:rRstuWw:")) != -1) + while ((ch = getopt(argc, argv, "Aabdf:gI:iLlmnp:rRstuWw:")) != -1) switch(ch) { case 'A': Aflag = 1; @@ -430,9 +429,11 @@ main(argc, argv) errx(1, "%s: unknown address family", optarg); } break; +#if defined(__APPLE__) && !TARGET_OS_EMBEDDED case 'g': gflag = 1; break; +#endif case 'I': { char *cp; @@ -451,14 +452,8 @@ main(argc, argv) case 'L': Lflag = 1; break; - case 'M': - memf = optarg; - break; case 'm': - mflag = 1; - break; - case 'N': - nlistf = optarg; + mflag++; break; case 'n': nflag = 1; @@ -507,21 +502,9 @@ main(argc, argv) ++argv; iflag = 1; } - if (*argv) { - nlistf = *argv; - if (*++argv) - memf = *argv; - } } #endif - /* - * Discard setgid privileges if not the running kernel so that bad - * guys can't print interesting stuff from kernel memory. - */ - if (nlistf != NULL || memf != NULL) - setgid(getgid()); - if (mflag) { mbpr(); exit(0); @@ -551,6 +534,7 @@ main(argc, argv) routepr(nl[N_RTREE].n_value); exit(0); } +#if defined(__APPLE__) && !TARGET_OS_EMBEDDED if (gflag) { if (sflag) { if (af == AF_INET || af == AF_UNSPEC) @@ -567,8 +551,10 @@ main(argc, argv) mroute6pr(); #endif } + ifmalist_dump(); exit(0); } +#endif if (tp) { printproto(tp, tp->pr_name); @@ -631,10 +617,10 @@ printproto(tp, name) u_long off; if (sflag) { - if (iflag) { + if (iflag && !pflag) { if (tp->pr_istats) intpr(tp->pr_istats); - else if (pflag) + else printf("%s: no per-interface stats routine\n", tp->pr_name); return; @@ -660,53 +646,15 @@ printproto(tp, name) off = tp->pr_usesysctl ? tp->pr_usesysctl : nl[tp->pr_index].n_value; } - if (pr != NULL && (off || af != AF_UNSPEC)) - (*pr)(off, name, af); - else + if (pr != NULL && (off || af != AF_UNSPEC)) { + if (sflag && iflag && pflag) + intervalpr(pr, off, name, af); + else + (*pr)(off, name, af); + } else { printf("### no stats for %s\n", name); -} - -/* - * Read kernel memory, return 0 on success. - */ -#if 0 -int -kread(u_long addr, char *buf, int size) -{ - if (kvmd == 0) { - /* - * XXX. - */ - kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, buf); - if (kvmd != NULL) { - if (kvm_nlist(kvmd, nl) < 0) { - if(nlistf) - errx(1, "%s: kvm_nlist: %s", nlistf, - kvm_geterr(kvmd)); - else - errx(1, "kvm_nlist: %s", kvm_geterr(kvmd)); - } - - if (nl[0].n_type == 0) { - if(nlistf) - errx(1, "%s: no namelist", nlistf); - else - errx(1, "no namelist"); - } - } else { - warnx("kvm not available"); - return(-1); - } } - if (!buf) - return (0); - if (kvm_read(kvmd, addr, buf, size) != size) { - warnx("%s", kvm_geterr(kvmd)); - return (-1); - } - return (0); } -#endif char * plural(int n) @@ -765,14 +713,21 @@ name2protox(char *name) return (NULL); } +#define NETSTAT_USAGE "\ +Usage: netstat [-AaLlnW] [-f address_family | -p protocol]\n\ + netstat [-gilns] [-f address_family]\n\ + netstat -i | -I interface [-w wait] [-abdgt]\n\ + netstat -s [-s] [-f address_family | -p protocol] [-w wait]\n\ + netstat -i | -I interface -s [-f address_family | -p protocol]\n\ + netstat -m [-m]\n\ + netstat -r [-Aaln] [-f address_family]\n\ + netstat -rs [-s]\n\ +" + static void usage(void) { - (void)fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n", -"usage: netstat [-Aan] [-f address_family] [-M core] [-N system]", -" netstat [-bdghimnrs] [-f address_family] [-M core] [-N system]", -" netstat [-bdn] [-I interface] [-M core] [-N system] [-w wait]", -" netstat -m [-M core] [-N system]", -" netstat [-M core] [-N system] [-p protocol]"); + (void) fprintf(stderr, "%s\n", NETSTAT_USAGE); exit(1); } + diff --git a/netstat.tproj/mbuf.c b/netstat.tproj/mbuf.c index 66e96fe..11ecdf4 100644 --- a/netstat.tproj/mbuf.c +++ b/netstat.tproj/mbuf.c @@ -61,6 +61,8 @@ #include #include +#include +#include #include "netstat.h" #include /* To get Appletalk message/mbuf types */ @@ -87,6 +89,7 @@ static struct mbtypes { { MT_SOOPTS, "socket options" }, { MT_RIGHTS, "access rights" }, { MT_IFADDR, "interface addresses" }, /* XXX */ + { MT_TAG, "packet tags" }, /* XXX */ { MSG_DATA, "Appletalk data blocks"}, { MSG_PROTO, "Appletalk internal msgs"}, { MSG_IOCTL, "Appletalk ioctl requests"}, @@ -101,30 +104,128 @@ static struct mbtypes { int nmbtypes = sizeof(mbstat.m_mtypes) / sizeof(short); bool seen[256]; /* "have we seen this type yet?" */ +mb_stat_t *mb_stat; +unsigned int njcl, njclbytes; + +#define KERN_IPC_MB_STAT "kern.ipc.mb_stat" +#define KERN_IPC_NJCL "kern.ipc.njcl" +#define KERN_IPC_NJCL_BYTES "kern.ipc.njclbytes" + +#define MB_STAT_HDR1 "\ +class buf active ctotal total cache cached uncached memory\n\ +name size bufs bufs bufs state bufs bufs usage\n\ +---------- ----- -------- -------- -------- ----- -------- -------- ---------\n\ +" + +#define MB_STAT_HDR2 "\n\ +class waiter notify purge wretry nwretry failure\n\ +name count count count count count count\n\ +---------- -------- -------- -------- -------- -------- --------\n\ +" + +static const char *mbpr_state(int); +static const char *mbpr_mem(u_int32_t); +static int mbpr_getdata(void); + /* * Print mbuf statistics. */ void mbpr(void) { - int totmem, totfree, totmbufs; + unsigned long totmem = 0, totfree = 0, totmbufs, totused; + double totpct; + u_int32_t m_msize, m_mbufs = 0, m_clfree = 0, m_bigclfree = 0; + u_int32_t m_mbufclfree = 0, m_mbufbigclfree = 0; + u_int32_t m_16kclusters = 0, m_16kclfree = 0, m_mbuf16kclfree = 0; int i; struct mbtypes *mp; - size_t len; + mb_class_stat_t *cp; - if (nmbtypes != 256) { - fprintf(stderr, - "netstat: unexpected change to mbstat; check source\n"); + if (mbpr_getdata() != 0) return; + + m_msize = mbstat.m_msize; + cp = &mb_stat->mbs_class[0]; + for (i = 0; i < mb_stat->mbs_cnt; i++, cp++) { + if (cp->mbcl_size == m_msize) { + m_mbufs = cp->mbcl_active; + } else if (cp->mbcl_size == mbstat.m_mclbytes) { + m_clfree = cp->mbcl_total - cp->mbcl_active; + } else if (cp->mbcl_size == mbstat.m_bigmclbytes) { + m_bigclfree = cp->mbcl_total - cp->mbcl_active; + } else if (njcl > 0 && cp->mbcl_size == njclbytes) { + m_16kclfree = cp->mbcl_total - cp->mbcl_active; + m_16kclusters = cp->mbcl_total; + } else if (cp->mbcl_size == (m_msize + mbstat.m_mclbytes)) { + m_mbufclfree = cp->mbcl_total - cp->mbcl_active; + } else if (cp->mbcl_size == (m_msize + mbstat.m_bigmclbytes)) { + m_mbufbigclfree = cp->mbcl_total - cp->mbcl_active; + } else if (njcl > 0 && cp->mbcl_size == (m_msize + njclbytes)) { + m_mbuf16kclfree = cp->mbcl_total - cp->mbcl_active; + } } - len = sizeof(mbstat); - if (sysctlbyname("kern.ipc.mbstat", &mbstat, &len, 0, 0) == -1) - return; + + /* adjust free counts to include composite caches */ + m_clfree += m_mbufclfree; + m_bigclfree += m_mbufbigclfree; + m_16kclfree += m_mbuf16kclfree; + + cp = &mb_stat->mbs_class[0]; + for (i = 0; i < mb_stat->mbs_cnt; i++, cp++) { + u_int32_t mem; + + mem = cp->mbcl_ctotal * cp->mbcl_size; + totmem += mem; + totfree += (cp->mbcl_mc_cached + cp->mbcl_infree) * + cp->mbcl_size; + if (mflag > 1) { + if (i == 0) + printf(MB_STAT_HDR1); + + if (njcl == 0 && + cp->mbcl_size > (m_msize + mbstat.m_bigmclbytes)) + continue; + + printf("%-10s %5u %8u %8u %8u %5s %8u %8u %9s\n", + cp->mbcl_cname, cp->mbcl_size, cp->mbcl_active, + cp->mbcl_ctotal, cp->mbcl_total, + mbpr_state(cp->mbcl_mc_state), cp->mbcl_mc_cached, + cp->mbcl_infree, mbpr_mem(mem)); + } + } + + cp = &mb_stat->mbs_class[0]; + for (i = 0; i < mb_stat->mbs_cnt; i++, cp++) { + if (mflag > 2) { + if (i == 0) + printf(MB_STAT_HDR2); + + if (njcl == 0 && + cp->mbcl_size > (m_msize + mbstat.m_bigmclbytes)) + continue; + + printf("%-10s %8u %8llu %8llu %8u %8u %8llu\n", + cp->mbcl_cname, cp->mbcl_mc_waiter_cnt, + cp->mbcl_notified, cp->mbcl_purge_cnt, + cp->mbcl_mc_wretry_cnt, cp->mbcl_mc_nwretry_cnt, + cp->mbcl_fail_cnt); + } + } + + if (mflag > 1) + printf("\n"); totmbufs = 0; for (mp = mbtypes; mp->mt_name; mp++) totmbufs += mbstat.m_mtypes[mp->mt_type]; - printf("%u mbufs in use:\n", totmbufs); + /* + * These stats are not updated atomically in the kernel; + * adjust the total as neeeded. + */ + if (totmbufs > m_mbufs) + totmbufs = m_mbufs; + printf("%lu/%u mbufs in use:\n", totmbufs, m_mbufs); for (mp = mbtypes; mp->mt_name; mp++) if (mbstat.m_mtypes[mp->mt_type]) { seen[mp->mt_type] = YES; @@ -137,19 +238,133 @@ mbpr(void) printf("\t%u mbufs allocated to \n", mbstat.m_mtypes[i], i); } - printf("%u/%u mbuf clusters in use\n", - (unsigned int)(mbstat.m_clusters - mbstat.m_clfree), + if ((m_mbufs - totmbufs) > 0) + printf("\t%lu mbufs allocated to caches\n", + m_mbufs - totmbufs); + printf("%u/%u mbuf 2KB clusters in use\n", + (unsigned int)(mbstat.m_clusters - m_clfree), (unsigned int)mbstat.m_clusters); printf("%u/%u mbuf 4KB clusters in use\n", - (unsigned int)(mbstat.m_bigclusters - mbstat.m_bigclfree), + (unsigned int)(mbstat.m_bigclusters - m_bigclfree), (unsigned int)mbstat.m_bigclusters); - totmem = totmbufs * MSIZE + mbstat.m_clusters * MCLBYTES + mbstat.m_bigclusters * mbstat.m_bigmclbytes; - totfree = mbstat.m_clfree * MCLBYTES + mbstat.m_bigclfree * mbstat.m_bigmclbytes; - printf("%u Kbytes allocated to network (%d%% in use)\n", - totmem / 1024, (totmem - totfree) * 100 / totmem); - printf("%u requests for memory denied\n", - (unsigned int)mbstat.m_drops); + if (njcl > 0) { + printf("%u/%u mbuf %uKB clusters in use\n", + m_16kclusters - m_16kclfree, m_16kclusters, + njclbytes/1024); + } + totused = totmem - totfree; + if (totmem == 0) + totpct = 0; + else if (totused < (ULONG_MAX/100)) + totpct = (totused * 100)/(double)totmem; + else { + u_long totmem1 = totmem/100; + u_long totused1 = totused/100; + totpct = (totused1 * 100)/(double)totmem1; + } + printf("%lu KB allocated to network (%.1f%% in use)\n", + totmem / 1024, totpct); + + printf("%u requests for memory denied\n", (unsigned int)mbstat.m_drops); printf("%u requests for memory delayed\n", (unsigned int)mbstat.m_wait); - printf("%u calls to protocol drain routines\n", - (unsigned int)mbstat.m_drain); + printf("%u calls to drain routines\n", (unsigned int)mbstat.m_drain); + + free(mb_stat); +} + +static const char * +mbpr_state(int state) +{ + char *msg = "?"; + + switch (state) { + case MCS_DISABLED: + msg = "dis"; + break; + + case MCS_ONLINE: + msg = "on"; + break; + + case MCS_PURGING: + msg = "purge"; + break; + + case MCS_OFFLINE: + msg = "off"; + break; + } + return (msg); +} + +static const char * +mbpr_mem(u_int32_t bytes) +{ + static char buf[33]; + double mem = bytes; + + if (mem < 1024) { + (void) snprintf(buf, sizeof (buf), "%d", (int)mem); + } else if ((mem /= 1024) < 1024) { + (void) snprintf(buf, sizeof (buf), "%.1f KB", mem); + } else { + mem /= 1024; + (void) snprintf(buf, sizeof (buf), "%.1f MB", mem); + } + return (buf); +} + +static int +mbpr_getdata(void) +{ + size_t len; + int error = -1; + + if (nmbtypes != 256) { + (void) fprintf(stderr, + "netstat: unexpected change to mbstat; check source\n"); + goto done; + } + + len = sizeof(mbstat); + if (sysctlbyname("kern.ipc.mbstat", &mbstat, &len, 0, 0) == -1) + goto done; + + if (sysctlbyname(KERN_IPC_MB_STAT, NULL, &len, 0, 0) == -1) { + (void) fprintf(stderr, + "Error retrieving length for %s\n", KERN_IPC_MB_STAT); + goto done; + } + + mb_stat = calloc(1, len); + if (mb_stat == NULL) { + (void) fprintf(stderr, + "Error allocating %lu bytes for sysctl data\n", len); + goto done; + } + + if (sysctlbyname(KERN_IPC_MB_STAT, mb_stat, &len, 0, 0) == -1) { + (void) fprintf(stderr, + "Error %d getting %s\n", errno, KERN_IPC_MB_STAT); + goto done; + } + + if (mb_stat->mbs_cnt == 0) { + (void) fprintf(stderr, + "Invalid mbuf class count (%d)\n", mb_stat->mbs_cnt); + goto done; + } + + len = sizeof (njcl); + (void) sysctlbyname(KERN_IPC_NJCL, &njcl, &len, 0, 0); + len = sizeof (njclbytes); + (void) sysctlbyname(KERN_IPC_NJCL_BYTES, &njclbytes, &len, 0, 0); + + error = 0; + +done: + if (error != 0 && mb_stat != NULL) + free(mb_stat); + + return (error); } diff --git a/netstat.tproj/mcast.c b/netstat.tproj/mcast.c new file mode 100644 index 0000000..6f97d39 --- /dev/null +++ b/netstat.tproj/mcast.c @@ -0,0 +1,394 @@ +/* + * Copyright (c) 2007 Bruce M. Simpson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#include + +/* + * Print the running system's current multicast group memberships. + * As this relies on getifmaddrs(), it may not be used with a core file. + */ + +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include + + +#include "netstat.h" + +union sockunion { + struct sockaddr_storage ss; + struct sockaddr sa; + struct sockaddr_dl sdl; + struct sockaddr_in sin; + struct sockaddr_in6 sin6; +}; +typedef union sockunion sockunion_t; + +/* + * This may have been defined in . Note that if is + * to be included it must be included before this header file. + */ +#ifndef ifa_broadaddr +#define ifa_broadaddr ifa_dstaddr /* broadcast address interface */ +#endif + +struct ifmaddrs { + struct ifmaddrs *ifma_next; + struct sockaddr *ifma_name; + struct sockaddr *ifma_addr; + struct sockaddr *ifma_lladdr; +}; + +void ifmalist_dump_af(const struct ifmaddrs * const ifmap, int const af); + +#define SALIGN (sizeof(long) - 1) +#define SA_RLEN(sa) (sa ? ((sa)->sa_len ? (((sa)->sa_len + SALIGN) & ~SALIGN) : \ + (SALIGN + 1)) : 0) +#define MAX_SYSCTL_TRY 5 +#define RTA_MASKS (RTA_GATEWAY | RTA_IFP | RTA_IFA) + +int getifmaddrs(struct ifmaddrs **); +void freeifmaddrs(struct ifmaddrs *); + + +int +getifmaddrs(struct ifmaddrs **pif) +{ + int icnt = 1; + int dcnt = 0; + int ntry = 0; + size_t len; + size_t needed; + int mib[6]; + int i; + char *buf; + char *data; + char *next; + char *p; + struct ifma_msghdr2 *ifmam; + struct ifmaddrs *ifa, *ift; + struct rt_msghdr *rtm; + struct sockaddr *sa; + + mib[0] = CTL_NET; + mib[1] = PF_ROUTE; + mib[2] = 0; /* protocol */ + mib[3] = 0; /* wildcard address family */ + mib[4] = NET_RT_IFLIST2; + mib[5] = 0; /* no flags */ + do { + if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0) + return (-1); + if ((buf = malloc(needed)) == NULL) + return (-1); + if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) { + if (errno != ENOMEM || ++ntry >= MAX_SYSCTL_TRY) { + free(buf); + return (-1); + } + free(buf); + buf = NULL; + } + } while (buf == NULL); + + for (next = buf; next < buf + needed; next += rtm->rtm_msglen) { + rtm = (struct rt_msghdr *)(void *)next; + if (rtm->rtm_version != RTM_VERSION) + continue; + switch (rtm->rtm_type) { + case RTM_NEWMADDR2: + ifmam = (struct ifma_msghdr2 *)(void *)rtm; + if ((ifmam->ifmam_addrs & RTA_IFA) == 0) + break; + icnt++; + p = (char *)(ifmam + 1); + for (i = 0; i < RTAX_MAX; i++) { + if ((RTA_MASKS & ifmam->ifmam_addrs & + (1 << i)) == 0) + continue; + sa = (struct sockaddr *)(void *)p; + len = SA_RLEN(sa); + dcnt += len; + p += len; + } + break; + } + } + + data = malloc(sizeof(struct ifmaddrs) * icnt + dcnt); + if (data == NULL) { + free(buf); + return (-1); + } + + ifa = (struct ifmaddrs *)(void *)data; + data += sizeof(struct ifmaddrs) * icnt; + + memset(ifa, 0, sizeof(struct ifmaddrs) * icnt); + ift = ifa; + + for (next = buf; next < buf + needed; next += rtm->rtm_msglen) { + rtm = (struct rt_msghdr *)(void *)next; + if (rtm->rtm_version != RTM_VERSION) + continue; + + switch (rtm->rtm_type) { + case RTM_NEWMADDR2: + ifmam = (struct ifma_msghdr2 *)(void *)rtm; + if ((ifmam->ifmam_addrs & RTA_IFA) == 0) + break; + + p = (char *)(ifmam + 1); + for (i = 0; i < RTAX_MAX; i++) { + if ((RTA_MASKS & ifmam->ifmam_addrs & + (1 << i)) == 0) + continue; + sa = (struct sockaddr *)(void *)p; + len = SA_RLEN(sa); + switch (i) { + case RTAX_GATEWAY: + ift->ifma_lladdr = + (struct sockaddr *)(void *)data; + memcpy(data, p, len); + data += len; + break; + + case RTAX_IFP: + ift->ifma_name = + (struct sockaddr *)(void *)data; + memcpy(data, p, len); + data += len; + break; + + case RTAX_IFA: + ift->ifma_addr = + (struct sockaddr *)(void *)data; + memcpy(data, p, len); + data += len; + break; + + default: + data += len; + break; + } + p += len; + } + ift->ifma_next = ift + 1; + ift = ift->ifma_next; + break; + } + } + + free(buf); + + if (ift > ifa) { + ift--; + ift->ifma_next = NULL; + *pif = ifa; + } else { + *pif = NULL; + free(ifa); + } + return (0); +} + +void +freeifmaddrs(struct ifmaddrs *ifmp) +{ + + free(ifmp); +} + +void +ifmalist_dump_af(const struct ifmaddrs * const ifmap, int const af) +{ + const struct ifmaddrs *ifma; + sockunion_t *psa; + char myifname[IFNAMSIZ]; +#ifdef INET6 + char addrbuf[INET6_ADDRSTRLEN]; +#endif + char *pcolon; + char *pafname, *pifname, *plladdr = NULL, *pgroup = NULL; +#ifdef INET6 + void *in6addr; +#endif + + switch (af) { + case AF_INET: + pafname = "IPv4"; + break; +#ifdef INET6 + case AF_INET6: + pafname = "IPv6"; + break; +#endif + case AF_LINK: + pafname = "Link-layer"; + break; + default: + return; /* XXX */ + } + + fprintf(stdout, "%s Multicast Group Memberships\n", pafname); + fprintf(stdout, "%-20s\t%-16s\t%s\n", "Group", "Link-layer Address", + "Netif"); + + for (ifma = ifmap; ifma; ifma = ifma->ifma_next) { + + if (ifma->ifma_name == NULL || ifma->ifma_addr == NULL) + continue; + + /* Group address */ + psa = (sockunion_t *)ifma->ifma_addr; + if (psa->sa.sa_family != af) + continue; + + switch (psa->sa.sa_family) { + case AF_INET: + pgroup = inet_ntoa(psa->sin.sin_addr); + break; +#ifdef INET6 + case AF_INET6: + in6addr = &psa->sin6.sin6_addr; + inet_ntop(psa->sa.sa_family, in6addr, addrbuf, + sizeof(addrbuf)); + pgroup = addrbuf; + break; +#endif + case AF_LINK: + if ((psa->sdl.sdl_alen == ETHER_ADDR_LEN) || + (psa->sdl.sdl_type == IFT_ETHER)) { + pgroup = +ether_ntoa((struct ether_addr *)&psa->sdl.sdl_data); +#ifdef notyet + } else { + pgroup = addr2ascii(AF_LINK, + &psa->sdl, + sizeof(struct sockaddr_dl), + addrbuf); +#endif + } + break; + default: + continue; /* XXX */ + } + + /* Link-layer mapping, if any */ + psa = (sockunion_t *)ifma->ifma_lladdr; + if (psa != NULL) { + if (psa->sa.sa_family == AF_LINK) { + if ((psa->sdl.sdl_alen == ETHER_ADDR_LEN) || + (psa->sdl.sdl_type == IFT_ETHER)) { + /* IEEE 802 */ + plladdr = +ether_ntoa((struct ether_addr *)&psa->sdl.sdl_data); +#ifdef notyet + } else { + /* something more exotic */ + plladdr = addr2ascii(AF_LINK, + &psa->sdl, + sizeof(struct sockaddr_dl), + addrbuf); +#endif + } + } else { + int i; + + /* not a link-layer address */ + plladdr = ""; + + for (i = 0; psa->sa.sa_len > 2 && i < psa->sa.sa_len - 2; i++) + printf("0x%x ", psa->sa.sa_data[i]); + printf("\n"); + } + } else { + plladdr = ""; + } + + /* Interface upon which the membership exists */ + psa = (sockunion_t *)ifma->ifma_name; + if (psa != NULL && psa->sa.sa_family == AF_LINK) { + strlcpy(myifname, link_ntoa(&psa->sdl), IFNAMSIZ); + pcolon = strchr(myifname, ':'); + if (pcolon) + *pcolon = '\0'; + pifname = myifname; + } else { + pifname = ""; + } + + fprintf(stdout, "%-20s\t%-16s\t%s\n", pgroup, plladdr, pifname); + } +} + +void +ifmalist_dump(void) +{ + struct ifmaddrs *ifmap; + + if (getifmaddrs(&ifmap)) + err(EX_OSERR, "getifmaddrs"); + + ifmalist_dump_af(ifmap, AF_LINK); + fputs("\n", stdout); + ifmalist_dump_af(ifmap, AF_INET); +#ifdef INET6 + fputs("\n", stdout); + ifmalist_dump_af(ifmap, AF_INET6); +#endif + + freeifmaddrs(ifmap); +} + diff --git a/netstat.tproj/mroute.c b/netstat.tproj/mroute.c index b620589..ec1e270 100644 --- a/netstat.tproj/mroute.c +++ b/netstat.tproj/mroute.c @@ -88,8 +88,8 @@ void mroutepr(void) { struct mfc **mfctable = 0; - struct vif viftable[MAXVIFS]; - struct mfc mfc, *m; + struct vif viftable[CONFIG_MAXVIFS]; + struct mfc *m; register struct vif *v; register vifi_t vifi; register int i; @@ -101,14 +101,14 @@ mroutepr(void) saved_nflag = nflag; nflag = 1; - len = MAXVIFS * sizeof(struct vif); + len = CONFIG_MAXVIFS * sizeof(struct vif); if (sysctlbyname("net.inet.ip.viftable", viftable, &len, 0, 0) == -1) { printf("No IPv4 multicast routing compiled into this system.\n"); return; } banner_printed = 0; - for (vifi = 0, v = viftable; vifi < MAXVIFS; ++vifi, ++v) { + for (vifi = 0, v = viftable; vifi < CONFIG_MAXVIFS; ++vifi, ++v) { if (v->v_lcl_addr.s_addr == 0) continue; @@ -144,7 +144,7 @@ mroutepr(void) return; } banner_printed = 0; - for (i = 0; i < MFCTBLSIZ; ++i) { + for (i = 0; i < CONFIG_MFCTBLSIZ; ++i) { m = mfctable[i]; while(m) { if (!banner_printed) { @@ -154,17 +154,17 @@ mroutepr(void) banner_printed = 1; } - printf(" %-15.15s", routename(mfc.mfc_origin.s_addr)); - printf(" %-15.15s", routename(mfc.mfc_mcastgrp.s_addr)); - printf(" %9lu", mfc.mfc_pkt_cnt); - printf(" %3d ", mfc.mfc_parent); + printf(" %-15.15s", routename(m->mfc_origin.s_addr)); + printf(" %-15.15s", routename(m->mfc_mcastgrp.s_addr)); + printf(" %9lu", m->mfc_pkt_cnt); + printf(" %3d ", m->mfc_parent); for (vifi = 0; vifi <= maxvif; vifi++) { - if (mfc.mfc_ttls[vifi] > 0) + if (m->mfc_ttls[vifi] > 0) printf(" %u:%u", vifi, - mfc.mfc_ttls[vifi]); + m->mfc_ttls[vifi]); } printf("\n"); - m = mfc.mfc_next; + m = m->mfc_next; } } if (!banner_printed) @@ -189,30 +189,30 @@ mrt_stats() } printf("IPv4 multicast forwarding:\n"); - printf(" %10lu multicast forwarding cache lookup%s\n", + printf(" %10u multicast forwarding cache lookup%s\n", mrtstat.mrts_mfc_lookups, plural(mrtstat.mrts_mfc_lookups)); - printf(" %10lu multicast forwarding cache miss%s\n", + printf(" %10u multicast forwarding cache miss%s\n", mrtstat.mrts_mfc_misses, plurales(mrtstat.mrts_mfc_misses)); - printf(" %10lu upcall%s to mrouted\n", + printf(" %10u upcall%s to mrouted\n", mrtstat.mrts_upcalls, plural(mrtstat.mrts_upcalls)); - printf(" %10lu upcall queue overflow%s\n", + printf(" %10u upcall queue overflow%s\n", mrtstat.mrts_upq_ovflw, plural(mrtstat.mrts_upq_ovflw)); - printf(" %10lu upcall%s dropped due to full socket buffer\n", + printf(" %10u upcall%s dropped due to full socket buffer\n", mrtstat.mrts_upq_sockfull, plural(mrtstat.mrts_upq_sockfull)); - printf(" %10lu cache cleanup%s\n", + printf(" %10u cache cleanup%s\n", mrtstat.mrts_cache_cleanups, plural(mrtstat.mrts_cache_cleanups)); - printf(" %10lu datagram%s with no route for origin\n", + printf(" %10u datagram%s with no route for origin\n", mrtstat.mrts_no_route, plural(mrtstat.mrts_no_route)); - printf(" %10lu datagram%s arrived with bad tunneling\n", + printf(" %10u datagram%s arrived with bad tunneling\n", mrtstat.mrts_bad_tunnel, plural(mrtstat.mrts_bad_tunnel)); - printf(" %10lu datagram%s could not be tunneled\n", + printf(" %10u datagram%s could not be tunneled\n", mrtstat.mrts_cant_tunnel, plural(mrtstat.mrts_cant_tunnel)); - printf(" %10lu datagram%s arrived on wrong interface\n", + printf(" %10u datagram%s arrived on wrong interface\n", mrtstat.mrts_wrong_if, plural(mrtstat.mrts_wrong_if)); - printf(" %10lu datagram%s selectively dropped\n", + printf(" %10u datagram%s selectively dropped\n", mrtstat.mrts_drop_sel, plural(mrtstat.mrts_drop_sel)); - printf(" %10lu datagram%s dropped due to queue overflow\n", + printf(" %10u datagram%s dropped due to queue overflow\n", mrtstat.mrts_q_overflow, plural(mrtstat.mrts_q_overflow)); - printf(" %10lu datagram%s dropped for being too large\n", + printf(" %10u datagram%s dropped for being too large\n", mrtstat.mrts_pkt2large, plural(mrtstat.mrts_pkt2large)); } diff --git a/netstat.tproj/mroute6.c b/netstat.tproj/mroute6.c index c37f176..a9da6c5 100644 --- a/netstat.tproj/mroute6.c +++ b/netstat.tproj/mroute6.c @@ -231,7 +231,7 @@ mrt6_stats(void) printf(" %10llu upcall%s to mrouted\n", (unsigned long long)mrtstat.mrt6s_upcalls, plural(mrtstat.mrt6s_upcalls)); - printf(" %10llu upcall llueue overflow%s\n", + printf(" %10llu upcall queue overflow%s\n", (unsigned long long)mrtstat.mrt6s_upq_ovflw, plural(mrtstat.mrt6s_upq_ovflw)); printf(" %10llu upcall%s dropped due to full socket buffer\n", @@ -255,7 +255,7 @@ mrt6_stats(void) printf(" %10llu datagram%s selectively dropped\n", (unsigned long long)mrtstat.mrt6s_drop_sel, plural(mrtstat.mrt6s_drop_sel)); - printf(" %10llu datagram%s dropped due to llueue overflow\n", + printf(" %10llu datagram%s dropped due to queue overflow\n", (unsigned long long)mrtstat.mrt6s_q_overflow, plural(mrtstat.mrt6s_q_overflow)); printf(" %10llu datagram%s dropped for being too large\n", diff --git a/netstat.tproj/netstat.1 b/netstat.tproj/netstat.1 index de44198..37f2780 100644 --- a/netstat.tproj/netstat.1 +++ b/netstat.tproj/netstat.1 @@ -42,44 +42,30 @@ .Nm .Op Fl AaLlnW .Op Fl f Ar address_family | Fl p Ar protocol -.Op Fl M Ar core -.Op Fl N Ar system .Nm .Op Fl gilns .Op Fl f Ar address_family -.Op Fl M Ar core -.Op Fl N Ar system .Nm .Fl i | I Ar interface .Op Fl w Ar wait .Op Fl abdgt -.Op Fl M Ar core -.Op Fl N Ar system .Nm .Fl s Op Fl s .Op Fl f Ar address_family | Fl p Ar protocol -.Op Fl M Ar core -.Op Fl N Ar system +.Op Fl w Ar wait .Nm .Fl i | I Ar interface Fl s .Op Fl f Ar address_family | Fl p Ar protocol -.Op Fl M Ar core -.Op Fl N Ar system .Nm .Fl m -.Op Fl M Ar core -.Op Fl N Ar system +.Op Fl m .Nm .Fl r .Op Fl Aaln .Op Fl f Ar address_family -.Op Fl M Ar core -.Op Fl N Ar system .Nm .Fl rs .Op Fl s -.Op Fl M Ar core -.Op Fl N Ar system .\"----------------------------------------------------------------------------------------- .Sh DESCRIPTION .\"----------------------------------------------------------------------------------------- @@ -94,7 +80,9 @@ to the option selected. Using the third form, with a interval specified, .Nm will continuously display the information regarding packet traffic on the configured network -interfaces. The fourth form displays statistics for the specified protocol or address family. +interfaces. The fourth form displays statistics for the specified protocol or address family. If a +.Ar wait +interval is specified, the protocol information over the last interval seconds will be displayed. The fifth form displays per-interface statistics for the specified protocol or address family. The sixth form displays .Xr mbuf 9 @@ -173,16 +161,13 @@ unaccepted connections. The second count shows the amount of unaccepted incompl connections. The third count is the maximum number of queued connections. .It Fl l Print full IPv6 address. -.It Fl M -Extract values associated with the name list from the specified core instead of the -default -.Pa /dev/kmem . .It Fl m -Show statistics recorded by the memory management routines (the network manages a -private pool of memory buffers). -.It Fl N -Extract the name list from the specified system instead of the default -.Pa /kernel . +Show statistics recorded by the memory management routines (the network stack manages a private pool of memory buffers). More detailed information about the buffers, which includes their cache related statistics, can be obtained by using +.Fl mm +or +.Fl m +.Fl m +option. .It Fl n Show network addresses as numbers (normally .Nm @@ -219,7 +204,7 @@ zero are suppressed. In certain displays, avoid truncating addresses even if this causes some fields to overflow. .It Fl w Ar wait -Show network interface statistics at intervals of +Show network interface or protocol statistics at intervals of .Ar wait seconds. .El @@ -345,7 +330,7 @@ is invoked with the option and a .Ar wait interval argument, it displays a running count of statistics related to -network interfaces. An obsolete version of this option used a numeric +network interfaces or protocols. An obsolete version of this option used a numeric parameter with no option, and is currently supported for backward compatibility. By default, this display summarizes information for all interfaces. Information for a specific interface may be displayed with the @@ -372,12 +357,5 @@ command appeared in .Bx 4.2 . .Pp IPv6 support was added by WIDE/KAME project. -.Sh FILES -.Bl -tag -width /dev/kmem -compact -.It Pa /kernel -default kernel namelist -.It Pa /dev/kmem -default memory file -.El .Sh BUGS The notion of errors is ill-defined. diff --git a/netstat.tproj/netstat.h b/netstat.tproj/netstat.h index cce6d51..dd6c5d9 100644 --- a/netstat.tproj/netstat.h +++ b/netstat.tproj/netstat.h @@ -59,11 +59,17 @@ #include #include +#ifdef __APPLE__ +#include +#endif + extern int Aflag; /* show addresses of protocol control block */ extern int aflag; /* show all sockets (including servers) */ extern int bflag; /* show i/f total bytes in/out */ extern int dflag; /* show i/f dropped packets */ +#if defined(__APPLE__) && !TARGET_OS_EMBEDDED extern int gflag; /* show group (multicast) routing or stats */ +#endif extern int iflag; /* show interfaces */ extern int lflag; /* show routing table with use and ref */ extern int Lflag; /* show size of listen queues */ @@ -106,12 +112,15 @@ void icmp6_ifstats (char *); void pim6_stats (u_long, char *, int); #endif void rip6_stats (u_long, char *, int); +#if defined(__APPLE__) && !TARGET_OS_EMBEDDED void mroute6pr (void); void mrt6_stats (void); +#endif struct sockaddr_in6; struct in6_addr; char *routename6 (struct sockaddr_in6 *); +struct sockaddr; /* forward reference */ char *netname6 (struct sockaddr_in6 *, struct sockaddr *); #endif /*INET6*/ @@ -127,6 +136,7 @@ void hostpr (u_long, u_long); void impstats (u_long, u_long); void intpr (void (*)(char *)); +void intervalpr(void (*)(u_long, char *, int), u_long, char *, int); void pr_rthdr (int); void pr_family (int); @@ -174,6 +184,8 @@ void tp_protopr (u_long, char *, int); void tp_inproto (u_long); void tp_stats (caddr_t, caddr_t); +#if defined(__APPLE__) && !TARGET_OS_EMBEDDED void mroutepr (void); void mrt_stats (void); - +#endif +void ifmalist_dump(void); diff --git a/netstat.tproj/route.c b/netstat.tproj/route.c index e94d0d6..196e020 100644 --- a/netstat.tproj/route.c +++ b/netstat.tproj/route.c @@ -59,7 +59,7 @@ static char sccsid[] = "From: @(#)route.c 8.6 (Berkeley) 4/28/95"; #endif static const char rcsid[] = - "$Id: route.c,v 1.7 2004/10/14 22:24:09 lindak Exp $"; + "$Id: route.c,v 1.8 2006/02/07 06:22:20 lindak Exp $"; #endif /* not lint */ #include @@ -476,7 +476,7 @@ np_rtentry(struct rt_msghdr2 *rtm) printf("%6u %8d ", rtm->rtm_refcnt, rtm->rtm_use); if (lflag) { if (rtm->rtm_rmx.rmx_mtu != 0) - printf("%6lu ", rtm->rtm_rmx.rmx_mtu); + printf("%6u ", rtm->rtm_rmx.rmx_mtu); else printf("%6s ", ""); } diff --git a/netstat.tproj/unix.c b/netstat.tproj/unix.c index 3cf131b..718af56 100644 --- a/netstat.tproj/unix.c +++ b/netstat.tproj/unix.c @@ -59,7 +59,7 @@ static char sccsid[] = "@(#)unix.c 8.1 (Berkeley) 6/6/93"; #endif static const char rcsid[] = - "$Id: unix.c,v 1.3 2004/08/26 23:55:22 lindak Exp $"; + "$Id: unix.c,v 1.4 2006/02/07 06:22:20 lindak Exp $"; #endif /* not lint */ /* @@ -81,7 +81,6 @@ static const char rcsid[] = #include #include #include -#include #include "netstat.h" static void unixdomainpr __P((struct xunpcb *, struct xsocket *)); @@ -170,7 +169,7 @@ unixdomainpr(xunp, so) "Inode", "Conn", "Refs", "Nextref"); first = 0; } - printf("%8lx %-6.6s %6ld %6ld %8lx %8lx %8lx %8lx", + printf("%8lx %-6.6s %6u %6u %8lx %8lx %8lx %8lx", (long)so->so_pcb, socktype[so->so_type], so->so_rcv.sb_cc, so->so_snd.sb_cc, (long)unp->unp_vnode, (long)unp->unp_conn, diff --git a/nfsd.tproj/Makefile b/nfsd.tproj/Makefile deleted file mode 100644 index 27cd3d6..0000000 --- a/nfsd.tproj/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = nfsd - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = nfsd.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.dist nfsd.8 Makefile.postamble - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /sbin -WINDOWS_INSTALLDIR = /sbin -PDO_UNIX_INSTALLDIR = /sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - -NEXTSTEP_PB_CFLAGS = -DNFS -DMACH_USER_API -WINDOWS_PB_CFLAGS = -DNFS -DMACH_USER_API -PDO_UNIX_PB_CFLAGS = -DNFS -DMACH_USER_API - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/nfsd.tproj/Makefile.dist b/nfsd.tproj/Makefile.dist deleted file mode 100644 index 35d0d0e..0000000 --- a/nfsd.tproj/Makefile.dist +++ /dev/null @@ -1,9 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 - -PROG= nfsd -CFLAGS+=-DNFS -MAN8= nfsd.0 -DPADD= ${LIBRPC} -LDADD= -lrpc - -.include diff --git a/nfsd.tproj/Makefile.postamble b/nfsd.tproj/Makefile.postamble deleted file mode 100644 index 401f3a7..0000000 --- a/nfsd.tproj/Makefile.postamble +++ /dev/null @@ -1,3 +0,0 @@ -after_install: - mkdir -p $(DSTROOT)/usr/share/man/man8 - install -c -m 444 nfsd.8 $(DSTROOT)/usr/share/man/man8/nfsd.8 diff --git a/nfsd.tproj/Makefile.preamble b/nfsd.tproj/Makefile.preamble deleted file mode 100644 index dc05194..0000000 --- a/nfsd.tproj/Makefile.preamble +++ /dev/null @@ -1,2 +0,0 @@ -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include diff --git a/nfsd.tproj/PB.project b/nfsd.tproj/PB.project deleted file mode 100644 index f314b1d..0000000 --- a/nfsd.tproj/PB.project +++ /dev/null @@ -1,32 +0,0 @@ -{ - APPCLASS = NSApplication; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (nfsd.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.dist, nfsd.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_COMPILEROPTIONS = "-DNFS -DMACH_USER_API"; - NEXTSTEP_INSTALLDIR = /sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_MAINNIB = nfsd; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_COMPILEROPTIONS = "-DNFS -DMACH_USER_API"; - PDO_UNIX_INSTALLDIR = /sbin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_MAINNIB = nfsd; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = nfsd; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_COMPILEROPTIONS = "-DNFS -DMACH_USER_API"; - WINDOWS_INSTALLDIR = /sbin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_MAINNIB = nfsd; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/nfsd.tproj/nfsd.8 b/nfsd.tproj/nfsd.8 deleted file mode 100644 index e98aa13..0000000 --- a/nfsd.tproj/nfsd.8 +++ /dev/null @@ -1,115 +0,0 @@ -.\" Copyright (c) 1989, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)nfsd.8 8.4 (Berkeley) 3/29/95 -.\" -.Dd March 29, 1995 -.Dt NFSD 8 -.Os -.Sh NAME -.Nm nfsd -.Nd remote -.Tn NFS -server -.Sh SYNOPSIS -.Nm nfsd -.Op Fl rut -.Op Fl n Ar num_servers -.Sh DESCRIPTION -.Nm Nfsd -runs on a server machine to service -.Tn NFS -requests from client machines. -At least one -.Nm nfsd -must be running for a machine to operate as a server. -.Pp -Unless otherwise specified, four servers for -.Tn UDP -transport are started. -.Pp -The following options are available: -.Bl -tag -width Ds -.It Fl r -Register the -.Tn NFS -service with -.Xr portmap 8 -without creating any servers. -This option can be used along with the -.Fl u -or -.Fl t -options to re-register NFS if the portmap server is restarted. -.It Fl n -Specifies how many servers to create. -.It Fl t -Serve -.Tn TCP NFS -clients. -.It Fl u -Serve -.Tn UDP NFS -clients. -.El -.Pp -For example, -.Dq Li "nfsd -u -t 6" -serves -.Tn UDP -and -.Tn TCP -transports using six daemons. -.Pp -A server should run enough daemons to handle -the maximum level of concurrency from its clients, -typically four to six. -.Pp -.Nm Nfsd -listens for service requests at the port indicated in the -.Tn NFS -server specification; see -.%T "Network File System Protocol Specification" , -RFC1094 and -.%T "NFS: Network File System Version 3 Protocol Specification" . -.Pp -The -.Nm nfsd -utility exits 0 on success, and >0 if an error occurs. -.Sh SEE ALSO -.Xr nfsstat 1 , -.Xr nfssvc 2 , -.Xr mountd 8 , -.Xr portmap 8 -.Sh HISTORY -The -.Nm nfsd -utility first appeared in 4.4BSD. diff --git a/nfsd.tproj/nfsd.c b/nfsd.tproj/nfsd.c deleted file mode 100644 index 3a97b64..0000000 --- a/nfsd.tproj/nfsd.c +++ /dev/null @@ -1,663 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Rick Macklem at The University of Guelph. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#ifdef ISO -#include -#endif -#include -#include -#include - -#ifdef NFSKERB -#include -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/* Global defs */ -#ifdef DEBUG -#define syslog(e, s) fprintf(stderr,(s)) -int debug = 1; -#else -int debug = 0; -#endif - -struct nfsd_srvargs nsd; -char **Argv = NULL; /* pointer to argument vector */ -char *LastArg = NULL; /* end of argv */ - -#ifdef NFSKERB -char lnam[ANAME_SZ]; -KTEXT_ST kt; -AUTH_DAT kauth; -char inst[INST_SZ]; -struct nfsrpc_fullblock kin, kout; -struct nfsrpc_fullverf kverf; -NFSKERBKEY_T kivec; -struct timeval ktv; -NFSKERBKEYSCHED_T kerb_keysched; -#endif - -void nonfs __P((int)); -void reapchild __P((int)); -void setproctitle __P((char *)); -void usage __P((void)); - -/* - * Nfs server daemon mostly just a user context for nfssvc() - * - * 1 - do file descriptor and signal cleanup - * 2 - fork the nfsd(s) - * 3 - create server socket(s) - * 4 - register socket with portmap - * - * For connectionless protocols, just pass the socket into the kernel via. - * nfssvc(). - * For connection based sockets, loop doing accepts. When you get a new - * socket from accept, pass the msgsock into the kernel via. nfssvc(). - * The arguments are: - * -c - support iso cltp clients - * -r - reregister with portmapper - * -t - support tcp nfs clients - * -u - support udp nfs clients - * followed by "n" which is the number of nfsds' to fork off - */ -int -main(argc, argv, envp) - int argc; - char *argv[], *envp[]; -{ - extern int optind; - struct group *grp; - struct nfsd_args nfsdargs; - struct passwd *pwd; - struct ucred *cr; - struct sockaddr_in inetaddr, inetpeer; -#ifdef ISO - struct sockaddr_iso isoaddr, isopeer; -#endif - struct timeval ktv; - fd_set ready, sockbits; - int ch, cltpflag, connect_type_cnt, i, len, maxsock, msgsock; - int nfsdcnt, nfssvc_flag, on, reregister, sock, tcpflag, tcpsock; - int tp4cnt, tp4flag, tp4sock, tpipcnt, tpipflag, tpipsock, udpflag; - char *cp, **cpp; - - /* Save start and extent of argv for setproctitle. */ - Argv = argv; - if (envp == 0 || *envp == 0) - envp = argv; - while (*envp) - envp++; - LastArg = envp[-1] + strlen(envp[-1]); - -#define MAXNFSDCNT 64 -#define DEFNFSDCNT 4 - nfsdcnt = DEFNFSDCNT; - cltpflag = reregister = tcpflag = tp4cnt = tp4flag = tpipcnt = 0; - tpipflag = udpflag = 0; -#ifdef ISO -#define GETOPT "cn:rtu" -#define USAGE "[-crtu] [-n num_servers]" -#else -#define GETOPT "n:rtu" -#define USAGE "[-rtu] [-n num_servers]" -#endif - while ((ch = getopt(argc, argv, GETOPT)) != EOF) - switch (ch) { - case 'n': - nfsdcnt = atoi(optarg); - if (nfsdcnt < 1 || nfsdcnt > MAXNFSDCNT) { - warnx("nfsd count %d; reset to %d", nfsdcnt, DEFNFSDCNT); - nfsdcnt = DEFNFSDCNT; - } - break; - case 'r': - reregister = 1; - break; - case 't': - tcpflag = 1; - break; - case 'u': - udpflag = 1; - break; -#ifdef ISO - case 'c': - cltpflag = 1; - break; -#ifdef notyet - case 'i': - tp4cnt = 1; - break; - case 'p': - tpipcnt = 1; - break; -#endif /* notyet */ -#endif /* ISO */ - default: - case '?': - usage(); - }; - argv += optind; - argc -= optind; - - /* - * XXX - * Backward compatibility, trailing number is the count of daemons. - */ - if (argc > 1) - usage(); - if (argc == 1) { - nfsdcnt = atoi(argv[0]); - if (nfsdcnt < 1 || nfsdcnt > MAXNFSDCNT) { - warnx("nfsd count %d; reset to %d", nfsdcnt, DEFNFSDCNT); - nfsdcnt = DEFNFSDCNT; - } - } - - if (debug == 0) { - daemon(0, 0); - (void)signal(SIGHUP, SIG_IGN); - (void)signal(SIGINT, SIG_IGN); - (void)signal(SIGQUIT, SIG_IGN); - (void)signal(SIGSYS, nonfs); - (void)signal(SIGTERM, SIG_IGN); - } - (void)signal(SIGCHLD, reapchild); - - if (reregister) { - if (udpflag && - (!pmap_set(RPCPROG_NFS, 2, IPPROTO_UDP, NFS_PORT) || - !pmap_set(RPCPROG_NFS, 3, IPPROTO_UDP, NFS_PORT))) - err(1, "can't register with portmap for UDP."); - if (tcpflag && - (!pmap_set(RPCPROG_NFS, 2, IPPROTO_TCP, NFS_PORT) || - !pmap_set(RPCPROG_NFS, 3, IPPROTO_TCP, NFS_PORT))) - err(1, "can't register with portmap for TCP."); - exit(0); - } - openlog("nfsd:", LOG_PID, LOG_DAEMON); - - for (i = 0; i < nfsdcnt; i++) { - switch (fork()) { - case -1: - syslog(LOG_ERR, "fork: %m"); - exit (1); - case 0: - break; - default: - continue; - } - - setproctitle("server"); - nfssvc_flag = NFSSVC_NFSD; - nsd.nsd_nfsd = NULL; -#ifdef NFSKERB - if (sizeof (struct nfsrpc_fullverf) != RPCX_FULLVERF || - sizeof (struct nfsrpc_fullblock) != RPCX_FULLBLOCK) - syslog(LOG_ERR, "Yikes NFSKERB structs not packed!"); - nsd.nsd_authstr = (u_char *)&kt; - nsd.nsd_authlen = sizeof (kt); - nsd.nsd_verfstr = (u_char *)&kverf; - nsd.nsd_verflen = sizeof (kverf); -#endif - while (nfssvc(nfssvc_flag, &nsd) < 0) { - if (errno != ENEEDAUTH) { - syslog(LOG_ERR, "nfssvc: %m"); - exit(1); - } - nfssvc_flag = NFSSVC_NFSD | NFSSVC_AUTHINFAIL; -#ifdef NFSKERB - /* - * Get the Kerberos ticket out of the authenticator - * verify it and convert the principal name to a user - * name. The user name is then converted to a set of - * user credentials via the password and group file. - * Finally, decrypt the timestamp and validate it. - * For more info see the IETF Draft "Authentication - * in ONC RPC". - */ - kt.length = ntohl(kt.length); - if (gettimeofday(&ktv, (struct timezone *)0) == 0 && - kt.length > 0 && kt.length <= - (RPCAUTH_MAXSIZ - 3 * NFSX_UNSIGNED)) { - kin.w1 = NFS_KERBW1(kt); - kt.mbz = 0; - (void)strcpy(inst, "*"); - if (krb_rd_req(&kt, NFS_KERBSRV, - inst, nsd.nsd_haddr, &kauth, "") == RD_AP_OK && - krb_kntoln(&kauth, lnam) == KSUCCESS && - (pwd = getpwnam(lnam)) != NULL) { - cr = &nsd.nsd_cr; - cr->cr_uid = pwd->pw_uid; - cr->cr_groups[0] = pwd->pw_gid; - cr->cr_ngroups = 1; - setgrent(); - while ((grp = getgrent()) != NULL) { - if (grp->gr_gid == cr->cr_groups[0]) - continue; - for (cpp = grp->gr_mem; - *cpp != NULL; ++cpp) - if (!strcmp(*cpp, lnam)) - break; - if (*cpp == NULL) - continue; - cr->cr_groups[cr->cr_ngroups++] - = grp->gr_gid; - if (cr->cr_ngroups == NGROUPS) - break; - } - endgrent(); - - /* - * Get the timestamp verifier out of the - * authenticator and verifier strings. - */ - kin.t1 = kverf.t1; - kin.t2 = kverf.t2; - kin.w2 = kverf.w2; - bzero((caddr_t)kivec, sizeof (kivec)); - bcopy((caddr_t)kauth.session, - (caddr_t)nsd.nsd_key,sizeof(kauth.session)); - - /* - * Decrypt the timestamp verifier in CBC mode. - */ - XXX - - /* - * Validate the timestamp verifier, to - * check that the session key is ok. - */ - nsd.nsd_timestamp.tv_sec = ntohl(kout.t1); - nsd.nsd_timestamp.tv_usec = ntohl(kout.t2); - nsd.nsd_ttl = ntohl(kout.w1); - if ((nsd.nsd_ttl - 1) == ntohl(kout.w2)) - nfssvc_flag = NFSSVC_NFSD | NFSSVC_AUTHIN; - } -#endif /* NFSKERB */ - } - exit(0); - } - - /* If we are serving udp, set up the socket. */ - if (udpflag) { - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { - syslog(LOG_ERR, "can't create udp socket"); - exit(1); - } - inetaddr.sin_family = AF_INET; - inetaddr.sin_addr.s_addr = INADDR_ANY; - inetaddr.sin_port = htons(NFS_PORT); - inetaddr.sin_len = sizeof(inetaddr); - if (bind(sock, - (struct sockaddr *)&inetaddr, sizeof(inetaddr)) < 0) { - /* socket may still be lingering from previous incarnation */ - /* wait a few seconds and try again */ - sleep(6); - if (bind(sock, - (struct sockaddr *)&inetaddr, sizeof(inetaddr)) < 0) { - syslog(LOG_ERR, "can't bind udp addr"); - exit(1); - } - } - if (!pmap_set(RPCPROG_NFS, 2, IPPROTO_UDP, NFS_PORT) || - !pmap_set(RPCPROG_NFS, 3, IPPROTO_UDP, NFS_PORT)) { - syslog(LOG_ERR, "can't register with udp portmap"); - exit(1); - } - nfsdargs.sock = sock; - nfsdargs.name = NULL; - nfsdargs.namelen = 0; - if (nfssvc(NFSSVC_ADDSOCK, &nfsdargs) < 0) { - syslog(LOG_ERR, "can't Add UDP socket"); - exit(1); - } - (void)close(sock); - } - -#ifdef ISO - /* If we are serving cltp, set up the socket. */ - if (cltpflag) { - if ((sock = socket(AF_ISO, SOCK_DGRAM, 0)) < 0) { - syslog(LOG_ERR, "can't create cltp socket"); - exit(1); - } - memset(&isoaddr, 0, sizeof(isoaddr)); - isoaddr.siso_family = AF_ISO; - isoaddr.siso_tlen = 2; - cp = TSEL(&isoaddr); - *cp++ = (NFS_PORT >> 8); - *cp = (NFS_PORT & 0xff); - isoaddr.siso_len = sizeof(isoaddr); - if (bind(sock, - (struct sockaddr *)&isoaddr, sizeof(isoaddr)) < 0) { - syslog(LOG_ERR, "can't bind cltp addr"); - exit(1); - } -#ifdef notyet - /* - * XXX - * Someday this should probably use "rpcbind", the son of - * portmap. - */ - if (!pmap_set(RPCPROG_NFS, NFS_VER2, IPPROTO_UDP, NFS_PORT)) { - syslog(LOG_ERR, "can't register with udp portmap"); - exit(1); - } -#endif /* notyet */ - nfsdargs.sock = sock; - nfsdargs.name = NULL; - nfsdargs.namelen = 0; - if (nfssvc(NFSSVC_ADDSOCK, &nfsdargs) < 0) { - syslog(LOG_ERR, "can't add UDP socket"); - exit(1); - } - close(sock); - } -#endif /* ISO */ - - /* Now set up the master server socket waiting for tcp connections. */ - on = 1; - FD_ZERO(&sockbits); - connect_type_cnt = 0; - if (tcpflag) { - if ((tcpsock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - syslog(LOG_ERR, "can't create tcp socket"); - exit(1); - } - if (setsockopt(tcpsock, - SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof(on)) < 0) - syslog(LOG_ERR, "setsockopt SO_REUSEADDR: %m"); - inetaddr.sin_family = AF_INET; - inetaddr.sin_addr.s_addr = INADDR_ANY; - inetaddr.sin_port = htons(NFS_PORT); - inetaddr.sin_len = sizeof(inetaddr); - if (bind(tcpsock, - (struct sockaddr *)&inetaddr, sizeof (inetaddr)) < 0) { - syslog(LOG_ERR, "can't bind tcp addr"); - exit(1); - } - if (listen(tcpsock, 5) < 0) { - syslog(LOG_ERR, "listen failed"); - exit(1); - } - if (!pmap_set(RPCPROG_NFS, 2, IPPROTO_TCP, NFS_PORT) || - !pmap_set(RPCPROG_NFS, 3, IPPROTO_TCP, NFS_PORT)) { - syslog(LOG_ERR, "can't register tcp with portmap"); - exit(1); - } - FD_SET(tcpsock, &sockbits); - maxsock = tcpsock; - connect_type_cnt++; - } - -#ifdef notyet - /* Now set up the master server socket waiting for tp4 connections. */ - if (tp4flag) { - if ((tp4sock = socket(AF_ISO, SOCK_SEQPACKET, 0)) < 0) { - syslog(LOG_ERR, "can't create tp4 socket"); - exit(1); - } - if (setsockopt(tp4sock, - SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof(on)) < 0) - syslog(LOG_ERR, "setsockopt SO_REUSEADDR: %m"); - memset(&isoaddr, 0, sizeof(isoaddr)); - isoaddr.siso_family = AF_ISO; - isoaddr.siso_tlen = 2; - cp = TSEL(&isoaddr); - *cp++ = (NFS_PORT >> 8); - *cp = (NFS_PORT & 0xff); - isoaddr.siso_len = sizeof(isoaddr); - if (bind(tp4sock, - (struct sockaddr *)&isoaddr, sizeof (isoaddr)) < 0) { - syslog(LOG_ERR, "can't bind tp4 addr"); - exit(1); - } - if (listen(tp4sock, 5) < 0) { - syslog(LOG_ERR, "listen failed"); - exit(1); - } - /* - * XXX - * Someday this should probably use "rpcbind", the son of - * portmap. - */ - if (!pmap_set(RPCPROG_NFS, NFS_VER2, IPPROTO_TCP, NFS_PORT)) { - syslog(LOG_ERR, "can't register tcp with portmap"); - exit(1); - } - FD_SET(tp4sock, &sockbits); - maxsock = tp4sock; - connect_type_cnt++; - } - - /* Now set up the master server socket waiting for tpip connections. */ - if (tpipflag) { - if ((tpipsock = socket(AF_INET, SOCK_SEQPACKET, 0)) < 0) { - syslog(LOG_ERR, "can't create tpip socket"); - exit(1); - } - if (setsockopt(tpipsock, - SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof(on)) < 0) - syslog(LOG_ERR, "setsockopt SO_REUSEADDR: %m"); - inetaddr.sin_family = AF_INET; - inetaddr.sin_addr.s_addr = INADDR_ANY; - inetaddr.sin_port = htons(NFS_PORT); - inetaddr.sin_len = sizeof(inetaddr); - if (bind(tpipsock, - (struct sockaddr *)&inetaddr, sizeof (inetaddr)) < 0) { - syslog(LOG_ERR, "can't bind tcp addr"); - exit(1); - } - if (listen(tpipsock, 5) < 0) { - syslog(LOG_ERR, "listen failed"); - exit(1); - } - /* - * XXX - * Someday this should probably use "rpcbind", the son of - * portmap. - */ - if (!pmap_set(RPCPROG_NFS, NFS_VER2, IPPROTO_TCP, NFS_PORT)) { - syslog(LOG_ERR, "can't register tcp with portmap"); - exit(1); - } - FD_SET(tpipsock, &sockbits); - maxsock = tpipsock; - connect_type_cnt++; - } -#endif /* notyet */ - - if (connect_type_cnt == 0) - exit(0); - - setproctitle("master"); - - /* - * Loop forever accepting connections and passing the sockets - * into the kernel for the mounts. - */ - for (;;) { - ready = sockbits; - if (connect_type_cnt > 1) { - if (select(maxsock + 1, - &ready, NULL, NULL, NULL) < 1) { - syslog(LOG_ERR, "select failed: %m"); - exit(1); - } - } - if (tcpflag && FD_ISSET(tcpsock, &ready)) { - len = sizeof(inetpeer); - if ((msgsock = accept(tcpsock, - (struct sockaddr *)&inetpeer, &len)) < 0) { - syslog(LOG_ERR, "accept failed: %m"); - exit(1); - } - memset(inetpeer.sin_zero, 0, sizeof(inetpeer.sin_zero)); - if (setsockopt(msgsock, SOL_SOCKET, - SO_KEEPALIVE, (char *)&on, sizeof(on)) < 0) - syslog(LOG_ERR, - "setsockopt SO_KEEPALIVE: %m"); - nfsdargs.sock = msgsock; - nfsdargs.name = (caddr_t)&inetpeer; - nfsdargs.namelen = sizeof(inetpeer); - nfssvc(NFSSVC_ADDSOCK, &nfsdargs); - (void)close(msgsock); - } -#ifdef notyet - if (tp4flag && FD_ISSET(tp4sock, &ready)) { - len = sizeof(isopeer); - if ((msgsock = accept(tp4sock, - (struct sockaddr *)&isopeer, &len)) < 0) { - syslog(LOG_ERR, "accept failed: %m"); - exit(1); - } - if (setsockopt(msgsock, SOL_SOCKET, - SO_KEEPALIVE, (char *)&on, sizeof(on)) < 0) - syslog(LOG_ERR, - "setsockopt SO_KEEPALIVE: %m"); - nfsdargs.sock = msgsock; - nfsdargs.name = (caddr_t)&isopeer; - nfsdargs.namelen = len; - nfssvc(NFSSVC_ADDSOCK, &nfsdargs); - (void)close(msgsock); - } - if (tpipflag && FD_ISSET(tpipsock, &ready)) { - len = sizeof(inetpeer); - if ((msgsock = accept(tpipsock, - (struct sockaddr *)&inetpeer, &len)) < 0) { - syslog(LOG_ERR, "Accept failed: %m"); - exit(1); - } - if (setsockopt(msgsock, SOL_SOCKET, - SO_KEEPALIVE, (char *)&on, sizeof(on)) < 0) - syslog(LOG_ERR, "setsockopt SO_KEEPALIVE: %m"); - nfsdargs.sock = msgsock; - nfsdargs.name = (caddr_t)&inetpeer; - nfsdargs.namelen = len; - nfssvc(NFSSVC_ADDSOCK, &nfsdargs); - (void)close(msgsock); - } -#endif /* notyet */ - } -} - -void -usage() -{ - (void)fprintf(stderr, "usage: nfsd %s\n", USAGE); - exit(1); -} - -void -nonfs(signo) - int signo; -{ - syslog(LOG_ERR, "missing system call: NFS not available."); -} - -void -reapchild(signo) - int signo; -{ - - while (wait3(NULL, WNOHANG, NULL) > 0); -} - -void -setproctitle(a) - char *a; -{ - register char *cp; - char buf[80]; - - cp = Argv[0]; - (void)snprintf(buf, sizeof(buf), "nfsd-%s", a); - (void)strncpy(cp, buf, LastArg - cp); - cp += strlen(cp); - while (cp < LastArg) - *cp++ = '\0'; -} diff --git a/nfsiod.tproj/Makefile b/nfsiod.tproj/Makefile deleted file mode 100644 index 7e502a3..0000000 --- a/nfsiod.tproj/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = nfsiod - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = nfsiod.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.dist nfsiod.8 Makefile.postamble - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /sbin -WINDOWS_INSTALLDIR = /sbin -PDO_UNIX_INSTALLDIR = /sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - -NEXTSTEP_PB_CFLAGS = -DNFS -DMACH_USER_API -WINDOWS_PB_CFLAGS = -DNFS -DMACH_USER_API -PDO_UNIX_PB_CFLAGS = -DNFS -DMACH_USER_API - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/nfsiod.tproj/Makefile.dist b/nfsiod.tproj/Makefile.dist deleted file mode 100644 index 72db42b..0000000 --- a/nfsiod.tproj/Makefile.dist +++ /dev/null @@ -1,7 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 - -PROG= nfsiod -CFLAGS+=-DNFS -MAN8= nfsiod.0 - -.include diff --git a/nfsiod.tproj/Makefile.postamble b/nfsiod.tproj/Makefile.postamble deleted file mode 100644 index a3b5f8e..0000000 --- a/nfsiod.tproj/Makefile.postamble +++ /dev/null @@ -1,3 +0,0 @@ -after_install: - mkdir -p $(DSTROOT)/usr/share/man/man8 - install -c -m 444 nfsiod.8 $(DSTROOT)/usr/share/man/man8/nfsiod.8 diff --git a/nfsiod.tproj/Makefile.preamble b/nfsiod.tproj/Makefile.preamble deleted file mode 100644 index dc05194..0000000 --- a/nfsiod.tproj/Makefile.preamble +++ /dev/null @@ -1,2 +0,0 @@ -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include diff --git a/nfsiod.tproj/PB.project b/nfsiod.tproj/PB.project deleted file mode 100644 index 8d6f93f..0000000 --- a/nfsiod.tproj/PB.project +++ /dev/null @@ -1,32 +0,0 @@ -{ - APPCLASS = NSApplication; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (nfsiod.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.dist, nfsiod.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_COMPILEROPTIONS = "-DNFS -DMACH_USER_API"; - NEXTSTEP_INSTALLDIR = /sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_MAINNIB = nfsiod; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_COMPILEROPTIONS = "-DNFS -DMACH_USER_API"; - PDO_UNIX_INSTALLDIR = /sbin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_MAINNIB = nfsiod; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = nfsiod; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_COMPILEROPTIONS = "-DNFS -DMACH_USER_API"; - WINDOWS_INSTALLDIR = /sbin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_MAINNIB = nfsiod; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/nfsiod.tproj/nfsiod.8 b/nfsiod.tproj/nfsiod.8 deleted file mode 100644 index 8622c93..0000000 --- a/nfsiod.tproj/nfsiod.8 +++ /dev/null @@ -1,75 +0,0 @@ -.\" Copyright (c) 1989, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)nfsiod.8 8.2 (Berkeley) 2/22/94 -.\" -.Dd February 22, 1994 -.Dt NFSIOD 8 -.Os -.Sh NAME -.Nm nfsiod -.Nd local -.Tn NFS -asynchronous I/O server -.Sh SYNOPSIS -.Nm nfsiod -.Op Fl n Ar num_servers -.Sh DESCRIPTION -.Nm Nfsiod -runs on an -.Tn NFS -client machine to service asynchronous I/O requests to its server. -It improves performance but is not required for correct operation. -.Pp -Unless otherwise specified, a single server is started. -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl n -Specify how many servers are to be started. -.El -.Pp -A client should run enough servers to handle its maximum -level of concurrency, typically four to six. Each server -runs as a separate thread within the nfsiod process. -.Pp -The -.Nm nfsiod -utility exits 0 on success, and >0 if an error occurs. -.Sh SEE ALSO -.Xr nfsstat 1 , -.Xr nfssvc 2 , -.Xr mountd 8 , -.Xr portmap 8 -.Sh HISTORY -The -.Nm nfsiod -utility first appeared in 4.4BSD. diff --git a/nfsiod.tproj/nfsiod.c b/nfsiod.tproj/nfsiod.c deleted file mode 100644 index 92acb86..0000000 --- a/nfsiod.tproj/nfsiod.c +++ /dev/null @@ -1,238 +0,0 @@ -/* - * Copyright (c) 1999-2003 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Rick Macklem at The University of Guelph. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/* Global defs */ -#ifdef DEBUG -int debug = 1; -#else -int debug = 0; -#endif -int *thread_status = NULL; -pthread_cond_t cond; -pthread_mutex_t mutex; - -void nonfs __P((int)); -void usage __P((void)); -void *nfsiod_thread __P((void *)); - -/* - * Nfsiod does asynchronous buffered I/O on behalf of the NFS client. - * It does not have to be running for correct operation, but will - * improve throughput. - */ -int -main(argc, argv) - int argc; - char *argv[]; -{ - int ch, num_servers; - int i, rv, threadcnt; - -#define MAXNFSIODCNT 32 -#define DEFNFSIODCNT 1 - num_servers = DEFNFSIODCNT; - while ((ch = getopt(argc, argv, "n:")) != EOF) - switch (ch) { - case 'n': - num_servers = atoi(optarg); - if (num_servers < 1 || num_servers > MAXNFSIODCNT) { - warnx("nfsiod count %d; reset to %d", - num_servers, DEFNFSIODCNT); - num_servers = DEFNFSIODCNT; - } - break; - case '?': - default: - usage(); - } - argc -= optind; - argv += optind; - - /* - * XXX - * Backward compatibility, trailing number is the count of daemons. - */ - if (argc > 1) - usage(); - if (argc == 1) { - num_servers = atoi(argv[0]); - if (num_servers < 1 || num_servers > MAXNFSIODCNT) { - warnx("nfsiod count %d; reset to %d", - num_servers, DEFNFSIODCNT); - num_servers = DEFNFSIODCNT; - } - } - - thread_status = malloc(sizeof(int) * num_servers); - if (thread_status == NULL) - errx(1, "unable to allocate memory"); - rv = pthread_cond_init(&cond, NULL); - if (rv) - errc(1, rv, "condition variable init failed"); - rv = pthread_mutex_init(&mutex, NULL); - if (rv) - errc(1, rv, "mutex init failed"); - - if (debug == 0) { - daemon(0, 0); - (void)signal(SIGHUP, SIG_IGN); - (void)signal(SIGINT, SIG_IGN); - (void)signal(SIGQUIT, SIG_IGN); - (void)signal(SIGSYS, nonfs); - } - - openlog("nfsiod:", LOG_PID, LOG_DAEMON); - - threadcnt = 0; - for (i=0; i < num_servers; i++) { - pthread_t thd; - thread_status[i] = 1; - rv = pthread_create(&thd, NULL, nfsiod_thread, (void*)i); - if (rv) { - syslog(LOG_ERR, "thread_create: %s", strerror(rv)); - thread_status[i] = 0; - continue; - } - threadcnt++; - } - /* if no threads started exit */ - if (!threadcnt) - errx(1, "unable to start any threads"); - if (threadcnt != num_servers) - syslog(LOG_ERR, "only able to create %d of %d threads", - threadcnt, num_servers); - - /* wait for threads to complete */ - rv = pthread_mutex_lock(&mutex); - if (rv) - errc(1, rv, "mutex lock failed"); - while (threadcnt > 0) { - rv = pthread_cond_wait(&cond, &mutex); - if (rv) - errc(1, rv, "nfsiod: cond wait failed"); - for (i=0; i < num_servers; i++) { - if (!thread_status[i]) - continue; - if (thread_status[i] == 1) - continue; - threadcnt--; - thread_status[i] = 0; - syslog(LOG_ERR, "lost nfsiod thread %d - " - "%d of %d threads remain", - i, threadcnt, num_servers); - } - rv = pthread_mutex_lock(&mutex); - if (rv) - errc(1, rv, "mutex lock failed"); - } - - exit (0); -} - -void * -nfsiod_thread(void *arg) -{ - int rv, thread = (int)arg; - if ((rv = nfssvc(NFSSVC_BIOD, NULL)) < 0) { - thread_status[thread] = rv; - syslog(LOG_ERR, "nfssvc: %s", strerror(rv)); - pthread_cond_signal(&cond); - return NULL; - } - thread_status[thread] = 0; - pthread_cond_signal(&cond); - return NULL; -} - -void -nonfs(signo) - int signo; -{ - syslog(LOG_ERR, "missing system call: NFS not available."); -} - -void -usage() -{ - (void)fprintf(stderr, "usage: nfsiod [-n num_servers]\n"); - exit(1); -} diff --git a/nfsstat.tproj/Makefile b/nfsstat.tproj/Makefile deleted file mode 100644 index d20d30c..0000000 --- a/nfsstat.tproj/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = nfsstat - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = nfsstat.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble nfsstat.1 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /usr/bin -PDO_UNIX_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - -NEXTSTEP_PB_CFLAGS = -DNFS -DMACH_USER_API -WINDOWS_PB_CFLAGS = -DNFS -DMACH_USER_API -PDO_UNIX_PB_CFLAGS = -DNFS -DMACH_USER_API - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/nfsstat.tproj/Makefile.postamble b/nfsstat.tproj/Makefile.postamble deleted file mode 100644 index 459f48c..0000000 --- a/nfsstat.tproj/Makefile.postamble +++ /dev/null @@ -1,6 +0,0 @@ -INSTALL_AS_GROUP = kmem -INSTALL_PERMISSIONS =2555 - -after_install: - mkdir -p $(DSTROOT)/usr/share/man/man1 - install -c -m 444 nfsstat.1 $(DSTROOT)/usr/share/man/man1/nfsstat.1 diff --git a/nfsstat.tproj/Makefile.preamble b/nfsstat.tproj/Makefile.preamble deleted file mode 100644 index 925a5c7..0000000 --- a/nfsstat.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -CLEAN_ALL_SUBPROJECTS = YES -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include diff --git a/nfsstat.tproj/PB.project b/nfsstat.tproj/PB.project deleted file mode 100644 index d4ad122..0000000 --- a/nfsstat.tproj/PB.project +++ /dev/null @@ -1,31 +0,0 @@ -{ - DOCICONFILES = (); - FILESTABLE = { - C_FILES = (); - H_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (nfsstat.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, nfsstat.1); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDTOOL = make; - NEXTSTEP_COMPILEROPTIONS = "-DNFS -DMACH_USER_API"; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = make; - PDO_UNIX_COMPILEROPTIONS = "-DNFS -DMACH_USER_API"; - PDO_UNIX_INSTALLDIR = /usr/bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = nfsstat; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = make; - WINDOWS_COMPILEROPTIONS = "-DNFS -DMACH_USER_API"; - WINDOWS_INSTALLDIR = /usr/bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/nfsstat.tproj/nfsstat.1 b/nfsstat.tproj/nfsstat.1 deleted file mode 100644 index 3acda6c..0000000 --- a/nfsstat.tproj/nfsstat.1 +++ /dev/null @@ -1,88 +0,0 @@ -.\" Copyright (c) 1989, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)nfsstat.1 8.1 (Berkeley) 6/6/93 -.\" -.Dd June 6, 1993 -.Dt NFSSTAT 1 -.Os BSD 4.4 -.Sh NAME -.Nm nfsstat -.Nd display -.Tn NFS -statistics -.Sh SYNOPSIS -.Nm nfsstat -.Op Fl M Ar core -.Op Fl N Ar system -.Op Fl w Ar wait -.Sh DESCRIPTION -.Nm Nfsstat -displays statistics kept about -.Tn NFS -client and server activity. -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl M -Extract values associated with the name list from the specified core -instead of the default -.Pa /dev/kmem . -.It Fl N -Extract the name list from the specified system instead of the default -.Pa /vmunix . -.It Fl w -Display a shorter summary of -.Tn NFS -activity for both the client and server at -.Ar wait -second intervals. -.El -.Sh FILES -.Bl -tag -width /dev/kmem -compact -.It Pa /vmunix -default kernel namelist -.It Pa /dev/kmem -default memory file -.El -.Sh SEE ALSO -.Xr fstat 1 , -.Xr netstat 1 , -.Xr ps 1 , -.Xr systat 1 , -.Xr vmstat 1 , -.Xr iostat 8 , -.Xr pstat 8 , -.Sh HISTORY -The -.Nm nfsstat -command appears in -.Bx 4.4 . diff --git a/nfsstat.tproj/nfsstat.c b/nfsstat.tproj/nfsstat.c deleted file mode 100644 index 5cf77d2..0000000 --- a/nfsstat.tproj/nfsstat.c +++ /dev/null @@ -1,429 +0,0 @@ -/* - * Copyright (c) 1999-2004 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1997 Apple Computer, Inc. All Rights Reserved - * - * Copyright (c) 1983, 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Rick Macklem at The University of Guelph. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * @(#)nfsstat.c 8.2 (Berkeley) 3/31/95 - */ - - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define SHOW_SERVER 0x01 -#define SHOW_CLIENT 0x02 -#define SHOW_ALL (SHOW_SERVER | SHOW_CLIENT) - -struct nlist nl[] = { -#define N_NFSSTAT 0 - { "_nfsstats" }, - {""}, -}; -kvm_t *kd; - -static int deadkernel = 0; - -void intpr __P((u_long, u_int)); -void printhdr __P((void)); -void sidewaysintpr __P((u_int, u_long, u_int)); -void usage __P((void)); - -int -main(argc, argv) - int argc; - char **argv; -{ - extern int optind; - extern char *optarg; - u_int interval; - u_int display = SHOW_ALL; - int ch; - char *memf, *nlistf; - char errbuf[80]; - - interval = 0; - memf = nlistf = NULL; - while ((ch = getopt(argc, argv, "M:N:w:sc")) != EOF) - switch(ch) { - case 'M': - memf = optarg; - break; - case 'N': - nlistf = optarg; - break; - case 'w': - interval = atoi(optarg); - break; - case 's': - display = SHOW_SERVER; - break; - case 'c': - display = SHOW_CLIENT; - break; - case '?': - default: - usage(); - } - argc -= optind; - argv += optind; - -#define BACKWARD_COMPATIBILITY -#ifdef BACKWARD_COMPATIBILITY - if (*argv) { - interval = atoi(*argv); - if (*++argv) { - nlistf = *argv; - if (*++argv) - memf = *argv; - } - } -#endif - /* - * Discard setgid privileges if not the running kernel so that bad - * guys can't print interesting stuff from kernel memory. - */ - if (nlistf != NULL || memf != NULL) { - setegid(getgid()); - setgid(getgid()); - deadkernel = 1; - - if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, - errbuf)) == 0) { - errx(1, "kvm_openfiles: %s", errbuf); - } - if (kvm_nlist(kd, nl) != 0) { - errx(1, "kvm_nlist: can't get names"); - } - } - - if (interval) - sidewaysintpr(interval, nl[N_NFSSTAT].n_value, display); - else - intpr(nl[N_NFSSTAT].n_value, display); - exit(0); -} - -/* - * Read the nfs stats using sysctl(3) for live kernels, or kvm_read - * for dead ones. - */ -void -readstats(stp) - struct nfsstats *stp; -{ - if(deadkernel) { - if(kvm_read(kd, (u_long)nl[N_NFSSTAT].n_value, stp, - sizeof *stp) < 0) { - err(1, "kvm_read"); - } - } else { - int name[3]; - size_t buflen = sizeof *stp; - struct vfsconf vfc; - - if (getvfsbyname("nfs", &vfc) < 0) - err(1, "getvfsbyname: NFS not compiled into kernel"); - name[0] = CTL_VFS; - name[1] = vfc.vfc_typenum; - name[2] = NFS_NFSSTATS; - if (sysctl(name, 3, stp, &buflen, (void *)0, (size_t)0) < 0) { - err(1, "sysctl"); - } - } -} - -/* - * Print a description of the nfs stats. - */ -void -intpr(nfsstataddr, display) - u_long nfsstataddr; - u_int display; -{ - struct nfsstats nfsstats; - - readstats(&nfsstats); - - if (display & SHOW_CLIENT) { - printf("Client Info:\n"); - printf("Rpc Counts:\n"); - printf("%9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s\n", - "Getattr", "Setattr", "Lookup", "Readlink", "Read", - "Write", "Create", "Remove"); - printf("%9d %9d %9d %9d %9d %9d %9d %9d\n", - nfsstats.rpccnt[NFSPROC_GETATTR], - nfsstats.rpccnt[NFSPROC_SETATTR], - nfsstats.rpccnt[NFSPROC_LOOKUP], - nfsstats.rpccnt[NFSPROC_READLINK], - nfsstats.rpccnt[NFSPROC_READ], - nfsstats.rpccnt[NFSPROC_WRITE], - nfsstats.rpccnt[NFSPROC_CREATE], - nfsstats.rpccnt[NFSPROC_REMOVE]); - printf("%9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s\n", - "Rename", "Link", "Symlink", "Mkdir", "Rmdir", - "Readdir", "RdirPlus", "Access"); - printf("%9d %9d %9d %9d %9d %9d %9d %9d\n", - nfsstats.rpccnt[NFSPROC_RENAME], - nfsstats.rpccnt[NFSPROC_LINK], - nfsstats.rpccnt[NFSPROC_SYMLINK], - nfsstats.rpccnt[NFSPROC_MKDIR], - nfsstats.rpccnt[NFSPROC_RMDIR], - nfsstats.rpccnt[NFSPROC_READDIR], - nfsstats.rpccnt[NFSPROC_READDIRPLUS], - nfsstats.rpccnt[NFSPROC_ACCESS]); - printf("%9.9s %9.9s %9.9s %9.9s %9.9s\n", - "Mknod", "Fsstat", "Fsinfo", "PathConf", "Commit"); - printf("%9d %9d %9d %9d %9d\n", - nfsstats.rpccnt[NFSPROC_MKNOD], - nfsstats.rpccnt[NFSPROC_FSSTAT], - nfsstats.rpccnt[NFSPROC_FSINFO], - nfsstats.rpccnt[NFSPROC_PATHCONF], - nfsstats.rpccnt[NFSPROC_COMMIT]); - printf("Rpc Info:\n"); - printf("%9.9s %9.9s %9.9s %9.9s %9.9s\n", - "TimedOut", "Invalid", "X Replies", "Retries", "Requests"); - printf("%9d %9d %9d %9d %9d\n", - nfsstats.rpctimeouts, - nfsstats.rpcinvalid, - nfsstats.rpcunexpected, - nfsstats.rpcretries, - nfsstats.rpcrequests); - printf("Cache Info:\n"); - printf("%9.9s %9.9s %9.9s %9.9s", - "Attr Hits", "Misses", "Lkup Hits", "Misses"); - printf(" %9.9s %9.9s %9.9s %9.9s\n", - "BioR Hits", "Misses", "BioW Hits", "Misses"); - printf("%9d %9d %9d %9d", - nfsstats.attrcache_hits, nfsstats.attrcache_misses, - nfsstats.lookupcache_hits, nfsstats.lookupcache_misses); - printf(" %9d %9d %9d %9d\n", - nfsstats.biocache_reads-nfsstats.read_bios, - nfsstats.read_bios, - nfsstats.biocache_writes-nfsstats.write_bios, - nfsstats.write_bios); - printf("%9.9s %9.9s %9.9s %9.9s", - "BioRLHits", "Misses", "BioD Hits", "Misses"); - printf(" %9.9s %9.9s\n", "DirE Hits", "Misses"); - printf("%9d %9d %9d %9d", - nfsstats.biocache_readlinks-nfsstats.readlink_bios, - nfsstats.readlink_bios, - nfsstats.biocache_readdirs-nfsstats.readdir_bios, - nfsstats.readdir_bios); - printf(" %9d %9d\n", - nfsstats.direofcache_hits, nfsstats.direofcache_misses); - } - if (display & SHOW_SERVER) { - printf("\nServer Info:\n"); - printf("%9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s\n", - "Getattr", "Setattr", "Lookup", "Readlink", "Read", - "Write", "Create", "Remove"); - printf("%9d %9d %9d %9d %9d %9d %9d %9d\n", - nfsstats.srvrpccnt[NFSPROC_GETATTR], - nfsstats.srvrpccnt[NFSPROC_SETATTR], - nfsstats.srvrpccnt[NFSPROC_LOOKUP], - nfsstats.srvrpccnt[NFSPROC_READLINK], - nfsstats.srvrpccnt[NFSPROC_READ], - nfsstats.srvrpccnt[NFSPROC_WRITE], - nfsstats.srvrpccnt[NFSPROC_CREATE], - nfsstats.srvrpccnt[NFSPROC_REMOVE]); - printf("%9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s %9.9s\n", - "Rename", "Link", "Symlink", "Mkdir", "Rmdir", - "Readdir", "RdirPlus", "Access"); - printf("%9d %9d %9d %9d %9d %9d %9d %9d\n", - nfsstats.srvrpccnt[NFSPROC_RENAME], - nfsstats.srvrpccnt[NFSPROC_LINK], - nfsstats.srvrpccnt[NFSPROC_SYMLINK], - nfsstats.srvrpccnt[NFSPROC_MKDIR], - nfsstats.srvrpccnt[NFSPROC_RMDIR], - nfsstats.srvrpccnt[NFSPROC_READDIR], - nfsstats.srvrpccnt[NFSPROC_READDIRPLUS], - nfsstats.srvrpccnt[NFSPROC_ACCESS]); - printf("%9.9s %9.9s %9.9s %9.9s %9.9s\n", - "Mknod", "Fsstat", "Fsinfo", "PathConf", "Commit"); - printf("%9d %9d %9d %9d %9d\n", - nfsstats.srvrpccnt[NFSPROC_MKNOD], - nfsstats.srvrpccnt[NFSPROC_FSSTAT], - nfsstats.srvrpccnt[NFSPROC_FSINFO], - nfsstats.srvrpccnt[NFSPROC_PATHCONF], - nfsstats.srvrpccnt[NFSPROC_COMMIT]); - printf("Server Ret-Failed\n"); - printf("%17d\n", nfsstats.srvrpc_errs); - printf("Server Faults\n"); - printf("%13d\n", nfsstats.srv_errs); - printf("Server Cache Stats:\n"); - printf("%9.9s %9.9s %9.9s %9.9s\n", - "Inprog", "Idem", "Non-idem", "Misses"); - printf("%9d %9d %9d %9d\n", - nfsstats.srvcache_inproghits, - nfsstats.srvcache_idemdonehits, - nfsstats.srvcache_nonidemdonehits, - nfsstats.srvcache_misses); - printf("Server Write Gathering:\n"); - printf("%9.9s %9.9s %9.9s\n", - "WriteOps", "WriteRPC", "Opsaved"); - printf("%9d %9d %9d\n", - nfsstats.srvvop_writes, - nfsstats.srvrpccnt[NFSPROC_WRITE], - nfsstats.srvrpccnt[NFSPROC_WRITE] - nfsstats.srvvop_writes); - } -} - -u_char signalled; /* set if alarm goes off "early" */ - -/* - * Print a running summary of nfs statistics. - * Repeat display every interval seconds, showing statistics - * collected over that interval. Assumes that interval is non-zero. - * First line printed at top of screen is always cumulative. - */ -void -sidewaysintpr(interval, off, display) - u_int interval; - u_long off; - u_int display; -{ - struct nfsstats nfsstats, lastst; - int hdrcnt, oldmask; - void catchalarm(); - - (void)signal(SIGALRM, catchalarm); - signalled = 0; - (void)alarm(interval); - bzero((caddr_t)&lastst, sizeof(lastst)); - - for (hdrcnt = 1;;) { - if (!--hdrcnt) { - printhdr(); - hdrcnt = 20; - } - readstats(&nfsstats); - if (display & SHOW_CLIENT) - printf("Client: %8d %8d %8d %8d %8d %8d %8d %8d\n", - nfsstats.rpccnt[NFSPROC_GETATTR]-lastst.rpccnt[NFSPROC_GETATTR], - nfsstats.rpccnt[NFSPROC_LOOKUP]-lastst.rpccnt[NFSPROC_LOOKUP], - nfsstats.rpccnt[NFSPROC_READLINK]-lastst.rpccnt[NFSPROC_READLINK], - nfsstats.rpccnt[NFSPROC_READ]-lastst.rpccnt[NFSPROC_READ], - nfsstats.rpccnt[NFSPROC_WRITE]-lastst.rpccnt[NFSPROC_WRITE], - nfsstats.rpccnt[NFSPROC_RENAME]-lastst.rpccnt[NFSPROC_RENAME], - nfsstats.rpccnt[NFSPROC_ACCESS]-lastst.rpccnt[NFSPROC_ACCESS], - (nfsstats.rpccnt[NFSPROC_READDIR]-lastst.rpccnt[NFSPROC_READDIR]) - +(nfsstats.rpccnt[NFSPROC_READDIRPLUS]-lastst.rpccnt[NFSPROC_READDIRPLUS])); - if (display & SHOW_SERVER) - printf("Server: %8d %8d %8d %8d %8d %8d %8d %8d\n", - nfsstats.srvrpccnt[NFSPROC_GETATTR]-lastst.srvrpccnt[NFSPROC_GETATTR], - nfsstats.srvrpccnt[NFSPROC_LOOKUP]-lastst.srvrpccnt[NFSPROC_LOOKUP], - nfsstats.srvrpccnt[NFSPROC_READLINK]-lastst.srvrpccnt[NFSPROC_READLINK], - nfsstats.srvrpccnt[NFSPROC_READ]-lastst.srvrpccnt[NFSPROC_READ], - nfsstats.srvrpccnt[NFSPROC_WRITE]-lastst.srvrpccnt[NFSPROC_WRITE], - nfsstats.srvrpccnt[NFSPROC_RENAME]-lastst.srvrpccnt[NFSPROC_RENAME], - nfsstats.srvrpccnt[NFSPROC_ACCESS]-lastst.srvrpccnt[NFSPROC_ACCESS], - (nfsstats.srvrpccnt[NFSPROC_READDIR]-lastst.srvrpccnt[NFSPROC_READDIR]) - +(nfsstats.srvrpccnt[NFSPROC_READDIRPLUS]-lastst.srvrpccnt[NFSPROC_READDIRPLUS])); - lastst = nfsstats; - fflush(stdout); - oldmask = sigblock(sigmask(SIGALRM)); - if (!signalled) - sigpause(0); - sigsetmask(oldmask); - signalled = 0; - (void)alarm(interval); - } - /*NOTREACHED*/ -} - -void -printhdr() -{ - printf(" %8.8s %8.8s %8.8s %8.8s %8.8s %8.8s %8.8s %8.8s\n", - "Getattr", "Lookup", "Readlink", "Read", "Write", "Rename", - "Access", "Readdir"); - fflush(stdout); -} - -/* - * Called if an interval expires before sidewaysintpr has completed a loop. - * Sets a flag to not wait for the alarm. - */ -void -catchalarm() -{ - signalled = 1; -} - -void -usage() -{ - (void)fprintf(stderr, - "usage: nfsstat [-cs] [-M core] [-N system] [-w interval]\n"); - exit(1); -} diff --git a/ping.tproj/Makefile.preamble b/ping.tproj/Makefile.preamble index dc05194..d5547d0 100644 --- a/ping.tproj/Makefile.preamble +++ b/ping.tproj/Makefile.preamble @@ -1,2 +1,3 @@ +OTHER_CFLAGS += -mdynamic-no-pic OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include diff --git a/ping6.tproj/Makefile.preamble b/ping6.tproj/Makefile.preamble index e3cfeab..ac598c3 100644 --- a/ping6.tproj/Makefile.preamble +++ b/ping6.tproj/Makefile.preamble @@ -1,4 +1,5 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include +OTHER_CFLAGS += -mdynamic-no-pic LOCAL_CFLAGS= -DINET6 -DIPSEC_DEBUG -DKAME_SCOPEID -DIPSEC AFTER_INSTALL += install-man-page diff --git a/ping6.tproj/ping6.c b/ping6.tproj/ping6.c index e1a225e..9cffa27 100644 --- a/ping6.tproj/ping6.c +++ b/ping6.tproj/ping6.c @@ -67,8 +67,9 @@ * SUCH DAMAGE. */ +#include #ifndef lint -static char copyright[] = +__unused static char copyright[] = "@(#) Copyright (c) 1989, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ @@ -77,7 +78,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; #endif -static const char rcsid[] = +__unused static const char rcsid[] = "$FreeBSD: src/sbin/ping6/ping6.c,v 1.4.2.6 2001/07/06 08:56:47 ume Exp $"; #endif /* not lint */ @@ -104,8 +105,6 @@ static const char rcsid[] = * network attached to 1 or more interfaces) */ -#define BIND_8_COMPAT - #include #include #include @@ -889,7 +888,8 @@ main(argc, argv) /* * source selection */ - int dummy, len = sizeof(src); + int dummy; + socklen_t len = sizeof(src); if ((dummy = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) err(1, "UDP socket"); @@ -1321,7 +1321,7 @@ dnsdecode(sp, ep, base, buf, bufsiz) { int i; const u_char *cp; - char cresult[MAXDNAME + 1]; + char cresult[NS_MAXDNAME + 1]; const u_char *comp; int l; @@ -1333,7 +1333,7 @@ dnsdecode(sp, ep, base, buf, bufsiz) while (cp < ep) { i = *cp; if (i == 0 || cp != *sp) { - if (strlcat(buf, ".", bufsiz) >= bufsiz) + if (strlcat((char *)buf, ".", bufsiz) >= bufsiz) return NULL; /*result overrun*/ } if (i == 0) @@ -1346,10 +1346,10 @@ dnsdecode(sp, ep, base, buf, bufsiz) return NULL; comp = base + (i & 0x3f); - if (dnsdecode(&comp, cp, base, cresult, + if (dnsdecode(&comp, cp, base, (u_char *)cresult, sizeof(cresult)) == NULL) return NULL; - if (strlcat(buf, cresult, bufsiz) >= bufsiz) + if (strlcat((char *)buf, cresult, bufsiz) >= bufsiz) return NULL; /*result overrun*/ break; } else if ((i & 0x3f) == i) { @@ -1360,7 +1360,7 @@ dnsdecode(sp, ep, base, buf, bufsiz) isprint(*cp) ? "%c" : "\\%03o", *cp & 0xff); if (l >= sizeof(cresult)) return NULL; - if (strlcat(buf, cresult, bufsiz) >= bufsiz) + if (strlcat((char *)buf, cresult, bufsiz) >= bufsiz) return NULL; /*result overrun*/ cp++; } @@ -1371,7 +1371,7 @@ dnsdecode(sp, ep, base, buf, bufsiz) return NULL; /*not terminated*/ cp++; *sp = cp; - return buf; + return (char *)buf; } /* @@ -1402,7 +1402,7 @@ pr_pack(buf, cc, mhdr) size_t off; int oldfqdn; u_int16_t seq; - char dnsname[MAXDNAME + 1]; + char dnsname[NS_MAXDNAME + 1]; (void)gettimeofday(&tv, NULL); @@ -1558,7 +1558,7 @@ pr_pack(buf, cc, mhdr) i = 0; while (cp < end) { if (dnsdecode((const u_char **)&cp, end, - (const u_char *)(ni + 1), dnsname, + (const u_char *)(ni + 1), (u_char *)dnsname, sizeof(dnsname)) == NULL) { printf("???"); break; @@ -1949,7 +1949,7 @@ pr_nodeaddr(ni, nilen) if (nilen % (sizeof(u_int32_t) + sizeof(struct in6_addr)) == 0) withttl = 1; while (nilen > 0) { - u_int32_t ttl; + u_int32_t ttl = 0; if (withttl) { /* XXX: alignment? */ @@ -2230,7 +2230,7 @@ pr_icmph(icp, end) char ntop_buf[INET6_ADDRSTRLEN]; struct nd_redirect *red; struct icmp6_nodeinfo *ni; - char dnsname[MAXDNAME + 1]; + char dnsname[NS_MAXDNAME + 1]; const u_char *cp; size_t l; @@ -2392,7 +2392,7 @@ pr_icmph(icp, end) } printf(", subject=%s", niqcode[ni->ni_code]); cp = (const u_char *)(ni + 1); - if (dnsdecode(&cp, end, NULL, dnsname, + if (dnsdecode(&cp, end, NULL, (u_char *)dnsname, sizeof(dnsname)) != NULL) printf("(%s)", dnsname); else @@ -2670,7 +2670,7 @@ nigroup(name) strncpy(hbuf, name, l); hbuf[(int)l] = '\0'; - for (q = name; *q; q++) { + for (q = (unsigned char *)name; *q; q++) { if (isupper(*q)) *q = tolower(*q); } @@ -2680,7 +2680,7 @@ nigroup(name) MD5Init(&ctxt); c = l & 0xff; MD5Update(&ctxt, &c, sizeof(c)); - MD5Update(&ctxt, name, l); + MD5Update(&ctxt, (unsigned char *)name, l); MD5Final(digest, &ctxt); if (inet_pton(AF_INET6, "ff02::2:0000:0000", &in6) != 1) diff --git a/racoon.tproj/Makefile b/racoon.tproj/Makefile deleted file mode 100644 index 1e6a158..0000000 --- a/racoon.tproj/Makefile +++ /dev/null @@ -1,75 +0,0 @@ -# -# Generated by the Apple Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = racoon - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = admin.h algorithm.h arc4random.h backupsa.h crypto_openssl.h dnssec.h\ - grabmyaddr.h gssapi.h handler.h ipsec_doi.h isakmp_agg.h\ - isakmp_base.h isakmp_ident.h isakmp_inf.h isakmp_newg.h\ - isakmp_quick.h isakmp.h localconf.h logger.h misc.h oakley.h\ - pfkey.h plog.h policy.h proposal.h remoteconf.h\ - rijndael-alg-fst.h rijndael-api-fst.h safefile.h sainfo.h\ - schedule.h session.h sha2.h sockmisc.h str2val.h strnames.h\ - vendorid.h vmbuf.h admin_var.h cftoken.h debug.h dhgroup.h\ - gcmalloc.h isakmp_var.h libpfkey.h netdb_dnssec.h\ - rijndael_local.h rijndael.h var.h isakmp_natd.h crypto_cssm.h\ - open_dir.h - -OTHERLINKED = cfparse.y cftoken.l - -CFILES = admin.c algorithm.c backupsa.c crypto_openssl.c dnssec.c\ - getcertsbyname.c grabmyaddr.c gssapi.c handler.c ipsec_doi.c\ - isakmp.c isakmp_agg.c isakmp_base.c isakmp_ident.c\ - isakmp_inf.c isakmp_newg.c isakmp_quick.c key_debug.c\ - localconf.c logger.c main.c misc.c oakley.c pfkey.c\ - pfkey2.c pfkey_dump.c plog.c policy.c proposal.c\ - remoteconf.c rijndael-alg-fst.c rijndael-api-fst.c safefile.c\ - sainfo.c schedule.c session.c sha2.c sockmisc.c str2val.c\ - strnames.c vendorid.c vmbuf.c isakmp_natd.c crypto_cssm.c\ - open_dir.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble boxes-fst.dat\ - psk.txt racoon.8 racoon.conf anonymous.conf racoon.conf.5 - -OTHERLINKEDOFILES = cfparse.o cftoken.o - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -WINDOWS_INSTALLDIR = /Library/Executables -PDO_UNIX_INSTALLDIR = /bin -LIBS = -lcrypto -lipsec -lssl -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - -HEADER_PATHS =\ - -I$(NEXT_ROOT)$(SYSTEM_LIBRARY_DIR)/Frameworks/System.framework/PrivateHeaders/ -FRAMEWORKS = -framework CoreFoundation -framework Security -framework DirectoryService - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(JDKBINDIR)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/racoon.tproj/Makefile.postamble b/racoon.tproj/Makefile.postamble deleted file mode 100644 index f29e360..0000000 --- a/racoon.tproj/Makefile.postamble +++ /dev/null @@ -1,112 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGES: langages in which the project is written (default "English") -# English_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -install-man-page: - install -d $(DSTROOT)/usr/share/man/man8 - install -d $(DSTROOT)/usr/share/man/man5 - install -c -m 644 racoon.8 $(DSTROOT)/usr/share/man/man8/racoon.8 - install -c -m 644 racoon.conf.5 $(DSTROOT)/usr/share/man/man5/racoon.conf.5 - -install-config-files: - install -d $(DSTROOT)/private/etc/racoon - install -d $(DSTROOT)/private/etc/racoon/remote - install -c -m 644 racoon.conf $(DSTROOT)/private/etc/racoon/racoon.conf - install -c -m 600 anonymous.conf $(DSTROOT)/private/etc/racoon/remote/anonymous.conf - install -c -m 600 psk.txt $(DSTROOT)/private/etc/racoon/psk.txt diff --git a/racoon.tproj/Makefile.preamble b/racoon.tproj/Makefile.preamble deleted file mode 100644 index 327db3d..0000000 --- a/racoon.tproj/Makefile.preamble +++ /dev/null @@ -1,150 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex -LOCAL_CFLAGS=-DHAVE_FUNCTION_MACRO=1 -DENABLE_IPV6=1 -DADVAPI=1 -DHAVE_GETADDRINFO=1 \ --DHAVE_GETNAMEINFO=1 -DHAVE_LIBSSL=1 -DHAVE_LIBCRYPTO=1 -DHAVE_LIBL=1 -DHAVE_LIBY=1 \ --DSTDC_HEADERS=1 -DHAVE_SYS_WAIT_H=1 -DHAVE_LIMITS_H=1 -DHAVE_SYS_TIME_H=1 -DHAVE_UNISTD_H=1 \ --DHAVE_STDARG_H=1 -DHAVE_VARARGS_H=1 -DHAVE_OPENSSL_RSA_H=1 -DHAVE_OPENSSL_PEM_H=1 \ --DHAVE_OPENSSL_EVP_H=1 -DHAVE_OPENSSL_X509_H=1 -DHAVE_SIGNING_C=1 -DHAVE_OPENSSL_OPENSSLV_H=1 \ --DTIME_WITH_SYS_TIME=1 -DRETSIGTYPE=void -DHAVE_VPRINTF=1 -DHAVE_GETTIMEOFDAY=1 -DHAVE_SELECT=1 \ --DHAVE_SOCKET=1 -DHAVE_STRERROR=1 -DHAVE_STRTOL=1 -DHAVE_STRTOUL=1 -DHAVE_STRDUP=1 \ --DHAVE_GETIFADDRS=1 -DINET6 -DHAVE_PFKEYV2 -O -DYIPS_DEBUG -DIPSEC -Dss_family=__ss_family \ --Dss_len=__ss_len -DSYSCONFDIR=\"/etc/racoon\" -DYY_NO_UNPUT -DIKE_NAT_T -I../ipsec - -LOCAL_YFLAGS= -d - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. For library projects you should -# set this to something like /Developer/Headers/$(NAME). Do not set -# this variable for framework projects unless you do not want the -# header files included in the framework. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. This defaults to -# DYNAMIC. -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSIONS: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' -OTHER_LIBS = -lfl - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -# Uncomment to suppress generation of a KeyValueCoding index when installing -# frameworks (This index is used by WOB and IB to determine keys available -# for an object). Set to YES by default. -# PREINDEX_FRAMEWORK = NO - -# Change this definition to install projects somewhere other than the -# standard locations. NEXT_ROOT defaults to "C:/Apple" on Windows systems -# and "" on other systems. -DSTROOT = $(HOME) -AFTER_INSTALL += install-man-page install-config-files diff --git a/racoon.tproj/PB.project b/racoon.tproj/PB.project deleted file mode 100644 index 488b851..0000000 --- a/racoon.tproj/PB.project +++ /dev/null @@ -1,137 +0,0 @@ -{ - "DYNAMIC_CODE_GEN" = YES; - FILESTABLE = { - FRAMEWORKS = (); - "H_FILES" = ( - "admin.h", - "algorithm.h", - "backupsa.h", - "crypto_openssl.h", - "dnssec.h", - "grabmyaddr.h", - "gssapi.h", - "handler.h", - "ipsec_doi.h", - "isakmp_agg.h", - "isakmp_base.h", - "isakmp_ident.h", - "isakmp_inf.h", - "isakmp_newg.h", - "isakmp_quick.h", - "isakmp.h", - "localconf.h", - "logger.h", - "misc.h", - "oakley.h", - "pfkey.h", - "plog.h", - "policy.h", - "proposal.h", - "remoteconf.h", - "rijndael-alg-fst.h", - "rijndael-api-fst.h", - "safefile.h", - "sainfo.h", - "schedule.h", - "session.h", - "sha2.h", - "sockmisc.h", - "str2val.h", - "strnames.h", - "vendorid.h", - "vmbuf.h", - "admin_var.h", - "cftoken.h", - "debug.h", - "dhgroup.h", - "gcmalloc.h", - "isakmp_var.h", - "libpfkey.h", - "netdb_dnssec.h", - "rijndael_local.h", - "rijndael.h", - "var.h", - "isakmp_natd.h", - "crypto_cssm.h", - "open_dir.h" - ); - "OTHER_LIBS" = (crypto, ipsec, ssl); - "OTHER_LINKED" = ( - "admin.c", - "algorithm.c", - "backupsa.c", - "cfparse.y", - "cftoken.l", - "crypto_openssl.c", - "dnssec.c", - "getcertsbyname.c", - "grabmyaddr.c", - "gssapi.c", - "handler.c", - "ipsec_doi.c", - "isakmp.c", - "isakmp_agg.c", - "isakmp_base.c", - "isakmp_ident.c", - "isakmp_inf.c", - "isakmp_newg.c", - "isakmp_quick.c", - "key_debug.c", - "localconf.c", - "logger.c", - "main.c", - "misc.c", - "oakley.c", - "pfkey.c", - "pfkey2.c", - "pfkey_dump.c", - "plog.c", - "policy.c", - "proposal.c", - "remoteconf.c", - "rijndael-alg-fst.c", - "rijndael-api-fst.c", - "safefile.c", - "sainfo.c", - "schedule.c", - "session.c", - "sha2.c", - "sockmisc.c", - "str2val.c", - "strnames.c", - "vendorid.c", - "vmbuf.c", - "isakmp_natd.c", - "crypto_cssm.c", - "open_dir.c" - ); - "OTHER_SOURCES" = ( - "Makefile.preamble", - Makefile, - "Makefile.postamble", - "boxes-fst.dat", - "psk.txt", - "racoon.8", - "racoon.conf", - "anonymous.conf", - "racoon.conf.5" - ); - }; - LANGUAGE = English; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - "NEXTSTEP_BUILDTOOL" = "/bin/gnumake"; - "NEXTSTEP_INSTALLDIR" = "/usr/sbin"; - "NEXTSTEP_JAVA_COMPILER" = "/usr/bin/javac"; - "NEXTSTEP_OBJCPLUS_COMPILER" = "/usr/bin/cc"; - "PDO_UNIX_BUILDTOOL" = "$NEXT_ROOT/Developer/bin/make"; - "PDO_UNIX_INSTALLDIR" = "/bin"; - "PDO_UNIX_JAVA_COMPILER" = "$(JDKBINDIR)/javac"; - "PDO_UNIX_OBJCPLUS_COMPILER" = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = racoon; - PROJECTTYPE = Tool; - PROJECTVERSION = "2.8"; - "WINDOWS_BUILDTOOL" = "$NEXT_ROOT/Developer/Executables/make"; - "WINDOWS_INSTALLDIR" = "/Library/Executables"; - "WINDOWS_JAVA_COMPILER" = "$(JDKBINDIR)/javac.exe"; - "WINDOWS_OBJCPLUS_COMPILER" = "$(DEVDIR)/gcc"; -} diff --git a/racoon.tproj/admin.c b/racoon.tproj/admin.c deleted file mode 100644 index bcbba55..0000000 --- a/racoon.tproj/admin.c +++ /dev/null @@ -1,486 +0,0 @@ -/* $KAME: admin.c,v 1.23 2001/06/01 10:12:55 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include - -#include -#include - -#include - -#include -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "debug.h" - -#include "schedule.h" -#include "localconf.h" -#include "remoteconf.h" -#include "grabmyaddr.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "oakley.h" -#include "handler.h" -#include "pfkey.h" -#include "admin.h" -#include "admin_var.h" -#include "session.h" -#include "gcmalloc.h" - -static struct sockaddr_un sunaddr; -static int admin_process __P((int, char *)); -static int admin_reply __P((int, struct admin_com *, vchar_t *)); - -int -admin_handler() -{ - int so2; - struct sockaddr_storage from; - int fromlen = sizeof(from); - struct admin_com com; - char *combuf = NULL; - pid_t pid = -1; - int len, error = -1; - - so2 = accept(lcconf->sock_admin, (struct sockaddr *)&from, &fromlen); - if (so2 < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to accept admin command: %s\n", - strerror(errno)); - return -1; - } - - /* get buffer length */ - while ((len = recv(so2, (char *)&com, sizeof(com), MSG_PEEK)) < 0) { - if (errno == EINTR) - continue; - plog(LLV_ERROR, LOCATION, NULL, - "failed to recv admin command: %s\n", - strerror(errno)); - goto end; - } - - /* sanity check */ - if (len < sizeof(com)) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid header length of admin command\n"); - goto end; - } - - /* get buffer to receive */ - if ((combuf = racoon_malloc(com.ac_len)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to alloc buffer for admin command\n"); - goto end; - } - - /* get real data */ - while ((len = recv(so2, combuf, com.ac_len, 0)) < 0) { - if (errno == EINTR) - continue; - plog(LLV_ERROR, LOCATION, NULL, - "failed to recv admin command: %s\n", - strerror(errno)); - goto end; - } - - /* don't fork() because of reloading config. */ - if (com.ac_cmd == ADMIN_RELOAD_CONF) { - /* reload does not work at all! */ - signal_handler(SIGHUP); - goto end; - } - - /* fork for processing */ - if (!f_foreground) { - if ((pid = fork()) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to fork for admin processing: %s\n", - strerror(errno)); - goto end; - } - - /* parant's process. */ - if (pid != 0) { - error = 0; - goto end; - } - - /* child's process */ - admin_close(); - } - - /* exit in this function. */ - error = admin_process(so2, combuf); - - end: - (void)close(so2); - if (combuf) - racoon_free(combuf); - - /* exit if child's process. */ - if (pid == 0 && !f_foreground) - exit(error); - - return error; -} - -/* - * main child's process. - */ -static int -admin_process(so2, combuf) - int so2; - char *combuf; -{ - struct admin_com *com = (struct admin_com *)combuf; - vchar_t *buf = NULL; - int error = 0; - - com->ac_errno = 0; - - switch (com->ac_cmd) { - case ADMIN_RELOAD_CONF: - /* don't entered because of proccessing it in other place. */ - plog(LLV_ERROR, LOCATION, NULL, "should never reach here\n"); - goto bad; - - case ADMIN_SHOW_SCHED: - { - caddr_t p; - int len; - if (sched_dump(&p, &len) == -1) - com->ac_errno = -1; - buf = vmalloc(len); - if (buf == NULL) - com->ac_errno = -1; - memcpy(buf->v, p, len); - } - break; - case ADMIN_SHOW_SA: - case ADMIN_FLUSH_SA: - { - switch (com->ac_proto) { - case ADMIN_PROTO_ISAKMP: - switch (com->ac_cmd) { - case ADMIN_SHOW_SA: - buf = dumpph1(); - if (buf == NULL) - com->ac_errno = -1; - break; - case ADMIN_FLUSH_SA: - flushph1(); - break; - } - break; - case ADMIN_PROTO_IPSEC: - case ADMIN_PROTO_AH: - case ADMIN_PROTO_ESP: - switch (com->ac_cmd) { - case ADMIN_SHOW_SA: - { - u_int p; - p = admin2pfkey_proto(com->ac_proto); - if (p == -1) - goto bad; - buf = pfkey_dump_sadb(p); - if (buf == NULL) - com->ac_errno = -1; - } - break; - case ADMIN_FLUSH_SA: - pfkey_flush_sadb(com->ac_proto); - break; - } - break; - - case ADMIN_PROTO_INTERNAL: - switch (com->ac_cmd) { - case ADMIN_SHOW_SA: - buf = NULL; /*XXX dumpph2(&error);*/ - if (buf == NULL) - com->ac_errno = error; - break; - case ADMIN_FLUSH_SA: - /*XXX flushph2();*/ - com->ac_errno = 0; - break; - } - break; - - default: - /* ignore */ - com->ac_errno = -1; - } - } - break; - - case ADMIN_DELETE_SA: - break; - - case ADMIN_ESTABLISH_SA: - { - struct sockaddr *dst; - struct sockaddr *src; - src = (struct sockaddr *) - &((struct admin_com_indexes *) - ((caddr_t)com + sizeof(*com)))->src; - dst = (struct sockaddr *) - &((struct admin_com_indexes *) - ((caddr_t)com + sizeof(*com)))->dst; - - switch (com->ac_proto) { - case ADMIN_PROTO_ISAKMP: - { - struct remoteconf *rmconf; - struct sockaddr *remote; - struct sockaddr *local; - - /* search appropreate configuration */ - rmconf = getrmconf(dst); - if (rmconf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no configuration found " - "for %s\n", saddrwop2str(dst)); - com->ac_errno = -1; - break; - } - - /* get remote IP address and port number. */ - remote = dupsaddr(dst); - if (remote == NULL) { - com->ac_errno = -1; - break; - } - switch (remote->sa_family) { - case AF_INET: - ((struct sockaddr_in *)remote)->sin_port = - ((struct sockaddr_in *)rmconf->remote)->sin_port; - break; -#ifdef INET6 - case AF_INET6: - ((struct sockaddr_in6 *)remote)->sin6_port = - ((struct sockaddr_in6 *)rmconf->remote)->sin6_port; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", - remote->sa_family); - com->ac_errno = -1; - break; - } - - /* get local address */ - local = dupsaddr(src); - if (local == NULL) { - com->ac_errno = -1; - break; - } - switch (local->sa_family) { - case AF_INET: - ((struct sockaddr_in *)local)->sin_port = - getmyaddrsport(local); - break; -#ifdef INET6 - case AF_INET6: - ((struct sockaddr_in6 *)local)->sin6_port = - getmyaddrsport(local); - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", - local->sa_family); - com->ac_errno = -1; - break; - } - - - plog(LLV_INFO, LOCATION, NULL, - "accept a request to establish IKE-SA: " - "%s\n", saddrwop2str(remote)); - - /* begin ident mode */ - if (isakmp_ph1begin_i(rmconf, remote) < 0) { - com->ac_errno = -1; - break; - } - } - break; - case ADMIN_PROTO_AH: - case ADMIN_PROTO_ESP: - break; - default: - /* ignore */ - com->ac_errno = -1; - } - } - break; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid command: %d\n", com->ac_cmd); - com->ac_errno = -1; - } - - if (admin_reply(so2, com, buf) < 0) - goto bad; - - if (buf != NULL) - vfree(buf); - - return 0; - - bad: - if (buf != NULL) - vfree(buf); - return -1; -} - -static int -admin_reply(so, combuf, buf) - int so; - struct admin_com *combuf; - vchar_t *buf; -{ - int tlen; - char *retbuf = NULL; - - if (buf != NULL) - tlen = sizeof(*combuf) + buf->l; - else - tlen = sizeof(*combuf); - - retbuf = racoon_calloc(1, tlen); - if (retbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate admin buffer\n"); - return -1; - } - - memcpy(retbuf, combuf, sizeof(*combuf)); - ((struct admin_com *)retbuf)->ac_len = tlen; - - if (buf != NULL) - memcpy(retbuf + sizeof(*combuf), buf->v, buf->l); - - tlen = send(so, retbuf, tlen, 0); - racoon_free(retbuf); - if (tlen < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to send admin command: %s\n", - strerror(errno)); - return -1; - } - - return 0; -} - -/* ADMIN_PROTO -> SADB_SATYPE */ -int -admin2pfkey_proto(proto) - u_int proto; -{ - switch (proto) { - case ADMIN_PROTO_IPSEC: - return SADB_SATYPE_UNSPEC; - case ADMIN_PROTO_AH: - return SADB_SATYPE_AH; - case ADMIN_PROTO_ESP: - return SADB_SATYPE_ESP; - default: - plog(LLV_ERROR, LOCATION, NULL, - "unsupported proto for admin: %d\n", proto); - return -1; - } - /*NOTREACHED*/ -} - -int -admin_init() -{ - memset(&sunaddr, 0, sizeof(sunaddr)); - sunaddr.sun_family = AF_UNIX; - snprintf(sunaddr.sun_path, sizeof(sunaddr.sun_path), - "%s", PORT_ADMIN); - - lcconf->sock_admin = socket(AF_UNIX, SOCK_STREAM, 0); - if (lcconf->sock_admin < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "socket: %s\n", strerror(errno)); - return -1; - } - - if (bind(lcconf->sock_admin, (struct sockaddr *)&sunaddr, - sizeof(sunaddr)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "bind(sockname:%s): %s\n", - sunaddr.sun_path, strerror(errno)); - (void)close(lcconf->sock_admin); - return -1; - } - - if (listen(lcconf->sock_admin, 5) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "listen(sockname:%s): %s\n", - sunaddr.sun_path, strerror(errno)); - (void)close(lcconf->sock_admin); - return -1; - } - plog(LLV_DEBUG, LOCATION, NULL, - "open %s as racoon management.\n", sunaddr.sun_path); - - return 0; -} - -int -admin_close() -{ - close(lcconf->sock_admin); - unlink(sunaddr.sun_path); - return 0; -} diff --git a/racoon.tproj/admin.h b/racoon.tproj/admin.h deleted file mode 100644 index bf2d68d..0000000 --- a/racoon.tproj/admin.h +++ /dev/null @@ -1,85 +0,0 @@ -/* $KAME: admin.h,v 1.8 2000/10/04 17:40:58 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ADMIN_H__ -#define __ADMIN_H__ - - -/* command for administration. */ -/* NOTE: host byte order. */ -struct admin_com { - u_int16_t ac_len; /* total packet length including data */ - u_int16_t ac_cmd; - int16_t ac_errno; - u_int16_t ac_proto; -}; - -/* - * No data follows as the data. - * These don't use proto field. - */ -#define ADMIN_RELOAD_CONF 0x0001 -#define ADMIN_SHOW_SCHED 0x0002 - -/* - * No data follows as the data. - * These use proto field. - */ -#define ADMIN_SHOW_SA 0x0101 -#define ADMIN_FLUSH_SA 0x0102 - -/* - * The admin_com_indexes follows, see below. - */ -#define ADMIN_DELETE_SA 0x0201 -#define ADMIN_ESTABLISH_SA 0x0202 - -/* the value of proto */ -#define ADMIN_PROTO_ISAKMP 0x01ff -#define ADMIN_PROTO_IPSEC 0x02ff -#define ADMIN_PROTO_AH 0x0201 -#define ADMIN_PROTO_ESP 0x0202 -#define ADMIN_PROTO_INTERNAL 0x0301 - -struct admin_com_indexes { - u_int8_t prefs; - u_int8_t prefd; - u_int8_t ul_proto; - u_int8_t reserved; - struct sockaddr_storage src; - struct sockaddr_storage dst; -}; - -extern int admin2pfkey_proto __P((u_int)); - - -#endif /* __ADMIN_H__ */ - diff --git a/racoon.tproj/admin_var.h b/racoon.tproj/admin_var.h deleted file mode 100644 index 724f15c..0000000 --- a/racoon.tproj/admin_var.h +++ /dev/null @@ -1,44 +0,0 @@ -/* $KAME: admin_var.h,v 1.4 2001/06/01 10:12:55 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ADMIN_VAR_H__ -#define __ADMIN_VAR_H__ - - -#define PORT_ADMIN "/tmp/.racoon" - -extern int admin_handler __P((void)); -extern int admin_init __P((void)); -extern int admin_close __P((void)); - - -#endif /*__ADMIN_VAR_H__ */ - diff --git a/racoon.tproj/algorithm.c b/racoon.tproj/algorithm.c deleted file mode 100644 index 0c05a5c..0000000 --- a/racoon.tproj/algorithm.c +++ /dev/null @@ -1,846 +0,0 @@ -/* $KAME: algorithm.c,v 1.25 2002/06/10 20:01:21 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "debug.h" - -#include "crypto_openssl.h" -#include "dhgroup.h" -#include "algorithm.h" -#include "oakley.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "ipsec_doi.h" -#include "gcmalloc.h" - -static struct hash_algorithm oakley_hashdef[] = { -{ "md5", algtype_md5, OAKLEY_ATTR_HASH_ALG_MD5, - eay_md5_init, eay_md5_update, - eay_md5_final, eay_md5_hashlen, - eay_md5_one, }, -{ "sha1", algtype_sha1, OAKLEY_ATTR_HASH_ALG_SHA, - eay_sha1_init, eay_sha1_update, - eay_sha1_final, eay_sha1_hashlen, - eay_sha1_one, }, -{ "sha2_256", algtype_sha2_256, OAKLEY_ATTR_HASH_ALG_SHA2_256, - eay_sha2_256_init, eay_sha2_256_update, - eay_sha2_256_final, eay_sha2_256_hashlen, - eay_sha2_256_one, }, -{ "sha2_384", algtype_sha2_384, OAKLEY_ATTR_HASH_ALG_SHA2_384, - eay_sha2_384_init, eay_sha2_384_update, - eay_sha2_384_final, eay_sha2_384_hashlen, - eay_sha2_384_one, }, -{ "sha2_512", algtype_sha2_512, OAKLEY_ATTR_HASH_ALG_SHA2_512, - eay_sha2_512_init, eay_sha2_512_update, - eay_sha2_512_final, eay_sha2_512_hashlen, - eay_sha2_512_one, }, -}; - -static struct hmac_algorithm oakley_hmacdef[] = { -{ "hmac_md5", algtype_md5, OAKLEY_ATTR_HASH_ALG_MD5, - eay_hmacmd5_init, eay_hmacmd5_update, - eay_hmacmd5_final, NULL, - eay_hmacmd5_one, }, -{ "hmac_sha1", algtype_sha1, OAKLEY_ATTR_HASH_ALG_SHA, - eay_hmacsha1_init, eay_hmacsha1_update, - eay_hmacsha1_final, NULL, - eay_hmacsha1_one, }, -{ "hmac_sha2_256", algtype_sha2_256, OAKLEY_ATTR_HASH_ALG_SHA2_256, - eay_hmacsha2_256_init, eay_hmacsha2_256_update, - eay_hmacsha2_256_final, NULL, - eay_hmacsha2_256_one, }, -{ "hmac_sha2_384", algtype_sha2_384, OAKLEY_ATTR_HASH_ALG_SHA2_384, - eay_hmacsha2_384_init, eay_hmacsha2_384_update, - eay_hmacsha2_384_final, NULL, - eay_hmacsha2_384_one, }, -{ "hmac_sha2_512", algtype_sha2_512, OAKLEY_ATTR_HASH_ALG_SHA2_512, - eay_hmacsha2_512_init, eay_hmacsha2_512_update, - eay_hmacsha2_512_final, NULL, - eay_hmacsha2_512_one, }, -}; - -static struct enc_algorithm oakley_encdef[] = { -{ "des", algtype_des, OAKLEY_ATTR_ENC_ALG_DES, 8, - eay_des_encrypt, eay_des_decrypt, - eay_des_weakkey, eay_des_keylen, }, -#ifdef HAVE_OPENSSL_IDEA_H -{ "idea", algtype_idea, OAKLEY_ATTR_ENC_ALG_IDEA, 8, - eay_idea_encrypt, eay_idea_decrypt, - eay_idea_weakkey, eay_idea_keylen, }, -#endif -{ "blowfish", algtype_blowfish, OAKLEY_ATTR_ENC_ALG_BLOWFISH, 8, - eay_bf_encrypt, eay_bf_decrypt, - eay_bf_weakkey, eay_bf_keylen, }, -#ifdef HAVE_OPENSSL_RC5_H -{ "rc5", algtype_rc5, OAKLEY_ATTR_ENC_ALG_RC5, 8, - eay_rc5_encrypt, eay_rc5_decrypt, - eay_rc5_weakkey, eay_rc5_keylen, }, -#endif -{ "3des", algtype_3des, OAKLEY_ATTR_ENC_ALG_3DES, 8, - eay_3des_encrypt, eay_3des_decrypt, - eay_3des_weakkey, eay_3des_keylen, }, -{ "cast", algtype_cast128, OAKLEY_ATTR_ENC_ALG_CAST, 8, - eay_cast_encrypt, eay_cast_decrypt, - eay_cast_weakkey, eay_cast_keylen, }, -{ "aes", algtype_rijndael, OAKLEY_ATTR_ENC_ALG_AES, 16, - eay_aes_encrypt, eay_aes_decrypt, - eay_aes_weakkey, eay_aes_keylen, }, -}; - -static struct enc_algorithm ipsec_encdef[] = { -{ "des-iv64", algtype_des_iv64, IPSECDOI_ESP_DES_IV64, 8, - NULL, NULL, - NULL, eay_des_keylen, }, -{ "des", algtype_des, IPSECDOI_ESP_DES, 8, - NULL, NULL, - NULL, eay_des_keylen, }, -{ "3des", algtype_3des, IPSECDOI_ESP_3DES, 8, - NULL, NULL, - NULL, eay_3des_keylen, }, -#ifdef HAVE_OPENSSL_RC5_H -{ "rc5", algtype_rc5, IPSECDOI_ESP_RC5, 8, - NULL, NULL, - NULL, eay_rc5_keylen, }, -#endif -{ "cast", algtype_cast128, IPSECDOI_ESP_CAST, 8, - NULL, NULL, - NULL, eay_cast_keylen, }, -{ "blowfish", algtype_blowfish, IPSECDOI_ESP_BLOWFISH, 8, - NULL, NULL, - NULL, eay_bf_keylen, }, -{ "des-iv32", algtype_des_iv32, IPSECDOI_ESP_DES_IV32, 8, - NULL, NULL, - NULL, eay_des_keylen, }, -{ "null", algtype_null_enc, IPSECDOI_ESP_NULL, 8, - NULL, NULL, - NULL, eay_null_keylen, }, -{ "rijndael", algtype_rijndael, IPSECDOI_ESP_RIJNDAEL, 16, - NULL, NULL, - NULL, eay_aes_keylen, }, -{ "twofish", algtype_twofish, IPSECDOI_ESP_TWOFISH, 16, - NULL, NULL, - NULL, eay_twofish_keylen, }, -#ifdef HAVE_OPENSSL_IDEA_H -{ "3idea", algtype_3idea, IPSECDOI_ESP_3IDEA, 8, - NULL, NULL, - NULL, NULL, }, -{ "idea", algtype_idea, IPSECDOI_ESP_IDEA, 8, - NULL, NULL, - NULL, NULL, }, -#endif -{ "rc4", algtype_rc4, IPSECDOI_ESP_RC4, 8, - NULL, NULL, - NULL, NULL, }, -}; - -static struct hmac_algorithm ipsec_hmacdef[] = { -{ "md5", algtype_hmac_md5, IPSECDOI_ATTR_AUTH_HMAC_MD5, - NULL, NULL, - NULL, eay_md5_hashlen, - NULL, }, -{ "sha1", algtype_hmac_sha1, IPSECDOI_ATTR_AUTH_HMAC_SHA1, - NULL, NULL, - NULL, eay_sha1_hashlen, - NULL, }, -{ "kpdk", algtype_kpdk, IPSECDOI_ATTR_AUTH_KPDK, - NULL, NULL, - NULL, eay_kpdk_hashlen, - NULL, }, -{ "null", algtype_non_auth, IPSECDOI_ATTR_AUTH_NONE, - NULL, NULL, - NULL, eay_null_hashlen, - NULL, }, -{ "hmac_sha2_256", algtype_hmac_sha2_256, IPSECDOI_ATTR_SHA2_256, - NULL, NULL, - NULL, eay_sha2_256_hashlen, - NULL, }, -{ "hmac_sha2_384", algtype_hmac_sha2_384, IPSECDOI_ATTR_SHA2_384, - NULL, NULL, - NULL, eay_sha2_384_hashlen, - NULL, }, -{ "hmac_sha2_512", algtype_hmac_sha2_512, IPSECDOI_ATTR_SHA2_512, - NULL, NULL, - NULL, eay_sha2_512_hashlen, - NULL, }, -}; - -static struct misc_algorithm ipsec_compdef[] = { -{ "oui", algtype_oui, IPSECDOI_IPCOMP_OUI, }, -{ "deflate", algtype_deflate, IPSECDOI_IPCOMP_DEFLATE, }, -{ "lzs", algtype_lzs, IPSECDOI_IPCOMP_LZS, }, -}; - -static struct misc_algorithm oakley_authdef[] = { -{ "psk", algtype_psk, OAKLEY_ATTR_AUTH_METHOD_PSKEY, }, -{ "dsssig", algtype_dsssig, OAKLEY_ATTR_AUTH_METHOD_DSSSIG, }, -{ "rsasig", algtype_rsasig, OAKLEY_ATTR_AUTH_METHOD_RSASIG, }, -{ "rsaenc", algtype_rsaenc, OAKLEY_ATTR_AUTH_METHOD_RSAENC, }, -{ "rsarev", algtype_rsarev, OAKLEY_ATTR_AUTH_METHOD_RSAREV, }, -{ "gssapi_krb", algtype_gssapikrb, OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB, }, -}; - -static struct dh_algorithm oakley_dhdef[] = { -{ "modp768", algtype_modp768, OAKLEY_ATTR_GRP_DESC_MODP768, - &dh_modp768, }, -{ "modp1024", algtype_modp1024, OAKLEY_ATTR_GRP_DESC_MODP1024, - &dh_modp1024, }, -{ "modp1536", algtype_modp1536, OAKLEY_ATTR_GRP_DESC_MODP1536, - &dh_modp1536, }, -{ "modp2048", algtype_modp2048, OAKLEY_ATTR_GRP_DESC_MODP2048, - &dh_modp2048, }, -{ "modp3072", algtype_modp3072, OAKLEY_ATTR_GRP_DESC_MODP3072, - &dh_modp3072, }, -{ "modp4096", algtype_modp4096, OAKLEY_ATTR_GRP_DESC_MODP4096, - &dh_modp4096, }, -{ "modp6144", algtype_modp6144, OAKLEY_ATTR_GRP_DESC_MODP6144, - &dh_modp6144, }, -{ "modp8192", algtype_modp8192, OAKLEY_ATTR_GRP_DESC_MODP8192, - &dh_modp8192, }, -}; - -static struct hash_algorithm *alg_oakley_hashdef __P((int)); -static struct hmac_algorithm *alg_oakley_hmacdef __P((int)); -static struct enc_algorithm *alg_oakley_encdef __P((int)); -static struct enc_algorithm *alg_ipsec_encdef __P((int)); -static struct hmac_algorithm *alg_ipsec_hmacdef __P((int)); -static struct dh_algorithm *alg_oakley_dhdef __P((int)); - -/* oakley hash algorithm */ -static struct hash_algorithm * -alg_oakley_hashdef(doi) - int doi; -{ - int i; - - for (i = 0; i < ARRAYLEN(oakley_hashdef); i++) - if (doi == oakley_hashdef[i].doi) { - plog(LLV_DEBUG, LOCATION, NULL, "hash(%s)\n", - oakley_hashdef[i].name); - return &oakley_hashdef[i]; - } - return NULL; -} - -int -alg_oakley_hashdef_ok(doi) - int doi; -{ - struct hash_algorithm *f; - - f = alg_oakley_hashdef(doi); - if (f == NULL) - return 0; - - return 1; -} - -int -alg_oakley_hashdef_doi(type) - int type; -{ - int i, res = -1; - - for (i = 0; i < ARRAYLEN(oakley_hashdef); i++) - if (type == oakley_hashdef[i].type) { - res = oakley_hashdef[i].doi; - break; - } - return res; -} - -int -alg_oakley_hashdef_hashlen(doi) - int doi; -{ - struct hash_algorithm *f; - - f = alg_oakley_hashdef(doi); - if (f == NULL || f->hashlen == NULL) - return NULL; - - return (f->hashlen)(); -} - -vchar_t * -alg_oakley_hashdef_one(doi, buf) - int doi; - vchar_t *buf; -{ - struct hash_algorithm *f; - - f = alg_oakley_hashdef(doi); - if (f == NULL || f->hashlen == NULL) - return NULL; - - return (f->one)(buf); -} - -/* oakley hmac algorithm */ -static struct hmac_algorithm * -alg_oakley_hmacdef(doi) - int doi; -{ - int i; - - for (i = 0; i < ARRAYLEN(oakley_hmacdef); i++) - if (doi == oakley_hmacdef[i].doi) { - plog(LLV_DEBUG, LOCATION, NULL, "hmac(%s)\n", - oakley_hmacdef[i].name); - return &oakley_hmacdef[i]; - } - return NULL; -} - -int -alg_oakley_hmacdef_doi(type) - int type; -{ - int i, res = -1; - - for (i = 0; i < ARRAYLEN(oakley_hmacdef); i++) - if (type == oakley_hmacdef[i].type) { - res = oakley_hmacdef[i].doi; - break; - } - return res; -} - -vchar_t * -alg_oakley_hmacdef_one(doi, key, buf) - int doi; - vchar_t *key, *buf; -{ - struct hmac_algorithm *f; - vchar_t *res; -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - - f = alg_oakley_hmacdef(doi); - if (f == NULL || f->one == NULL) - return NULL; - -#ifdef ENABLE_STATS - gettimeofday(&start, NULL); -#endif - - res = (f->one)(key, buf); - -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s size=%d): %8.6f", __func__, - f->name, buf->l, timedelta(&start, &end)); -#endif - - return res; -} - -/* oakley encryption algorithm */ -static struct enc_algorithm * -alg_oakley_encdef(doi) - int doi; -{ - int i; - - for (i = 0; i < ARRAYLEN(oakley_encdef); i++) - if (doi == oakley_encdef[i].doi) { - plog(LLV_DEBUG, LOCATION, NULL, "encription(%s)\n", - oakley_encdef[i].name); - return &oakley_encdef[i]; - } - return NULL; -} - -int -alg_oakley_encdef_ok(doi) - int doi; -{ - struct enc_algorithm *f; - - f = alg_oakley_encdef(doi); - if (f == NULL) - return 0; - - return 1; -} - -int -alg_oakley_encdef_doi(type) - int type; -{ - int i, res = -1; - - for (i = 0; i < ARRAYLEN(oakley_encdef); i++) - if (type == oakley_encdef[i].type) { - res = oakley_encdef[i].doi; - break; - } - return res; -} - -int -alg_oakley_encdef_keylen(doi, len) - int doi, len; -{ - struct enc_algorithm *f; - - f = alg_oakley_encdef(doi); - if (f == NULL || f->keylen == NULL) - return -1; - - return (f->keylen)(len); -} - -int -alg_oakley_encdef_blocklen(doi) - int doi; -{ - struct enc_algorithm *f; - - f = alg_oakley_encdef(doi); - if (f == NULL) - return -1; - - return f->blocklen; -} - -vchar_t * -alg_oakley_encdef_decrypt(doi, buf, key, iv) - int doi; - vchar_t *buf, *key, *iv; -{ - vchar_t *res; - struct enc_algorithm *f; -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - - f = alg_oakley_encdef(doi); - if (f == NULL || f->decrypt == NULL) - return NULL; - -#ifdef ENABLE_STATS - gettimeofday(&start, NULL); -#endif - - res = (f->decrypt)(buf, key, iv); - -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s klen=%d size=%d): %8.6f", __func__, - f->name, key->l << 3, buf->l, timedelta(&start, &end)); -#endif - return res; -} - -vchar_t * -alg_oakley_encdef_encrypt(doi, buf, key, iv) - int doi; - vchar_t *buf, *key, *iv; -{ - vchar_t *res; - struct enc_algorithm *f; -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - - f = alg_oakley_encdef(doi); - if (f == NULL || f->encrypt == NULL) - return NULL; - -#ifdef ENABLE_STATS - gettimeofday(&start, NULL); -#endif - - res = (f->encrypt)(buf, key, iv); - -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s klen=%d size=%d): %8.6f", __func__, - f->name, key->l << 3, buf->l, timedelta(&start, &end)); -#endif - return res; -} - -/* ipsec encryption algorithm */ -static struct enc_algorithm * -alg_ipsec_encdef(doi) - int doi; -{ - int i; - - for (i = 0; i < ARRAYLEN(ipsec_encdef); i++) - if (doi == ipsec_encdef[i].doi) { - plog(LLV_DEBUG, LOCATION, NULL, "encription(%s)\n", - ipsec_encdef[i].name); - return &ipsec_encdef[i]; - } - return NULL; -} - -int -alg_ipsec_encdef_doi(type) - int type; -{ - int i, res = -1; - - for (i = 0; i < ARRAYLEN(ipsec_encdef); i++) - if (type == ipsec_encdef[i].type) { - res = ipsec_encdef[i].doi; - break; - } - return res; -} - -int -alg_ipsec_encdef_keylen(doi, len) - int doi, len; -{ - struct enc_algorithm *f; - - f = alg_ipsec_encdef(doi); - if (f == NULL || f->keylen == NULL) - return -1; - - return (f->keylen)(len); -} - -/* ipsec hmac algorithm */ -static struct hmac_algorithm * -alg_ipsec_hmacdef(doi) - int doi; -{ - int i; - - for (i = 0; i < ARRAYLEN(ipsec_hmacdef); i++) - if (doi == ipsec_hmacdef[i].doi) { - plog(LLV_DEBUG, LOCATION, NULL, "hmac(%s)\n", - oakley_hmacdef[i].name); - return &ipsec_hmacdef[i]; - } - return NULL; -} - -int -alg_ipsec_hmacdef_doi(type) - int type; -{ - int i, res = -1; - - for (i = 0; i < ARRAYLEN(ipsec_hmacdef); i++) - if (type == ipsec_hmacdef[i].type) { - res = ipsec_hmacdef[i].doi; - break; - } - return res; -} - -int -alg_ipsec_hmacdef_hashlen(doi) - int doi; -{ - struct hmac_algorithm *f; - - f = alg_ipsec_hmacdef(doi); - if (f == NULL || f->hashlen == NULL) - return -1; - - return (f->hashlen)(); -} - -/* ip compression */ -int -alg_ipsec_compdef_doi(type) - int type; -{ - int i, res = -1; - - for (i = 0; i < ARRAYLEN(ipsec_compdef); i++) - if (type == ipsec_compdef[i].type) { - res = ipsec_compdef[i].doi; - break; - } - return res; -} - -/* dh algorithm */ -static struct dh_algorithm * -alg_oakley_dhdef(doi) - int doi; -{ - int i; - - for (i = 0; i < ARRAYLEN(oakley_dhdef); i++) - if (doi == oakley_dhdef[i].doi) { - plog(LLV_DEBUG, LOCATION, NULL, "hmac(%s)\n", - oakley_dhdef[i].name); - return &oakley_dhdef[i]; - } - return NULL; -} - -int -alg_oakley_dhdef_ok(doi) - int doi; -{ - struct dh_algorithm *f; - - f = alg_oakley_dhdef(doi); - if (f == NULL) - return 0; - - return 1; -} - -int -alg_oakley_dhdef_doi(type) - int type; -{ - int i, res = -1; - - for (i = 0; i < ARRAYLEN(oakley_dhdef); i++) - if (type == oakley_dhdef[i].type) { - res = oakley_dhdef[i].doi; - break; - } - return res; -} - -struct dhgroup * -alg_oakley_dhdef_group(doi) - int doi; -{ - struct dh_algorithm *f; - - f = alg_oakley_dhdef(doi); - if (f == NULL || f->dhgroup == NULL) - return NULL; - - return f->dhgroup; -} - -/* authentication method */ -int -alg_oakley_authdef_doi(type) - int type; -{ - int i, res = -1; - - for (i = 0; i < ARRAYLEN(oakley_authdef); i++) - if (type == oakley_authdef[i].type) { - res = oakley_authdef[i].doi; - break; - } - return res; -} - -/* - * give the default key length - * OUT: -1: NG - * 0: fixed key cipher, key length not allowed - * positive: default key length - */ -int -default_keylen(class, type) - int class, type; -{ - - switch (class) { - case algclass_isakmp_enc: - case algclass_ipsec_enc: - break; - default: - return 0; - } - - switch (type) { - case algtype_blowfish: - case algtype_rc5: - case algtype_cast128: - case algtype_rijndael: - case algtype_twofish: - return 128; - default: - return 0; - } -} - -/* - * check key length - * OUT: -1: NG - * 0: OK - */ -int -check_keylen(class, type, len) - int class, type, len; -{ - int badrange; - - switch (class) { - case algclass_isakmp_enc: - case algclass_ipsec_enc: - break; - default: - /* unknown class, punt */ - plog(LLV_ERROR, LOCATION, NULL, - "unknown algclass %d\n", class); - return -1; - } - - /* key length must be multiple of 8 bytes - RFC2451 2.2 */ - switch (type) { - case algtype_blowfish: - case algtype_rc5: - case algtype_cast128: - case algtype_rijndael: - case algtype_twofish: - if (len % 8 != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "key length %d is not multiple of 8\n", len); - return -1; - } - break; - } - - /* key length range */ - badrange = 0; - switch (type) { - case algtype_blowfish: - if (len < 40 || 448 < len) - badrange++; - break; - case algtype_rc5: - if (len < 40 || 2040 < len) - badrange++; - break; - case algtype_cast128: - if (len < 40 || 128 < len) - badrange++; - break; - case algtype_rijndael: - if (!(len == 128 || len == 192 || len == 256)) - badrange++; - break; - case algtype_twofish: - if (len < 40 || 256 < len) - badrange++; - break; - default: - if (len) { - plog(LLV_ERROR, LOCATION, NULL, - "key length is not allowed"); - return -1; - } - break; - } - if (badrange) { - plog(LLV_ERROR, LOCATION, NULL, - "key length out of range\n"); - return -1; - } - - return 0; -} - -/* - * convert algorithm type to DOI value. - * OUT -1 : NG - * other: converted. - */ -int -algtype2doi(class, type) - int class, type; -{ - int res = -1; - - switch (class) { - case algclass_ipsec_enc: - res = alg_ipsec_encdef_doi(type); - break; - case algclass_ipsec_auth: - res = alg_ipsec_hmacdef_doi(type); - break; - case algclass_ipsec_comp: - res = alg_ipsec_compdef_doi(type); - break; - case algclass_isakmp_enc: - res = alg_oakley_encdef_doi(type); - break; - case algclass_isakmp_hash: - res = alg_oakley_hashdef_doi(type); - break; - case algclass_isakmp_dh: - res = alg_oakley_dhdef_doi(type); - break; - case algclass_isakmp_ameth: - res = alg_oakley_authdef_doi(type); - break; - } - return res; -} - -/* - * convert algorithm class to DOI value. - * OUT -1 : NG - * other: converted. - */ -int -algclass2doi(class) - int class; -{ - switch (class) { - case algclass_ipsec_enc: - return IPSECDOI_PROTO_IPSEC_ESP; - case algclass_ipsec_auth: - return IPSECDOI_ATTR_AUTH; - case algclass_ipsec_comp: - return IPSECDOI_PROTO_IPCOMP; - case algclass_isakmp_enc: - return OAKLEY_ATTR_ENC_ALG; - case algclass_isakmp_hash: - return OAKLEY_ATTR_HASH_ALG; - case algclass_isakmp_dh: - return OAKLEY_ATTR_GRP_DESC; - case algclass_isakmp_ameth: - return OAKLEY_ATTR_AUTH_METHOD; - default: - return -1; - } - /*NOTREACHED*/ - return -1; -} diff --git a/racoon.tproj/algorithm.h b/racoon.tproj/algorithm.h deleted file mode 100644 index 057c53f..0000000 --- a/racoon.tproj/algorithm.h +++ /dev/null @@ -1,198 +0,0 @@ -/* $KAME: algorithm.h,v 1.20 2001/12/12 18:23:41 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ALGORITHM_H__ -#define __ALGORITHM_H__ - -/* algorithm class */ -enum { - algclass_ipsec_enc, - algclass_ipsec_auth, - algclass_ipsec_comp, - algclass_isakmp_enc, - algclass_isakmp_hash, - algclass_isakmp_dh, - algclass_isakmp_ameth, /* authentication method. */ -#define MAXALGCLASS 7 -}; - -#define ALG_DEFAULT_KEYLEN 64 - -#define ALGTYPE_NOTHING 0 - -/* algorithm type */ -enum { - algtype_nothing = 0, - - /* enc */ - algtype_des_iv64, - algtype_des, - algtype_3des, - algtype_rc5, - algtype_idea, - algtype_cast128, - algtype_blowfish, - algtype_3idea, - algtype_des_iv32, - algtype_rc4, - algtype_null_enc, - algtype_rijndael, - algtype_twofish, - - /* ipsec auth */ - algtype_hmac_md5, - algtype_hmac_sha1, - algtype_des_mac, - algtype_kpdk, - algtype_non_auth, - algtype_hmac_sha2_256, - algtype_hmac_sha2_384, - algtype_hmac_sha2_512, - - /* ipcomp */ - algtype_oui, - algtype_deflate, - algtype_lzs, - - /* hash */ - algtype_md5, - algtype_sha1, - algtype_tiger, - algtype_sha2_256, - algtype_sha2_384, - algtype_sha2_512, - - /* dh_group */ - algtype_modp768, - algtype_modp1024, - algtype_ec2n155, - algtype_ec2n185, - algtype_modp1536, - algtype_modp2048, - algtype_modp3072, - algtype_modp4096, - algtype_modp6144, - algtype_modp8192, - - /* authentication method. */ - algtype_psk, - algtype_dsssig, - algtype_rsasig, - algtype_rsaenc, - algtype_rsarev, - algtype_gssapikrb -}; - -struct hmac_algorithm { - char *name; - int type; - int doi; - caddr_t (*init) __P((vchar_t *)); - void (*update) __P((caddr_t, vchar_t *)); - vchar_t *(*final) __P((caddr_t)); - int (*hashlen) __P((void)); - vchar_t *(*one) __P((vchar_t *, vchar_t *)); -}; - -struct hash_algorithm { - char *name; - int type; - int doi; - caddr_t (*init) __P((void)); - void (*update) __P((caddr_t, vchar_t *)); - vchar_t *(*final) __P((caddr_t)); - int (*hashlen) __P((void)); - vchar_t *(*one) __P((vchar_t *)); -}; - -struct enc_algorithm { - char *name; - int type; - int doi; - int blocklen; - vchar_t *(*encrypt) __P((vchar_t *, vchar_t *, vchar_t *)); - vchar_t *(*decrypt) __P((vchar_t *, vchar_t *, vchar_t *)); - int (*weakkey) __P((vchar_t *)); - int (*keylen) __P((int)); -}; - -/* dh group */ -struct dh_algorithm { - char *name; - int type; - int doi; - struct dhgroup *dhgroup; -}; - -/* ipcomp, auth meth, dh group */ -struct misc_algorithm { - char *name; - int type; - int doi; -}; - -extern int alg_oakley_hashdef_ok __P((int)); -extern int alg_oakley_hashdef_doi __P((int)); -extern int alg_oakley_hashdef_hashlen __P((int)); -extern vchar_t *alg_oakley_hashdef_one __P((int, vchar_t *)); - -extern int alg_oakley_hmacdef_doi __P((int)); -extern vchar_t *alg_oakley_hmacdef_one __P((int, vchar_t *, vchar_t *)); - -extern int alg_oakley_encdef_ok __P((int)); -extern int alg_oakley_encdef_doi __P((int)); -extern int alg_oakley_encdef_keylen __P((int, int)); -extern int alg_oakley_encdef_blocklen __P((int)); -extern vchar_t *alg_oakley_encdef_decrypt __P((int, vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *alg_oakley_encdef_encrypt __P((int, vchar_t *, vchar_t *, vchar_t *)); - -extern int alg_ipsec_encdef_doi __P((int)); -extern int alg_ipsec_encdef_keylen __P((int, int)); - -extern int alg_ipsec_hmacdef_doi __P((int)); -extern int alg_ipsec_hmacdef_hashlen __P((int)); - -extern int alg_ipsec_compdef_doi __P((int)); - -extern int alg_oakley_dhdef_doi __P((int)); -extern int alg_oakley_dhdef_ok __P((int)); -extern struct dhgroup *alg_oakley_dhdef_group __P((int)); - -extern int alg_oakley_authdef_doi __P((int)); - -extern int default_keylen __P((int, int)); -extern int check_keylen __P((int, int, int)); -extern int algtype2doi __P((int, int)); -extern int algclass2doi __P((int)); - - -#endif /* __ALGORITHM_H__ */ - diff --git a/racoon.tproj/anonymous.conf b/racoon.tproj/anonymous.conf deleted file mode 100644 index 70b0ed4..0000000 --- a/racoon.tproj/anonymous.conf +++ /dev/null @@ -1,34 +0,0 @@ -remote anonymous -{ - #exchange_mode main,aggressive; - exchange_mode aggressive,main; - doi ipsec_doi; - situation identity_only; - - #my_identifier address; - my_identifier user_fqdn "macuser@localhost"; - peers_identifier user_fqdn "macuser@localhost"; - #certificate_type x509 "mycert" "mypriv"; - - nonce_size 16; - lifetime time 1 min; # sec,min,hour - initial_contact on; - support_mip6 on; - proposal_check obey; # obey, strict or claim - - proposal { - encryption_algorithm 3des; - hash_algorithm sha1; - authentication_method pre_shared_key ; - dh_group 2 ; - } -} - -sainfo anonymous -{ - pfs_group 1; - lifetime time 30 sec; - encryption_algorithm aes, 3des ; - authentication_algorithm hmac_sha1; - compression_algorithm deflate ; -} diff --git a/racoon.tproj/arc4random.h b/racoon.tproj/arc4random.h deleted file mode 100644 index 1957945..0000000 --- a/racoon.tproj/arc4random.h +++ /dev/null @@ -1,39 +0,0 @@ -/* $KAME: arc4random.h,v 1.1 2002/06/04 05:23:26 itojun Exp $ */ - -/* - * Copyright (C) 2000 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ARC4RANDOM_H__ -#define __ARC4RANDOM_H__ - -extern u_int32_t arc4random __P((void)); - - -#endif /* __ARC4RANDOM_H__ */ - diff --git a/racoon.tproj/backupsa.c b/racoon.tproj/backupsa.c deleted file mode 100644 index 4462770..0000000 --- a/racoon.tproj/backupsa.c +++ /dev/null @@ -1,485 +0,0 @@ -/* $KAME: backupsa.c,v 1.16 2001/12/31 20:13:40 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include -#include -#include - -#include -#ifdef IPV6_INRIA_VERSION -#include -#else -#include -#endif - -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "str2val.h" -#include "plog.h" -#include "debug.h" - -#include "localconf.h" -#include "sockmisc.h" -#include "safefile.h" -#include "backupsa.h" -#include "libpfkey.h" - -/* - * (time string)%(sa parameter) - * (time string) := ex. Nov 24 18:22:48 1986 - * (sa parameter) := - * src dst satype spi mode reqid wsize \ - * e_type e_keylen a_type a_keylen flags \ - * l_alloc l_bytes l_addtime l_usetime seq keymat - */ -static char *format = "%b %d %T %Y"; /* time format */ -static char *strmon[12] = { - "Jan", "Feb", "Mar", "Apr", "May", "Jun", - "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" -}; - -static char *str2tmx __P((char *, struct tm *)); -static int str2num __P((char *, int)); - -/* - * output the sa parameter. - */ -int -backupsa_to_file(satype, mode, src, dst, spi, reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq) - u_int satype, mode, wsize; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - caddr_t keymat; - u_int e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc; - u_int64_t l_bytes, l_addtime, l_usetime; - u_int32_t seq; -{ - char buf[1024]; - struct tm *tm; - time_t t; - char *p, *k; - int len, l, i; - FILE *fp; - - p = buf; - len = sizeof(buf); - - t = time(NULL); - tm = localtime(&t); - l = strftime(p, len, format, tm); - p += l; - len -= l; - if (len < 0) - goto err; - - l = snprintf(p, len, "%%"); - if (l < 0 || l >= len) - goto err; - p += l; - len -= l; - if (len < 0) - goto err; - - i = getnameinfo(src, src->sa_len, p, len, NULL, 0, NIFLAGS); - if (i != 0) - goto err; - l = strlen(p); - p += l; - len -= l; - if (len < 0) - goto err; - - l = snprintf(p, len, " "); - if (l < 0 || l >= len) - goto err; - p += l; - len -= l; - if (len < 0) - goto err; - - i = getnameinfo(dst, dst->sa_len, p, len, NULL, 0, NIFLAGS); - if (i != 0) - goto err; - l = strlen(p); - p += l; - len -= l; - if (len < 0) - goto err; - - l = snprintf(p, len, - " %u %lu %u %u %u " - "%u %u %u %u %u " - "%u %llu %llu %llu %u", - satype, (unsigned long)ntohl(spi), mode, reqid, wsize, - e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, (unsigned long long)l_bytes, - (unsigned long long)l_addtime, (unsigned long long)l_usetime, - seq); - if (l < 0 || l >= len) - goto err; - p += l; - len -= l; - if (len < 0) - goto err; - - k = val2str(keymat, e_keylen + a_keylen); - l = snprintf(p, len, " %s", k); - if (l < 0 || l >= len) - goto err; - racoon_free(k); - p += l; - len -= l; - if (len < 0) - goto err; - - /* open the file and write the SA parameter */ - if (safefile(lcconf->pathinfo[LC_PATHTYPE_BACKUPSA], 1) != 0 || - (fp = fopen(lcconf->pathinfo[LC_PATHTYPE_BACKUPSA], "a")) == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to open the backup file %s.\n", - lcconf->pathinfo[LC_PATHTYPE_BACKUPSA]); - return -1; - } - fprintf(fp, "%s\n", buf); - fclose(fp); - - return 0; - -err: - plog(LLV_ERROR, LOCATION, NULL, - "SA cannot be saved to a file.\n"); - return -1; -} - -int -backupsa_from_file() -{ - FILE *fp; - char buf[512]; - struct tm tm; - time_t created, current; - char *p, *q; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - caddr_t keymat; - size_t keymatlen; - u_int wsize, e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc; - u_int64_t l_bytes, l_addtime, l_usetime; - u_int32_t seq; - int line; - - if (safefile(lcconf->pathinfo[LC_PATHTYPE_BACKUPSA], 1) == 0) - fp = fopen(lcconf->pathinfo[LC_PATHTYPE_BACKUPSA], "r"); - else - fp = NULL; - if (fp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to open the backup file %s.\n", - lcconf->pathinfo[LC_PATHTYPE_BACKUPSA]); - return -1; - } - - current = time(NULL); - - for(line = 1; fgets(buf, sizeof(buf), fp) != NULL; line++) { - /* comment line */ - if (buf[0] == '#') - continue; - - memset(&tm, 0, sizeof(tm)); - p = str2tmx(buf, &tm); - if (*p != '%') { - err: - plog(LLV_ERROR, LOCATION, NULL, - "illegal format line#%d in %s: %s\n", - line, lcconf->pathinfo[LC_PATHTYPE_BACKUPSA], buf); - continue; - } - created = mktime(&tm); - p++; - - for (q = p; *q != '\0' && !isspace(*q); q++) - ; - *q = '\0'; - src = str2saddr(p, NULL); - if (src == NULL) - goto err; - p = q + 1; - - for (q = p; *q != '\0' && !isspace(*q); q++) - ; - *q = '\0'; - dst = str2saddr(p, NULL); - if (dst == NULL) { - racoon_free(src); - goto err; - } - p = q + 1; - -#define GETNEXTNUM(value, function) \ -do { \ - char *y; \ - for (q = p; *q != '\0' && !isspace(*q); q++) \ - ; \ - *q = '\0'; \ - (value) = function(p, &y, 10); \ - if ((value) == 0 && *y != '\0') \ - goto err; \ - p = q + 1; \ -} while (0); - - GETNEXTNUM(satype, strtoul); - GETNEXTNUM(spi, strtoul); - spi = ntohl(spi); - GETNEXTNUM(mode, strtoul); - GETNEXTNUM(reqid, strtoul); - GETNEXTNUM(wsize, strtoul); - GETNEXTNUM(e_type, strtoul); - GETNEXTNUM(e_keylen, strtoul); - GETNEXTNUM(a_type, strtoul); - GETNEXTNUM(a_keylen, strtoul); - GETNEXTNUM(flags, strtoul); - GETNEXTNUM(l_alloc, strtoul); - GETNEXTNUM(l_bytes, strtouq); - GETNEXTNUM(l_addtime, strtouq); - GETNEXTNUM(l_usetime, strtouq); - GETNEXTNUM(seq, strtoul); - -#undef GETNEXTNUM - - keymat = str2val(p, 16, &keymatlen); - if (keymat == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "illegal format(keymat) line#%d in %s: %s\n", - line, lcconf->pathinfo[LC_PATHTYPE_BACKUPSA], buf); - racoon_free(src); - racoon_free(dst); - continue; - } - - if (created + l_addtime < current) { - plog(LLV_DEBUG, LOCATION, NULL, - "ignore this line#%d in %s due to expiration\n", - line, lcconf->pathinfo[LC_PATHTYPE_BACKUPSA]); - racoon_free(src); - racoon_free(dst); - racoon_free(keymat); - continue; - } - l_addtime -= current - created; - - if (pfkey_send_add( - lcconf->sock_pfkey, - satype, - mode, - src, - dst, - spi, - reqid, - wsize, - keymat, - e_type, e_keylen, a_type, a_keylen, flags, - 0, l_bytes, l_addtime, 0, seq, 0) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "restore SA filed line#%d in %s: %s\n", - line, lcconf->pathinfo[LC_PATHTYPE_BACKUPSA], ipsec_strerror()); - } - racoon_free(src); - racoon_free(dst); - racoon_free(keymat); - } - - fclose(fp); - - /* - * There is a possibility that an abnormal system down will happen - * again before new negotiation will be started. so racoon clears - * the backup file here. it's ok that old SAs are remained in the - * file. any old SA will not be installed because racoon checks the - * lifetime and compare with current time. - */ - - return 0; -} - -int -backupsa_clean() -{ - FILE *fp; - - /* simply return if the file is not defined. */ - if (!lcconf->pathinfo[LC_PATHTYPE_BACKUPSA]) - return 0; - - fp = fopen(lcconf->pathinfo[LC_PATHTYPE_BACKUPSA], "w+"); - if (fp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to clean the backup file %s.\n", - lcconf->pathinfo[LC_PATHTYPE_BACKUPSA]); - return -1; - } - fclose(fp); - return 0; -} - -/* - * convert fixed string into the tm structure. - * The fixed string is like 'Nov 24 18:22:48 1986'. - * static char *format = "%b %d %T %Y"; - */ -static char * -str2tmx(char *p, struct tm *tm) -{ - int i, len; - - /* Month */ - for (i = 0; i < sizeof(strmon)/sizeof(strmon[0]); i++) { - if (strncasecmp(p, strmon[i], strlen(strmon[i])) == 0) { - tm->tm_mon = i; - break; - } - } - if (i == sizeof(strmon)/sizeof(strmon[0])) - return 0; - p += strlen(strmon[i]); - if (*p++ != ' ') - return 0; - - /* Day */ - len = 2; - tm->tm_mday = str2num(p, len); - if (tm->tm_mday == -1 || tm->tm_mday > 31) - return 0; - p += len; - if (*p++ != ' ') - return 0; - - /* Hour */ - len = 2; - tm->tm_hour = str2num(p, len); - if (tm->tm_hour == -1 || tm->tm_hour > 24) - return 0; - p += len; - if (*p++ != ':') - return 0; - - /* Min */ - len = 2; - tm->tm_min = str2num(p, len); - if (tm->tm_min == -1 || tm->tm_min > 60) - return 0; - p += len; - if (*p++ != ':') - return 0; - - /* Sec */ - len = 2; - tm->tm_sec = str2num(p, len); - if (tm->tm_sec == -1 || tm->tm_sec > 60) - return 0; - p += len; - if (*p++ != ' ') - return 0; - - /* Year */ - len = 4; - tm->tm_year = str2num(p, len); - if (tm->tm_year == -1 || tm->tm_year < 1900) - return 0; - tm->tm_year -= 1900; - p += len; - - return p; -} - -static int -str2num(p, len) - char *p; - int len; -{ - int res, i; - - res = 0; - for (i = len; i > 0; i--) { - if (!isdigit(*p)) - return -1; - res *= 10; - res += *p - '0'; - p++; - } - - return res; -} - -#ifdef TEST -#include -int -main() -{ - struct tm tm; - time_t t; - char *buf = "Nov 24 18:22:48 1986 "; - char *p; - - memset(&tm, 0, sizeof(tm)); - p = str2tmx(buf, &tm); - printf("[%x]\n", *p); - t = mktime(&tm); - if (t == -1) - printf("mktime failed."); - p = ctime(&t); - printf("[%s]\n", p); - - exit(0); -} -#endif diff --git a/racoon.tproj/backupsa.h b/racoon.tproj/backupsa.h deleted file mode 100644 index 771c51b..0000000 --- a/racoon.tproj/backupsa.h +++ /dev/null @@ -1,45 +0,0 @@ -/* $KAME: backupsa.h,v 1.2 2001/01/31 05:38:44 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __BACKUPSA_H__ -#define __BACKUPSA_H__ - - -extern int backupsa_to_file __P((u_int, u_int, - struct sockaddr *, struct sockaddr *, u_int32_t, u_int32_t, u_int, - caddr_t, u_int, u_int, u_int, u_int, u_int, - u_int32_t, u_int64_t, u_int64_t, u_int64_t, u_int32_t)); -extern int backupsa_from_file __P((void)); -extern int backupsa_clean __P((void)); - - -#endif /* __BACKUPSA_H__ */ - diff --git a/racoon.tproj/boxes-fst.dat b/racoon.tproj/boxes-fst.dat deleted file mode 100644 index 50e6cb3..0000000 --- a/racoon.tproj/boxes-fst.dat +++ /dev/null @@ -1,957 +0,0 @@ -/* $KAME: boxes-fst.dat,v 1.6 2001/05/27 00:23:22 itojun Exp $ */ - -const word8 S[256] = { - 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118, -202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192, -183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21, - 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117, - 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132, - 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, -208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168, - 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210, -205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115, - 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219, -224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121, -231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, -186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, -112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, -225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223, -140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22 -}; - -#ifdef INTERMEDIATE_VALUE_KAT -static const word8 Si[256] = { - 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251, -124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203, - 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78, - 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37, -114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146, -108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132, -144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6, -208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107, - 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115, -150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110, - 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27, -252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244, - 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95, - 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239, -160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97, - 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125 -}; -#endif /* INTERMEDIATE_VALUE_KAT */ - -union xtab { - word32 xt32[256]; - word8 xt8[256][4]; -}; - -static const union xtab xT1 = { - .xt8 = { -{0xc6,0x63,0x63,0xa5}, {0xf8,0x7c,0x7c,0x84}, {0xee,0x77,0x77,0x99}, {0xf6,0x7b,0x7b,0x8d}, -{0xff,0xf2,0xf2,0x0d}, {0xd6,0x6b,0x6b,0xbd}, {0xde,0x6f,0x6f,0xb1}, {0x91,0xc5,0xc5,0x54}, -{0x60,0x30,0x30,0x50}, {0x02,0x01,0x01,0x03}, {0xce,0x67,0x67,0xa9}, {0x56,0x2b,0x2b,0x7d}, -{0xe7,0xfe,0xfe,0x19}, {0xb5,0xd7,0xd7,0x62}, {0x4d,0xab,0xab,0xe6}, {0xec,0x76,0x76,0x9a}, -{0x8f,0xca,0xca,0x45}, {0x1f,0x82,0x82,0x9d}, {0x89,0xc9,0xc9,0x40}, {0xfa,0x7d,0x7d,0x87}, -{0xef,0xfa,0xfa,0x15}, {0xb2,0x59,0x59,0xeb}, {0x8e,0x47,0x47,0xc9}, {0xfb,0xf0,0xf0,0x0b}, -{0x41,0xad,0xad,0xec}, {0xb3,0xd4,0xd4,0x67}, {0x5f,0xa2,0xa2,0xfd}, {0x45,0xaf,0xaf,0xea}, -{0x23,0x9c,0x9c,0xbf}, {0x53,0xa4,0xa4,0xf7}, {0xe4,0x72,0x72,0x96}, {0x9b,0xc0,0xc0,0x5b}, -{0x75,0xb7,0xb7,0xc2}, {0xe1,0xfd,0xfd,0x1c}, {0x3d,0x93,0x93,0xae}, {0x4c,0x26,0x26,0x6a}, -{0x6c,0x36,0x36,0x5a}, {0x7e,0x3f,0x3f,0x41}, {0xf5,0xf7,0xf7,0x02}, {0x83,0xcc,0xcc,0x4f}, -{0x68,0x34,0x34,0x5c}, {0x51,0xa5,0xa5,0xf4}, {0xd1,0xe5,0xe5,0x34}, {0xf9,0xf1,0xf1,0x08}, -{0xe2,0x71,0x71,0x93}, {0xab,0xd8,0xd8,0x73}, {0x62,0x31,0x31,0x53}, {0x2a,0x15,0x15,0x3f}, -{0x08,0x04,0x04,0x0c}, {0x95,0xc7,0xc7,0x52}, {0x46,0x23,0x23,0x65}, {0x9d,0xc3,0xc3,0x5e}, -{0x30,0x18,0x18,0x28}, {0x37,0x96,0x96,0xa1}, {0x0a,0x05,0x05,0x0f}, {0x2f,0x9a,0x9a,0xb5}, -{0x0e,0x07,0x07,0x09}, {0x24,0x12,0x12,0x36}, {0x1b,0x80,0x80,0x9b}, {0xdf,0xe2,0xe2,0x3d}, -{0xcd,0xeb,0xeb,0x26}, {0x4e,0x27,0x27,0x69}, {0x7f,0xb2,0xb2,0xcd}, {0xea,0x75,0x75,0x9f}, -{0x12,0x09,0x09,0x1b}, {0x1d,0x83,0x83,0x9e}, {0x58,0x2c,0x2c,0x74}, {0x34,0x1a,0x1a,0x2e}, -{0x36,0x1b,0x1b,0x2d}, {0xdc,0x6e,0x6e,0xb2}, {0xb4,0x5a,0x5a,0xee}, {0x5b,0xa0,0xa0,0xfb}, -{0xa4,0x52,0x52,0xf6}, {0x76,0x3b,0x3b,0x4d}, {0xb7,0xd6,0xd6,0x61}, {0x7d,0xb3,0xb3,0xce}, -{0x52,0x29,0x29,0x7b}, {0xdd,0xe3,0xe3,0x3e}, {0x5e,0x2f,0x2f,0x71}, {0x13,0x84,0x84,0x97}, -{0xa6,0x53,0x53,0xf5}, {0xb9,0xd1,0xd1,0x68}, {0x00,0x00,0x00,0x00}, {0xc1,0xed,0xed,0x2c}, -{0x40,0x20,0x20,0x60}, {0xe3,0xfc,0xfc,0x1f}, {0x79,0xb1,0xb1,0xc8}, {0xb6,0x5b,0x5b,0xed}, -{0xd4,0x6a,0x6a,0xbe}, {0x8d,0xcb,0xcb,0x46}, {0x67,0xbe,0xbe,0xd9}, {0x72,0x39,0x39,0x4b}, -{0x94,0x4a,0x4a,0xde}, {0x98,0x4c,0x4c,0xd4}, {0xb0,0x58,0x58,0xe8}, {0x85,0xcf,0xcf,0x4a}, -{0xbb,0xd0,0xd0,0x6b}, {0xc5,0xef,0xef,0x2a}, {0x4f,0xaa,0xaa,0xe5}, {0xed,0xfb,0xfb,0x16}, -{0x86,0x43,0x43,0xc5}, {0x9a,0x4d,0x4d,0xd7}, {0x66,0x33,0x33,0x55}, {0x11,0x85,0x85,0x94}, -{0x8a,0x45,0x45,0xcf}, {0xe9,0xf9,0xf9,0x10}, {0x04,0x02,0x02,0x06}, {0xfe,0x7f,0x7f,0x81}, -{0xa0,0x50,0x50,0xf0}, {0x78,0x3c,0x3c,0x44}, {0x25,0x9f,0x9f,0xba}, {0x4b,0xa8,0xa8,0xe3}, -{0xa2,0x51,0x51,0xf3}, {0x5d,0xa3,0xa3,0xfe}, {0x80,0x40,0x40,0xc0}, {0x05,0x8f,0x8f,0x8a}, -{0x3f,0x92,0x92,0xad}, {0x21,0x9d,0x9d,0xbc}, {0x70,0x38,0x38,0x48}, {0xf1,0xf5,0xf5,0x04}, -{0x63,0xbc,0xbc,0xdf}, {0x77,0xb6,0xb6,0xc1}, {0xaf,0xda,0xda,0x75}, {0x42,0x21,0x21,0x63}, -{0x20,0x10,0x10,0x30}, {0xe5,0xff,0xff,0x1a}, {0xfd,0xf3,0xf3,0x0e}, {0xbf,0xd2,0xd2,0x6d}, -{0x81,0xcd,0xcd,0x4c}, {0x18,0x0c,0x0c,0x14}, {0x26,0x13,0x13,0x35}, {0xc3,0xec,0xec,0x2f}, -{0xbe,0x5f,0x5f,0xe1}, {0x35,0x97,0x97,0xa2}, {0x88,0x44,0x44,0xcc}, {0x2e,0x17,0x17,0x39}, -{0x93,0xc4,0xc4,0x57}, {0x55,0xa7,0xa7,0xf2}, {0xfc,0x7e,0x7e,0x82}, {0x7a,0x3d,0x3d,0x47}, -{0xc8,0x64,0x64,0xac}, {0xba,0x5d,0x5d,0xe7}, {0x32,0x19,0x19,0x2b}, {0xe6,0x73,0x73,0x95}, -{0xc0,0x60,0x60,0xa0}, {0x19,0x81,0x81,0x98}, {0x9e,0x4f,0x4f,0xd1}, {0xa3,0xdc,0xdc,0x7f}, -{0x44,0x22,0x22,0x66}, {0x54,0x2a,0x2a,0x7e}, {0x3b,0x90,0x90,0xab}, {0x0b,0x88,0x88,0x83}, -{0x8c,0x46,0x46,0xca}, {0xc7,0xee,0xee,0x29}, {0x6b,0xb8,0xb8,0xd3}, {0x28,0x14,0x14,0x3c}, -{0xa7,0xde,0xde,0x79}, {0xbc,0x5e,0x5e,0xe2}, {0x16,0x0b,0x0b,0x1d}, {0xad,0xdb,0xdb,0x76}, -{0xdb,0xe0,0xe0,0x3b}, {0x64,0x32,0x32,0x56}, {0x74,0x3a,0x3a,0x4e}, {0x14,0x0a,0x0a,0x1e}, -{0x92,0x49,0x49,0xdb}, {0x0c,0x06,0x06,0x0a}, {0x48,0x24,0x24,0x6c}, {0xb8,0x5c,0x5c,0xe4}, -{0x9f,0xc2,0xc2,0x5d}, {0xbd,0xd3,0xd3,0x6e}, {0x43,0xac,0xac,0xef}, {0xc4,0x62,0x62,0xa6}, -{0x39,0x91,0x91,0xa8}, {0x31,0x95,0x95,0xa4}, {0xd3,0xe4,0xe4,0x37}, {0xf2,0x79,0x79,0x8b}, -{0xd5,0xe7,0xe7,0x32}, {0x8b,0xc8,0xc8,0x43}, {0x6e,0x37,0x37,0x59}, {0xda,0x6d,0x6d,0xb7}, -{0x01,0x8d,0x8d,0x8c}, {0xb1,0xd5,0xd5,0x64}, {0x9c,0x4e,0x4e,0xd2}, {0x49,0xa9,0xa9,0xe0}, -{0xd8,0x6c,0x6c,0xb4}, {0xac,0x56,0x56,0xfa}, {0xf3,0xf4,0xf4,0x07}, {0xcf,0xea,0xea,0x25}, -{0xca,0x65,0x65,0xaf}, {0xf4,0x7a,0x7a,0x8e}, {0x47,0xae,0xae,0xe9}, {0x10,0x08,0x08,0x18}, -{0x6f,0xba,0xba,0xd5}, {0xf0,0x78,0x78,0x88}, {0x4a,0x25,0x25,0x6f}, {0x5c,0x2e,0x2e,0x72}, -{0x38,0x1c,0x1c,0x24}, {0x57,0xa6,0xa6,0xf1}, {0x73,0xb4,0xb4,0xc7}, {0x97,0xc6,0xc6,0x51}, -{0xcb,0xe8,0xe8,0x23}, {0xa1,0xdd,0xdd,0x7c}, {0xe8,0x74,0x74,0x9c}, {0x3e,0x1f,0x1f,0x21}, -{0x96,0x4b,0x4b,0xdd}, {0x61,0xbd,0xbd,0xdc}, {0x0d,0x8b,0x8b,0x86}, {0x0f,0x8a,0x8a,0x85}, -{0xe0,0x70,0x70,0x90}, {0x7c,0x3e,0x3e,0x42}, {0x71,0xb5,0xb5,0xc4}, {0xcc,0x66,0x66,0xaa}, -{0x90,0x48,0x48,0xd8}, {0x06,0x03,0x03,0x05}, {0xf7,0xf6,0xf6,0x01}, {0x1c,0x0e,0x0e,0x12}, -{0xc2,0x61,0x61,0xa3}, {0x6a,0x35,0x35,0x5f}, {0xae,0x57,0x57,0xf9}, {0x69,0xb9,0xb9,0xd0}, -{0x17,0x86,0x86,0x91}, {0x99,0xc1,0xc1,0x58}, {0x3a,0x1d,0x1d,0x27}, {0x27,0x9e,0x9e,0xb9}, -{0xd9,0xe1,0xe1,0x38}, {0xeb,0xf8,0xf8,0x13}, {0x2b,0x98,0x98,0xb3}, {0x22,0x11,0x11,0x33}, -{0xd2,0x69,0x69,0xbb}, {0xa9,0xd9,0xd9,0x70}, {0x07,0x8e,0x8e,0x89}, {0x33,0x94,0x94,0xa7}, -{0x2d,0x9b,0x9b,0xb6}, {0x3c,0x1e,0x1e,0x22}, {0x15,0x87,0x87,0x92}, {0xc9,0xe9,0xe9,0x20}, -{0x87,0xce,0xce,0x49}, {0xaa,0x55,0x55,0xff}, {0x50,0x28,0x28,0x78}, {0xa5,0xdf,0xdf,0x7a}, -{0x03,0x8c,0x8c,0x8f}, {0x59,0xa1,0xa1,0xf8}, {0x09,0x89,0x89,0x80}, {0x1a,0x0d,0x0d,0x17}, -{0x65,0xbf,0xbf,0xda}, {0xd7,0xe6,0xe6,0x31}, {0x84,0x42,0x42,0xc6}, {0xd0,0x68,0x68,0xb8}, -{0x82,0x41,0x41,0xc3}, {0x29,0x99,0x99,0xb0}, {0x5a,0x2d,0x2d,0x77}, {0x1e,0x0f,0x0f,0x11}, -{0x7b,0xb0,0xb0,0xcb}, {0xa8,0x54,0x54,0xfc}, {0x6d,0xbb,0xbb,0xd6}, {0x2c,0x16,0x16,0x3a} - } -}; -#define T1 xT1.xt8 - -static const union xtab xT2 = { - .xt8 = { -{0xa5,0xc6,0x63,0x63}, {0x84,0xf8,0x7c,0x7c}, {0x99,0xee,0x77,0x77}, {0x8d,0xf6,0x7b,0x7b}, -{0x0d,0xff,0xf2,0xf2}, {0xbd,0xd6,0x6b,0x6b}, {0xb1,0xde,0x6f,0x6f}, {0x54,0x91,0xc5,0xc5}, -{0x50,0x60,0x30,0x30}, {0x03,0x02,0x01,0x01}, {0xa9,0xce,0x67,0x67}, {0x7d,0x56,0x2b,0x2b}, -{0x19,0xe7,0xfe,0xfe}, {0x62,0xb5,0xd7,0xd7}, {0xe6,0x4d,0xab,0xab}, {0x9a,0xec,0x76,0x76}, -{0x45,0x8f,0xca,0xca}, {0x9d,0x1f,0x82,0x82}, {0x40,0x89,0xc9,0xc9}, {0x87,0xfa,0x7d,0x7d}, -{0x15,0xef,0xfa,0xfa}, {0xeb,0xb2,0x59,0x59}, {0xc9,0x8e,0x47,0x47}, {0x0b,0xfb,0xf0,0xf0}, -{0xec,0x41,0xad,0xad}, {0x67,0xb3,0xd4,0xd4}, {0xfd,0x5f,0xa2,0xa2}, {0xea,0x45,0xaf,0xaf}, -{0xbf,0x23,0x9c,0x9c}, {0xf7,0x53,0xa4,0xa4}, {0x96,0xe4,0x72,0x72}, {0x5b,0x9b,0xc0,0xc0}, -{0xc2,0x75,0xb7,0xb7}, {0x1c,0xe1,0xfd,0xfd}, {0xae,0x3d,0x93,0x93}, {0x6a,0x4c,0x26,0x26}, -{0x5a,0x6c,0x36,0x36}, {0x41,0x7e,0x3f,0x3f}, {0x02,0xf5,0xf7,0xf7}, {0x4f,0x83,0xcc,0xcc}, -{0x5c,0x68,0x34,0x34}, {0xf4,0x51,0xa5,0xa5}, {0x34,0xd1,0xe5,0xe5}, {0x08,0xf9,0xf1,0xf1}, -{0x93,0xe2,0x71,0x71}, {0x73,0xab,0xd8,0xd8}, {0x53,0x62,0x31,0x31}, {0x3f,0x2a,0x15,0x15}, -{0x0c,0x08,0x04,0x04}, {0x52,0x95,0xc7,0xc7}, {0x65,0x46,0x23,0x23}, {0x5e,0x9d,0xc3,0xc3}, -{0x28,0x30,0x18,0x18}, {0xa1,0x37,0x96,0x96}, {0x0f,0x0a,0x05,0x05}, {0xb5,0x2f,0x9a,0x9a}, -{0x09,0x0e,0x07,0x07}, {0x36,0x24,0x12,0x12}, {0x9b,0x1b,0x80,0x80}, {0x3d,0xdf,0xe2,0xe2}, -{0x26,0xcd,0xeb,0xeb}, {0x69,0x4e,0x27,0x27}, {0xcd,0x7f,0xb2,0xb2}, {0x9f,0xea,0x75,0x75}, -{0x1b,0x12,0x09,0x09}, {0x9e,0x1d,0x83,0x83}, {0x74,0x58,0x2c,0x2c}, {0x2e,0x34,0x1a,0x1a}, -{0x2d,0x36,0x1b,0x1b}, {0xb2,0xdc,0x6e,0x6e}, {0xee,0xb4,0x5a,0x5a}, {0xfb,0x5b,0xa0,0xa0}, -{0xf6,0xa4,0x52,0x52}, {0x4d,0x76,0x3b,0x3b}, {0x61,0xb7,0xd6,0xd6}, {0xce,0x7d,0xb3,0xb3}, -{0x7b,0x52,0x29,0x29}, {0x3e,0xdd,0xe3,0xe3}, {0x71,0x5e,0x2f,0x2f}, {0x97,0x13,0x84,0x84}, -{0xf5,0xa6,0x53,0x53}, {0x68,0xb9,0xd1,0xd1}, {0x00,0x00,0x00,0x00}, {0x2c,0xc1,0xed,0xed}, -{0x60,0x40,0x20,0x20}, {0x1f,0xe3,0xfc,0xfc}, {0xc8,0x79,0xb1,0xb1}, {0xed,0xb6,0x5b,0x5b}, -{0xbe,0xd4,0x6a,0x6a}, {0x46,0x8d,0xcb,0xcb}, {0xd9,0x67,0xbe,0xbe}, {0x4b,0x72,0x39,0x39}, -{0xde,0x94,0x4a,0x4a}, {0xd4,0x98,0x4c,0x4c}, {0xe8,0xb0,0x58,0x58}, {0x4a,0x85,0xcf,0xcf}, -{0x6b,0xbb,0xd0,0xd0}, {0x2a,0xc5,0xef,0xef}, {0xe5,0x4f,0xaa,0xaa}, {0x16,0xed,0xfb,0xfb}, -{0xc5,0x86,0x43,0x43}, {0xd7,0x9a,0x4d,0x4d}, {0x55,0x66,0x33,0x33}, {0x94,0x11,0x85,0x85}, -{0xcf,0x8a,0x45,0x45}, {0x10,0xe9,0xf9,0xf9}, {0x06,0x04,0x02,0x02}, {0x81,0xfe,0x7f,0x7f}, -{0xf0,0xa0,0x50,0x50}, {0x44,0x78,0x3c,0x3c}, {0xba,0x25,0x9f,0x9f}, {0xe3,0x4b,0xa8,0xa8}, -{0xf3,0xa2,0x51,0x51}, {0xfe,0x5d,0xa3,0xa3}, {0xc0,0x80,0x40,0x40}, {0x8a,0x05,0x8f,0x8f}, -{0xad,0x3f,0x92,0x92}, {0xbc,0x21,0x9d,0x9d}, {0x48,0x70,0x38,0x38}, {0x04,0xf1,0xf5,0xf5}, -{0xdf,0x63,0xbc,0xbc}, {0xc1,0x77,0xb6,0xb6}, {0x75,0xaf,0xda,0xda}, {0x63,0x42,0x21,0x21}, -{0x30,0x20,0x10,0x10}, {0x1a,0xe5,0xff,0xff}, {0x0e,0xfd,0xf3,0xf3}, {0x6d,0xbf,0xd2,0xd2}, -{0x4c,0x81,0xcd,0xcd}, {0x14,0x18,0x0c,0x0c}, {0x35,0x26,0x13,0x13}, {0x2f,0xc3,0xec,0xec}, -{0xe1,0xbe,0x5f,0x5f}, {0xa2,0x35,0x97,0x97}, {0xcc,0x88,0x44,0x44}, {0x39,0x2e,0x17,0x17}, -{0x57,0x93,0xc4,0xc4}, {0xf2,0x55,0xa7,0xa7}, {0x82,0xfc,0x7e,0x7e}, {0x47,0x7a,0x3d,0x3d}, -{0xac,0xc8,0x64,0x64}, {0xe7,0xba,0x5d,0x5d}, {0x2b,0x32,0x19,0x19}, {0x95,0xe6,0x73,0x73}, -{0xa0,0xc0,0x60,0x60}, {0x98,0x19,0x81,0x81}, {0xd1,0x9e,0x4f,0x4f}, {0x7f,0xa3,0xdc,0xdc}, -{0x66,0x44,0x22,0x22}, {0x7e,0x54,0x2a,0x2a}, {0xab,0x3b,0x90,0x90}, {0x83,0x0b,0x88,0x88}, -{0xca,0x8c,0x46,0x46}, {0x29,0xc7,0xee,0xee}, {0xd3,0x6b,0xb8,0xb8}, {0x3c,0x28,0x14,0x14}, -{0x79,0xa7,0xde,0xde}, {0xe2,0xbc,0x5e,0x5e}, {0x1d,0x16,0x0b,0x0b}, {0x76,0xad,0xdb,0xdb}, -{0x3b,0xdb,0xe0,0xe0}, {0x56,0x64,0x32,0x32}, {0x4e,0x74,0x3a,0x3a}, {0x1e,0x14,0x0a,0x0a}, -{0xdb,0x92,0x49,0x49}, {0x0a,0x0c,0x06,0x06}, {0x6c,0x48,0x24,0x24}, {0xe4,0xb8,0x5c,0x5c}, -{0x5d,0x9f,0xc2,0xc2}, {0x6e,0xbd,0xd3,0xd3}, {0xef,0x43,0xac,0xac}, {0xa6,0xc4,0x62,0x62}, -{0xa8,0x39,0x91,0x91}, {0xa4,0x31,0x95,0x95}, {0x37,0xd3,0xe4,0xe4}, {0x8b,0xf2,0x79,0x79}, -{0x32,0xd5,0xe7,0xe7}, {0x43,0x8b,0xc8,0xc8}, {0x59,0x6e,0x37,0x37}, {0xb7,0xda,0x6d,0x6d}, -{0x8c,0x01,0x8d,0x8d}, {0x64,0xb1,0xd5,0xd5}, {0xd2,0x9c,0x4e,0x4e}, {0xe0,0x49,0xa9,0xa9}, -{0xb4,0xd8,0x6c,0x6c}, {0xfa,0xac,0x56,0x56}, {0x07,0xf3,0xf4,0xf4}, {0x25,0xcf,0xea,0xea}, -{0xaf,0xca,0x65,0x65}, {0x8e,0xf4,0x7a,0x7a}, {0xe9,0x47,0xae,0xae}, {0x18,0x10,0x08,0x08}, -{0xd5,0x6f,0xba,0xba}, {0x88,0xf0,0x78,0x78}, {0x6f,0x4a,0x25,0x25}, {0x72,0x5c,0x2e,0x2e}, -{0x24,0x38,0x1c,0x1c}, {0xf1,0x57,0xa6,0xa6}, {0xc7,0x73,0xb4,0xb4}, {0x51,0x97,0xc6,0xc6}, -{0x23,0xcb,0xe8,0xe8}, {0x7c,0xa1,0xdd,0xdd}, {0x9c,0xe8,0x74,0x74}, {0x21,0x3e,0x1f,0x1f}, -{0xdd,0x96,0x4b,0x4b}, {0xdc,0x61,0xbd,0xbd}, {0x86,0x0d,0x8b,0x8b}, {0x85,0x0f,0x8a,0x8a}, -{0x90,0xe0,0x70,0x70}, {0x42,0x7c,0x3e,0x3e}, {0xc4,0x71,0xb5,0xb5}, {0xaa,0xcc,0x66,0x66}, -{0xd8,0x90,0x48,0x48}, {0x05,0x06,0x03,0x03}, {0x01,0xf7,0xf6,0xf6}, {0x12,0x1c,0x0e,0x0e}, -{0xa3,0xc2,0x61,0x61}, {0x5f,0x6a,0x35,0x35}, {0xf9,0xae,0x57,0x57}, {0xd0,0x69,0xb9,0xb9}, -{0x91,0x17,0x86,0x86}, {0x58,0x99,0xc1,0xc1}, {0x27,0x3a,0x1d,0x1d}, {0xb9,0x27,0x9e,0x9e}, -{0x38,0xd9,0xe1,0xe1}, {0x13,0xeb,0xf8,0xf8}, {0xb3,0x2b,0x98,0x98}, {0x33,0x22,0x11,0x11}, -{0xbb,0xd2,0x69,0x69}, {0x70,0xa9,0xd9,0xd9}, {0x89,0x07,0x8e,0x8e}, {0xa7,0x33,0x94,0x94}, -{0xb6,0x2d,0x9b,0x9b}, {0x22,0x3c,0x1e,0x1e}, {0x92,0x15,0x87,0x87}, {0x20,0xc9,0xe9,0xe9}, -{0x49,0x87,0xce,0xce}, {0xff,0xaa,0x55,0x55}, {0x78,0x50,0x28,0x28}, {0x7a,0xa5,0xdf,0xdf}, -{0x8f,0x03,0x8c,0x8c}, {0xf8,0x59,0xa1,0xa1}, {0x80,0x09,0x89,0x89}, {0x17,0x1a,0x0d,0x0d}, -{0xda,0x65,0xbf,0xbf}, {0x31,0xd7,0xe6,0xe6}, {0xc6,0x84,0x42,0x42}, {0xb8,0xd0,0x68,0x68}, -{0xc3,0x82,0x41,0x41}, {0xb0,0x29,0x99,0x99}, {0x77,0x5a,0x2d,0x2d}, {0x11,0x1e,0x0f,0x0f}, -{0xcb,0x7b,0xb0,0xb0}, {0xfc,0xa8,0x54,0x54}, {0xd6,0x6d,0xbb,0xbb}, {0x3a,0x2c,0x16,0x16} - } -}; -#define T2 xT2.xt8 - -static const union xtab xT3 = { - .xt8 = { -{0x63,0xa5,0xc6,0x63}, {0x7c,0x84,0xf8,0x7c}, {0x77,0x99,0xee,0x77}, {0x7b,0x8d,0xf6,0x7b}, -{0xf2,0x0d,0xff,0xf2}, {0x6b,0xbd,0xd6,0x6b}, {0x6f,0xb1,0xde,0x6f}, {0xc5,0x54,0x91,0xc5}, -{0x30,0x50,0x60,0x30}, {0x01,0x03,0x02,0x01}, {0x67,0xa9,0xce,0x67}, {0x2b,0x7d,0x56,0x2b}, -{0xfe,0x19,0xe7,0xfe}, {0xd7,0x62,0xb5,0xd7}, {0xab,0xe6,0x4d,0xab}, {0x76,0x9a,0xec,0x76}, -{0xca,0x45,0x8f,0xca}, {0x82,0x9d,0x1f,0x82}, {0xc9,0x40,0x89,0xc9}, {0x7d,0x87,0xfa,0x7d}, -{0xfa,0x15,0xef,0xfa}, {0x59,0xeb,0xb2,0x59}, {0x47,0xc9,0x8e,0x47}, {0xf0,0x0b,0xfb,0xf0}, -{0xad,0xec,0x41,0xad}, {0xd4,0x67,0xb3,0xd4}, {0xa2,0xfd,0x5f,0xa2}, {0xaf,0xea,0x45,0xaf}, -{0x9c,0xbf,0x23,0x9c}, {0xa4,0xf7,0x53,0xa4}, {0x72,0x96,0xe4,0x72}, {0xc0,0x5b,0x9b,0xc0}, -{0xb7,0xc2,0x75,0xb7}, {0xfd,0x1c,0xe1,0xfd}, {0x93,0xae,0x3d,0x93}, {0x26,0x6a,0x4c,0x26}, -{0x36,0x5a,0x6c,0x36}, {0x3f,0x41,0x7e,0x3f}, {0xf7,0x02,0xf5,0xf7}, {0xcc,0x4f,0x83,0xcc}, -{0x34,0x5c,0x68,0x34}, {0xa5,0xf4,0x51,0xa5}, {0xe5,0x34,0xd1,0xe5}, {0xf1,0x08,0xf9,0xf1}, -{0x71,0x93,0xe2,0x71}, {0xd8,0x73,0xab,0xd8}, {0x31,0x53,0x62,0x31}, {0x15,0x3f,0x2a,0x15}, -{0x04,0x0c,0x08,0x04}, {0xc7,0x52,0x95,0xc7}, {0x23,0x65,0x46,0x23}, {0xc3,0x5e,0x9d,0xc3}, -{0x18,0x28,0x30,0x18}, {0x96,0xa1,0x37,0x96}, {0x05,0x0f,0x0a,0x05}, {0x9a,0xb5,0x2f,0x9a}, -{0x07,0x09,0x0e,0x07}, {0x12,0x36,0x24,0x12}, {0x80,0x9b,0x1b,0x80}, {0xe2,0x3d,0xdf,0xe2}, -{0xeb,0x26,0xcd,0xeb}, {0x27,0x69,0x4e,0x27}, {0xb2,0xcd,0x7f,0xb2}, {0x75,0x9f,0xea,0x75}, -{0x09,0x1b,0x12,0x09}, {0x83,0x9e,0x1d,0x83}, {0x2c,0x74,0x58,0x2c}, {0x1a,0x2e,0x34,0x1a}, -{0x1b,0x2d,0x36,0x1b}, {0x6e,0xb2,0xdc,0x6e}, {0x5a,0xee,0xb4,0x5a}, {0xa0,0xfb,0x5b,0xa0}, -{0x52,0xf6,0xa4,0x52}, {0x3b,0x4d,0x76,0x3b}, {0xd6,0x61,0xb7,0xd6}, {0xb3,0xce,0x7d,0xb3}, -{0x29,0x7b,0x52,0x29}, {0xe3,0x3e,0xdd,0xe3}, {0x2f,0x71,0x5e,0x2f}, {0x84,0x97,0x13,0x84}, -{0x53,0xf5,0xa6,0x53}, {0xd1,0x68,0xb9,0xd1}, {0x00,0x00,0x00,0x00}, {0xed,0x2c,0xc1,0xed}, -{0x20,0x60,0x40,0x20}, {0xfc,0x1f,0xe3,0xfc}, {0xb1,0xc8,0x79,0xb1}, {0x5b,0xed,0xb6,0x5b}, -{0x6a,0xbe,0xd4,0x6a}, {0xcb,0x46,0x8d,0xcb}, {0xbe,0xd9,0x67,0xbe}, {0x39,0x4b,0x72,0x39}, -{0x4a,0xde,0x94,0x4a}, {0x4c,0xd4,0x98,0x4c}, {0x58,0xe8,0xb0,0x58}, {0xcf,0x4a,0x85,0xcf}, -{0xd0,0x6b,0xbb,0xd0}, {0xef,0x2a,0xc5,0xef}, {0xaa,0xe5,0x4f,0xaa}, {0xfb,0x16,0xed,0xfb}, -{0x43,0xc5,0x86,0x43}, {0x4d,0xd7,0x9a,0x4d}, {0x33,0x55,0x66,0x33}, {0x85,0x94,0x11,0x85}, -{0x45,0xcf,0x8a,0x45}, {0xf9,0x10,0xe9,0xf9}, {0x02,0x06,0x04,0x02}, {0x7f,0x81,0xfe,0x7f}, -{0x50,0xf0,0xa0,0x50}, {0x3c,0x44,0x78,0x3c}, {0x9f,0xba,0x25,0x9f}, {0xa8,0xe3,0x4b,0xa8}, -{0x51,0xf3,0xa2,0x51}, {0xa3,0xfe,0x5d,0xa3}, {0x40,0xc0,0x80,0x40}, {0x8f,0x8a,0x05,0x8f}, -{0x92,0xad,0x3f,0x92}, {0x9d,0xbc,0x21,0x9d}, {0x38,0x48,0x70,0x38}, {0xf5,0x04,0xf1,0xf5}, -{0xbc,0xdf,0x63,0xbc}, {0xb6,0xc1,0x77,0xb6}, {0xda,0x75,0xaf,0xda}, {0x21,0x63,0x42,0x21}, -{0x10,0x30,0x20,0x10}, {0xff,0x1a,0xe5,0xff}, {0xf3,0x0e,0xfd,0xf3}, {0xd2,0x6d,0xbf,0xd2}, -{0xcd,0x4c,0x81,0xcd}, {0x0c,0x14,0x18,0x0c}, {0x13,0x35,0x26,0x13}, {0xec,0x2f,0xc3,0xec}, -{0x5f,0xe1,0xbe,0x5f}, {0x97,0xa2,0x35,0x97}, {0x44,0xcc,0x88,0x44}, {0x17,0x39,0x2e,0x17}, -{0xc4,0x57,0x93,0xc4}, {0xa7,0xf2,0x55,0xa7}, {0x7e,0x82,0xfc,0x7e}, {0x3d,0x47,0x7a,0x3d}, -{0x64,0xac,0xc8,0x64}, {0x5d,0xe7,0xba,0x5d}, {0x19,0x2b,0x32,0x19}, {0x73,0x95,0xe6,0x73}, -{0x60,0xa0,0xc0,0x60}, {0x81,0x98,0x19,0x81}, {0x4f,0xd1,0x9e,0x4f}, {0xdc,0x7f,0xa3,0xdc}, -{0x22,0x66,0x44,0x22}, {0x2a,0x7e,0x54,0x2a}, {0x90,0xab,0x3b,0x90}, {0x88,0x83,0x0b,0x88}, -{0x46,0xca,0x8c,0x46}, {0xee,0x29,0xc7,0xee}, {0xb8,0xd3,0x6b,0xb8}, {0x14,0x3c,0x28,0x14}, -{0xde,0x79,0xa7,0xde}, {0x5e,0xe2,0xbc,0x5e}, {0x0b,0x1d,0x16,0x0b}, {0xdb,0x76,0xad,0xdb}, -{0xe0,0x3b,0xdb,0xe0}, {0x32,0x56,0x64,0x32}, {0x3a,0x4e,0x74,0x3a}, {0x0a,0x1e,0x14,0x0a}, -{0x49,0xdb,0x92,0x49}, {0x06,0x0a,0x0c,0x06}, {0x24,0x6c,0x48,0x24}, {0x5c,0xe4,0xb8,0x5c}, -{0xc2,0x5d,0x9f,0xc2}, {0xd3,0x6e,0xbd,0xd3}, {0xac,0xef,0x43,0xac}, {0x62,0xa6,0xc4,0x62}, -{0x91,0xa8,0x39,0x91}, {0x95,0xa4,0x31,0x95}, {0xe4,0x37,0xd3,0xe4}, {0x79,0x8b,0xf2,0x79}, -{0xe7,0x32,0xd5,0xe7}, {0xc8,0x43,0x8b,0xc8}, {0x37,0x59,0x6e,0x37}, {0x6d,0xb7,0xda,0x6d}, -{0x8d,0x8c,0x01,0x8d}, {0xd5,0x64,0xb1,0xd5}, {0x4e,0xd2,0x9c,0x4e}, {0xa9,0xe0,0x49,0xa9}, -{0x6c,0xb4,0xd8,0x6c}, {0x56,0xfa,0xac,0x56}, {0xf4,0x07,0xf3,0xf4}, {0xea,0x25,0xcf,0xea}, -{0x65,0xaf,0xca,0x65}, {0x7a,0x8e,0xf4,0x7a}, {0xae,0xe9,0x47,0xae}, {0x08,0x18,0x10,0x08}, -{0xba,0xd5,0x6f,0xba}, {0x78,0x88,0xf0,0x78}, {0x25,0x6f,0x4a,0x25}, {0x2e,0x72,0x5c,0x2e}, -{0x1c,0x24,0x38,0x1c}, {0xa6,0xf1,0x57,0xa6}, {0xb4,0xc7,0x73,0xb4}, {0xc6,0x51,0x97,0xc6}, -{0xe8,0x23,0xcb,0xe8}, {0xdd,0x7c,0xa1,0xdd}, {0x74,0x9c,0xe8,0x74}, {0x1f,0x21,0x3e,0x1f}, -{0x4b,0xdd,0x96,0x4b}, {0xbd,0xdc,0x61,0xbd}, {0x8b,0x86,0x0d,0x8b}, {0x8a,0x85,0x0f,0x8a}, -{0x70,0x90,0xe0,0x70}, {0x3e,0x42,0x7c,0x3e}, {0xb5,0xc4,0x71,0xb5}, {0x66,0xaa,0xcc,0x66}, -{0x48,0xd8,0x90,0x48}, {0x03,0x05,0x06,0x03}, {0xf6,0x01,0xf7,0xf6}, {0x0e,0x12,0x1c,0x0e}, -{0x61,0xa3,0xc2,0x61}, {0x35,0x5f,0x6a,0x35}, {0x57,0xf9,0xae,0x57}, {0xb9,0xd0,0x69,0xb9}, -{0x86,0x91,0x17,0x86}, {0xc1,0x58,0x99,0xc1}, {0x1d,0x27,0x3a,0x1d}, {0x9e,0xb9,0x27,0x9e}, -{0xe1,0x38,0xd9,0xe1}, {0xf8,0x13,0xeb,0xf8}, {0x98,0xb3,0x2b,0x98}, {0x11,0x33,0x22,0x11}, -{0x69,0xbb,0xd2,0x69}, {0xd9,0x70,0xa9,0xd9}, {0x8e,0x89,0x07,0x8e}, {0x94,0xa7,0x33,0x94}, -{0x9b,0xb6,0x2d,0x9b}, {0x1e,0x22,0x3c,0x1e}, {0x87,0x92,0x15,0x87}, {0xe9,0x20,0xc9,0xe9}, -{0xce,0x49,0x87,0xce}, {0x55,0xff,0xaa,0x55}, {0x28,0x78,0x50,0x28}, {0xdf,0x7a,0xa5,0xdf}, -{0x8c,0x8f,0x03,0x8c}, {0xa1,0xf8,0x59,0xa1}, {0x89,0x80,0x09,0x89}, {0x0d,0x17,0x1a,0x0d}, -{0xbf,0xda,0x65,0xbf}, {0xe6,0x31,0xd7,0xe6}, {0x42,0xc6,0x84,0x42}, {0x68,0xb8,0xd0,0x68}, -{0x41,0xc3,0x82,0x41}, {0x99,0xb0,0x29,0x99}, {0x2d,0x77,0x5a,0x2d}, {0x0f,0x11,0x1e,0x0f}, -{0xb0,0xcb,0x7b,0xb0}, {0x54,0xfc,0xa8,0x54}, {0xbb,0xd6,0x6d,0xbb}, {0x16,0x3a,0x2c,0x16} - } -}; -#define T3 xT3.xt8 - -static const union xtab xT4 = { - .xt8 = { -{0x63,0x63,0xa5,0xc6}, {0x7c,0x7c,0x84,0xf8}, {0x77,0x77,0x99,0xee}, {0x7b,0x7b,0x8d,0xf6}, -{0xf2,0xf2,0x0d,0xff}, {0x6b,0x6b,0xbd,0xd6}, {0x6f,0x6f,0xb1,0xde}, {0xc5,0xc5,0x54,0x91}, -{0x30,0x30,0x50,0x60}, {0x01,0x01,0x03,0x02}, {0x67,0x67,0xa9,0xce}, {0x2b,0x2b,0x7d,0x56}, -{0xfe,0xfe,0x19,0xe7}, {0xd7,0xd7,0x62,0xb5}, {0xab,0xab,0xe6,0x4d}, {0x76,0x76,0x9a,0xec}, -{0xca,0xca,0x45,0x8f}, {0x82,0x82,0x9d,0x1f}, {0xc9,0xc9,0x40,0x89}, {0x7d,0x7d,0x87,0xfa}, -{0xfa,0xfa,0x15,0xef}, {0x59,0x59,0xeb,0xb2}, {0x47,0x47,0xc9,0x8e}, {0xf0,0xf0,0x0b,0xfb}, -{0xad,0xad,0xec,0x41}, {0xd4,0xd4,0x67,0xb3}, {0xa2,0xa2,0xfd,0x5f}, {0xaf,0xaf,0xea,0x45}, -{0x9c,0x9c,0xbf,0x23}, {0xa4,0xa4,0xf7,0x53}, {0x72,0x72,0x96,0xe4}, {0xc0,0xc0,0x5b,0x9b}, -{0xb7,0xb7,0xc2,0x75}, {0xfd,0xfd,0x1c,0xe1}, {0x93,0x93,0xae,0x3d}, {0x26,0x26,0x6a,0x4c}, -{0x36,0x36,0x5a,0x6c}, {0x3f,0x3f,0x41,0x7e}, {0xf7,0xf7,0x02,0xf5}, {0xcc,0xcc,0x4f,0x83}, -{0x34,0x34,0x5c,0x68}, {0xa5,0xa5,0xf4,0x51}, {0xe5,0xe5,0x34,0xd1}, {0xf1,0xf1,0x08,0xf9}, -{0x71,0x71,0x93,0xe2}, {0xd8,0xd8,0x73,0xab}, {0x31,0x31,0x53,0x62}, {0x15,0x15,0x3f,0x2a}, -{0x04,0x04,0x0c,0x08}, {0xc7,0xc7,0x52,0x95}, {0x23,0x23,0x65,0x46}, {0xc3,0xc3,0x5e,0x9d}, -{0x18,0x18,0x28,0x30}, {0x96,0x96,0xa1,0x37}, {0x05,0x05,0x0f,0x0a}, {0x9a,0x9a,0xb5,0x2f}, -{0x07,0x07,0x09,0x0e}, {0x12,0x12,0x36,0x24}, {0x80,0x80,0x9b,0x1b}, {0xe2,0xe2,0x3d,0xdf}, -{0xeb,0xeb,0x26,0xcd}, {0x27,0x27,0x69,0x4e}, {0xb2,0xb2,0xcd,0x7f}, {0x75,0x75,0x9f,0xea}, -{0x09,0x09,0x1b,0x12}, {0x83,0x83,0x9e,0x1d}, {0x2c,0x2c,0x74,0x58}, {0x1a,0x1a,0x2e,0x34}, -{0x1b,0x1b,0x2d,0x36}, {0x6e,0x6e,0xb2,0xdc}, {0x5a,0x5a,0xee,0xb4}, {0xa0,0xa0,0xfb,0x5b}, -{0x52,0x52,0xf6,0xa4}, {0x3b,0x3b,0x4d,0x76}, {0xd6,0xd6,0x61,0xb7}, {0xb3,0xb3,0xce,0x7d}, -{0x29,0x29,0x7b,0x52}, {0xe3,0xe3,0x3e,0xdd}, {0x2f,0x2f,0x71,0x5e}, {0x84,0x84,0x97,0x13}, -{0x53,0x53,0xf5,0xa6}, {0xd1,0xd1,0x68,0xb9}, {0x00,0x00,0x00,0x00}, {0xed,0xed,0x2c,0xc1}, -{0x20,0x20,0x60,0x40}, {0xfc,0xfc,0x1f,0xe3}, {0xb1,0xb1,0xc8,0x79}, {0x5b,0x5b,0xed,0xb6}, -{0x6a,0x6a,0xbe,0xd4}, {0xcb,0xcb,0x46,0x8d}, {0xbe,0xbe,0xd9,0x67}, {0x39,0x39,0x4b,0x72}, -{0x4a,0x4a,0xde,0x94}, {0x4c,0x4c,0xd4,0x98}, {0x58,0x58,0xe8,0xb0}, {0xcf,0xcf,0x4a,0x85}, -{0xd0,0xd0,0x6b,0xbb}, {0xef,0xef,0x2a,0xc5}, {0xaa,0xaa,0xe5,0x4f}, {0xfb,0xfb,0x16,0xed}, -{0x43,0x43,0xc5,0x86}, {0x4d,0x4d,0xd7,0x9a}, {0x33,0x33,0x55,0x66}, {0x85,0x85,0x94,0x11}, -{0x45,0x45,0xcf,0x8a}, {0xf9,0xf9,0x10,0xe9}, {0x02,0x02,0x06,0x04}, {0x7f,0x7f,0x81,0xfe}, -{0x50,0x50,0xf0,0xa0}, {0x3c,0x3c,0x44,0x78}, {0x9f,0x9f,0xba,0x25}, {0xa8,0xa8,0xe3,0x4b}, -{0x51,0x51,0xf3,0xa2}, {0xa3,0xa3,0xfe,0x5d}, {0x40,0x40,0xc0,0x80}, {0x8f,0x8f,0x8a,0x05}, -{0x92,0x92,0xad,0x3f}, {0x9d,0x9d,0xbc,0x21}, {0x38,0x38,0x48,0x70}, {0xf5,0xf5,0x04,0xf1}, -{0xbc,0xbc,0xdf,0x63}, {0xb6,0xb6,0xc1,0x77}, {0xda,0xda,0x75,0xaf}, {0x21,0x21,0x63,0x42}, -{0x10,0x10,0x30,0x20}, {0xff,0xff,0x1a,0xe5}, {0xf3,0xf3,0x0e,0xfd}, {0xd2,0xd2,0x6d,0xbf}, -{0xcd,0xcd,0x4c,0x81}, {0x0c,0x0c,0x14,0x18}, {0x13,0x13,0x35,0x26}, {0xec,0xec,0x2f,0xc3}, -{0x5f,0x5f,0xe1,0xbe}, {0x97,0x97,0xa2,0x35}, {0x44,0x44,0xcc,0x88}, {0x17,0x17,0x39,0x2e}, -{0xc4,0xc4,0x57,0x93}, {0xa7,0xa7,0xf2,0x55}, {0x7e,0x7e,0x82,0xfc}, {0x3d,0x3d,0x47,0x7a}, -{0x64,0x64,0xac,0xc8}, {0x5d,0x5d,0xe7,0xba}, {0x19,0x19,0x2b,0x32}, {0x73,0x73,0x95,0xe6}, -{0x60,0x60,0xa0,0xc0}, {0x81,0x81,0x98,0x19}, {0x4f,0x4f,0xd1,0x9e}, {0xdc,0xdc,0x7f,0xa3}, -{0x22,0x22,0x66,0x44}, {0x2a,0x2a,0x7e,0x54}, {0x90,0x90,0xab,0x3b}, {0x88,0x88,0x83,0x0b}, -{0x46,0x46,0xca,0x8c}, {0xee,0xee,0x29,0xc7}, {0xb8,0xb8,0xd3,0x6b}, {0x14,0x14,0x3c,0x28}, -{0xde,0xde,0x79,0xa7}, {0x5e,0x5e,0xe2,0xbc}, {0x0b,0x0b,0x1d,0x16}, {0xdb,0xdb,0x76,0xad}, -{0xe0,0xe0,0x3b,0xdb}, {0x32,0x32,0x56,0x64}, {0x3a,0x3a,0x4e,0x74}, {0x0a,0x0a,0x1e,0x14}, -{0x49,0x49,0xdb,0x92}, {0x06,0x06,0x0a,0x0c}, {0x24,0x24,0x6c,0x48}, {0x5c,0x5c,0xe4,0xb8}, -{0xc2,0xc2,0x5d,0x9f}, {0xd3,0xd3,0x6e,0xbd}, {0xac,0xac,0xef,0x43}, {0x62,0x62,0xa6,0xc4}, -{0x91,0x91,0xa8,0x39}, {0x95,0x95,0xa4,0x31}, {0xe4,0xe4,0x37,0xd3}, {0x79,0x79,0x8b,0xf2}, -{0xe7,0xe7,0x32,0xd5}, {0xc8,0xc8,0x43,0x8b}, {0x37,0x37,0x59,0x6e}, {0x6d,0x6d,0xb7,0xda}, -{0x8d,0x8d,0x8c,0x01}, {0xd5,0xd5,0x64,0xb1}, {0x4e,0x4e,0xd2,0x9c}, {0xa9,0xa9,0xe0,0x49}, -{0x6c,0x6c,0xb4,0xd8}, {0x56,0x56,0xfa,0xac}, {0xf4,0xf4,0x07,0xf3}, {0xea,0xea,0x25,0xcf}, -{0x65,0x65,0xaf,0xca}, {0x7a,0x7a,0x8e,0xf4}, {0xae,0xae,0xe9,0x47}, {0x08,0x08,0x18,0x10}, -{0xba,0xba,0xd5,0x6f}, {0x78,0x78,0x88,0xf0}, {0x25,0x25,0x6f,0x4a}, {0x2e,0x2e,0x72,0x5c}, -{0x1c,0x1c,0x24,0x38}, {0xa6,0xa6,0xf1,0x57}, {0xb4,0xb4,0xc7,0x73}, {0xc6,0xc6,0x51,0x97}, -{0xe8,0xe8,0x23,0xcb}, {0xdd,0xdd,0x7c,0xa1}, {0x74,0x74,0x9c,0xe8}, {0x1f,0x1f,0x21,0x3e}, -{0x4b,0x4b,0xdd,0x96}, {0xbd,0xbd,0xdc,0x61}, {0x8b,0x8b,0x86,0x0d}, {0x8a,0x8a,0x85,0x0f}, -{0x70,0x70,0x90,0xe0}, {0x3e,0x3e,0x42,0x7c}, {0xb5,0xb5,0xc4,0x71}, {0x66,0x66,0xaa,0xcc}, -{0x48,0x48,0xd8,0x90}, {0x03,0x03,0x05,0x06}, {0xf6,0xf6,0x01,0xf7}, {0x0e,0x0e,0x12,0x1c}, -{0x61,0x61,0xa3,0xc2}, {0x35,0x35,0x5f,0x6a}, {0x57,0x57,0xf9,0xae}, {0xb9,0xb9,0xd0,0x69}, -{0x86,0x86,0x91,0x17}, {0xc1,0xc1,0x58,0x99}, {0x1d,0x1d,0x27,0x3a}, {0x9e,0x9e,0xb9,0x27}, -{0xe1,0xe1,0x38,0xd9}, {0xf8,0xf8,0x13,0xeb}, {0x98,0x98,0xb3,0x2b}, {0x11,0x11,0x33,0x22}, -{0x69,0x69,0xbb,0xd2}, {0xd9,0xd9,0x70,0xa9}, {0x8e,0x8e,0x89,0x07}, {0x94,0x94,0xa7,0x33}, -{0x9b,0x9b,0xb6,0x2d}, {0x1e,0x1e,0x22,0x3c}, {0x87,0x87,0x92,0x15}, {0xe9,0xe9,0x20,0xc9}, -{0xce,0xce,0x49,0x87}, {0x55,0x55,0xff,0xaa}, {0x28,0x28,0x78,0x50}, {0xdf,0xdf,0x7a,0xa5}, -{0x8c,0x8c,0x8f,0x03}, {0xa1,0xa1,0xf8,0x59}, {0x89,0x89,0x80,0x09}, {0x0d,0x0d,0x17,0x1a}, -{0xbf,0xbf,0xda,0x65}, {0xe6,0xe6,0x31,0xd7}, {0x42,0x42,0xc6,0x84}, {0x68,0x68,0xb8,0xd0}, -{0x41,0x41,0xc3,0x82}, {0x99,0x99,0xb0,0x29}, {0x2d,0x2d,0x77,0x5a}, {0x0f,0x0f,0x11,0x1e}, -{0xb0,0xb0,0xcb,0x7b}, {0x54,0x54,0xfc,0xa8}, {0xbb,0xbb,0xd6,0x6d}, {0x16,0x16,0x3a,0x2c} - } -}; -#define T4 xT4.xt8 - -static const union xtab xT5 = { - .xt8 = { -{0x51,0xf4,0xa7,0x50}, {0x7e,0x41,0x65,0x53}, {0x1a,0x17,0xa4,0xc3}, {0x3a,0x27,0x5e,0x96}, -{0x3b,0xab,0x6b,0xcb}, {0x1f,0x9d,0x45,0xf1}, {0xac,0xfa,0x58,0xab}, {0x4b,0xe3,0x03,0x93}, -{0x20,0x30,0xfa,0x55}, {0xad,0x76,0x6d,0xf6}, {0x88,0xcc,0x76,0x91}, {0xf5,0x02,0x4c,0x25}, -{0x4f,0xe5,0xd7,0xfc}, {0xc5,0x2a,0xcb,0xd7}, {0x26,0x35,0x44,0x80}, {0xb5,0x62,0xa3,0x8f}, -{0xde,0xb1,0x5a,0x49}, {0x25,0xba,0x1b,0x67}, {0x45,0xea,0x0e,0x98}, {0x5d,0xfe,0xc0,0xe1}, -{0xc3,0x2f,0x75,0x02}, {0x81,0x4c,0xf0,0x12}, {0x8d,0x46,0x97,0xa3}, {0x6b,0xd3,0xf9,0xc6}, -{0x03,0x8f,0x5f,0xe7}, {0x15,0x92,0x9c,0x95}, {0xbf,0x6d,0x7a,0xeb}, {0x95,0x52,0x59,0xda}, -{0xd4,0xbe,0x83,0x2d}, {0x58,0x74,0x21,0xd3}, {0x49,0xe0,0x69,0x29}, {0x8e,0xc9,0xc8,0x44}, -{0x75,0xc2,0x89,0x6a}, {0xf4,0x8e,0x79,0x78}, {0x99,0x58,0x3e,0x6b}, {0x27,0xb9,0x71,0xdd}, -{0xbe,0xe1,0x4f,0xb6}, {0xf0,0x88,0xad,0x17}, {0xc9,0x20,0xac,0x66}, {0x7d,0xce,0x3a,0xb4}, -{0x63,0xdf,0x4a,0x18}, {0xe5,0x1a,0x31,0x82}, {0x97,0x51,0x33,0x60}, {0x62,0x53,0x7f,0x45}, -{0xb1,0x64,0x77,0xe0}, {0xbb,0x6b,0xae,0x84}, {0xfe,0x81,0xa0,0x1c}, {0xf9,0x08,0x2b,0x94}, -{0x70,0x48,0x68,0x58}, {0x8f,0x45,0xfd,0x19}, {0x94,0xde,0x6c,0x87}, {0x52,0x7b,0xf8,0xb7}, -{0xab,0x73,0xd3,0x23}, {0x72,0x4b,0x02,0xe2}, {0xe3,0x1f,0x8f,0x57}, {0x66,0x55,0xab,0x2a}, -{0xb2,0xeb,0x28,0x07}, {0x2f,0xb5,0xc2,0x03}, {0x86,0xc5,0x7b,0x9a}, {0xd3,0x37,0x08,0xa5}, -{0x30,0x28,0x87,0xf2}, {0x23,0xbf,0xa5,0xb2}, {0x02,0x03,0x6a,0xba}, {0xed,0x16,0x82,0x5c}, -{0x8a,0xcf,0x1c,0x2b}, {0xa7,0x79,0xb4,0x92}, {0xf3,0x07,0xf2,0xf0}, {0x4e,0x69,0xe2,0xa1}, -{0x65,0xda,0xf4,0xcd}, {0x06,0x05,0xbe,0xd5}, {0xd1,0x34,0x62,0x1f}, {0xc4,0xa6,0xfe,0x8a}, -{0x34,0x2e,0x53,0x9d}, {0xa2,0xf3,0x55,0xa0}, {0x05,0x8a,0xe1,0x32}, {0xa4,0xf6,0xeb,0x75}, -{0x0b,0x83,0xec,0x39}, {0x40,0x60,0xef,0xaa}, {0x5e,0x71,0x9f,0x06}, {0xbd,0x6e,0x10,0x51}, -{0x3e,0x21,0x8a,0xf9}, {0x96,0xdd,0x06,0x3d}, {0xdd,0x3e,0x05,0xae}, {0x4d,0xe6,0xbd,0x46}, -{0x91,0x54,0x8d,0xb5}, {0x71,0xc4,0x5d,0x05}, {0x04,0x06,0xd4,0x6f}, {0x60,0x50,0x15,0xff}, -{0x19,0x98,0xfb,0x24}, {0xd6,0xbd,0xe9,0x97}, {0x89,0x40,0x43,0xcc}, {0x67,0xd9,0x9e,0x77}, -{0xb0,0xe8,0x42,0xbd}, {0x07,0x89,0x8b,0x88}, {0xe7,0x19,0x5b,0x38}, {0x79,0xc8,0xee,0xdb}, -{0xa1,0x7c,0x0a,0x47}, {0x7c,0x42,0x0f,0xe9}, {0xf8,0x84,0x1e,0xc9}, {0x00,0x00,0x00,0x00}, -{0x09,0x80,0x86,0x83}, {0x32,0x2b,0xed,0x48}, {0x1e,0x11,0x70,0xac}, {0x6c,0x5a,0x72,0x4e}, -{0xfd,0x0e,0xff,0xfb}, {0x0f,0x85,0x38,0x56}, {0x3d,0xae,0xd5,0x1e}, {0x36,0x2d,0x39,0x27}, -{0x0a,0x0f,0xd9,0x64}, {0x68,0x5c,0xa6,0x21}, {0x9b,0x5b,0x54,0xd1}, {0x24,0x36,0x2e,0x3a}, -{0x0c,0x0a,0x67,0xb1}, {0x93,0x57,0xe7,0x0f}, {0xb4,0xee,0x96,0xd2}, {0x1b,0x9b,0x91,0x9e}, -{0x80,0xc0,0xc5,0x4f}, {0x61,0xdc,0x20,0xa2}, {0x5a,0x77,0x4b,0x69}, {0x1c,0x12,0x1a,0x16}, -{0xe2,0x93,0xba,0x0a}, {0xc0,0xa0,0x2a,0xe5}, {0x3c,0x22,0xe0,0x43}, {0x12,0x1b,0x17,0x1d}, -{0x0e,0x09,0x0d,0x0b}, {0xf2,0x8b,0xc7,0xad}, {0x2d,0xb6,0xa8,0xb9}, {0x14,0x1e,0xa9,0xc8}, -{0x57,0xf1,0x19,0x85}, {0xaf,0x75,0x07,0x4c}, {0xee,0x99,0xdd,0xbb}, {0xa3,0x7f,0x60,0xfd}, -{0xf7,0x01,0x26,0x9f}, {0x5c,0x72,0xf5,0xbc}, {0x44,0x66,0x3b,0xc5}, {0x5b,0xfb,0x7e,0x34}, -{0x8b,0x43,0x29,0x76}, {0xcb,0x23,0xc6,0xdc}, {0xb6,0xed,0xfc,0x68}, {0xb8,0xe4,0xf1,0x63}, -{0xd7,0x31,0xdc,0xca}, {0x42,0x63,0x85,0x10}, {0x13,0x97,0x22,0x40}, {0x84,0xc6,0x11,0x20}, -{0x85,0x4a,0x24,0x7d}, {0xd2,0xbb,0x3d,0xf8}, {0xae,0xf9,0x32,0x11}, {0xc7,0x29,0xa1,0x6d}, -{0x1d,0x9e,0x2f,0x4b}, {0xdc,0xb2,0x30,0xf3}, {0x0d,0x86,0x52,0xec}, {0x77,0xc1,0xe3,0xd0}, -{0x2b,0xb3,0x16,0x6c}, {0xa9,0x70,0xb9,0x99}, {0x11,0x94,0x48,0xfa}, {0x47,0xe9,0x64,0x22}, -{0xa8,0xfc,0x8c,0xc4}, {0xa0,0xf0,0x3f,0x1a}, {0x56,0x7d,0x2c,0xd8}, {0x22,0x33,0x90,0xef}, -{0x87,0x49,0x4e,0xc7}, {0xd9,0x38,0xd1,0xc1}, {0x8c,0xca,0xa2,0xfe}, {0x98,0xd4,0x0b,0x36}, -{0xa6,0xf5,0x81,0xcf}, {0xa5,0x7a,0xde,0x28}, {0xda,0xb7,0x8e,0x26}, {0x3f,0xad,0xbf,0xa4}, -{0x2c,0x3a,0x9d,0xe4}, {0x50,0x78,0x92,0x0d}, {0x6a,0x5f,0xcc,0x9b}, {0x54,0x7e,0x46,0x62}, -{0xf6,0x8d,0x13,0xc2}, {0x90,0xd8,0xb8,0xe8}, {0x2e,0x39,0xf7,0x5e}, {0x82,0xc3,0xaf,0xf5}, -{0x9f,0x5d,0x80,0xbe}, {0x69,0xd0,0x93,0x7c}, {0x6f,0xd5,0x2d,0xa9}, {0xcf,0x25,0x12,0xb3}, -{0xc8,0xac,0x99,0x3b}, {0x10,0x18,0x7d,0xa7}, {0xe8,0x9c,0x63,0x6e}, {0xdb,0x3b,0xbb,0x7b}, -{0xcd,0x26,0x78,0x09}, {0x6e,0x59,0x18,0xf4}, {0xec,0x9a,0xb7,0x01}, {0x83,0x4f,0x9a,0xa8}, -{0xe6,0x95,0x6e,0x65}, {0xaa,0xff,0xe6,0x7e}, {0x21,0xbc,0xcf,0x08}, {0xef,0x15,0xe8,0xe6}, -{0xba,0xe7,0x9b,0xd9}, {0x4a,0x6f,0x36,0xce}, {0xea,0x9f,0x09,0xd4}, {0x29,0xb0,0x7c,0xd6}, -{0x31,0xa4,0xb2,0xaf}, {0x2a,0x3f,0x23,0x31}, {0xc6,0xa5,0x94,0x30}, {0x35,0xa2,0x66,0xc0}, -{0x74,0x4e,0xbc,0x37}, {0xfc,0x82,0xca,0xa6}, {0xe0,0x90,0xd0,0xb0}, {0x33,0xa7,0xd8,0x15}, -{0xf1,0x04,0x98,0x4a}, {0x41,0xec,0xda,0xf7}, {0x7f,0xcd,0x50,0x0e}, {0x17,0x91,0xf6,0x2f}, -{0x76,0x4d,0xd6,0x8d}, {0x43,0xef,0xb0,0x4d}, {0xcc,0xaa,0x4d,0x54}, {0xe4,0x96,0x04,0xdf}, -{0x9e,0xd1,0xb5,0xe3}, {0x4c,0x6a,0x88,0x1b}, {0xc1,0x2c,0x1f,0xb8}, {0x46,0x65,0x51,0x7f}, -{0x9d,0x5e,0xea,0x04}, {0x01,0x8c,0x35,0x5d}, {0xfa,0x87,0x74,0x73}, {0xfb,0x0b,0x41,0x2e}, -{0xb3,0x67,0x1d,0x5a}, {0x92,0xdb,0xd2,0x52}, {0xe9,0x10,0x56,0x33}, {0x6d,0xd6,0x47,0x13}, -{0x9a,0xd7,0x61,0x8c}, {0x37,0xa1,0x0c,0x7a}, {0x59,0xf8,0x14,0x8e}, {0xeb,0x13,0x3c,0x89}, -{0xce,0xa9,0x27,0xee}, {0xb7,0x61,0xc9,0x35}, {0xe1,0x1c,0xe5,0xed}, {0x7a,0x47,0xb1,0x3c}, -{0x9c,0xd2,0xdf,0x59}, {0x55,0xf2,0x73,0x3f}, {0x18,0x14,0xce,0x79}, {0x73,0xc7,0x37,0xbf}, -{0x53,0xf7,0xcd,0xea}, {0x5f,0xfd,0xaa,0x5b}, {0xdf,0x3d,0x6f,0x14}, {0x78,0x44,0xdb,0x86}, -{0xca,0xaf,0xf3,0x81}, {0xb9,0x68,0xc4,0x3e}, {0x38,0x24,0x34,0x2c}, {0xc2,0xa3,0x40,0x5f}, -{0x16,0x1d,0xc3,0x72}, {0xbc,0xe2,0x25,0x0c}, {0x28,0x3c,0x49,0x8b}, {0xff,0x0d,0x95,0x41}, -{0x39,0xa8,0x01,0x71}, {0x08,0x0c,0xb3,0xde}, {0xd8,0xb4,0xe4,0x9c}, {0x64,0x56,0xc1,0x90}, -{0x7b,0xcb,0x84,0x61}, {0xd5,0x32,0xb6,0x70}, {0x48,0x6c,0x5c,0x74}, {0xd0,0xb8,0x57,0x42} - } -}; -#define T5 xT5.xt8 - -static const union xtab xT6 = { - .xt8 = { -{0x50,0x51,0xf4,0xa7}, {0x53,0x7e,0x41,0x65}, {0xc3,0x1a,0x17,0xa4}, {0x96,0x3a,0x27,0x5e}, -{0xcb,0x3b,0xab,0x6b}, {0xf1,0x1f,0x9d,0x45}, {0xab,0xac,0xfa,0x58}, {0x93,0x4b,0xe3,0x03}, -{0x55,0x20,0x30,0xfa}, {0xf6,0xad,0x76,0x6d}, {0x91,0x88,0xcc,0x76}, {0x25,0xf5,0x02,0x4c}, -{0xfc,0x4f,0xe5,0xd7}, {0xd7,0xc5,0x2a,0xcb}, {0x80,0x26,0x35,0x44}, {0x8f,0xb5,0x62,0xa3}, -{0x49,0xde,0xb1,0x5a}, {0x67,0x25,0xba,0x1b}, {0x98,0x45,0xea,0x0e}, {0xe1,0x5d,0xfe,0xc0}, -{0x02,0xc3,0x2f,0x75}, {0x12,0x81,0x4c,0xf0}, {0xa3,0x8d,0x46,0x97}, {0xc6,0x6b,0xd3,0xf9}, -{0xe7,0x03,0x8f,0x5f}, {0x95,0x15,0x92,0x9c}, {0xeb,0xbf,0x6d,0x7a}, {0xda,0x95,0x52,0x59}, -{0x2d,0xd4,0xbe,0x83}, {0xd3,0x58,0x74,0x21}, {0x29,0x49,0xe0,0x69}, {0x44,0x8e,0xc9,0xc8}, -{0x6a,0x75,0xc2,0x89}, {0x78,0xf4,0x8e,0x79}, {0x6b,0x99,0x58,0x3e}, {0xdd,0x27,0xb9,0x71}, -{0xb6,0xbe,0xe1,0x4f}, {0x17,0xf0,0x88,0xad}, {0x66,0xc9,0x20,0xac}, {0xb4,0x7d,0xce,0x3a}, -{0x18,0x63,0xdf,0x4a}, {0x82,0xe5,0x1a,0x31}, {0x60,0x97,0x51,0x33}, {0x45,0x62,0x53,0x7f}, -{0xe0,0xb1,0x64,0x77}, {0x84,0xbb,0x6b,0xae}, {0x1c,0xfe,0x81,0xa0}, {0x94,0xf9,0x08,0x2b}, -{0x58,0x70,0x48,0x68}, {0x19,0x8f,0x45,0xfd}, {0x87,0x94,0xde,0x6c}, {0xb7,0x52,0x7b,0xf8}, -{0x23,0xab,0x73,0xd3}, {0xe2,0x72,0x4b,0x02}, {0x57,0xe3,0x1f,0x8f}, {0x2a,0x66,0x55,0xab}, -{0x07,0xb2,0xeb,0x28}, {0x03,0x2f,0xb5,0xc2}, {0x9a,0x86,0xc5,0x7b}, {0xa5,0xd3,0x37,0x08}, -{0xf2,0x30,0x28,0x87}, {0xb2,0x23,0xbf,0xa5}, {0xba,0x02,0x03,0x6a}, {0x5c,0xed,0x16,0x82}, -{0x2b,0x8a,0xcf,0x1c}, {0x92,0xa7,0x79,0xb4}, {0xf0,0xf3,0x07,0xf2}, {0xa1,0x4e,0x69,0xe2}, -{0xcd,0x65,0xda,0xf4}, {0xd5,0x06,0x05,0xbe}, {0x1f,0xd1,0x34,0x62}, {0x8a,0xc4,0xa6,0xfe}, -{0x9d,0x34,0x2e,0x53}, {0xa0,0xa2,0xf3,0x55}, {0x32,0x05,0x8a,0xe1}, {0x75,0xa4,0xf6,0xeb}, -{0x39,0x0b,0x83,0xec}, {0xaa,0x40,0x60,0xef}, {0x06,0x5e,0x71,0x9f}, {0x51,0xbd,0x6e,0x10}, -{0xf9,0x3e,0x21,0x8a}, {0x3d,0x96,0xdd,0x06}, {0xae,0xdd,0x3e,0x05}, {0x46,0x4d,0xe6,0xbd}, -{0xb5,0x91,0x54,0x8d}, {0x05,0x71,0xc4,0x5d}, {0x6f,0x04,0x06,0xd4}, {0xff,0x60,0x50,0x15}, -{0x24,0x19,0x98,0xfb}, {0x97,0xd6,0xbd,0xe9}, {0xcc,0x89,0x40,0x43}, {0x77,0x67,0xd9,0x9e}, -{0xbd,0xb0,0xe8,0x42}, {0x88,0x07,0x89,0x8b}, {0x38,0xe7,0x19,0x5b}, {0xdb,0x79,0xc8,0xee}, -{0x47,0xa1,0x7c,0x0a}, {0xe9,0x7c,0x42,0x0f}, {0xc9,0xf8,0x84,0x1e}, {0x00,0x00,0x00,0x00}, -{0x83,0x09,0x80,0x86}, {0x48,0x32,0x2b,0xed}, {0xac,0x1e,0x11,0x70}, {0x4e,0x6c,0x5a,0x72}, -{0xfb,0xfd,0x0e,0xff}, {0x56,0x0f,0x85,0x38}, {0x1e,0x3d,0xae,0xd5}, {0x27,0x36,0x2d,0x39}, -{0x64,0x0a,0x0f,0xd9}, {0x21,0x68,0x5c,0xa6}, {0xd1,0x9b,0x5b,0x54}, {0x3a,0x24,0x36,0x2e}, -{0xb1,0x0c,0x0a,0x67}, {0x0f,0x93,0x57,0xe7}, {0xd2,0xb4,0xee,0x96}, {0x9e,0x1b,0x9b,0x91}, -{0x4f,0x80,0xc0,0xc5}, {0xa2,0x61,0xdc,0x20}, {0x69,0x5a,0x77,0x4b}, {0x16,0x1c,0x12,0x1a}, -{0x0a,0xe2,0x93,0xba}, {0xe5,0xc0,0xa0,0x2a}, {0x43,0x3c,0x22,0xe0}, {0x1d,0x12,0x1b,0x17}, -{0x0b,0x0e,0x09,0x0d}, {0xad,0xf2,0x8b,0xc7}, {0xb9,0x2d,0xb6,0xa8}, {0xc8,0x14,0x1e,0xa9}, -{0x85,0x57,0xf1,0x19}, {0x4c,0xaf,0x75,0x07}, {0xbb,0xee,0x99,0xdd}, {0xfd,0xa3,0x7f,0x60}, -{0x9f,0xf7,0x01,0x26}, {0xbc,0x5c,0x72,0xf5}, {0xc5,0x44,0x66,0x3b}, {0x34,0x5b,0xfb,0x7e}, -{0x76,0x8b,0x43,0x29}, {0xdc,0xcb,0x23,0xc6}, {0x68,0xb6,0xed,0xfc}, {0x63,0xb8,0xe4,0xf1}, -{0xca,0xd7,0x31,0xdc}, {0x10,0x42,0x63,0x85}, {0x40,0x13,0x97,0x22}, {0x20,0x84,0xc6,0x11}, -{0x7d,0x85,0x4a,0x24}, {0xf8,0xd2,0xbb,0x3d}, {0x11,0xae,0xf9,0x32}, {0x6d,0xc7,0x29,0xa1}, -{0x4b,0x1d,0x9e,0x2f}, {0xf3,0xdc,0xb2,0x30}, {0xec,0x0d,0x86,0x52}, {0xd0,0x77,0xc1,0xe3}, -{0x6c,0x2b,0xb3,0x16}, {0x99,0xa9,0x70,0xb9}, {0xfa,0x11,0x94,0x48}, {0x22,0x47,0xe9,0x64}, -{0xc4,0xa8,0xfc,0x8c}, {0x1a,0xa0,0xf0,0x3f}, {0xd8,0x56,0x7d,0x2c}, {0xef,0x22,0x33,0x90}, -{0xc7,0x87,0x49,0x4e}, {0xc1,0xd9,0x38,0xd1}, {0xfe,0x8c,0xca,0xa2}, {0x36,0x98,0xd4,0x0b}, -{0xcf,0xa6,0xf5,0x81}, {0x28,0xa5,0x7a,0xde}, {0x26,0xda,0xb7,0x8e}, {0xa4,0x3f,0xad,0xbf}, -{0xe4,0x2c,0x3a,0x9d}, {0x0d,0x50,0x78,0x92}, {0x9b,0x6a,0x5f,0xcc}, {0x62,0x54,0x7e,0x46}, -{0xc2,0xf6,0x8d,0x13}, {0xe8,0x90,0xd8,0xb8}, {0x5e,0x2e,0x39,0xf7}, {0xf5,0x82,0xc3,0xaf}, -{0xbe,0x9f,0x5d,0x80}, {0x7c,0x69,0xd0,0x93}, {0xa9,0x6f,0xd5,0x2d}, {0xb3,0xcf,0x25,0x12}, -{0x3b,0xc8,0xac,0x99}, {0xa7,0x10,0x18,0x7d}, {0x6e,0xe8,0x9c,0x63}, {0x7b,0xdb,0x3b,0xbb}, -{0x09,0xcd,0x26,0x78}, {0xf4,0x6e,0x59,0x18}, {0x01,0xec,0x9a,0xb7}, {0xa8,0x83,0x4f,0x9a}, -{0x65,0xe6,0x95,0x6e}, {0x7e,0xaa,0xff,0xe6}, {0x08,0x21,0xbc,0xcf}, {0xe6,0xef,0x15,0xe8}, -{0xd9,0xba,0xe7,0x9b}, {0xce,0x4a,0x6f,0x36}, {0xd4,0xea,0x9f,0x09}, {0xd6,0x29,0xb0,0x7c}, -{0xaf,0x31,0xa4,0xb2}, {0x31,0x2a,0x3f,0x23}, {0x30,0xc6,0xa5,0x94}, {0xc0,0x35,0xa2,0x66}, -{0x37,0x74,0x4e,0xbc}, {0xa6,0xfc,0x82,0xca}, {0xb0,0xe0,0x90,0xd0}, {0x15,0x33,0xa7,0xd8}, -{0x4a,0xf1,0x04,0x98}, {0xf7,0x41,0xec,0xda}, {0x0e,0x7f,0xcd,0x50}, {0x2f,0x17,0x91,0xf6}, -{0x8d,0x76,0x4d,0xd6}, {0x4d,0x43,0xef,0xb0}, {0x54,0xcc,0xaa,0x4d}, {0xdf,0xe4,0x96,0x04}, -{0xe3,0x9e,0xd1,0xb5}, {0x1b,0x4c,0x6a,0x88}, {0xb8,0xc1,0x2c,0x1f}, {0x7f,0x46,0x65,0x51}, -{0x04,0x9d,0x5e,0xea}, {0x5d,0x01,0x8c,0x35}, {0x73,0xfa,0x87,0x74}, {0x2e,0xfb,0x0b,0x41}, -{0x5a,0xb3,0x67,0x1d}, {0x52,0x92,0xdb,0xd2}, {0x33,0xe9,0x10,0x56}, {0x13,0x6d,0xd6,0x47}, -{0x8c,0x9a,0xd7,0x61}, {0x7a,0x37,0xa1,0x0c}, {0x8e,0x59,0xf8,0x14}, {0x89,0xeb,0x13,0x3c}, -{0xee,0xce,0xa9,0x27}, {0x35,0xb7,0x61,0xc9}, {0xed,0xe1,0x1c,0xe5}, {0x3c,0x7a,0x47,0xb1}, -{0x59,0x9c,0xd2,0xdf}, {0x3f,0x55,0xf2,0x73}, {0x79,0x18,0x14,0xce}, {0xbf,0x73,0xc7,0x37}, -{0xea,0x53,0xf7,0xcd}, {0x5b,0x5f,0xfd,0xaa}, {0x14,0xdf,0x3d,0x6f}, {0x86,0x78,0x44,0xdb}, -{0x81,0xca,0xaf,0xf3}, {0x3e,0xb9,0x68,0xc4}, {0x2c,0x38,0x24,0x34}, {0x5f,0xc2,0xa3,0x40}, -{0x72,0x16,0x1d,0xc3}, {0x0c,0xbc,0xe2,0x25}, {0x8b,0x28,0x3c,0x49}, {0x41,0xff,0x0d,0x95}, -{0x71,0x39,0xa8,0x01}, {0xde,0x08,0x0c,0xb3}, {0x9c,0xd8,0xb4,0xe4}, {0x90,0x64,0x56,0xc1}, -{0x61,0x7b,0xcb,0x84}, {0x70,0xd5,0x32,0xb6}, {0x74,0x48,0x6c,0x5c}, {0x42,0xd0,0xb8,0x57} - } -}; -#define T6 xT6.xt8 - -static const union xtab xT7 = { - .xt8 = { -{0xa7,0x50,0x51,0xf4}, {0x65,0x53,0x7e,0x41}, {0xa4,0xc3,0x1a,0x17}, {0x5e,0x96,0x3a,0x27}, -{0x6b,0xcb,0x3b,0xab}, {0x45,0xf1,0x1f,0x9d}, {0x58,0xab,0xac,0xfa}, {0x03,0x93,0x4b,0xe3}, -{0xfa,0x55,0x20,0x30}, {0x6d,0xf6,0xad,0x76}, {0x76,0x91,0x88,0xcc}, {0x4c,0x25,0xf5,0x02}, -{0xd7,0xfc,0x4f,0xe5}, {0xcb,0xd7,0xc5,0x2a}, {0x44,0x80,0x26,0x35}, {0xa3,0x8f,0xb5,0x62}, -{0x5a,0x49,0xde,0xb1}, {0x1b,0x67,0x25,0xba}, {0x0e,0x98,0x45,0xea}, {0xc0,0xe1,0x5d,0xfe}, -{0x75,0x02,0xc3,0x2f}, {0xf0,0x12,0x81,0x4c}, {0x97,0xa3,0x8d,0x46}, {0xf9,0xc6,0x6b,0xd3}, -{0x5f,0xe7,0x03,0x8f}, {0x9c,0x95,0x15,0x92}, {0x7a,0xeb,0xbf,0x6d}, {0x59,0xda,0x95,0x52}, -{0x83,0x2d,0xd4,0xbe}, {0x21,0xd3,0x58,0x74}, {0x69,0x29,0x49,0xe0}, {0xc8,0x44,0x8e,0xc9}, -{0x89,0x6a,0x75,0xc2}, {0x79,0x78,0xf4,0x8e}, {0x3e,0x6b,0x99,0x58}, {0x71,0xdd,0x27,0xb9}, -{0x4f,0xb6,0xbe,0xe1}, {0xad,0x17,0xf0,0x88}, {0xac,0x66,0xc9,0x20}, {0x3a,0xb4,0x7d,0xce}, -{0x4a,0x18,0x63,0xdf}, {0x31,0x82,0xe5,0x1a}, {0x33,0x60,0x97,0x51}, {0x7f,0x45,0x62,0x53}, -{0x77,0xe0,0xb1,0x64}, {0xae,0x84,0xbb,0x6b}, {0xa0,0x1c,0xfe,0x81}, {0x2b,0x94,0xf9,0x08}, -{0x68,0x58,0x70,0x48}, {0xfd,0x19,0x8f,0x45}, {0x6c,0x87,0x94,0xde}, {0xf8,0xb7,0x52,0x7b}, -{0xd3,0x23,0xab,0x73}, {0x02,0xe2,0x72,0x4b}, {0x8f,0x57,0xe3,0x1f}, {0xab,0x2a,0x66,0x55}, -{0x28,0x07,0xb2,0xeb}, {0xc2,0x03,0x2f,0xb5}, {0x7b,0x9a,0x86,0xc5}, {0x08,0xa5,0xd3,0x37}, -{0x87,0xf2,0x30,0x28}, {0xa5,0xb2,0x23,0xbf}, {0x6a,0xba,0x02,0x03}, {0x82,0x5c,0xed,0x16}, -{0x1c,0x2b,0x8a,0xcf}, {0xb4,0x92,0xa7,0x79}, {0xf2,0xf0,0xf3,0x07}, {0xe2,0xa1,0x4e,0x69}, -{0xf4,0xcd,0x65,0xda}, {0xbe,0xd5,0x06,0x05}, {0x62,0x1f,0xd1,0x34}, {0xfe,0x8a,0xc4,0xa6}, -{0x53,0x9d,0x34,0x2e}, {0x55,0xa0,0xa2,0xf3}, {0xe1,0x32,0x05,0x8a}, {0xeb,0x75,0xa4,0xf6}, -{0xec,0x39,0x0b,0x83}, {0xef,0xaa,0x40,0x60}, {0x9f,0x06,0x5e,0x71}, {0x10,0x51,0xbd,0x6e}, -{0x8a,0xf9,0x3e,0x21}, {0x06,0x3d,0x96,0xdd}, {0x05,0xae,0xdd,0x3e}, {0xbd,0x46,0x4d,0xe6}, -{0x8d,0xb5,0x91,0x54}, {0x5d,0x05,0x71,0xc4}, {0xd4,0x6f,0x04,0x06}, {0x15,0xff,0x60,0x50}, -{0xfb,0x24,0x19,0x98}, {0xe9,0x97,0xd6,0xbd}, {0x43,0xcc,0x89,0x40}, {0x9e,0x77,0x67,0xd9}, -{0x42,0xbd,0xb0,0xe8}, {0x8b,0x88,0x07,0x89}, {0x5b,0x38,0xe7,0x19}, {0xee,0xdb,0x79,0xc8}, -{0x0a,0x47,0xa1,0x7c}, {0x0f,0xe9,0x7c,0x42}, {0x1e,0xc9,0xf8,0x84}, {0x00,0x00,0x00,0x00}, -{0x86,0x83,0x09,0x80}, {0xed,0x48,0x32,0x2b}, {0x70,0xac,0x1e,0x11}, {0x72,0x4e,0x6c,0x5a}, -{0xff,0xfb,0xfd,0x0e}, {0x38,0x56,0x0f,0x85}, {0xd5,0x1e,0x3d,0xae}, {0x39,0x27,0x36,0x2d}, -{0xd9,0x64,0x0a,0x0f}, {0xa6,0x21,0x68,0x5c}, {0x54,0xd1,0x9b,0x5b}, {0x2e,0x3a,0x24,0x36}, -{0x67,0xb1,0x0c,0x0a}, {0xe7,0x0f,0x93,0x57}, {0x96,0xd2,0xb4,0xee}, {0x91,0x9e,0x1b,0x9b}, -{0xc5,0x4f,0x80,0xc0}, {0x20,0xa2,0x61,0xdc}, {0x4b,0x69,0x5a,0x77}, {0x1a,0x16,0x1c,0x12}, -{0xba,0x0a,0xe2,0x93}, {0x2a,0xe5,0xc0,0xa0}, {0xe0,0x43,0x3c,0x22}, {0x17,0x1d,0x12,0x1b}, -{0x0d,0x0b,0x0e,0x09}, {0xc7,0xad,0xf2,0x8b}, {0xa8,0xb9,0x2d,0xb6}, {0xa9,0xc8,0x14,0x1e}, -{0x19,0x85,0x57,0xf1}, {0x07,0x4c,0xaf,0x75}, {0xdd,0xbb,0xee,0x99}, {0x60,0xfd,0xa3,0x7f}, -{0x26,0x9f,0xf7,0x01}, {0xf5,0xbc,0x5c,0x72}, {0x3b,0xc5,0x44,0x66}, {0x7e,0x34,0x5b,0xfb}, -{0x29,0x76,0x8b,0x43}, {0xc6,0xdc,0xcb,0x23}, {0xfc,0x68,0xb6,0xed}, {0xf1,0x63,0xb8,0xe4}, -{0xdc,0xca,0xd7,0x31}, {0x85,0x10,0x42,0x63}, {0x22,0x40,0x13,0x97}, {0x11,0x20,0x84,0xc6}, -{0x24,0x7d,0x85,0x4a}, {0x3d,0xf8,0xd2,0xbb}, {0x32,0x11,0xae,0xf9}, {0xa1,0x6d,0xc7,0x29}, -{0x2f,0x4b,0x1d,0x9e}, {0x30,0xf3,0xdc,0xb2}, {0x52,0xec,0x0d,0x86}, {0xe3,0xd0,0x77,0xc1}, -{0x16,0x6c,0x2b,0xb3}, {0xb9,0x99,0xa9,0x70}, {0x48,0xfa,0x11,0x94}, {0x64,0x22,0x47,0xe9}, -{0x8c,0xc4,0xa8,0xfc}, {0x3f,0x1a,0xa0,0xf0}, {0x2c,0xd8,0x56,0x7d}, {0x90,0xef,0x22,0x33}, -{0x4e,0xc7,0x87,0x49}, {0xd1,0xc1,0xd9,0x38}, {0xa2,0xfe,0x8c,0xca}, {0x0b,0x36,0x98,0xd4}, -{0x81,0xcf,0xa6,0xf5}, {0xde,0x28,0xa5,0x7a}, {0x8e,0x26,0xda,0xb7}, {0xbf,0xa4,0x3f,0xad}, -{0x9d,0xe4,0x2c,0x3a}, {0x92,0x0d,0x50,0x78}, {0xcc,0x9b,0x6a,0x5f}, {0x46,0x62,0x54,0x7e}, -{0x13,0xc2,0xf6,0x8d}, {0xb8,0xe8,0x90,0xd8}, {0xf7,0x5e,0x2e,0x39}, {0xaf,0xf5,0x82,0xc3}, -{0x80,0xbe,0x9f,0x5d}, {0x93,0x7c,0x69,0xd0}, {0x2d,0xa9,0x6f,0xd5}, {0x12,0xb3,0xcf,0x25}, -{0x99,0x3b,0xc8,0xac}, {0x7d,0xa7,0x10,0x18}, {0x63,0x6e,0xe8,0x9c}, {0xbb,0x7b,0xdb,0x3b}, -{0x78,0x09,0xcd,0x26}, {0x18,0xf4,0x6e,0x59}, {0xb7,0x01,0xec,0x9a}, {0x9a,0xa8,0x83,0x4f}, -{0x6e,0x65,0xe6,0x95}, {0xe6,0x7e,0xaa,0xff}, {0xcf,0x08,0x21,0xbc}, {0xe8,0xe6,0xef,0x15}, -{0x9b,0xd9,0xba,0xe7}, {0x36,0xce,0x4a,0x6f}, {0x09,0xd4,0xea,0x9f}, {0x7c,0xd6,0x29,0xb0}, -{0xb2,0xaf,0x31,0xa4}, {0x23,0x31,0x2a,0x3f}, {0x94,0x30,0xc6,0xa5}, {0x66,0xc0,0x35,0xa2}, -{0xbc,0x37,0x74,0x4e}, {0xca,0xa6,0xfc,0x82}, {0xd0,0xb0,0xe0,0x90}, {0xd8,0x15,0x33,0xa7}, -{0x98,0x4a,0xf1,0x04}, {0xda,0xf7,0x41,0xec}, {0x50,0x0e,0x7f,0xcd}, {0xf6,0x2f,0x17,0x91}, -{0xd6,0x8d,0x76,0x4d}, {0xb0,0x4d,0x43,0xef}, {0x4d,0x54,0xcc,0xaa}, {0x04,0xdf,0xe4,0x96}, -{0xb5,0xe3,0x9e,0xd1}, {0x88,0x1b,0x4c,0x6a}, {0x1f,0xb8,0xc1,0x2c}, {0x51,0x7f,0x46,0x65}, -{0xea,0x04,0x9d,0x5e}, {0x35,0x5d,0x01,0x8c}, {0x74,0x73,0xfa,0x87}, {0x41,0x2e,0xfb,0x0b}, -{0x1d,0x5a,0xb3,0x67}, {0xd2,0x52,0x92,0xdb}, {0x56,0x33,0xe9,0x10}, {0x47,0x13,0x6d,0xd6}, -{0x61,0x8c,0x9a,0xd7}, {0x0c,0x7a,0x37,0xa1}, {0x14,0x8e,0x59,0xf8}, {0x3c,0x89,0xeb,0x13}, -{0x27,0xee,0xce,0xa9}, {0xc9,0x35,0xb7,0x61}, {0xe5,0xed,0xe1,0x1c}, {0xb1,0x3c,0x7a,0x47}, -{0xdf,0x59,0x9c,0xd2}, {0x73,0x3f,0x55,0xf2}, {0xce,0x79,0x18,0x14}, {0x37,0xbf,0x73,0xc7}, -{0xcd,0xea,0x53,0xf7}, {0xaa,0x5b,0x5f,0xfd}, {0x6f,0x14,0xdf,0x3d}, {0xdb,0x86,0x78,0x44}, -{0xf3,0x81,0xca,0xaf}, {0xc4,0x3e,0xb9,0x68}, {0x34,0x2c,0x38,0x24}, {0x40,0x5f,0xc2,0xa3}, -{0xc3,0x72,0x16,0x1d}, {0x25,0x0c,0xbc,0xe2}, {0x49,0x8b,0x28,0x3c}, {0x95,0x41,0xff,0x0d}, -{0x01,0x71,0x39,0xa8}, {0xb3,0xde,0x08,0x0c}, {0xe4,0x9c,0xd8,0xb4}, {0xc1,0x90,0x64,0x56}, -{0x84,0x61,0x7b,0xcb}, {0xb6,0x70,0xd5,0x32}, {0x5c,0x74,0x48,0x6c}, {0x57,0x42,0xd0,0xb8} - } -}; -#define T7 xT7.xt8 - -static const union xtab xT8 = { - .xt8 = { -{0xf4,0xa7,0x50,0x51}, {0x41,0x65,0x53,0x7e}, {0x17,0xa4,0xc3,0x1a}, {0x27,0x5e,0x96,0x3a}, -{0xab,0x6b,0xcb,0x3b}, {0x9d,0x45,0xf1,0x1f}, {0xfa,0x58,0xab,0xac}, {0xe3,0x03,0x93,0x4b}, -{0x30,0xfa,0x55,0x20}, {0x76,0x6d,0xf6,0xad}, {0xcc,0x76,0x91,0x88}, {0x02,0x4c,0x25,0xf5}, -{0xe5,0xd7,0xfc,0x4f}, {0x2a,0xcb,0xd7,0xc5}, {0x35,0x44,0x80,0x26}, {0x62,0xa3,0x8f,0xb5}, -{0xb1,0x5a,0x49,0xde}, {0xba,0x1b,0x67,0x25}, {0xea,0x0e,0x98,0x45}, {0xfe,0xc0,0xe1,0x5d}, -{0x2f,0x75,0x02,0xc3}, {0x4c,0xf0,0x12,0x81}, {0x46,0x97,0xa3,0x8d}, {0xd3,0xf9,0xc6,0x6b}, -{0x8f,0x5f,0xe7,0x03}, {0x92,0x9c,0x95,0x15}, {0x6d,0x7a,0xeb,0xbf}, {0x52,0x59,0xda,0x95}, -{0xbe,0x83,0x2d,0xd4}, {0x74,0x21,0xd3,0x58}, {0xe0,0x69,0x29,0x49}, {0xc9,0xc8,0x44,0x8e}, -{0xc2,0x89,0x6a,0x75}, {0x8e,0x79,0x78,0xf4}, {0x58,0x3e,0x6b,0x99}, {0xb9,0x71,0xdd,0x27}, -{0xe1,0x4f,0xb6,0xbe}, {0x88,0xad,0x17,0xf0}, {0x20,0xac,0x66,0xc9}, {0xce,0x3a,0xb4,0x7d}, -{0xdf,0x4a,0x18,0x63}, {0x1a,0x31,0x82,0xe5}, {0x51,0x33,0x60,0x97}, {0x53,0x7f,0x45,0x62}, -{0x64,0x77,0xe0,0xb1}, {0x6b,0xae,0x84,0xbb}, {0x81,0xa0,0x1c,0xfe}, {0x08,0x2b,0x94,0xf9}, -{0x48,0x68,0x58,0x70}, {0x45,0xfd,0x19,0x8f}, {0xde,0x6c,0x87,0x94}, {0x7b,0xf8,0xb7,0x52}, -{0x73,0xd3,0x23,0xab}, {0x4b,0x02,0xe2,0x72}, {0x1f,0x8f,0x57,0xe3}, {0x55,0xab,0x2a,0x66}, -{0xeb,0x28,0x07,0xb2}, {0xb5,0xc2,0x03,0x2f}, {0xc5,0x7b,0x9a,0x86}, {0x37,0x08,0xa5,0xd3}, -{0x28,0x87,0xf2,0x30}, {0xbf,0xa5,0xb2,0x23}, {0x03,0x6a,0xba,0x02}, {0x16,0x82,0x5c,0xed}, -{0xcf,0x1c,0x2b,0x8a}, {0x79,0xb4,0x92,0xa7}, {0x07,0xf2,0xf0,0xf3}, {0x69,0xe2,0xa1,0x4e}, -{0xda,0xf4,0xcd,0x65}, {0x05,0xbe,0xd5,0x06}, {0x34,0x62,0x1f,0xd1}, {0xa6,0xfe,0x8a,0xc4}, -{0x2e,0x53,0x9d,0x34}, {0xf3,0x55,0xa0,0xa2}, {0x8a,0xe1,0x32,0x05}, {0xf6,0xeb,0x75,0xa4}, -{0x83,0xec,0x39,0x0b}, {0x60,0xef,0xaa,0x40}, {0x71,0x9f,0x06,0x5e}, {0x6e,0x10,0x51,0xbd}, -{0x21,0x8a,0xf9,0x3e}, {0xdd,0x06,0x3d,0x96}, {0x3e,0x05,0xae,0xdd}, {0xe6,0xbd,0x46,0x4d}, -{0x54,0x8d,0xb5,0x91}, {0xc4,0x5d,0x05,0x71}, {0x06,0xd4,0x6f,0x04}, {0x50,0x15,0xff,0x60}, -{0x98,0xfb,0x24,0x19}, {0xbd,0xe9,0x97,0xd6}, {0x40,0x43,0xcc,0x89}, {0xd9,0x9e,0x77,0x67}, -{0xe8,0x42,0xbd,0xb0}, {0x89,0x8b,0x88,0x07}, {0x19,0x5b,0x38,0xe7}, {0xc8,0xee,0xdb,0x79}, -{0x7c,0x0a,0x47,0xa1}, {0x42,0x0f,0xe9,0x7c}, {0x84,0x1e,0xc9,0xf8}, {0x00,0x00,0x00,0x00}, -{0x80,0x86,0x83,0x09}, {0x2b,0xed,0x48,0x32}, {0x11,0x70,0xac,0x1e}, {0x5a,0x72,0x4e,0x6c}, -{0x0e,0xff,0xfb,0xfd}, {0x85,0x38,0x56,0x0f}, {0xae,0xd5,0x1e,0x3d}, {0x2d,0x39,0x27,0x36}, -{0x0f,0xd9,0x64,0x0a}, {0x5c,0xa6,0x21,0x68}, {0x5b,0x54,0xd1,0x9b}, {0x36,0x2e,0x3a,0x24}, -{0x0a,0x67,0xb1,0x0c}, {0x57,0xe7,0x0f,0x93}, {0xee,0x96,0xd2,0xb4}, {0x9b,0x91,0x9e,0x1b}, -{0xc0,0xc5,0x4f,0x80}, {0xdc,0x20,0xa2,0x61}, {0x77,0x4b,0x69,0x5a}, {0x12,0x1a,0x16,0x1c}, -{0x93,0xba,0x0a,0xe2}, {0xa0,0x2a,0xe5,0xc0}, {0x22,0xe0,0x43,0x3c}, {0x1b,0x17,0x1d,0x12}, -{0x09,0x0d,0x0b,0x0e}, {0x8b,0xc7,0xad,0xf2}, {0xb6,0xa8,0xb9,0x2d}, {0x1e,0xa9,0xc8,0x14}, -{0xf1,0x19,0x85,0x57}, {0x75,0x07,0x4c,0xaf}, {0x99,0xdd,0xbb,0xee}, {0x7f,0x60,0xfd,0xa3}, -{0x01,0x26,0x9f,0xf7}, {0x72,0xf5,0xbc,0x5c}, {0x66,0x3b,0xc5,0x44}, {0xfb,0x7e,0x34,0x5b}, -{0x43,0x29,0x76,0x8b}, {0x23,0xc6,0xdc,0xcb}, {0xed,0xfc,0x68,0xb6}, {0xe4,0xf1,0x63,0xb8}, -{0x31,0xdc,0xca,0xd7}, {0x63,0x85,0x10,0x42}, {0x97,0x22,0x40,0x13}, {0xc6,0x11,0x20,0x84}, -{0x4a,0x24,0x7d,0x85}, {0xbb,0x3d,0xf8,0xd2}, {0xf9,0x32,0x11,0xae}, {0x29,0xa1,0x6d,0xc7}, -{0x9e,0x2f,0x4b,0x1d}, {0xb2,0x30,0xf3,0xdc}, {0x86,0x52,0xec,0x0d}, {0xc1,0xe3,0xd0,0x77}, -{0xb3,0x16,0x6c,0x2b}, {0x70,0xb9,0x99,0xa9}, {0x94,0x48,0xfa,0x11}, {0xe9,0x64,0x22,0x47}, -{0xfc,0x8c,0xc4,0xa8}, {0xf0,0x3f,0x1a,0xa0}, {0x7d,0x2c,0xd8,0x56}, {0x33,0x90,0xef,0x22}, -{0x49,0x4e,0xc7,0x87}, {0x38,0xd1,0xc1,0xd9}, {0xca,0xa2,0xfe,0x8c}, {0xd4,0x0b,0x36,0x98}, -{0xf5,0x81,0xcf,0xa6}, {0x7a,0xde,0x28,0xa5}, {0xb7,0x8e,0x26,0xda}, {0xad,0xbf,0xa4,0x3f}, -{0x3a,0x9d,0xe4,0x2c}, {0x78,0x92,0x0d,0x50}, {0x5f,0xcc,0x9b,0x6a}, {0x7e,0x46,0x62,0x54}, -{0x8d,0x13,0xc2,0xf6}, {0xd8,0xb8,0xe8,0x90}, {0x39,0xf7,0x5e,0x2e}, {0xc3,0xaf,0xf5,0x82}, -{0x5d,0x80,0xbe,0x9f}, {0xd0,0x93,0x7c,0x69}, {0xd5,0x2d,0xa9,0x6f}, {0x25,0x12,0xb3,0xcf}, -{0xac,0x99,0x3b,0xc8}, {0x18,0x7d,0xa7,0x10}, {0x9c,0x63,0x6e,0xe8}, {0x3b,0xbb,0x7b,0xdb}, -{0x26,0x78,0x09,0xcd}, {0x59,0x18,0xf4,0x6e}, {0x9a,0xb7,0x01,0xec}, {0x4f,0x9a,0xa8,0x83}, -{0x95,0x6e,0x65,0xe6}, {0xff,0xe6,0x7e,0xaa}, {0xbc,0xcf,0x08,0x21}, {0x15,0xe8,0xe6,0xef}, -{0xe7,0x9b,0xd9,0xba}, {0x6f,0x36,0xce,0x4a}, {0x9f,0x09,0xd4,0xea}, {0xb0,0x7c,0xd6,0x29}, -{0xa4,0xb2,0xaf,0x31}, {0x3f,0x23,0x31,0x2a}, {0xa5,0x94,0x30,0xc6}, {0xa2,0x66,0xc0,0x35}, -{0x4e,0xbc,0x37,0x74}, {0x82,0xca,0xa6,0xfc}, {0x90,0xd0,0xb0,0xe0}, {0xa7,0xd8,0x15,0x33}, -{0x04,0x98,0x4a,0xf1}, {0xec,0xda,0xf7,0x41}, {0xcd,0x50,0x0e,0x7f}, {0x91,0xf6,0x2f,0x17}, -{0x4d,0xd6,0x8d,0x76}, {0xef,0xb0,0x4d,0x43}, {0xaa,0x4d,0x54,0xcc}, {0x96,0x04,0xdf,0xe4}, -{0xd1,0xb5,0xe3,0x9e}, {0x6a,0x88,0x1b,0x4c}, {0x2c,0x1f,0xb8,0xc1}, {0x65,0x51,0x7f,0x46}, -{0x5e,0xea,0x04,0x9d}, {0x8c,0x35,0x5d,0x01}, {0x87,0x74,0x73,0xfa}, {0x0b,0x41,0x2e,0xfb}, -{0x67,0x1d,0x5a,0xb3}, {0xdb,0xd2,0x52,0x92}, {0x10,0x56,0x33,0xe9}, {0xd6,0x47,0x13,0x6d}, -{0xd7,0x61,0x8c,0x9a}, {0xa1,0x0c,0x7a,0x37}, {0xf8,0x14,0x8e,0x59}, {0x13,0x3c,0x89,0xeb}, -{0xa9,0x27,0xee,0xce}, {0x61,0xc9,0x35,0xb7}, {0x1c,0xe5,0xed,0xe1}, {0x47,0xb1,0x3c,0x7a}, -{0xd2,0xdf,0x59,0x9c}, {0xf2,0x73,0x3f,0x55}, {0x14,0xce,0x79,0x18}, {0xc7,0x37,0xbf,0x73}, -{0xf7,0xcd,0xea,0x53}, {0xfd,0xaa,0x5b,0x5f}, {0x3d,0x6f,0x14,0xdf}, {0x44,0xdb,0x86,0x78}, -{0xaf,0xf3,0x81,0xca}, {0x68,0xc4,0x3e,0xb9}, {0x24,0x34,0x2c,0x38}, {0xa3,0x40,0x5f,0xc2}, -{0x1d,0xc3,0x72,0x16}, {0xe2,0x25,0x0c,0xbc}, {0x3c,0x49,0x8b,0x28}, {0x0d,0x95,0x41,0xff}, -{0xa8,0x01,0x71,0x39}, {0x0c,0xb3,0xde,0x08}, {0xb4,0xe4,0x9c,0xd8}, {0x56,0xc1,0x90,0x64}, -{0xcb,0x84,0x61,0x7b}, {0x32,0xb6,0x70,0xd5}, {0x6c,0x5c,0x74,0x48}, {0xb8,0x57,0x42,0xd0} - } -}; -#define T8 xT8.xt8 - -static const word8 S5[256] = { -0x52,0x09,0x6a,0xd5, -0x30,0x36,0xa5,0x38, -0xbf,0x40,0xa3,0x9e, -0x81,0xf3,0xd7,0xfb, -0x7c,0xe3,0x39,0x82, -0x9b,0x2f,0xff,0x87, -0x34,0x8e,0x43,0x44, -0xc4,0xde,0xe9,0xcb, -0x54,0x7b,0x94,0x32, -0xa6,0xc2,0x23,0x3d, -0xee,0x4c,0x95,0x0b, -0x42,0xfa,0xc3,0x4e, -0x08,0x2e,0xa1,0x66, -0x28,0xd9,0x24,0xb2, -0x76,0x5b,0xa2,0x49, -0x6d,0x8b,0xd1,0x25, -0x72,0xf8,0xf6,0x64, -0x86,0x68,0x98,0x16, -0xd4,0xa4,0x5c,0xcc, -0x5d,0x65,0xb6,0x92, -0x6c,0x70,0x48,0x50, -0xfd,0xed,0xb9,0xda, -0x5e,0x15,0x46,0x57, -0xa7,0x8d,0x9d,0x84, -0x90,0xd8,0xab,0x00, -0x8c,0xbc,0xd3,0x0a, -0xf7,0xe4,0x58,0x05, -0xb8,0xb3,0x45,0x06, -0xd0,0x2c,0x1e,0x8f, -0xca,0x3f,0x0f,0x02, -0xc1,0xaf,0xbd,0x03, -0x01,0x13,0x8a,0x6b, -0x3a,0x91,0x11,0x41, -0x4f,0x67,0xdc,0xea, -0x97,0xf2,0xcf,0xce, -0xf0,0xb4,0xe6,0x73, -0x96,0xac,0x74,0x22, -0xe7,0xad,0x35,0x85, -0xe2,0xf9,0x37,0xe8, -0x1c,0x75,0xdf,0x6e, -0x47,0xf1,0x1a,0x71, -0x1d,0x29,0xc5,0x89, -0x6f,0xb7,0x62,0x0e, -0xaa,0x18,0xbe,0x1b, -0xfc,0x56,0x3e,0x4b, -0xc6,0xd2,0x79,0x20, -0x9a,0xdb,0xc0,0xfe, -0x78,0xcd,0x5a,0xf4, -0x1f,0xdd,0xa8,0x33, -0x88,0x07,0xc7,0x31, -0xb1,0x12,0x10,0x59, -0x27,0x80,0xec,0x5f, -0x60,0x51,0x7f,0xa9, -0x19,0xb5,0x4a,0x0d, -0x2d,0xe5,0x7a,0x9f, -0x93,0xc9,0x9c,0xef, -0xa0,0xe0,0x3b,0x4d, -0xae,0x2a,0xf5,0xb0, -0xc8,0xeb,0xbb,0x3c, -0x83,0x53,0x99,0x61, -0x17,0x2b,0x04,0x7e, -0xba,0x77,0xd6,0x26, -0xe1,0x69,0x14,0x63, -0x55,0x21,0x0c,0x7d -}; - -static const union xtab xU1 = { - .xt8 = { -{0x00,0x00,0x00,0x00}, {0x0e,0x09,0x0d,0x0b}, {0x1c,0x12,0x1a,0x16}, {0x12,0x1b,0x17,0x1d}, -{0x38,0x24,0x34,0x2c}, {0x36,0x2d,0x39,0x27}, {0x24,0x36,0x2e,0x3a}, {0x2a,0x3f,0x23,0x31}, -{0x70,0x48,0x68,0x58}, {0x7e,0x41,0x65,0x53}, {0x6c,0x5a,0x72,0x4e}, {0x62,0x53,0x7f,0x45}, -{0x48,0x6c,0x5c,0x74}, {0x46,0x65,0x51,0x7f}, {0x54,0x7e,0x46,0x62}, {0x5a,0x77,0x4b,0x69}, -{0xe0,0x90,0xd0,0xb0}, {0xee,0x99,0xdd,0xbb}, {0xfc,0x82,0xca,0xa6}, {0xf2,0x8b,0xc7,0xad}, -{0xd8,0xb4,0xe4,0x9c}, {0xd6,0xbd,0xe9,0x97}, {0xc4,0xa6,0xfe,0x8a}, {0xca,0xaf,0xf3,0x81}, -{0x90,0xd8,0xb8,0xe8}, {0x9e,0xd1,0xb5,0xe3}, {0x8c,0xca,0xa2,0xfe}, {0x82,0xc3,0xaf,0xf5}, -{0xa8,0xfc,0x8c,0xc4}, {0xa6,0xf5,0x81,0xcf}, {0xb4,0xee,0x96,0xd2}, {0xba,0xe7,0x9b,0xd9}, -{0xdb,0x3b,0xbb,0x7b}, {0xd5,0x32,0xb6,0x70}, {0xc7,0x29,0xa1,0x6d}, {0xc9,0x20,0xac,0x66}, -{0xe3,0x1f,0x8f,0x57}, {0xed,0x16,0x82,0x5c}, {0xff,0x0d,0x95,0x41}, {0xf1,0x04,0x98,0x4a}, -{0xab,0x73,0xd3,0x23}, {0xa5,0x7a,0xde,0x28}, {0xb7,0x61,0xc9,0x35}, {0xb9,0x68,0xc4,0x3e}, -{0x93,0x57,0xe7,0x0f}, {0x9d,0x5e,0xea,0x04}, {0x8f,0x45,0xfd,0x19}, {0x81,0x4c,0xf0,0x12}, -{0x3b,0xab,0x6b,0xcb}, {0x35,0xa2,0x66,0xc0}, {0x27,0xb9,0x71,0xdd}, {0x29,0xb0,0x7c,0xd6}, -{0x03,0x8f,0x5f,0xe7}, {0x0d,0x86,0x52,0xec}, {0x1f,0x9d,0x45,0xf1}, {0x11,0x94,0x48,0xfa}, -{0x4b,0xe3,0x03,0x93}, {0x45,0xea,0x0e,0x98}, {0x57,0xf1,0x19,0x85}, {0x59,0xf8,0x14,0x8e}, -{0x73,0xc7,0x37,0xbf}, {0x7d,0xce,0x3a,0xb4}, {0x6f,0xd5,0x2d,0xa9}, {0x61,0xdc,0x20,0xa2}, -{0xad,0x76,0x6d,0xf6}, {0xa3,0x7f,0x60,0xfd}, {0xb1,0x64,0x77,0xe0}, {0xbf,0x6d,0x7a,0xeb}, -{0x95,0x52,0x59,0xda}, {0x9b,0x5b,0x54,0xd1}, {0x89,0x40,0x43,0xcc}, {0x87,0x49,0x4e,0xc7}, -{0xdd,0x3e,0x05,0xae}, {0xd3,0x37,0x08,0xa5}, {0xc1,0x2c,0x1f,0xb8}, {0xcf,0x25,0x12,0xb3}, -{0xe5,0x1a,0x31,0x82}, {0xeb,0x13,0x3c,0x89}, {0xf9,0x08,0x2b,0x94}, {0xf7,0x01,0x26,0x9f}, -{0x4d,0xe6,0xbd,0x46}, {0x43,0xef,0xb0,0x4d}, {0x51,0xf4,0xa7,0x50}, {0x5f,0xfd,0xaa,0x5b}, -{0x75,0xc2,0x89,0x6a}, {0x7b,0xcb,0x84,0x61}, {0x69,0xd0,0x93,0x7c}, {0x67,0xd9,0x9e,0x77}, -{0x3d,0xae,0xd5,0x1e}, {0x33,0xa7,0xd8,0x15}, {0x21,0xbc,0xcf,0x08}, {0x2f,0xb5,0xc2,0x03}, -{0x05,0x8a,0xe1,0x32}, {0x0b,0x83,0xec,0x39}, {0x19,0x98,0xfb,0x24}, {0x17,0x91,0xf6,0x2f}, -{0x76,0x4d,0xd6,0x8d}, {0x78,0x44,0xdb,0x86}, {0x6a,0x5f,0xcc,0x9b}, {0x64,0x56,0xc1,0x90}, -{0x4e,0x69,0xe2,0xa1}, {0x40,0x60,0xef,0xaa}, {0x52,0x7b,0xf8,0xb7}, {0x5c,0x72,0xf5,0xbc}, -{0x06,0x05,0xbe,0xd5}, {0x08,0x0c,0xb3,0xde}, {0x1a,0x17,0xa4,0xc3}, {0x14,0x1e,0xa9,0xc8}, -{0x3e,0x21,0x8a,0xf9}, {0x30,0x28,0x87,0xf2}, {0x22,0x33,0x90,0xef}, {0x2c,0x3a,0x9d,0xe4}, -{0x96,0xdd,0x06,0x3d}, {0x98,0xd4,0x0b,0x36}, {0x8a,0xcf,0x1c,0x2b}, {0x84,0xc6,0x11,0x20}, -{0xae,0xf9,0x32,0x11}, {0xa0,0xf0,0x3f,0x1a}, {0xb2,0xeb,0x28,0x07}, {0xbc,0xe2,0x25,0x0c}, -{0xe6,0x95,0x6e,0x65}, {0xe8,0x9c,0x63,0x6e}, {0xfa,0x87,0x74,0x73}, {0xf4,0x8e,0x79,0x78}, -{0xde,0xb1,0x5a,0x49}, {0xd0,0xb8,0x57,0x42}, {0xc2,0xa3,0x40,0x5f}, {0xcc,0xaa,0x4d,0x54}, -{0x41,0xec,0xda,0xf7}, {0x4f,0xe5,0xd7,0xfc}, {0x5d,0xfe,0xc0,0xe1}, {0x53,0xf7,0xcd,0xea}, -{0x79,0xc8,0xee,0xdb}, {0x77,0xc1,0xe3,0xd0}, {0x65,0xda,0xf4,0xcd}, {0x6b,0xd3,0xf9,0xc6}, -{0x31,0xa4,0xb2,0xaf}, {0x3f,0xad,0xbf,0xa4}, {0x2d,0xb6,0xa8,0xb9}, {0x23,0xbf,0xa5,0xb2}, -{0x09,0x80,0x86,0x83}, {0x07,0x89,0x8b,0x88}, {0x15,0x92,0x9c,0x95}, {0x1b,0x9b,0x91,0x9e}, -{0xa1,0x7c,0x0a,0x47}, {0xaf,0x75,0x07,0x4c}, {0xbd,0x6e,0x10,0x51}, {0xb3,0x67,0x1d,0x5a}, -{0x99,0x58,0x3e,0x6b}, {0x97,0x51,0x33,0x60}, {0x85,0x4a,0x24,0x7d}, {0x8b,0x43,0x29,0x76}, -{0xd1,0x34,0x62,0x1f}, {0xdf,0x3d,0x6f,0x14}, {0xcd,0x26,0x78,0x09}, {0xc3,0x2f,0x75,0x02}, -{0xe9,0x10,0x56,0x33}, {0xe7,0x19,0x5b,0x38}, {0xf5,0x02,0x4c,0x25}, {0xfb,0x0b,0x41,0x2e}, -{0x9a,0xd7,0x61,0x8c}, {0x94,0xde,0x6c,0x87}, {0x86,0xc5,0x7b,0x9a}, {0x88,0xcc,0x76,0x91}, -{0xa2,0xf3,0x55,0xa0}, {0xac,0xfa,0x58,0xab}, {0xbe,0xe1,0x4f,0xb6}, {0xb0,0xe8,0x42,0xbd}, -{0xea,0x9f,0x09,0xd4}, {0xe4,0x96,0x04,0xdf}, {0xf6,0x8d,0x13,0xc2}, {0xf8,0x84,0x1e,0xc9}, -{0xd2,0xbb,0x3d,0xf8}, {0xdc,0xb2,0x30,0xf3}, {0xce,0xa9,0x27,0xee}, {0xc0,0xa0,0x2a,0xe5}, -{0x7a,0x47,0xb1,0x3c}, {0x74,0x4e,0xbc,0x37}, {0x66,0x55,0xab,0x2a}, {0x68,0x5c,0xa6,0x21}, -{0x42,0x63,0x85,0x10}, {0x4c,0x6a,0x88,0x1b}, {0x5e,0x71,0x9f,0x06}, {0x50,0x78,0x92,0x0d}, -{0x0a,0x0f,0xd9,0x64}, {0x04,0x06,0xd4,0x6f}, {0x16,0x1d,0xc3,0x72}, {0x18,0x14,0xce,0x79}, -{0x32,0x2b,0xed,0x48}, {0x3c,0x22,0xe0,0x43}, {0x2e,0x39,0xf7,0x5e}, {0x20,0x30,0xfa,0x55}, -{0xec,0x9a,0xb7,0x01}, {0xe2,0x93,0xba,0x0a}, {0xf0,0x88,0xad,0x17}, {0xfe,0x81,0xa0,0x1c}, -{0xd4,0xbe,0x83,0x2d}, {0xda,0xb7,0x8e,0x26}, {0xc8,0xac,0x99,0x3b}, {0xc6,0xa5,0x94,0x30}, -{0x9c,0xd2,0xdf,0x59}, {0x92,0xdb,0xd2,0x52}, {0x80,0xc0,0xc5,0x4f}, {0x8e,0xc9,0xc8,0x44}, -{0xa4,0xf6,0xeb,0x75}, {0xaa,0xff,0xe6,0x7e}, {0xb8,0xe4,0xf1,0x63}, {0xb6,0xed,0xfc,0x68}, -{0x0c,0x0a,0x67,0xb1}, {0x02,0x03,0x6a,0xba}, {0x10,0x18,0x7d,0xa7}, {0x1e,0x11,0x70,0xac}, -{0x34,0x2e,0x53,0x9d}, {0x3a,0x27,0x5e,0x96}, {0x28,0x3c,0x49,0x8b}, {0x26,0x35,0x44,0x80}, -{0x7c,0x42,0x0f,0xe9}, {0x72,0x4b,0x02,0xe2}, {0x60,0x50,0x15,0xff}, {0x6e,0x59,0x18,0xf4}, -{0x44,0x66,0x3b,0xc5}, {0x4a,0x6f,0x36,0xce}, {0x58,0x74,0x21,0xd3}, {0x56,0x7d,0x2c,0xd8}, -{0x37,0xa1,0x0c,0x7a}, {0x39,0xa8,0x01,0x71}, {0x2b,0xb3,0x16,0x6c}, {0x25,0xba,0x1b,0x67}, -{0x0f,0x85,0x38,0x56}, {0x01,0x8c,0x35,0x5d}, {0x13,0x97,0x22,0x40}, {0x1d,0x9e,0x2f,0x4b}, -{0x47,0xe9,0x64,0x22}, {0x49,0xe0,0x69,0x29}, {0x5b,0xfb,0x7e,0x34}, {0x55,0xf2,0x73,0x3f}, -{0x7f,0xcd,0x50,0x0e}, {0x71,0xc4,0x5d,0x05}, {0x63,0xdf,0x4a,0x18}, {0x6d,0xd6,0x47,0x13}, -{0xd7,0x31,0xdc,0xca}, {0xd9,0x38,0xd1,0xc1}, {0xcb,0x23,0xc6,0xdc}, {0xc5,0x2a,0xcb,0xd7}, -{0xef,0x15,0xe8,0xe6}, {0xe1,0x1c,0xe5,0xed}, {0xf3,0x07,0xf2,0xf0}, {0xfd,0x0e,0xff,0xfb}, -{0xa7,0x79,0xb4,0x92}, {0xa9,0x70,0xb9,0x99}, {0xbb,0x6b,0xae,0x84}, {0xb5,0x62,0xa3,0x8f}, -{0x9f,0x5d,0x80,0xbe}, {0x91,0x54,0x8d,0xb5}, {0x83,0x4f,0x9a,0xa8}, {0x8d,0x46,0x97,0xa3} - } -}; -#define U1 xU1.xt8 - -static const union xtab xU2 = { - .xt8 = { -{0x00,0x00,0x00,0x00}, {0x0b,0x0e,0x09,0x0d}, {0x16,0x1c,0x12,0x1a}, {0x1d,0x12,0x1b,0x17}, -{0x2c,0x38,0x24,0x34}, {0x27,0x36,0x2d,0x39}, {0x3a,0x24,0x36,0x2e}, {0x31,0x2a,0x3f,0x23}, -{0x58,0x70,0x48,0x68}, {0x53,0x7e,0x41,0x65}, {0x4e,0x6c,0x5a,0x72}, {0x45,0x62,0x53,0x7f}, -{0x74,0x48,0x6c,0x5c}, {0x7f,0x46,0x65,0x51}, {0x62,0x54,0x7e,0x46}, {0x69,0x5a,0x77,0x4b}, -{0xb0,0xe0,0x90,0xd0}, {0xbb,0xee,0x99,0xdd}, {0xa6,0xfc,0x82,0xca}, {0xad,0xf2,0x8b,0xc7}, -{0x9c,0xd8,0xb4,0xe4}, {0x97,0xd6,0xbd,0xe9}, {0x8a,0xc4,0xa6,0xfe}, {0x81,0xca,0xaf,0xf3}, -{0xe8,0x90,0xd8,0xb8}, {0xe3,0x9e,0xd1,0xb5}, {0xfe,0x8c,0xca,0xa2}, {0xf5,0x82,0xc3,0xaf}, -{0xc4,0xa8,0xfc,0x8c}, {0xcf,0xa6,0xf5,0x81}, {0xd2,0xb4,0xee,0x96}, {0xd9,0xba,0xe7,0x9b}, -{0x7b,0xdb,0x3b,0xbb}, {0x70,0xd5,0x32,0xb6}, {0x6d,0xc7,0x29,0xa1}, {0x66,0xc9,0x20,0xac}, -{0x57,0xe3,0x1f,0x8f}, {0x5c,0xed,0x16,0x82}, {0x41,0xff,0x0d,0x95}, {0x4a,0xf1,0x04,0x98}, -{0x23,0xab,0x73,0xd3}, {0x28,0xa5,0x7a,0xde}, {0x35,0xb7,0x61,0xc9}, {0x3e,0xb9,0x68,0xc4}, -{0x0f,0x93,0x57,0xe7}, {0x04,0x9d,0x5e,0xea}, {0x19,0x8f,0x45,0xfd}, {0x12,0x81,0x4c,0xf0}, -{0xcb,0x3b,0xab,0x6b}, {0xc0,0x35,0xa2,0x66}, {0xdd,0x27,0xb9,0x71}, {0xd6,0x29,0xb0,0x7c}, -{0xe7,0x03,0x8f,0x5f}, {0xec,0x0d,0x86,0x52}, {0xf1,0x1f,0x9d,0x45}, {0xfa,0x11,0x94,0x48}, -{0x93,0x4b,0xe3,0x03}, {0x98,0x45,0xea,0x0e}, {0x85,0x57,0xf1,0x19}, {0x8e,0x59,0xf8,0x14}, -{0xbf,0x73,0xc7,0x37}, {0xb4,0x7d,0xce,0x3a}, {0xa9,0x6f,0xd5,0x2d}, {0xa2,0x61,0xdc,0x20}, -{0xf6,0xad,0x76,0x6d}, {0xfd,0xa3,0x7f,0x60}, {0xe0,0xb1,0x64,0x77}, {0xeb,0xbf,0x6d,0x7a}, -{0xda,0x95,0x52,0x59}, {0xd1,0x9b,0x5b,0x54}, {0xcc,0x89,0x40,0x43}, {0xc7,0x87,0x49,0x4e}, -{0xae,0xdd,0x3e,0x05}, {0xa5,0xd3,0x37,0x08}, {0xb8,0xc1,0x2c,0x1f}, {0xb3,0xcf,0x25,0x12}, -{0x82,0xe5,0x1a,0x31}, {0x89,0xeb,0x13,0x3c}, {0x94,0xf9,0x08,0x2b}, {0x9f,0xf7,0x01,0x26}, -{0x46,0x4d,0xe6,0xbd}, {0x4d,0x43,0xef,0xb0}, {0x50,0x51,0xf4,0xa7}, {0x5b,0x5f,0xfd,0xaa}, -{0x6a,0x75,0xc2,0x89}, {0x61,0x7b,0xcb,0x84}, {0x7c,0x69,0xd0,0x93}, {0x77,0x67,0xd9,0x9e}, -{0x1e,0x3d,0xae,0xd5}, {0x15,0x33,0xa7,0xd8}, {0x08,0x21,0xbc,0xcf}, {0x03,0x2f,0xb5,0xc2}, -{0x32,0x05,0x8a,0xe1}, {0x39,0x0b,0x83,0xec}, {0x24,0x19,0x98,0xfb}, {0x2f,0x17,0x91,0xf6}, -{0x8d,0x76,0x4d,0xd6}, {0x86,0x78,0x44,0xdb}, {0x9b,0x6a,0x5f,0xcc}, {0x90,0x64,0x56,0xc1}, -{0xa1,0x4e,0x69,0xe2}, {0xaa,0x40,0x60,0xef}, {0xb7,0x52,0x7b,0xf8}, {0xbc,0x5c,0x72,0xf5}, -{0xd5,0x06,0x05,0xbe}, {0xde,0x08,0x0c,0xb3}, {0xc3,0x1a,0x17,0xa4}, {0xc8,0x14,0x1e,0xa9}, -{0xf9,0x3e,0x21,0x8a}, {0xf2,0x30,0x28,0x87}, {0xef,0x22,0x33,0x90}, {0xe4,0x2c,0x3a,0x9d}, -{0x3d,0x96,0xdd,0x06}, {0x36,0x98,0xd4,0x0b}, {0x2b,0x8a,0xcf,0x1c}, {0x20,0x84,0xc6,0x11}, -{0x11,0xae,0xf9,0x32}, {0x1a,0xa0,0xf0,0x3f}, {0x07,0xb2,0xeb,0x28}, {0x0c,0xbc,0xe2,0x25}, -{0x65,0xe6,0x95,0x6e}, {0x6e,0xe8,0x9c,0x63}, {0x73,0xfa,0x87,0x74}, {0x78,0xf4,0x8e,0x79}, -{0x49,0xde,0xb1,0x5a}, {0x42,0xd0,0xb8,0x57}, {0x5f,0xc2,0xa3,0x40}, {0x54,0xcc,0xaa,0x4d}, -{0xf7,0x41,0xec,0xda}, {0xfc,0x4f,0xe5,0xd7}, {0xe1,0x5d,0xfe,0xc0}, {0xea,0x53,0xf7,0xcd}, -{0xdb,0x79,0xc8,0xee}, {0xd0,0x77,0xc1,0xe3}, {0xcd,0x65,0xda,0xf4}, {0xc6,0x6b,0xd3,0xf9}, -{0xaf,0x31,0xa4,0xb2}, {0xa4,0x3f,0xad,0xbf}, {0xb9,0x2d,0xb6,0xa8}, {0xb2,0x23,0xbf,0xa5}, -{0x83,0x09,0x80,0x86}, {0x88,0x07,0x89,0x8b}, {0x95,0x15,0x92,0x9c}, {0x9e,0x1b,0x9b,0x91}, -{0x47,0xa1,0x7c,0x0a}, {0x4c,0xaf,0x75,0x07}, {0x51,0xbd,0x6e,0x10}, {0x5a,0xb3,0x67,0x1d}, -{0x6b,0x99,0x58,0x3e}, {0x60,0x97,0x51,0x33}, {0x7d,0x85,0x4a,0x24}, {0x76,0x8b,0x43,0x29}, -{0x1f,0xd1,0x34,0x62}, {0x14,0xdf,0x3d,0x6f}, {0x09,0xcd,0x26,0x78}, {0x02,0xc3,0x2f,0x75}, -{0x33,0xe9,0x10,0x56}, {0x38,0xe7,0x19,0x5b}, {0x25,0xf5,0x02,0x4c}, {0x2e,0xfb,0x0b,0x41}, -{0x8c,0x9a,0xd7,0x61}, {0x87,0x94,0xde,0x6c}, {0x9a,0x86,0xc5,0x7b}, {0x91,0x88,0xcc,0x76}, -{0xa0,0xa2,0xf3,0x55}, {0xab,0xac,0xfa,0x58}, {0xb6,0xbe,0xe1,0x4f}, {0xbd,0xb0,0xe8,0x42}, -{0xd4,0xea,0x9f,0x09}, {0xdf,0xe4,0x96,0x04}, {0xc2,0xf6,0x8d,0x13}, {0xc9,0xf8,0x84,0x1e}, -{0xf8,0xd2,0xbb,0x3d}, {0xf3,0xdc,0xb2,0x30}, {0xee,0xce,0xa9,0x27}, {0xe5,0xc0,0xa0,0x2a}, -{0x3c,0x7a,0x47,0xb1}, {0x37,0x74,0x4e,0xbc}, {0x2a,0x66,0x55,0xab}, {0x21,0x68,0x5c,0xa6}, -{0x10,0x42,0x63,0x85}, {0x1b,0x4c,0x6a,0x88}, {0x06,0x5e,0x71,0x9f}, {0x0d,0x50,0x78,0x92}, -{0x64,0x0a,0x0f,0xd9}, {0x6f,0x04,0x06,0xd4}, {0x72,0x16,0x1d,0xc3}, {0x79,0x18,0x14,0xce}, -{0x48,0x32,0x2b,0xed}, {0x43,0x3c,0x22,0xe0}, {0x5e,0x2e,0x39,0xf7}, {0x55,0x20,0x30,0xfa}, -{0x01,0xec,0x9a,0xb7}, {0x0a,0xe2,0x93,0xba}, {0x17,0xf0,0x88,0xad}, {0x1c,0xfe,0x81,0xa0}, -{0x2d,0xd4,0xbe,0x83}, {0x26,0xda,0xb7,0x8e}, {0x3b,0xc8,0xac,0x99}, {0x30,0xc6,0xa5,0x94}, -{0x59,0x9c,0xd2,0xdf}, {0x52,0x92,0xdb,0xd2}, {0x4f,0x80,0xc0,0xc5}, {0x44,0x8e,0xc9,0xc8}, -{0x75,0xa4,0xf6,0xeb}, {0x7e,0xaa,0xff,0xe6}, {0x63,0xb8,0xe4,0xf1}, {0x68,0xb6,0xed,0xfc}, -{0xb1,0x0c,0x0a,0x67}, {0xba,0x02,0x03,0x6a}, {0xa7,0x10,0x18,0x7d}, {0xac,0x1e,0x11,0x70}, -{0x9d,0x34,0x2e,0x53}, {0x96,0x3a,0x27,0x5e}, {0x8b,0x28,0x3c,0x49}, {0x80,0x26,0x35,0x44}, -{0xe9,0x7c,0x42,0x0f}, {0xe2,0x72,0x4b,0x02}, {0xff,0x60,0x50,0x15}, {0xf4,0x6e,0x59,0x18}, -{0xc5,0x44,0x66,0x3b}, {0xce,0x4a,0x6f,0x36}, {0xd3,0x58,0x74,0x21}, {0xd8,0x56,0x7d,0x2c}, -{0x7a,0x37,0xa1,0x0c}, {0x71,0x39,0xa8,0x01}, {0x6c,0x2b,0xb3,0x16}, {0x67,0x25,0xba,0x1b}, -{0x56,0x0f,0x85,0x38}, {0x5d,0x01,0x8c,0x35}, {0x40,0x13,0x97,0x22}, {0x4b,0x1d,0x9e,0x2f}, -{0x22,0x47,0xe9,0x64}, {0x29,0x49,0xe0,0x69}, {0x34,0x5b,0xfb,0x7e}, {0x3f,0x55,0xf2,0x73}, -{0x0e,0x7f,0xcd,0x50}, {0x05,0x71,0xc4,0x5d}, {0x18,0x63,0xdf,0x4a}, {0x13,0x6d,0xd6,0x47}, -{0xca,0xd7,0x31,0xdc}, {0xc1,0xd9,0x38,0xd1}, {0xdc,0xcb,0x23,0xc6}, {0xd7,0xc5,0x2a,0xcb}, -{0xe6,0xef,0x15,0xe8}, {0xed,0xe1,0x1c,0xe5}, {0xf0,0xf3,0x07,0xf2}, {0xfb,0xfd,0x0e,0xff}, -{0x92,0xa7,0x79,0xb4}, {0x99,0xa9,0x70,0xb9}, {0x84,0xbb,0x6b,0xae}, {0x8f,0xb5,0x62,0xa3}, -{0xbe,0x9f,0x5d,0x80}, {0xb5,0x91,0x54,0x8d}, {0xa8,0x83,0x4f,0x9a}, {0xa3,0x8d,0x46,0x97} - } -}; -#define U2 xU2.xt8 - -static const union xtab xU3 = { - .xt8 = { -{0x00,0x00,0x00,0x00}, {0x0d,0x0b,0x0e,0x09}, {0x1a,0x16,0x1c,0x12}, {0x17,0x1d,0x12,0x1b}, -{0x34,0x2c,0x38,0x24}, {0x39,0x27,0x36,0x2d}, {0x2e,0x3a,0x24,0x36}, {0x23,0x31,0x2a,0x3f}, -{0x68,0x58,0x70,0x48}, {0x65,0x53,0x7e,0x41}, {0x72,0x4e,0x6c,0x5a}, {0x7f,0x45,0x62,0x53}, -{0x5c,0x74,0x48,0x6c}, {0x51,0x7f,0x46,0x65}, {0x46,0x62,0x54,0x7e}, {0x4b,0x69,0x5a,0x77}, -{0xd0,0xb0,0xe0,0x90}, {0xdd,0xbb,0xee,0x99}, {0xca,0xa6,0xfc,0x82}, {0xc7,0xad,0xf2,0x8b}, -{0xe4,0x9c,0xd8,0xb4}, {0xe9,0x97,0xd6,0xbd}, {0xfe,0x8a,0xc4,0xa6}, {0xf3,0x81,0xca,0xaf}, -{0xb8,0xe8,0x90,0xd8}, {0xb5,0xe3,0x9e,0xd1}, {0xa2,0xfe,0x8c,0xca}, {0xaf,0xf5,0x82,0xc3}, -{0x8c,0xc4,0xa8,0xfc}, {0x81,0xcf,0xa6,0xf5}, {0x96,0xd2,0xb4,0xee}, {0x9b,0xd9,0xba,0xe7}, -{0xbb,0x7b,0xdb,0x3b}, {0xb6,0x70,0xd5,0x32}, {0xa1,0x6d,0xc7,0x29}, {0xac,0x66,0xc9,0x20}, -{0x8f,0x57,0xe3,0x1f}, {0x82,0x5c,0xed,0x16}, {0x95,0x41,0xff,0x0d}, {0x98,0x4a,0xf1,0x04}, -{0xd3,0x23,0xab,0x73}, {0xde,0x28,0xa5,0x7a}, {0xc9,0x35,0xb7,0x61}, {0xc4,0x3e,0xb9,0x68}, -{0xe7,0x0f,0x93,0x57}, {0xea,0x04,0x9d,0x5e}, {0xfd,0x19,0x8f,0x45}, {0xf0,0x12,0x81,0x4c}, -{0x6b,0xcb,0x3b,0xab}, {0x66,0xc0,0x35,0xa2}, {0x71,0xdd,0x27,0xb9}, {0x7c,0xd6,0x29,0xb0}, -{0x5f,0xe7,0x03,0x8f}, {0x52,0xec,0x0d,0x86}, {0x45,0xf1,0x1f,0x9d}, {0x48,0xfa,0x11,0x94}, -{0x03,0x93,0x4b,0xe3}, {0x0e,0x98,0x45,0xea}, {0x19,0x85,0x57,0xf1}, {0x14,0x8e,0x59,0xf8}, -{0x37,0xbf,0x73,0xc7}, {0x3a,0xb4,0x7d,0xce}, {0x2d,0xa9,0x6f,0xd5}, {0x20,0xa2,0x61,0xdc}, -{0x6d,0xf6,0xad,0x76}, {0x60,0xfd,0xa3,0x7f}, {0x77,0xe0,0xb1,0x64}, {0x7a,0xeb,0xbf,0x6d}, -{0x59,0xda,0x95,0x52}, {0x54,0xd1,0x9b,0x5b}, {0x43,0xcc,0x89,0x40}, {0x4e,0xc7,0x87,0x49}, -{0x05,0xae,0xdd,0x3e}, {0x08,0xa5,0xd3,0x37}, {0x1f,0xb8,0xc1,0x2c}, {0x12,0xb3,0xcf,0x25}, -{0x31,0x82,0xe5,0x1a}, {0x3c,0x89,0xeb,0x13}, {0x2b,0x94,0xf9,0x08}, {0x26,0x9f,0xf7,0x01}, -{0xbd,0x46,0x4d,0xe6}, {0xb0,0x4d,0x43,0xef}, {0xa7,0x50,0x51,0xf4}, {0xaa,0x5b,0x5f,0xfd}, -{0x89,0x6a,0x75,0xc2}, {0x84,0x61,0x7b,0xcb}, {0x93,0x7c,0x69,0xd0}, {0x9e,0x77,0x67,0xd9}, -{0xd5,0x1e,0x3d,0xae}, {0xd8,0x15,0x33,0xa7}, {0xcf,0x08,0x21,0xbc}, {0xc2,0x03,0x2f,0xb5}, -{0xe1,0x32,0x05,0x8a}, {0xec,0x39,0x0b,0x83}, {0xfb,0x24,0x19,0x98}, {0xf6,0x2f,0x17,0x91}, -{0xd6,0x8d,0x76,0x4d}, {0xdb,0x86,0x78,0x44}, {0xcc,0x9b,0x6a,0x5f}, {0xc1,0x90,0x64,0x56}, -{0xe2,0xa1,0x4e,0x69}, {0xef,0xaa,0x40,0x60}, {0xf8,0xb7,0x52,0x7b}, {0xf5,0xbc,0x5c,0x72}, -{0xbe,0xd5,0x06,0x05}, {0xb3,0xde,0x08,0x0c}, {0xa4,0xc3,0x1a,0x17}, {0xa9,0xc8,0x14,0x1e}, -{0x8a,0xf9,0x3e,0x21}, {0x87,0xf2,0x30,0x28}, {0x90,0xef,0x22,0x33}, {0x9d,0xe4,0x2c,0x3a}, -{0x06,0x3d,0x96,0xdd}, {0x0b,0x36,0x98,0xd4}, {0x1c,0x2b,0x8a,0xcf}, {0x11,0x20,0x84,0xc6}, -{0x32,0x11,0xae,0xf9}, {0x3f,0x1a,0xa0,0xf0}, {0x28,0x07,0xb2,0xeb}, {0x25,0x0c,0xbc,0xe2}, -{0x6e,0x65,0xe6,0x95}, {0x63,0x6e,0xe8,0x9c}, {0x74,0x73,0xfa,0x87}, {0x79,0x78,0xf4,0x8e}, -{0x5a,0x49,0xde,0xb1}, {0x57,0x42,0xd0,0xb8}, {0x40,0x5f,0xc2,0xa3}, {0x4d,0x54,0xcc,0xaa}, -{0xda,0xf7,0x41,0xec}, {0xd7,0xfc,0x4f,0xe5}, {0xc0,0xe1,0x5d,0xfe}, {0xcd,0xea,0x53,0xf7}, -{0xee,0xdb,0x79,0xc8}, {0xe3,0xd0,0x77,0xc1}, {0xf4,0xcd,0x65,0xda}, {0xf9,0xc6,0x6b,0xd3}, -{0xb2,0xaf,0x31,0xa4}, {0xbf,0xa4,0x3f,0xad}, {0xa8,0xb9,0x2d,0xb6}, {0xa5,0xb2,0x23,0xbf}, -{0x86,0x83,0x09,0x80}, {0x8b,0x88,0x07,0x89}, {0x9c,0x95,0x15,0x92}, {0x91,0x9e,0x1b,0x9b}, -{0x0a,0x47,0xa1,0x7c}, {0x07,0x4c,0xaf,0x75}, {0x10,0x51,0xbd,0x6e}, {0x1d,0x5a,0xb3,0x67}, -{0x3e,0x6b,0x99,0x58}, {0x33,0x60,0x97,0x51}, {0x24,0x7d,0x85,0x4a}, {0x29,0x76,0x8b,0x43}, -{0x62,0x1f,0xd1,0x34}, {0x6f,0x14,0xdf,0x3d}, {0x78,0x09,0xcd,0x26}, {0x75,0x02,0xc3,0x2f}, -{0x56,0x33,0xe9,0x10}, {0x5b,0x38,0xe7,0x19}, {0x4c,0x25,0xf5,0x02}, {0x41,0x2e,0xfb,0x0b}, -{0x61,0x8c,0x9a,0xd7}, {0x6c,0x87,0x94,0xde}, {0x7b,0x9a,0x86,0xc5}, {0x76,0x91,0x88,0xcc}, -{0x55,0xa0,0xa2,0xf3}, {0x58,0xab,0xac,0xfa}, {0x4f,0xb6,0xbe,0xe1}, {0x42,0xbd,0xb0,0xe8}, -{0x09,0xd4,0xea,0x9f}, {0x04,0xdf,0xe4,0x96}, {0x13,0xc2,0xf6,0x8d}, {0x1e,0xc9,0xf8,0x84}, -{0x3d,0xf8,0xd2,0xbb}, {0x30,0xf3,0xdc,0xb2}, {0x27,0xee,0xce,0xa9}, {0x2a,0xe5,0xc0,0xa0}, -{0xb1,0x3c,0x7a,0x47}, {0xbc,0x37,0x74,0x4e}, {0xab,0x2a,0x66,0x55}, {0xa6,0x21,0x68,0x5c}, -{0x85,0x10,0x42,0x63}, {0x88,0x1b,0x4c,0x6a}, {0x9f,0x06,0x5e,0x71}, {0x92,0x0d,0x50,0x78}, -{0xd9,0x64,0x0a,0x0f}, {0xd4,0x6f,0x04,0x06}, {0xc3,0x72,0x16,0x1d}, {0xce,0x79,0x18,0x14}, -{0xed,0x48,0x32,0x2b}, {0xe0,0x43,0x3c,0x22}, {0xf7,0x5e,0x2e,0x39}, {0xfa,0x55,0x20,0x30}, -{0xb7,0x01,0xec,0x9a}, {0xba,0x0a,0xe2,0x93}, {0xad,0x17,0xf0,0x88}, {0xa0,0x1c,0xfe,0x81}, -{0x83,0x2d,0xd4,0xbe}, {0x8e,0x26,0xda,0xb7}, {0x99,0x3b,0xc8,0xac}, {0x94,0x30,0xc6,0xa5}, -{0xdf,0x59,0x9c,0xd2}, {0xd2,0x52,0x92,0xdb}, {0xc5,0x4f,0x80,0xc0}, {0xc8,0x44,0x8e,0xc9}, -{0xeb,0x75,0xa4,0xf6}, {0xe6,0x7e,0xaa,0xff}, {0xf1,0x63,0xb8,0xe4}, {0xfc,0x68,0xb6,0xed}, -{0x67,0xb1,0x0c,0x0a}, {0x6a,0xba,0x02,0x03}, {0x7d,0xa7,0x10,0x18}, {0x70,0xac,0x1e,0x11}, -{0x53,0x9d,0x34,0x2e}, {0x5e,0x96,0x3a,0x27}, {0x49,0x8b,0x28,0x3c}, {0x44,0x80,0x26,0x35}, -{0x0f,0xe9,0x7c,0x42}, {0x02,0xe2,0x72,0x4b}, {0x15,0xff,0x60,0x50}, {0x18,0xf4,0x6e,0x59}, -{0x3b,0xc5,0x44,0x66}, {0x36,0xce,0x4a,0x6f}, {0x21,0xd3,0x58,0x74}, {0x2c,0xd8,0x56,0x7d}, -{0x0c,0x7a,0x37,0xa1}, {0x01,0x71,0x39,0xa8}, {0x16,0x6c,0x2b,0xb3}, {0x1b,0x67,0x25,0xba}, -{0x38,0x56,0x0f,0x85}, {0x35,0x5d,0x01,0x8c}, {0x22,0x40,0x13,0x97}, {0x2f,0x4b,0x1d,0x9e}, -{0x64,0x22,0x47,0xe9}, {0x69,0x29,0x49,0xe0}, {0x7e,0x34,0x5b,0xfb}, {0x73,0x3f,0x55,0xf2}, -{0x50,0x0e,0x7f,0xcd}, {0x5d,0x05,0x71,0xc4}, {0x4a,0x18,0x63,0xdf}, {0x47,0x13,0x6d,0xd6}, -{0xdc,0xca,0xd7,0x31}, {0xd1,0xc1,0xd9,0x38}, {0xc6,0xdc,0xcb,0x23}, {0xcb,0xd7,0xc5,0x2a}, -{0xe8,0xe6,0xef,0x15}, {0xe5,0xed,0xe1,0x1c}, {0xf2,0xf0,0xf3,0x07}, {0xff,0xfb,0xfd,0x0e}, -{0xb4,0x92,0xa7,0x79}, {0xb9,0x99,0xa9,0x70}, {0xae,0x84,0xbb,0x6b}, {0xa3,0x8f,0xb5,0x62}, -{0x80,0xbe,0x9f,0x5d}, {0x8d,0xb5,0x91,0x54}, {0x9a,0xa8,0x83,0x4f}, {0x97,0xa3,0x8d,0x46} - } -}; -#define U3 xU3.xt8 - -static const union xtab xU4 = { - .xt8 = { -{0x00,0x00,0x00,0x00}, {0x09,0x0d,0x0b,0x0e}, {0x12,0x1a,0x16,0x1c}, {0x1b,0x17,0x1d,0x12}, -{0x24,0x34,0x2c,0x38}, {0x2d,0x39,0x27,0x36}, {0x36,0x2e,0x3a,0x24}, {0x3f,0x23,0x31,0x2a}, -{0x48,0x68,0x58,0x70}, {0x41,0x65,0x53,0x7e}, {0x5a,0x72,0x4e,0x6c}, {0x53,0x7f,0x45,0x62}, -{0x6c,0x5c,0x74,0x48}, {0x65,0x51,0x7f,0x46}, {0x7e,0x46,0x62,0x54}, {0x77,0x4b,0x69,0x5a}, -{0x90,0xd0,0xb0,0xe0}, {0x99,0xdd,0xbb,0xee}, {0x82,0xca,0xa6,0xfc}, {0x8b,0xc7,0xad,0xf2}, -{0xb4,0xe4,0x9c,0xd8}, {0xbd,0xe9,0x97,0xd6}, {0xa6,0xfe,0x8a,0xc4}, {0xaf,0xf3,0x81,0xca}, -{0xd8,0xb8,0xe8,0x90}, {0xd1,0xb5,0xe3,0x9e}, {0xca,0xa2,0xfe,0x8c}, {0xc3,0xaf,0xf5,0x82}, -{0xfc,0x8c,0xc4,0xa8}, {0xf5,0x81,0xcf,0xa6}, {0xee,0x96,0xd2,0xb4}, {0xe7,0x9b,0xd9,0xba}, -{0x3b,0xbb,0x7b,0xdb}, {0x32,0xb6,0x70,0xd5}, {0x29,0xa1,0x6d,0xc7}, {0x20,0xac,0x66,0xc9}, -{0x1f,0x8f,0x57,0xe3}, {0x16,0x82,0x5c,0xed}, {0x0d,0x95,0x41,0xff}, {0x04,0x98,0x4a,0xf1}, -{0x73,0xd3,0x23,0xab}, {0x7a,0xde,0x28,0xa5}, {0x61,0xc9,0x35,0xb7}, {0x68,0xc4,0x3e,0xb9}, -{0x57,0xe7,0x0f,0x93}, {0x5e,0xea,0x04,0x9d}, {0x45,0xfd,0x19,0x8f}, {0x4c,0xf0,0x12,0x81}, -{0xab,0x6b,0xcb,0x3b}, {0xa2,0x66,0xc0,0x35}, {0xb9,0x71,0xdd,0x27}, {0xb0,0x7c,0xd6,0x29}, -{0x8f,0x5f,0xe7,0x03}, {0x86,0x52,0xec,0x0d}, {0x9d,0x45,0xf1,0x1f}, {0x94,0x48,0xfa,0x11}, -{0xe3,0x03,0x93,0x4b}, {0xea,0x0e,0x98,0x45}, {0xf1,0x19,0x85,0x57}, {0xf8,0x14,0x8e,0x59}, -{0xc7,0x37,0xbf,0x73}, {0xce,0x3a,0xb4,0x7d}, {0xd5,0x2d,0xa9,0x6f}, {0xdc,0x20,0xa2,0x61}, -{0x76,0x6d,0xf6,0xad}, {0x7f,0x60,0xfd,0xa3}, {0x64,0x77,0xe0,0xb1}, {0x6d,0x7a,0xeb,0xbf}, -{0x52,0x59,0xda,0x95}, {0x5b,0x54,0xd1,0x9b}, {0x40,0x43,0xcc,0x89}, {0x49,0x4e,0xc7,0x87}, -{0x3e,0x05,0xae,0xdd}, {0x37,0x08,0xa5,0xd3}, {0x2c,0x1f,0xb8,0xc1}, {0x25,0x12,0xb3,0xcf}, -{0x1a,0x31,0x82,0xe5}, {0x13,0x3c,0x89,0xeb}, {0x08,0x2b,0x94,0xf9}, {0x01,0x26,0x9f,0xf7}, -{0xe6,0xbd,0x46,0x4d}, {0xef,0xb0,0x4d,0x43}, {0xf4,0xa7,0x50,0x51}, {0xfd,0xaa,0x5b,0x5f}, -{0xc2,0x89,0x6a,0x75}, {0xcb,0x84,0x61,0x7b}, {0xd0,0x93,0x7c,0x69}, {0xd9,0x9e,0x77,0x67}, -{0xae,0xd5,0x1e,0x3d}, {0xa7,0xd8,0x15,0x33}, {0xbc,0xcf,0x08,0x21}, {0xb5,0xc2,0x03,0x2f}, -{0x8a,0xe1,0x32,0x05}, {0x83,0xec,0x39,0x0b}, {0x98,0xfb,0x24,0x19}, {0x91,0xf6,0x2f,0x17}, -{0x4d,0xd6,0x8d,0x76}, {0x44,0xdb,0x86,0x78}, {0x5f,0xcc,0x9b,0x6a}, {0x56,0xc1,0x90,0x64}, -{0x69,0xe2,0xa1,0x4e}, {0x60,0xef,0xaa,0x40}, {0x7b,0xf8,0xb7,0x52}, {0x72,0xf5,0xbc,0x5c}, -{0x05,0xbe,0xd5,0x06}, {0x0c,0xb3,0xde,0x08}, {0x17,0xa4,0xc3,0x1a}, {0x1e,0xa9,0xc8,0x14}, -{0x21,0x8a,0xf9,0x3e}, {0x28,0x87,0xf2,0x30}, {0x33,0x90,0xef,0x22}, {0x3a,0x9d,0xe4,0x2c}, -{0xdd,0x06,0x3d,0x96}, {0xd4,0x0b,0x36,0x98}, {0xcf,0x1c,0x2b,0x8a}, {0xc6,0x11,0x20,0x84}, -{0xf9,0x32,0x11,0xae}, {0xf0,0x3f,0x1a,0xa0}, {0xeb,0x28,0x07,0xb2}, {0xe2,0x25,0x0c,0xbc}, -{0x95,0x6e,0x65,0xe6}, {0x9c,0x63,0x6e,0xe8}, {0x87,0x74,0x73,0xfa}, {0x8e,0x79,0x78,0xf4}, -{0xb1,0x5a,0x49,0xde}, {0xb8,0x57,0x42,0xd0}, {0xa3,0x40,0x5f,0xc2}, {0xaa,0x4d,0x54,0xcc}, -{0xec,0xda,0xf7,0x41}, {0xe5,0xd7,0xfc,0x4f}, {0xfe,0xc0,0xe1,0x5d}, {0xf7,0xcd,0xea,0x53}, -{0xc8,0xee,0xdb,0x79}, {0xc1,0xe3,0xd0,0x77}, {0xda,0xf4,0xcd,0x65}, {0xd3,0xf9,0xc6,0x6b}, -{0xa4,0xb2,0xaf,0x31}, {0xad,0xbf,0xa4,0x3f}, {0xb6,0xa8,0xb9,0x2d}, {0xbf,0xa5,0xb2,0x23}, -{0x80,0x86,0x83,0x09}, {0x89,0x8b,0x88,0x07}, {0x92,0x9c,0x95,0x15}, {0x9b,0x91,0x9e,0x1b}, -{0x7c,0x0a,0x47,0xa1}, {0x75,0x07,0x4c,0xaf}, {0x6e,0x10,0x51,0xbd}, {0x67,0x1d,0x5a,0xb3}, -{0x58,0x3e,0x6b,0x99}, {0x51,0x33,0x60,0x97}, {0x4a,0x24,0x7d,0x85}, {0x43,0x29,0x76,0x8b}, -{0x34,0x62,0x1f,0xd1}, {0x3d,0x6f,0x14,0xdf}, {0x26,0x78,0x09,0xcd}, {0x2f,0x75,0x02,0xc3}, -{0x10,0x56,0x33,0xe9}, {0x19,0x5b,0x38,0xe7}, {0x02,0x4c,0x25,0xf5}, {0x0b,0x41,0x2e,0xfb}, -{0xd7,0x61,0x8c,0x9a}, {0xde,0x6c,0x87,0x94}, {0xc5,0x7b,0x9a,0x86}, {0xcc,0x76,0x91,0x88}, -{0xf3,0x55,0xa0,0xa2}, {0xfa,0x58,0xab,0xac}, {0xe1,0x4f,0xb6,0xbe}, {0xe8,0x42,0xbd,0xb0}, -{0x9f,0x09,0xd4,0xea}, {0x96,0x04,0xdf,0xe4}, {0x8d,0x13,0xc2,0xf6}, {0x84,0x1e,0xc9,0xf8}, -{0xbb,0x3d,0xf8,0xd2}, {0xb2,0x30,0xf3,0xdc}, {0xa9,0x27,0xee,0xce}, {0xa0,0x2a,0xe5,0xc0}, -{0x47,0xb1,0x3c,0x7a}, {0x4e,0xbc,0x37,0x74}, {0x55,0xab,0x2a,0x66}, {0x5c,0xa6,0x21,0x68}, -{0x63,0x85,0x10,0x42}, {0x6a,0x88,0x1b,0x4c}, {0x71,0x9f,0x06,0x5e}, {0x78,0x92,0x0d,0x50}, -{0x0f,0xd9,0x64,0x0a}, {0x06,0xd4,0x6f,0x04}, {0x1d,0xc3,0x72,0x16}, {0x14,0xce,0x79,0x18}, -{0x2b,0xed,0x48,0x32}, {0x22,0xe0,0x43,0x3c}, {0x39,0xf7,0x5e,0x2e}, {0x30,0xfa,0x55,0x20}, -{0x9a,0xb7,0x01,0xec}, {0x93,0xba,0x0a,0xe2}, {0x88,0xad,0x17,0xf0}, {0x81,0xa0,0x1c,0xfe}, -{0xbe,0x83,0x2d,0xd4}, {0xb7,0x8e,0x26,0xda}, {0xac,0x99,0x3b,0xc8}, {0xa5,0x94,0x30,0xc6}, -{0xd2,0xdf,0x59,0x9c}, {0xdb,0xd2,0x52,0x92}, {0xc0,0xc5,0x4f,0x80}, {0xc9,0xc8,0x44,0x8e}, -{0xf6,0xeb,0x75,0xa4}, {0xff,0xe6,0x7e,0xaa}, {0xe4,0xf1,0x63,0xb8}, {0xed,0xfc,0x68,0xb6}, -{0x0a,0x67,0xb1,0x0c}, {0x03,0x6a,0xba,0x02}, {0x18,0x7d,0xa7,0x10}, {0x11,0x70,0xac,0x1e}, -{0x2e,0x53,0x9d,0x34}, {0x27,0x5e,0x96,0x3a}, {0x3c,0x49,0x8b,0x28}, {0x35,0x44,0x80,0x26}, -{0x42,0x0f,0xe9,0x7c}, {0x4b,0x02,0xe2,0x72}, {0x50,0x15,0xff,0x60}, {0x59,0x18,0xf4,0x6e}, -{0x66,0x3b,0xc5,0x44}, {0x6f,0x36,0xce,0x4a}, {0x74,0x21,0xd3,0x58}, {0x7d,0x2c,0xd8,0x56}, -{0xa1,0x0c,0x7a,0x37}, {0xa8,0x01,0x71,0x39}, {0xb3,0x16,0x6c,0x2b}, {0xba,0x1b,0x67,0x25}, -{0x85,0x38,0x56,0x0f}, {0x8c,0x35,0x5d,0x01}, {0x97,0x22,0x40,0x13}, {0x9e,0x2f,0x4b,0x1d}, -{0xe9,0x64,0x22,0x47}, {0xe0,0x69,0x29,0x49}, {0xfb,0x7e,0x34,0x5b}, {0xf2,0x73,0x3f,0x55}, -{0xcd,0x50,0x0e,0x7f}, {0xc4,0x5d,0x05,0x71}, {0xdf,0x4a,0x18,0x63}, {0xd6,0x47,0x13,0x6d}, -{0x31,0xdc,0xca,0xd7}, {0x38,0xd1,0xc1,0xd9}, {0x23,0xc6,0xdc,0xcb}, {0x2a,0xcb,0xd7,0xc5}, -{0x15,0xe8,0xe6,0xef}, {0x1c,0xe5,0xed,0xe1}, {0x07,0xf2,0xf0,0xf3}, {0x0e,0xff,0xfb,0xfd}, -{0x79,0xb4,0x92,0xa7}, {0x70,0xb9,0x99,0xa9}, {0x6b,0xae,0x84,0xbb}, {0x62,0xa3,0x8f,0xb5}, -{0x5d,0x80,0xbe,0x9f}, {0x54,0x8d,0xb5,0x91}, {0x4f,0x9a,0xa8,0x83}, {0x46,0x97,0xa3,0x8d} - } -}; -#define U4 xU4.xt8 - -static const word32 rcon[30] = { - 0x01,0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 -}; diff --git a/racoon.tproj/cfparse.y b/racoon.tproj/cfparse.y deleted file mode 100644 index 9c655fa..0000000 --- a/racoon.tproj/cfparse.y +++ /dev/null @@ -1,1506 +0,0 @@ -/* $KAME: cfparse.y,v 1.114 2003/02/03 08:27:50 itojun Exp $ */ - -%{ -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#if !defined(HAVE_GETADDRINFO) || !defined(HAVE_GETNAMEINFO) -#include "addrinfo.h" -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "str2val.h" -#include "debug.h" - -/*#include "cfparse.h"*/ -#include "cftoken.h" -#include "algorithm.h" -#include "localconf.h" -#include "policy.h" -#include "sainfo.h" -#include "oakley.h" -#include "pfkey.h" -#include "remoteconf.h" -#include "grabmyaddr.h" -#include "isakmp_var.h" -#include "handler.h" -#include "isakmp.h" -#include "ipsec_doi.h" -#include "strnames.h" -#include "gcmalloc.h" -#ifdef HAVE_GSSAPI -#include "gssapi.h" -#endif -#include "vendorid.h" -#include - -struct proposalspec { - time_t lifetime; /* for isakmp/ipsec */ - int lifebyte; /* for isakmp/ipsec */ - struct secprotospec *spspec; /* the head is always current spec. */ - struct proposalspec *next; /* the tail is the most prefered. */ - struct proposalspec *prev; -}; - -struct secprotospec { - int prop_no; - int trns_no; - int strength; /* for isakmp/ipsec */ - int encklen; /* for isakmp/ipsec */ - time_t lifetime; /* for isakmp */ - int lifebyte; /* for isakmp */ - int proto_id; /* for ipsec (isakmp?) */ - int ipsec_level; /* for ipsec */ - int encmode; /* for ipsec */ - int vendorid; /* for isakmp */ - char *gssid; - struct sockaddr *remote; - int algclass[MAXALGCLASS]; - - struct secprotospec *next; /* the tail is the most prefiered. */ - struct secprotospec *prev; - struct proposalspec *back; -}; - -static int num2dhgroup[] = { - 0, - OAKLEY_ATTR_GRP_DESC_MODP768, - OAKLEY_ATTR_GRP_DESC_MODP1024, - OAKLEY_ATTR_GRP_DESC_EC2N155, - OAKLEY_ATTR_GRP_DESC_EC2N185, - OAKLEY_ATTR_GRP_DESC_MODP1536, -}; - -static struct remoteconf *cur_rmconf; -static int tmpalgtype[MAXALGCLASS]; -static struct sainfo *cur_sainfo; -static int cur_algclass; - -static struct proposalspec *prhead; /* the head is always current. */ - -static struct proposalspec *newprspec __P((void)); -static void cleanprhead __P((void)); -static void insprspec __P((struct proposalspec *, struct proposalspec **)); -static struct secprotospec *newspspec __P((void)); -static void insspspec __P((struct secprotospec *, struct proposalspec **)); - -static int set_isakmp_proposal - __P((struct remoteconf *, struct proposalspec *)); -static void clean_tmpalgtype __P((void)); -static int expand_isakmpspec __P((int, int, int *, - int, int, time_t, int, int, int, char *, struct remoteconf *)); - -static int base64toCFData(vchar_t *, CFDataRef*); - -#if 0 -static int fix_lifebyte __P((u_long)); -#endif -%} - -%union { - unsigned long num; - vchar_t *val; - struct remoteconf *rmconf; - struct sockaddr *saddr; - struct sainfoalg *alg; -} - - /* path */ -%token PATH PATHTYPE - /* include */ -%token INCLUDE - /* self information */ -%token IDENTIFIER VENDORID - /* logging */ -%token LOGGING LOGLEV - /* padding */ -%token PADDING PAD_RANDOMIZE PAD_RANDOMIZELEN PAD_MAXLEN PAD_STRICT PAD_EXCLTAIL - /* listen */ -%token LISTEN X_ISAKMP X_ADMIN STRICT_ADDRESS - /* timer */ -%token RETRY RETRY_COUNTER RETRY_INTERVAL RETRY_PERSEND -%token RETRY_PHASE1 RETRY_PHASE2 - /* algorithm */ -%token ALGORITHM_CLASS ALGORITHMTYPE STRENGTHTYPE - /* sainfo */ -%token SAINFO - /* remote */ -%token REMOTE ANONYMOUS -%token EXCHANGE_MODE EXCHANGETYPE DOI DOITYPE SITUATION SITUATIONTYPE -%token CERTIFICATE_TYPE CERTTYPE PEERS_CERTFILE VERIFY_CERT SEND_CERT SEND_CR -%token IDENTIFIERTYPE MY_IDENTIFIER PEERS_IDENTIFIER VERIFY_IDENTIFIER -%token SHARED_SECRET SECRETTYPE -%token OPEN_DIR_AUTH_GROUP IN_KEYCHAIN -%token CERTIFICATE_VERIFICATION VERIFICATION_MODULE VERIFICATION_OPTION -%token DNSSEC CERT_X509 -%token NONCE_SIZE DH_GROUP KEEPALIVE PASSIVE INITIAL_CONTACT -%token PROPOSAL_CHECK PROPOSAL_CHECK_LEVEL -%token GENERATE_POLICY SUPPORT_MIP6 -%token PROPOSAL -%token EXEC_PATH EXEC_COMMAND EXEC_SUCCESS EXEC_FAILURE -%token GSSAPI_ID -%token COMPLEX_BUNDLE - -%token PREFIX PORT PORTANY UL_PROTO ANY -%token PFS_GROUP LIFETIME LIFETYPE_TIME LIFETYPE_BYTE STRENGTH - -%token NUMBER SWITCH BOOLEAN -%token HEXSTRING QUOTEDSTRING ADDRSTRING -%token UNITTYPE_BYTE UNITTYPE_KBYTES UNITTYPE_MBYTES UNITTYPE_TBYTES -%token UNITTYPE_SEC UNITTYPE_MIN UNITTYPE_HOUR -%token EOS BOC EOC COMMA - -%type NUMBER BOOLEAN SWITCH keylength -%type PATHTYPE IDENTIFIERTYPE LOGLEV -%type SECRETTYPE -%type ALGORITHM_CLASS dh_group_num -%type ALGORITHMTYPE STRENGTHTYPE -%type PREFIX prefix PORT port ike_port -%type ul_proto UL_PROTO -%type EXCHANGETYPE DOITYPE SITUATIONTYPE -%type CERTTYPE CERT_X509 PROPOSAL_CHECK_LEVEL -%type VERIFICATION_MODULE VERIFICATION_OPTION -%type unittype_time unittype_byte -%type QUOTEDSTRING HEXSTRING ADDRSTRING sainfo_id -%type identifierstring -%type remote_index ike_addrinfo_port -%type algorithm - -%% - -statements - : /* nothing */ - | statements statement - ; -statement - : path_statement - | include_statement - | identifier_statement - | logging_statement - | padding_statement - | listen_statement - | timer_statement - | sainfo_statement - | remote_statement - | special_statement - ; - - /* path */ -path_statement - : PATH PATHTYPE QUOTEDSTRING - { - if ($2 > LC_PATHTYPE_MAX) { - yyerror("invalid path type %d", $2); - return -1; - } - - /* free old pathinfo */ - if (lcconf->pathinfo[$2]) - racoon_free(lcconf->pathinfo[$2]); - - /* set new pathinfo */ - lcconf->pathinfo[$2] = strdup($3->v); - vfree($3); - } - EOS - ; - - /* special */ -special_statement - : COMPLEX_BUNDLE SWITCH { lcconf->complex_bundle = $2; } EOS - ; - - /* include */ -include_statement - : INCLUDE QUOTEDSTRING EOS - { - char path[MAXPATHLEN]; - - getpathname(path, sizeof(path), - LC_PATHTYPE_INCLUDE, $2->v); - vfree($2); - if (yycf_switch_buffer(path) != 0) - return -1; - } - ; - - /* self infomation */ -identifier_statement - : IDENTIFIER identifier_stmt - ; -identifier_stmt - : VENDORID - { - /*XXX to be deleted */ - } - QUOTEDSTRING EOS - | IDENTIFIERTYPE QUOTEDSTRING - { - /*XXX to be deleted */ - $2->l--; /* nuke '\0' */ - lcconf->ident[$1] = $2; - if (lcconf->ident[$1] == NULL) { - yyerror("failed to set my ident: %s", - strerror(errno)); - return -1; - } - } - EOS - ; - - /* logging */ -logging_statement - : LOGGING log_level EOS - ; -log_level - : HEXSTRING - { - /* - * XXX ignore it because this specification - * will be obsoleted. - */ - yywarn("see racoon.conf(5), such a log specification will be obsoleted."); - vfree($1); - } - | LOGLEV - { - /* - * set the loglevel by configuration file only when - * the command line did not specify any loglevel. - */ - if (loglevel <= LLV_BASE) - loglevel += $1; - } - ; - - /* padding */ -padding_statement - : PADDING BOC padding_stmts EOC - ; -padding_stmts - : /* nothing */ - | padding_stmts padding_stmt - ; -padding_stmt - : PAD_RANDOMIZE SWITCH { lcconf->pad_random = $2; } EOS - | PAD_RANDOMIZELEN SWITCH { lcconf->pad_randomlen = $2; } EOS - | PAD_MAXLEN NUMBER { lcconf->pad_maxsize = $2; } EOS - | PAD_STRICT SWITCH { lcconf->pad_strict = $2; } EOS - | PAD_EXCLTAIL SWITCH { lcconf->pad_excltail = $2; } EOS - ; - - /* listen */ -listen_statement - : LISTEN BOC listen_stmts EOC - ; -listen_stmts - : /* nothing */ - | listen_stmts listen_stmt - ; -listen_stmt - : X_ISAKMP ike_addrinfo_port - { - struct myaddrs *p; - - p = newmyaddr(); - if (p == NULL) { - yyerror("failed to allocate myaddrs"); - return -1; - } - p->addr = $2; - if (p->addr == NULL) { - yyerror("failed to copy sockaddr "); - delmyaddr(p); - return -1; - } - p->sock = -1; - p->nattsock = -1; - p->addrcount = 1; - insmyaddr(p, &lcconf->myaddrs); - - lcconf->autograbaddr = 0; - } - EOS - | X_ADMIN - { - yyerror("admin directive is obsoleted."); - } - PORT EOS - | STRICT_ADDRESS { lcconf->strict_address = TRUE; } EOS - ; -ike_addrinfo_port - : ADDRSTRING ike_port - { - char portbuf[10]; - - snprintf(portbuf, sizeof(portbuf), "%ld", $2); - $$ = str2saddr($1->v, portbuf); - vfree($1); - if (!$$) - return -1; - } - ; -ike_port - : /* nothing */ { $$ = PORT_ISAKMP; } - | PORT { $$ = $1; } - ; - - /* timer */ -timer_statement - : RETRY BOC timer_stmts EOC - ; -timer_stmts - : /* nothing */ - | timer_stmts timer_stmt - ; -timer_stmt - : RETRY_COUNTER NUMBER - { - lcconf->retry_counter = $2; - } - EOS - | RETRY_INTERVAL NUMBER unittype_time - { - lcconf->retry_interval = $2 * $3; - } - EOS - | RETRY_PERSEND NUMBER - { - lcconf->count_persend = $2; - } - EOS - | RETRY_PHASE1 NUMBER unittype_time - { - lcconf->retry_checkph1 = $2 * $3; - } - EOS - | RETRY_PHASE2 NUMBER unittype_time - { - lcconf->wait_ph2complete = $2 * $3; - } - EOS - ; - - /* sainfo */ -sainfo_statement - : SAINFO - { - cur_sainfo = newsainfo(); - if (cur_sainfo == NULL) { - yyerror("failed to allocate sainfo"); - return -1; - } - } - sainfo_name BOC sainfo_specs - { - struct sainfo *check; - - /* default */ - if (cur_sainfo->algs[algclass_ipsec_enc] == 0) { - yyerror("no encryption algorithm at %s", - sainfo2str(cur_sainfo)); - return -1; - } - if (cur_sainfo->algs[algclass_ipsec_auth] == 0) { - yyerror("no authentication algorithm at %s", - sainfo2str(cur_sainfo)); - return -1; - } - if (cur_sainfo->algs[algclass_ipsec_comp] == 0) { - yyerror("no compression algorithm at %s", - sainfo2str(cur_sainfo)); - return -1; - } - - /* duplicate check */ - check = getsainfo(cur_sainfo->idsrc, cur_sainfo->iddst); - if (check && (!check->idsrc && !cur_sainfo->idsrc)) { - yyerror("duplicated sainfo: %s", - sainfo2str(cur_sainfo)); - return -1; - } - inssainfo(cur_sainfo); - } - EOC - ; -sainfo_name - : ANONYMOUS - { - cur_sainfo->idsrc = NULL; - cur_sainfo->iddst = NULL; - } - | sainfo_id sainfo_id - { - cur_sainfo->idsrc = $1; - cur_sainfo->iddst = $2; - } - ; -sainfo_id - : IDENTIFIERTYPE ADDRSTRING prefix port ul_proto - { - char portbuf[10]; - struct sockaddr *saddr; - - if (($5 == IPPROTO_ICMP || $5 == IPPROTO_ICMPV6) - && ($4 != IPSEC_PORT_ANY || $4 != IPSEC_PORT_ANY)) { - yyerror("port number must be \"any\"."); - return -1; - } - - snprintf(portbuf, sizeof(portbuf), "%lu", $4); - saddr = str2saddr($2->v, portbuf); - vfree($2); - if (saddr == NULL) - return -1; - - switch (saddr->sa_family) { - case AF_INET: - if ($5 == IPPROTO_ICMPV6) { - yyerror("upper layer protocol mismatched.\n"); - racoon_free(saddr); - return -1; - } - $$ = ipsecdoi_sockaddr2id(saddr, - $3 == ~0 ? (sizeof(struct in_addr) << 3): $3, - $5); - break; -#ifdef INET6 - case AF_INET6: - if ($5 == IPPROTO_ICMP) { - yyerror("upper layer protocol mismatched.\n"); - racoon_free(saddr); - return -1; - } - $$ = ipsecdoi_sockaddr2id(saddr, - $3 == ~0 ? (sizeof(struct in6_addr) << 3) : $3, - $5); - break; -#endif - default: - yyerror("invalid family: %d", saddr->sa_family); - break; - } - racoon_free(saddr); - if ($$ == NULL) - return -1; - } - | IDENTIFIERTYPE QUOTEDSTRING - { - struct ipsecdoi_id_b *id_b; - - if ($1 == IDTYPE_ASN1DN) { - yyerror("id type forbidden: %d", $1); - return -1; - } - - $2->l--; - - $$ = vmalloc(sizeof(*id_b) + $2->l); - if ($$ == NULL) { - yyerror("failed to allocate identifier"); - return -1; - } - - id_b = (struct ipsecdoi_id_b *)$$->v; - id_b->type = idtype2doi($1); - - id_b->proto_id = 0; - id_b->port = 0; - - memcpy($$->v + sizeof(*id_b), $2->v, $2->l); - } - ; -sainfo_specs - : /* nothing */ - | sainfo_specs sainfo_spec - ; -sainfo_spec - : PFS_GROUP dh_group_num - { - cur_sainfo->pfs_group = $2; - } - EOS - | LIFETIME LIFETYPE_TIME NUMBER unittype_time - { - cur_sainfo->lifetime = $3 * $4; - } - EOS - | LIFETIME LIFETYPE_BYTE NUMBER unittype_byte - { -#if 1 - yyerror("byte lifetime support is deprecated"); - return -1; -#else - cur_sainfo->lifebyte = fix_lifebyte($3 * $4); - if (cur_sainfo->lifebyte == 0) - return -1; -#endif - } - EOS - | ALGORITHM_CLASS { - cur_algclass = $1; - } - algorithms EOS - | IDENTIFIER IDENTIFIERTYPE - { - yyerror("it's deprecated to specify a identifier in phase 2"); - } - EOS - | MY_IDENTIFIER IDENTIFIERTYPE QUOTEDSTRING - { - yyerror("it's deprecated to specify a identifier in phase 2"); - } - EOS - ; - -algorithms - : algorithm - { - inssainfoalg(&cur_sainfo->algs[cur_algclass], $1); - } - | algorithm - { - inssainfoalg(&cur_sainfo->algs[cur_algclass], $1); - } - COMMA algorithms - ; -algorithm - : ALGORITHMTYPE keylength - { - int defklen; - - $$ = newsainfoalg(); - if ($$ == NULL) { - yyerror("failed to get algorithm allocation"); - return -1; - } - - $$->alg = algtype2doi(cur_algclass, $1); - if ($$->alg == -1) { - yyerror("algorithm mismatched"); - racoon_free($$); - return -1; - } - - defklen = default_keylen(cur_algclass, $1); - if (defklen == 0) { - if ($2) { - yyerror("keylen not allowed"); - racoon_free($$); - return -1; - } - } else { - if ($2 && check_keylen(cur_algclass, $1, $2) < 0) { - yyerror("invalid keylen %d", $2); - racoon_free($$); - return -1; - } - } - - if ($2) - $$->encklen = $2; - else - $$->encklen = defklen; - - /* check if it's supported algorithm by kernel */ - if (!(cur_algclass == algclass_ipsec_auth && $1 == algtype_non_auth) - && pk_checkalg(cur_algclass, $1, $$->encklen)) { - int a = algclass2doi(cur_algclass); - int b = algtype2doi(cur_algclass, $1); - if (a == IPSECDOI_ATTR_AUTH) - a = IPSECDOI_PROTO_IPSEC_AH; - yyerror("algorithm %s not supported", - s_ipsecdoi_trns(a, b)); - racoon_free($$); - return -1; - } - } - ; -prefix - : /* nothing */ { $$ = ~0; } - | PREFIX { $$ = $1; } - ; -port - : /* nothing */ { $$ = IPSEC_PORT_ANY; } - | PORT { $$ = $1; } - | PORTANY { $$ = IPSEC_PORT_ANY; } - ; -ul_proto - : NUMBER { $$ = $1; } - | UL_PROTO { $$ = $1; } - | ANY { $$ = IPSEC_ULPROTO_ANY; } - ; -keylength - : /* nothing */ { $$ = 0; } - | NUMBER { $$ = $1; } - ; - - /* remote */ -remote_statement - : REMOTE remote_index - { - struct remoteconf *new; - struct proposalspec *prspec; - - new = newrmconf(); - if (new == NULL) { - yyerror("failed to get new remoteconf."); - return -1; - } - - new->remote = $2; - cur_rmconf = new; - - prspec = newprspec(); - if (prspec == NULL) - return -1; - prspec->lifetime = oakley_get_defaultlifetime(); - insprspec(prspec, &prhead); - } - BOC remote_specs - { - /* check a exchange mode */ - if (cur_rmconf->etypes == NULL) { - yyerror("no exchange mode specified.\n"); - return -1; - } - - if (cur_rmconf->idvtype == IDTYPE_ASN1DN - && cur_rmconf->mycertfile == NULL - && cur_rmconf->identity_in_keychain == 0) { - yyerror("id type mismatched due to " - "no CERT defined.\n"); - return -1; - } - - if (cur_rmconf->cert_verification_option == VERIFICATION_OPTION_PEERS_IDENTIFIER - && cur_rmconf->idv_p == NULL) { - yyerror("peers_identifier required for specified certificate " - "verification option.\n"); - return -1; - } - - if (set_isakmp_proposal(cur_rmconf, prhead) != 0) - return -1; - - /* DH group settting if aggressive mode is there. */ - if (check_etypeok(cur_rmconf, ISAKMP_ETYPE_AGG) != NULL) { - struct isakmpsa *p; - int b = 0; - - /* DH group */ - for (p = cur_rmconf->proposal; p; p = p->next) { - if (b == 0 || (b && b == p->dh_group)) { - b = p->dh_group; - continue; - } - yyerror("DH group must be equal " - "to each proposals's " - "when aggressive mode is " - "used.\n"); - return -1; - } - cur_rmconf->dh_group = b; - - if (cur_rmconf->dh_group == 0) { - yyerror("DH group must be required.\n"); - return -1; - } - - /* DH group settting if PFS is required. */ - if (oakley_setdhgroup(cur_rmconf->dh_group, - &cur_rmconf->dhgrp) < 0) { - yyerror("failed to set DH value.\n"); - return -1; - } - } - - insrmconf(cur_rmconf); - - cleanprhead(); - } - EOC - ; -remote_index - : ANONYMOUS ike_port - { - $$ = newsaddr(sizeof(struct sockaddr *)); - $$->sa_family = AF_UNSPEC; - ((struct sockaddr_in *)$$)->sin_port = htons($2); - } - | ike_addrinfo_port - { - $$ = $1; - if ($$ == NULL) { - yyerror("failed to allocate sockaddr"); - return -1; - } - } - ; -remote_specs - : /* nothing */ - | remote_specs remote_spec - ; -remote_spec - : EXCHANGE_MODE exchange_types EOS - | DOI DOITYPE { cur_rmconf->doitype = $2; } EOS - | SITUATION SITUATIONTYPE { cur_rmconf->sittype = $2; } EOS - | CERTIFICATE_TYPE cert_spec - | PEERS_CERTFILE QUOTEDSTRING - { -#ifdef HAVE_SIGNING_C - cur_rmconf->getcert_method = ISAKMP_GETCERT_LOCALFILE; - cur_rmconf->peerscertfile = strdup($2->v); - vfree($2); -#else - yyerror("directive not supported"); - return -1; -#endif - } - EOS - | PEERS_CERTFILE DNSSEC - { -#ifdef HAVE_SIGNING_C - cur_rmconf->getcert_method = ISAKMP_GETCERT_DNS; - cur_rmconf->peerscertfile = NULL; -#else - yyerror("directive not supported"); - return -1; -#endif - } - EOS - | VERIFY_CERT SWITCH { cur_rmconf->verify_cert = $2; } EOS - | SEND_CERT SWITCH { cur_rmconf->send_cert = $2; } EOS - | SEND_CR SWITCH { cur_rmconf->send_cr = $2; } EOS - | CERTIFICATE_VERIFICATION VERIFICATION_MODULE { cur_rmconf->cert_verification = $2; } EOS - | CERTIFICATE_VERIFICATION VERIFICATION_MODULE VERIFICATION_OPTION - { - cur_rmconf->cert_verification = $2; - cur_rmconf->cert_verification_option = $3; - } - EOS - | OPEN_DIR_AUTH_GROUP QUOTEDSTRING { cur_rmconf->open_dir_auth_group = $2; } EOS - | IDENTIFIER IDENTIFIERTYPE - { - /*XXX to be deleted */ - cur_rmconf->idvtype = $2; - } - EOS - | MY_IDENTIFIER IDENTIFIERTYPE identifierstring - { - if (set_identifier(&cur_rmconf->idv, $2, $3) != 0) { - yyerror("failed to set identifer.\n"); - vfree($3); - return -1; - } - vfree($3); - cur_rmconf->idvtype = $2; - } - EOS - | PEERS_IDENTIFIER IDENTIFIERTYPE identifierstring - { - if (set_identifier(&cur_rmconf->idv_p, $2, $3) != 0) { - yyerror("failed to set identifer.\n"); - vfree($3); - return -1; - } - vfree($3); - cur_rmconf->idvtype_p = $2; - } - EOS - | VERIFY_IDENTIFIER SWITCH { cur_rmconf->verify_identifier = $2; } EOS - | SHARED_SECRET SECRETTYPE QUOTEDSTRING { cur_rmconf->secrettype = $2; cur_rmconf->shared_secret = $3; } EOS - | NONCE_SIZE NUMBER { cur_rmconf->nonce_size = $2; } EOS - | DH_GROUP - { - yyerror("dh_group cannot be defined here."); - return -1; - } - dh_group_num EOS - | KEEPALIVE { cur_rmconf->keepalive = TRUE; } EOS - | PASSIVE SWITCH { cur_rmconf->passive = $2; } EOS - | GENERATE_POLICY SWITCH { cur_rmconf->gen_policy = $2; } EOS - | SUPPORT_MIP6 SWITCH { cur_rmconf->support_mip6 = $2; } EOS - | INITIAL_CONTACT SWITCH { cur_rmconf->ini_contact = $2; } EOS - | PROPOSAL_CHECK PROPOSAL_CHECK_LEVEL { cur_rmconf->pcheck_level = $2; } EOS - | LIFETIME LIFETYPE_TIME NUMBER unittype_time - { - prhead->lifetime = $3 * $4; - } - EOS - | LIFETIME LIFETYPE_BYTE NUMBER unittype_byte - { -#if 1 - yyerror("byte lifetime support is deprecated"); - return -1; -#else - yywarn("the lifetime of bytes in phase 1 " - "will be ignored at the moment."); - prhead->lifebyte = fix_lifebyte($3 * $4); - if (prhead->lifebyte == 0) - return -1; -#endif - } - EOS - | PROPOSAL - { - struct secprotospec *spspec; - - spspec = newspspec(); - if (spspec == NULL) - return -1; - insspspec(spspec, &prhead); - } - BOC isakmpproposal_specs EOC - ; -exchange_types - : /* nothing */ - | exchange_types EXCHANGETYPE - { - struct etypes *new; - new = racoon_malloc(sizeof(struct etypes)); - if (new == NULL) { - yyerror("filed to allocate etypes"); - return -1; - } - new->type = $2; - new->next = NULL; - if (cur_rmconf->etypes == NULL) - cur_rmconf->etypes = new; - else { - struct etypes *p; - for (p = cur_rmconf->etypes; - p->next != NULL; - p = p->next) - ; - p->next = new; - } - } - ; -cert_spec - : CERT_X509 QUOTEDSTRING QUOTEDSTRING - { -#ifdef HAVE_SIGNING_C - cur_rmconf->certtype = $1; - cur_rmconf->mycertfile = strdup($2->v); - vfree($2); - cur_rmconf->myprivfile = strdup($3->v); - vfree($3); -#else - yyerror("directive not supported"); - return -1; -#endif - } - EOS - | CERT_X509 IN_KEYCHAIN - { - cur_rmconf->certtype = $1; - cur_rmconf->identity_in_keychain = 1; - cur_rmconf->keychainCertRef = 0; - } - EOS - ; - | CERT_X509 IN_KEYCHAIN QUOTEDSTRING - { - int result; - - cur_rmconf->certtype = $1; - cur_rmconf->identity_in_keychain = 1; - result = base64toCFData($3, &cur_rmconf->keychainCertRef); - vfree($3); - if (result) - return -1; - } - EOS - ; - -dh_group_num - : ALGORITHMTYPE - { - $$ = algtype2doi(algclass_isakmp_dh, $1); - if ($$ == -1) { - yyerror("must be DH group"); - return -1; - } - } - | NUMBER - { - if (ARRAYLEN(num2dhgroup) > $1 && num2dhgroup[$1] != 0) { - $$ = num2dhgroup[$1]; - } else { - yyerror("must be DH group"); - return -1; - } - } - ; -identifierstring - : /* nothing */ { $$ = NULL; } - | ADDRSTRING { $$ = $1; } - | QUOTEDSTRING { $$ = $1; } - ; -isakmpproposal_specs - : /* nothing */ - | isakmpproposal_specs isakmpproposal_spec - ; -isakmpproposal_spec - : STRENGTH - { - yyerror("strength directive is obsoleted."); - } STRENGTHTYPE EOS - | LIFETIME LIFETYPE_TIME NUMBER unittype_time - { - prhead->spspec->lifetime = $3 * $4; - } - EOS - | LIFETIME LIFETYPE_BYTE NUMBER unittype_byte - { -#if 1 - yyerror("byte lifetime support is deprecated"); - return -1; -#else - prhead->spspec->lifebyte = fix_lifebyte($3 * $4); - if (prhead->spspec->lifebyte == 0) - return -1; -#endif - } - EOS - | DH_GROUP dh_group_num - { - prhead->spspec->algclass[algclass_isakmp_dh] = $2; - } - EOS - | GSSAPI_ID QUOTEDSTRING - { - if (prhead->spspec->vendorid != VENDORID_GSSAPI) { - yyerror("wrong Vendor ID for gssapi_id"); - return -1; - } - prhead->spspec->gssid = strdup($2->v); - } - EOS - | ALGORITHM_CLASS ALGORITHMTYPE keylength - { - int doi; - int defklen; - - doi = algtype2doi($1, $2); - if (doi == -1) { - yyerror("algorithm mismatched 1"); - return -1; - } - - switch ($1) { - case algclass_isakmp_enc: - /* reject suppressed algorithms */ -#ifndef HAVE_OPENSSL_RC5_H - if ($2 == algtype_rc5) { - yyerror("algorithm %s not supported", - s_attr_isakmp_enc(doi)); - return -1; - } -#endif -#ifndef HAVE_OPENSSL_IDEA_H - if ($2 == algtype_idea) { - yyerror("algorithm %s not supported", - s_attr_isakmp_enc(doi)); - return -1; - } -#endif - - prhead->spspec->algclass[algclass_isakmp_enc] = doi; - defklen = default_keylen($1, $2); - if (defklen == 0) { - if ($3) { - yyerror("keylen not allowed"); - return -1; - } - } else { - if ($3 && check_keylen($1, $2, $3) < 0) { - yyerror("invalid keylen %d", $3); - return -1; - } - } - if ($3) - prhead->spspec->encklen = $3; - else - prhead->spspec->encklen = defklen; - break; - case algclass_isakmp_hash: - prhead->spspec->algclass[algclass_isakmp_hash] = doi; - break; - case algclass_isakmp_ameth: - prhead->spspec->algclass[algclass_isakmp_ameth] = doi; - /* - * We may have to set the Vendor ID for the - * authentication method we're using. - */ - switch ($2) { - case algtype_gssapikrb: - if (prhead->spspec->vendorid != - VENDORID_UNKNOWN) { - yyerror("Vendor ID mismatch " - "for auth method"); - return -1; - } - /* - * For interoperability with Win2k, - * we set the Vendor ID to "GSSAPI". - */ - prhead->spspec->vendorid = - VENDORID_GSSAPI; - break; - default: - break; - } - break; - default: - yyerror("algorithm mismatched 2"); - return -1; - } - } - EOS - ; - -unittype_time - : UNITTYPE_SEC { $$ = 1; } - | UNITTYPE_MIN { $$ = 60; } - | UNITTYPE_HOUR { $$ = (60 * 60); } - ; -unittype_byte - : UNITTYPE_BYTE { $$ = 1; } - | UNITTYPE_KBYTES { $$ = 1024; } - | UNITTYPE_MBYTES { $$ = (1024 * 1024); } - | UNITTYPE_TBYTES { $$ = (1024 * 1024 * 1024); } - ; -%% - -static struct proposalspec * -newprspec() -{ - struct proposalspec *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - yyerror("failed to allocate proposal"); - - return new; -} - -static void -cleanprhead() -{ - struct proposalspec *p, *next; - - if (prhead == NULL) - return; - - for (p = prhead; p != NULL; p = next) { - struct secprotospec *psp, *nextsp; - for (psp = p->spspec; psp; psp = nextsp) { - nextsp = psp->next; - racoon_free(p->spspec); - } - next = p->next; - racoon_free(p); - } - - prhead = NULL; -} - -/* - * insert into head of list. - */ -static void -insprspec(prspec, head) - struct proposalspec *prspec; - struct proposalspec **head; -{ - if (*head != NULL) - (*head)->prev = prspec; - prspec->next = *head; - *head = prspec; -} - -static struct secprotospec * -newspspec() -{ - struct secprotospec *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) { - yyerror("failed to allocate spproto"); - return NULL; - } - - new->encklen = 0; /*XXX*/ - - /* - * Default to "uknown" vendor -- we will override this - * as necessary. When we send a Vendor ID payload, an - * "unknown" will be translated to a KAME/racoon ID. - */ - new->vendorid = VENDORID_UNKNOWN; - - return new; -} - -/* - * insert into head of list. - */ -static void -insspspec(spspec, head) - struct secprotospec *spspec; - struct proposalspec **head; -{ - spspec->back = *head; - - if ((*head)->spspec != NULL) - (*head)->spspec->prev = spspec; - spspec->next = (*head)->spspec; - (*head)->spspec = spspec; -} - -/* set final acceptable proposal */ -static int -set_isakmp_proposal(rmconf, prspec) - struct remoteconf *rmconf; - struct proposalspec *prspec; -{ - struct proposalspec *p; - struct secprotospec *s; - int prop_no = 1; - int trns_no = 1; - u_int32_t types[MAXALGCLASS]; - - p = prspec; - if (p->next != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "multiple proposal definition.\n"); - return -1; - } - - /* mandatory check */ - if (p->spspec == NULL) { - yyerror("no remote specification found: %s.\n", - rm2str(rmconf)); - return -1; - } - for (s = p->spspec; s != NULL; s = s->next) { - /* XXX need more to check */ - if (s->algclass[algclass_isakmp_enc] == 0) { - yyerror("encryption algorithm required."); - return -1; - } - if (s->algclass[algclass_isakmp_hash] == 0) { - yyerror("hash algorithm required."); - return -1; - } - if (s->algclass[algclass_isakmp_dh] == 0) { - yyerror("DH group required."); - return -1; - } - if (s->algclass[algclass_isakmp_ameth] == 0) { - yyerror("authentication method required."); - return -1; - } - } - - /* skip to last part */ - for (s = p->spspec; s->next != NULL; s = s->next) - ; - - while (s != NULL) { - plog(LLV_DEBUG2, LOCATION, NULL, - "lifetime = %ld\n", (long) - (s->lifetime ? s->lifetime : p->lifetime)); - plog(LLV_DEBUG2, LOCATION, NULL, - "lifebyte = %d\n", - s->lifebyte ? s->lifebyte : p->lifebyte); - plog(LLV_DEBUG2, LOCATION, NULL, - "encklen=%d\n", s->encklen); - - memset(types, 0, ARRAYLEN(types)); - types[algclass_isakmp_enc] = s->algclass[algclass_isakmp_enc]; - types[algclass_isakmp_hash] = s->algclass[algclass_isakmp_hash]; - types[algclass_isakmp_dh] = s->algclass[algclass_isakmp_dh]; - types[algclass_isakmp_ameth] = - s->algclass[algclass_isakmp_ameth]; - - /* expanding spspec */ - clean_tmpalgtype(); - trns_no = expand_isakmpspec(prop_no, trns_no, types, - algclass_isakmp_enc, algclass_isakmp_ameth + 1, - s->lifetime ? s->lifetime : p->lifetime, - s->lifebyte ? s->lifebyte : p->lifebyte, - s->encklen, s->vendorid, s->gssid, - rmconf); - if (trns_no == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to expand isakmp proposal.\n"); - return -1; - } - - s = s->prev; - } - - if (rmconf->proposal == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no proposal found.\n"); - return -1; - } - - return 0; -} - -static void -clean_tmpalgtype() -{ - int i; - for (i = 0; i < MAXALGCLASS; i++) - tmpalgtype[i] = 0; /* means algorithm undefined. */ -} - -static int -expand_isakmpspec(prop_no, trns_no, types, - class, last, lifetime, lifebyte, encklen, vendorid, gssid, - rmconf) - int prop_no, trns_no; - int *types, class, last; - time_t lifetime; - int lifebyte; - int encklen; - int vendorid; - char *gssid; - struct remoteconf *rmconf; -{ - struct isakmpsa *new; - - /* debugging */ - { - int j; - char tb[10]; - plog(LLV_DEBUG2, LOCATION, NULL, - "p:%d t:%d\n", prop_no, trns_no); - for (j = class; j < MAXALGCLASS; j++) { - snprintf(tb, sizeof(tb), "%d", types[j]); - plog(LLV_DEBUG2, LOCATION, NULL, - "%s%s%s%s\n", - s_algtype(j, types[j]), - types[j] ? "(" : "", - tb[0] == '0' ? "" : tb, - types[j] ? ")" : ""); - } - plog(LLV_DEBUG2, LOCATION, NULL, "\n"); - } - -#define TMPALGTYPE2STR(n) \ - s_algtype(algclass_isakmp_##n, types[algclass_isakmp_##n]) - /* check mandatory values */ - if (types[algclass_isakmp_enc] == 0 - || types[algclass_isakmp_ameth] == 0 - || types[algclass_isakmp_hash] == 0 - || types[algclass_isakmp_dh] == 0) { - yyerror("few definition of algorithm " - "enc=%s ameth=%s hash=%s dhgroup=%s.\n", - TMPALGTYPE2STR(enc), - TMPALGTYPE2STR(ameth), - TMPALGTYPE2STR(hash), - TMPALGTYPE2STR(dh)); - return -1; - } -#undef TMPALGTYPE2STR - - /* set new sa */ - new = newisakmpsa(); - if (new == NULL) { - yyerror("failed to allocate isakmp sa"); - return -1; - } - new->prop_no = prop_no; - new->trns_no = trns_no++; - new->lifetime = lifetime; - new->lifebyte = lifebyte; - new->enctype = types[algclass_isakmp_enc]; - new->encklen = encklen; - new->authmethod = types[algclass_isakmp_ameth]; - new->hashtype = types[algclass_isakmp_hash]; - new->dh_group = types[algclass_isakmp_dh]; - new->vendorid = vendorid; -#ifdef HAVE_GSSAPI - if (gssid != NULL) { - new->gssid = vmalloc(strlen(gssid) + 1); - memcpy(new->gssid->v, gssid, new->gssid->l); - racoon_free(gssid); - } else - new->gssid = NULL; -#endif - insisakmpsa(new, rmconf); - - return trns_no; -} - -#if 0 -/* - * fix lifebyte. - * Must be more than 1024B because its unit is kilobytes. - * That is defined RFC2407. - */ -static int -fix_lifebyte(t) - unsigned long t; -{ - if (t < 1024) { - yyerror("byte size should be more than 1024B."); - return 0; - } - - return(t / 1024); -} -#endif - -extern int yyparse(void); - -int -cfparse() -{ - int error; - - yycf_init_buffer(); - - if (yycf_switch_buffer(lcconf->racoon_conf) != 0) - return -1; - - prhead = NULL; - - error = yyparse(); - if (error != 0) { - if (yyerrorcount) { - plog(LLV_ERROR, LOCATION, NULL, - "fatal parse failure (%d errors)\n", - yyerrorcount); - } else { - plog(LLV_ERROR, LOCATION, NULL, - "fatal parse failure.\n"); - } - return -1; - } - - if (error == 0 && yyerrorcount) { - plog(LLV_ERROR, LOCATION, NULL, - "parse error is nothing, but yyerrorcount is %d.\n", - yyerrorcount); - exit(1); - } - - yycf_clean_buffer(); - - plog(LLV_DEBUG2, LOCATION, NULL, "parse successed.\n"); - - return 0; -} - -int -cfreparse() -{ - flushph2(); - flushph1(); - flushrmconf(); - flushsainfo(); - cleanprhead(); - clean_tmpalgtype(); - - return(cfparse()); -} - - -/* ----------------------------------------------------------------------------- -The base-64 encoding packs three 8-bit bytes into four 7-bit ASCII -characters. If the number of bytes in the original data isn't divisable -by three, "=" characters are used to pad the encoded data. The complete -set of characters used in base-64 are: - 'A'..'Z' => 00..25 - 'a'..'z' => 26..51 - '0'..'9' => 52..61 - '+' => 62 - '/' => 63 - '=' => pad - ------------------------------------------------------------------------------ */ -static const signed char base64_DecodeTable[128] = { - /* 000 */ -1, -1, -1, -1, -1, -1, -1, -1, - /* 010 */ -1, -1, -1, -1, -1, -1, -1, -1, - /* 020 */ -1, -1, -1, -1, -1, -1, -1, -1, - /* 030 */ -1, -1, -1, -1, -1, -1, -1, -1, - /* ' ' */ -1, -1, -1, -1, -1, -1, -1, -1, - /* '(' */ -1, -1, -1, 62, -1, -1, -1, 63, - /* '0' */ 52, 53, 54, 55, 56, 57, 58, 59, - /* '8' */ 60, 61, -1, -1, -1, 0, -1, -1, - /* '@' */ -1, 0, 1, 2, 3, 4, 5, 6, - /* 'H' */ 7, 8, 9, 10, 11, 12, 13, 14, - /* 'P' */ 15, 16, 17, 18, 19, 20, 21, 22, - /* 'X' */ 23, 24, 25, -1, -1, -1, -1, -1, - /* '`' */ -1, 26, 27, 28, 29, 30, 31, 32, - /* 'h' */ 33, 34, 35, 36, 37, 38, 39, 40, - /* 'p' */ 41, 42, 43, 44, 45, 46, 47, 48, - /* 'x' */ 49, 50, 51, -1, -1, -1, -1, -1 -}; - -static int base64toCFData(vchar_t *textin, CFDataRef *dataRef) -{ - uint8_t *tmpbuf; - uint8_t c; - int tmpbufpos = 0; - int numeq = 0; - int acc = 0; - int cntr = 0; - uint8_t *textcur = textin->v; - int len = textin->l; - int i; - - tmpbuf = malloc(len); // len of result will be less than encoded len - if (tmpbuf == NULL) { - yyerror("memory error - could not allocate buffer for certificate reference conversion from base-64."); - return -1; - } - - for (i = 0; i < len; i++) { - c = *(textcur++); - if (c == '=') - numeq++; - else if (!isspace(c)) - numeq = 0; - if (base64_DecodeTable[c] < 0) - continue; - cntr++; - acc <<= 6; - acc += base64_DecodeTable[c]; - if (0 == (cntr & 0x3)) { - tmpbuf[tmpbufpos++] = (acc >> 16) & 0xff; - if (numeq < 2) - tmpbuf[tmpbufpos++] = (acc >> 8) & 0xff; - if (numeq < 1) - tmpbuf[tmpbufpos++] = acc & 0xff; - } - } - *dataRef = CFDataCreate(NULL, tmpbuf, tmpbufpos); - free(tmpbuf); - return 0; - -} - diff --git a/racoon.tproj/cftoken.h b/racoon.tproj/cftoken.h deleted file mode 100644 index 1c0b43b..0000000 --- a/racoon.tproj/cftoken.h +++ /dev/null @@ -1,49 +0,0 @@ -/* $KAME: cftoken.h,v 1.3 2000/09/13 04:50:24 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __CFTOKEN_H__ -#define __CFTOKEN_H__ - - -extern int yyerrorcount; - -extern int yylex __P((void)); -extern void yyerror __P((char *, ...)); -extern void yywarn __P((char *, ...)); - -extern int yycf_switch_buffer __P((char *)); -extern int yycf_set_buffer __P((char *)); -extern void yycf_init_buffer __P((void)); -extern void yycf_clean_buffer __P((void)); - - -#endif /* __CFTOKEN_H__ */ - diff --git a/racoon.tproj/cftoken.l b/racoon.tproj/cftoken.l deleted file mode 100644 index d9f15bb..0000000 --- a/racoon.tproj/cftoken.l +++ /dev/null @@ -1,598 +0,0 @@ -/* $KAME: cftoken.l,v 1.69 2002/09/27 06:03:51 itojun Exp $ */ - -%{ -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_STDARG_H -#include -#else -#include -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "debug.h" - -#include "algorithm.h" -#include "cfparse.h" -#include "cftoken.h" -#include "localconf.h" -#include "oakley.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "ipsec_doi.h" -#include "proposal.h" -#ifdef GC -#include "gcmalloc.h" -#endif - -/*#include "y.tab.h"*/ - -int yyerrorcount = 0; - -#if defined(YIPS_DEBUG) -# define YYDB plog(LLV_DEBUG2, LOCATION, NULL, \ - "begin <%d>%s\n", yy_start, yytext); -# define YYD { \ - plog(LLV_DEBUG2, LOCATION, NULL, "<%d>%s", \ - yy_start, loglevel >= LLV_DEBUG2 ? "\n" : ""); \ -} -#else -# define YYDB -# define YYD -#endif /* defined(YIPS_DEBUG) */ - -#define MAX_INCLUDE_DEPTH 10 - -static struct include_stack { - char *path; - FILE *fp; - YY_BUFFER_STATE prevstate; - int lineno; - glob_t matches; - int matchon; -} incstack[MAX_INCLUDE_DEPTH]; -static int incstackp = 0; - -static int yy_first_time = 1; -%} - -/* common section */ -nl \n -ws [ \t]+ -digit [0-9] -letter [A-Za-z] -hexdigit [0-9A-Fa-f] -/*octet (([01]?{digit}?{digit})|((2([0-4]{digit}))|(25[0-5]))) */ -special [()+\|\?\*] -comma \, -dot \. -slash \/ -bcl \{ -ecl \} -blcl \[ -elcl \] -percent \% -semi \; -comment \#.* -ccomment "/*" -bracketstring \<[^>]*\> -quotedstring \"[^"]*\" -addrstring [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*) -decstring {digit}+ -hexstring 0x{hexdigit}+ - -%s S_INI S_PTH S_INF S_LOG S_PAD S_LST S_RTRY -%s S_ALGST S_ALGCL -%s S_SAINF S_SAINFS -%s S_RMT S_RMTS S_RMTP -%s S_SA - -%% -%{ - if (yy_first_time) { - BEGIN S_INI; - yy_first_time = 0; - } -%} - - /* path */ -path { BEGIN S_PTH; YYDB; return(PATH); } -include { YYD; yylval.num = LC_PATHTYPE_INCLUDE; - return(PATHTYPE); } -pre_shared_key { YYD; yylval.num = LC_PATHTYPE_PSK; - return(PATHTYPE); } -certificate { YYD; yylval.num = LC_PATHTYPE_CERT; - return(PATHTYPE); } -backupsa { YYD; yylval.num = LC_PATHTYPE_BACKUPSA; - return(PATHTYPE); } -{semi} { BEGIN S_INI; YYDB; return(EOS); } - - /* include */ -include { YYDB; return(INCLUDE); } - - /* self information */ -identifier { BEGIN S_INF; YYDB; yywarn("it is obsoleted. use \"my_identifier\" in each remote directives."); return(IDENTIFIER); } -{semi} { BEGIN S_INI; return(EOS); } - - /* special */ -complex_bundle { YYDB; return(COMPLEX_BUNDLE); } - - /* logging */ -log { BEGIN S_LOG; YYDB; return(LOGGING); } -info { YYD; yywarn("it is obsoleted. use \"notify\""); yylval.num = 0; return(LOGLEV); } -notify { YYD; yylval.num = 0; return(LOGLEV); } -debug { YYD; yylval.num = 1; return(LOGLEV); } -debug2 { YYD; yylval.num = 2; return(LOGLEV); } -debug3 { YYD; yywarn("it is osboleted. use \"debug2\""); yylval.num = 2; return(LOGLEV); } -debug4 { YYD; yywarn("it is obsoleted. use \"debug2\""); yylval.num = 2; return(LOGLEV); } -{semi} { BEGIN S_INI; return(EOS); } - - /* padding */ -padding { BEGIN S_PAD; YYDB; return(PADDING); } -{bcl} { return(BOC); } -randomize { YYD; return(PAD_RANDOMIZE); } -randomize_length { YYD; return(PAD_RANDOMIZELEN); } -maximum_length { YYD; return(PAD_MAXLEN); } -strict_check { YYD; return(PAD_STRICT); } -exclusive_tail { YYD; return(PAD_EXCLTAIL); } -{ecl} { BEGIN S_INI; return(EOC); } - - /* listen */ -listen { BEGIN S_LST; YYDB; return(LISTEN); } -{bcl} { return(BOC); } -isakmp { YYD; return(X_ISAKMP); } -admin { YYD; return(X_ADMIN); } -strict_address { YYD; return(STRICT_ADDRESS); } -{ecl} { BEGIN S_INI; return(EOC); } - - /* timer */ -timer { BEGIN S_RTRY; YYDB; return(RETRY); } -{bcl} { return(BOC); } -counter { YYD; return(RETRY_COUNTER); } -interval { YYD; return(RETRY_INTERVAL); } -persend { YYD; return(RETRY_PERSEND); } -phase1 { YYD; return(RETRY_PHASE1); } -phase2 { YYD; return(RETRY_PHASE2); } -{ecl} { BEGIN S_INI; return(EOC); } - - /* sainfo */ -sainfo { BEGIN S_SAINF; YYDB; return(SAINFO); } -anonymous { YYD; return(ANONYMOUS); } -{blcl}any{elcl} { YYD; return(PORTANY); } -any { YYD; return(ANY); } - /* sainfo spec */ -{bcl} { BEGIN S_SAINFS; return(BOC); } -{semi} { BEGIN S_INI; return(EOS); } -{ecl} { BEGIN S_INI; return(EOC); } -pfs_group { YYD; return(PFS_GROUP); } -identifier { YYD; yywarn("it is obsoleted. use \"my_identifier\"."); return(IDENTIFIER); } -my_identifier { YYD; return(MY_IDENTIFIER); } -lifetime { YYD; return(LIFETIME); } -time { YYD; return(LIFETYPE_TIME); } -byte { YYD; return(LIFETYPE_BYTE); } -encryption_algorithm { YYD; yylval.num = algclass_ipsec_enc; return(ALGORITHM_CLASS); } -authentication_algorithm { YYD; yylval.num = algclass_ipsec_auth; return(ALGORITHM_CLASS); } -compression_algorithm { YYD; yylval.num = algclass_ipsec_comp; return(ALGORITHM_CLASS); } -{comma} { YYD; return(COMMA); } - - /* remote */ -remote { BEGIN S_RMT; YYDB; return(REMOTE); } -anonymous { YYD; return(ANONYMOUS); } - /* remote spec */ -{bcl} { BEGIN S_RMTS; return(BOC); } -{ecl} { BEGIN S_INI; return(EOC); } -exchange_mode { YYD; return(EXCHANGE_MODE); } -{comma} { YYD; /* XXX ignored, but to be handled. */ ; } -base { YYD; yylval.num = ISAKMP_ETYPE_BASE; return(EXCHANGETYPE); } -main { YYD; yylval.num = ISAKMP_ETYPE_IDENT; return(EXCHANGETYPE); } -aggressive { YYD; yylval.num = ISAKMP_ETYPE_AGG; return(EXCHANGETYPE); } -doi { YYD; return(DOI); } -ipsec_doi { YYD; yylval.num = IPSEC_DOI; return(DOITYPE); } -situation { YYD; return(SITUATION); } -identity_only { YYD; yylval.num = IPSECDOI_SIT_IDENTITY_ONLY; return(SITUATIONTYPE); } -secrecy { YYD; yylval.num = IPSECDOI_SIT_SECRECY; return(SITUATIONTYPE); } -integrity { YYD; yylval.num = IPSECDOI_SIT_INTEGRITY; return(SITUATIONTYPE); } -identifier { YYD; yywarn("it is obsoleted. use \"my_identifier\"."); return(IDENTIFIER); } -my_identifier { YYD; return(MY_IDENTIFIER); } -peers_identifier { YYD; return(PEERS_IDENTIFIER); } -verify_identifier { YYD; return(VERIFY_IDENTIFIER); } -open_dir_auth_group { YYD; return(OPEN_DIR_AUTH_GROUP); } -certificate_type { YYD; return(CERTIFICATE_TYPE); } -shared_secret { YYD; return(SHARED_SECRET); } -x509 { YYD; yylval.num = ISAKMP_CERT_X509SIGN; return(CERT_X509); } -in_keychain { YYD; return(IN_KEYCHAIN); } -certificate_verification { YYD; return(CERTIFICATE_VERIFICATION); } -peers_certfile { YYD; return(PEERS_CERTFILE); } -dnssec { YYD; return(DNSSEC); } -verify_cert { YYD; return(VERIFY_CERT); } -send_cert { YYD; return(SEND_CERT); } -send_cr { YYD; return(SEND_CR); } -dh_group { YYD; return(DH_GROUP); } -nonce_size { YYD; return(NONCE_SIZE); } -generate_policy { YYD; return(GENERATE_POLICY); } -support_mip6 { YYD; return(SUPPORT_MIP6); } -initial_contact { YYD; return(INITIAL_CONTACT); } -proposal_check { YYD; return(PROPOSAL_CHECK); } -obey { YYD; yylval.num = PROP_CHECK_OBEY; return(PROPOSAL_CHECK_LEVEL); } -strict { YYD; yylval.num = PROP_CHECK_STRICT; return(PROPOSAL_CHECK_LEVEL); } -exact { YYD; yylval.num = PROP_CHECK_EXACT; return(PROPOSAL_CHECK_LEVEL); } -claim { YYD; yylval.num = PROP_CHECK_CLAIM; return(PROPOSAL_CHECK_LEVEL); } -keepalive { YYD; return(KEEPALIVE); } -passive { YYD; return(PASSIVE); } -lifetime { YYD; return(LIFETIME); } -time { YYD; return(LIFETYPE_TIME); } -byte { YYD; return(LIFETYPE_BYTE); } - /* remote proposal */ -proposal { BEGIN S_RMTP; YYDB; return(PROPOSAL); } -{bcl} { return(BOC); } -{ecl} { BEGIN S_RMTS; return(EOC); } -lifetime { YYD; return(LIFETIME); } -time { YYD; return(LIFETYPE_TIME); } -byte { YYD; return(LIFETYPE_BYTE); } -encryption_algorithm { YYD; yylval.num = algclass_isakmp_enc; return(ALGORITHM_CLASS); } -authentication_method { YYD; yylval.num = algclass_isakmp_ameth; return(ALGORITHM_CLASS); } -hash_algorithm { YYD; yylval.num = algclass_isakmp_hash; return(ALGORITHM_CLASS); } -dh_group { YYD; return(DH_GROUP); } -gssapi_id { YYD; return(GSSAPI_ID); } - - /* parameter */ -on { YYD; yylval.num = TRUE; return(SWITCH); } -off { YYD; yylval.num = FALSE; return(SWITCH); } - - /* prefix */ -{slash}{digit}{1,3} { - YYD; - yytext++; - yylval.num = atoi(yytext); - return(PREFIX); - } - - /* port number */ -{blcl}{decstring}{elcl} { - char *p = yytext; - YYD; - while (*++p != ']') ; - *p = NULL; - yytext++; - yylval.num = atoi(yytext); - return(PORT); - } - - /* upper protocol */ -esp { YYD; yylval.num = IPPROTO_ESP; return(UL_PROTO); } -ah { YYD; yylval.num = IPPROTO_AH; return(UL_PROTO); } -ipcomp { YYD; yylval.num = IPPROTO_IPCOMP; return(UL_PROTO); } -icmp { YYD; yylval.num = IPPROTO_ICMP; return(UL_PROTO); } -icmp6 { YYD; yylval.num = IPPROTO_ICMPV6; return(UL_PROTO); } -tcp { YYD; yylval.num = IPPROTO_TCP; return(UL_PROTO); } -udp { YYD; yylval.num = IPPROTO_UDP; return(UL_PROTO); } - - /* algorithm type */ -des_iv64 { YYD; yylval.num = algtype_des_iv64; return(ALGORITHMTYPE); } -des { YYD; yylval.num = algtype_des; return(ALGORITHMTYPE); } -3des { YYD; yylval.num = algtype_3des; return(ALGORITHMTYPE); } -rc5 { YYD; yylval.num = algtype_rc5; return(ALGORITHMTYPE); } -idea { YYD; yylval.num = algtype_idea; return(ALGORITHMTYPE); } -cast128 { YYD; yylval.num = algtype_cast128; return(ALGORITHMTYPE); } -blowfish { YYD; yylval.num = algtype_blowfish; return(ALGORITHMTYPE); } -3idea { YYD; yylval.num = algtype_3idea; return(ALGORITHMTYPE); } -des_iv32 { YYD; yylval.num = algtype_des_iv32; return(ALGORITHMTYPE); } -rc4 { YYD; yylval.num = algtype_rc4; return(ALGORITHMTYPE); } -null_enc { YYD; yylval.num = algtype_null_enc; return(ALGORITHMTYPE); } -rijndael { YYD; yylval.num = algtype_rijndael; return(ALGORITHMTYPE); } -aes { YYD; yylval.num = algtype_rijndael; return(ALGORITHMTYPE); } -twofish { YYD; yylval.num = algtype_twofish; return(ALGORITHMTYPE); } -non_auth { YYD; yylval.num = algtype_non_auth; return(ALGORITHMTYPE); } -hmac_md5 { YYD; yylval.num = algtype_hmac_md5; return(ALGORITHMTYPE); } -hmac_sha1 { YYD; yylval.num = algtype_hmac_sha1; return(ALGORITHMTYPE); } -hmac_sha2_256 { YYD; yylval.num = algtype_hmac_sha2_256; return(ALGORITHMTYPE); } -hmac_sha2_384 { YYD; yylval.num = algtype_hmac_sha2_384; return(ALGORITHMTYPE); } -hmac_sha2_512 { YYD; yylval.num = algtype_hmac_sha2_512; return(ALGORITHMTYPE); } -des_mac { YYD; yylval.num = algtype_des_mac; return(ALGORITHMTYPE); } -kpdk { YYD; yylval.num = algtype_kpdk; return(ALGORITHMTYPE); } -md5 { YYD; yylval.num = algtype_md5; return(ALGORITHMTYPE); } -sha1 { YYD; yylval.num = algtype_sha1; return(ALGORITHMTYPE); } -tiger { YYD; yylval.num = algtype_tiger; return(ALGORITHMTYPE); } -sha2_256 { YYD; yylval.num = algtype_sha2_256; return(ALGORITHMTYPE); } -sha2_384 { YYD; yylval.num = algtype_sha2_384; return(ALGORITHMTYPE); } -sha2_512 { YYD; yylval.num = algtype_sha2_512; return(ALGORITHMTYPE); } -oui { YYD; yylval.num = algtype_oui; return(ALGORITHMTYPE); } -deflate { YYD; yylval.num = algtype_deflate; return(ALGORITHMTYPE); } -lzs { YYD; yylval.num = algtype_lzs; return(ALGORITHMTYPE); } -modp768 { YYD; yylval.num = algtype_modp768; return(ALGORITHMTYPE); } -modp1024 { YYD; yylval.num = algtype_modp1024; return(ALGORITHMTYPE); } -modp1536 { YYD; yylval.num = algtype_modp1536; return(ALGORITHMTYPE); } -ec2n155 { YYD; yylval.num = algtype_ec2n155; return(ALGORITHMTYPE); } -ec2n185 { YYD; yylval.num = algtype_ec2n185; return(ALGORITHMTYPE); } -modp2048 { YYD; yylval.num = algtype_modp2048; return(ALGORITHMTYPE); } -modp3072 { YYD; yylval.num = algtype_modp3072; return(ALGORITHMTYPE); } -modp4096 { YYD; yylval.num = algtype_modp4096; return(ALGORITHMTYPE); } -modp6144 { YYD; yylval.num = algtype_modp6144; return(ALGORITHMTYPE); } -modp8192 { YYD; yylval.num = algtype_modp8192; return(ALGORITHMTYPE); } -pre_shared_key { YYD; yylval.num = algtype_psk; return(ALGORITHMTYPE); } -rsasig { YYD; yylval.num = algtype_rsasig; return(ALGORITHMTYPE); } -dsssig { YYD; yylval.num = algtype_dsssig; return(ALGORITHMTYPE); } -rsaenc { YYD; yylval.num = algtype_rsaenc; return(ALGORITHMTYPE); } -rsarev { YYD; yylval.num = algtype_rsarev; return(ALGORITHMTYPE); } -gssapi_krb { YYD; yylval.num = algtype_gssapikrb; return(ALGORITHMTYPE); } - - /* identifier type */ -vendor_id { YYD; yywarn("it is obsoleted."); return(VENDORID); } -user_fqdn { YYD; yylval.num = IDTYPE_USERFQDN; return(IDENTIFIERTYPE); } -fqdn { YYD; yylval.num = IDTYPE_FQDN; return(IDENTIFIERTYPE); } -keyid { YYD; yylval.num = IDTYPE_KEYID; return(IDENTIFIERTYPE); } -keyid_use { YYD; yylval.num = IDTYPE_KEYIDUSE; return(IDENTIFIERTYPE); } -address { YYD; yylval.num = IDTYPE_ADDRESS; return(IDENTIFIERTYPE); } -asn1dn { YYD; yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); } -certname { YYD; yywarn("certname will be obsoleted in near future."); yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); } - - /* shared secret type */ -use { YYD; yylval.num = SECRETTYPE_USE; return(SECRETTYPE); } -key { YYD; yylval.num = SECRETTYPE_KEY; return(SECRETTYPE); } -keychain { YYD; yylval.num = SECRETTYPE_KEYCHAIN; return(SECRETTYPE); } - - /* certificate verification */ -openssl { YYD; yylval.num = VERIFICATION_MODULE_OPENSSL; return(VERIFICATION_MODULE); } -sec_framework { YYD; yylval.num = VERIFICATION_MODULE_SEC_FRAMEWORK; return(VERIFICATION_MODULE); } -use_open_dir { YYD; yylval.num = VERIFICATION_OPTION_OPEN_DIR; return(VERIFICATION_OPTION); } -use_peers_identifier { YYD; yylval.num = VERIFICATION_OPTION_PEERS_IDENTIFIER; return(VERIFICATION_OPTION); } - - /* units */ -B|byte|bytes { YYD; return(UNITTYPE_BYTE); } -KB { YYD; return(UNITTYPE_KBYTES); } -MB { YYD; return(UNITTYPE_MBYTES); } -TB { YYD; return(UNITTYPE_TBYTES); } -sec|secs|second|seconds { YYD; return(UNITTYPE_SEC); } -min|mins|minute|minutes { YYD; return(UNITTYPE_MIN); } -hour|hours { YYD; return(UNITTYPE_HOUR); } - - /* boolean */ -yes { YYD; yylval.num = TRUE; return(BOOLEAN); } -no { YYD; yylval.num = FALSE; return(BOOLEAN); } - -{decstring} { - char *bp; - - YYD; - yylval.num = strtol(yytext, &bp, 10); - return(NUMBER); - } - -{hexstring} { - char *p; - - YYD; - yylval.val = vmalloc(yyleng + (yyleng & 1) + 1); - if (yylval.val == NULL) { - yyerror("vmalloc failed"); - return -1; - } - - p = yylval.val->v; - *p++ = '0'; - *p++ = 'x'; - - /* fixed string if length is odd. */ - if (yyleng & 1) - *p++ = '0'; - memcpy(p, &yytext[2], yyleng - 1); - - return(HEXSTRING); - } - -{quotedstring} { - u_char *p = yytext; - - YYD; - while (*++p != '"') ; - *p = '\0'; - - yylval.val = vmalloc(yyleng - 1); - if (yylval.val == NULL) { - yyerror("vmalloc failed"); - return -1; - } - memcpy(yylval.val->v, &yytext[1], yylval.val->l); - - return(QUOTEDSTRING); - } - -{addrstring} { - YYD; - - yylval.val = vmalloc(yyleng + 1); - if (yylval.val == NULL) { - yyerror("vmalloc failed"); - return -1; - } - memcpy(yylval.val->v, yytext, yylval.val->l); - - return(ADDRSTRING); - } - -<> { - yy_delete_buffer(YY_CURRENT_BUFFER); - fclose(incstack[incstackp].fp); - incstack[incstackp].fp = -1; - racoon_free(incstack[incstackp].path); - incstack[incstackp].path = NULL; - incstackp--; -nextfile: - if (incstack[incstackp].matchon < incstack[incstackp].matches.gl_pathc) - { - char* filepath = incstack[incstackp].matches.gl_pathv[incstack[incstackp].matchon]; - incstack[incstackp].matchon++; - incstackp++; - if (yycf_set_buffer(filepath) != 0) - { - incstackp--; - goto nextfile; - } - - yy_switch_to_buffer(yy_create_buffer(yyin, YY_BUF_SIZE)); - - BEGIN(S_INI); - } - else - { - globfree(&incstack[incstackp].matches); - if (incstackp == 0) - yyterminate(); - else - yy_switch_to_buffer(incstack[incstackp].prevstate); - } - } - - /* ... */ -{ws} { ; } -{nl} { incstack[incstackp].lineno++; } -{comment} { YYD; } -{semi} { return(EOS); } -. { yymore(); } - -%% - -void -yyerror(char *s, ...) -{ - char fmt[512]; - - va_list ap; -#ifdef HAVE_STDARG_H - va_start(ap, s); -#else - va_start(ap); -#endif - snprintf(fmt, sizeof(fmt), "%s:%d: \"%s\" %s\n", - incstack[incstackp].path, incstack[incstackp].lineno, - yytext, s); - plogv(LLV_ERROR, LOCATION, NULL, fmt, ap); - va_end(ap); - - yyerrorcount++; -} - -void -yywarn(char *s, ...) -{ - char fmt[512]; - - va_list ap; -#ifdef HAVE_STDARG_H - va_start(ap, s); -#else - va_start(ap); -#endif - snprintf(fmt, sizeof(fmt), "%s:%d: \"%s\" %s\n", - incstack[incstackp].path, incstack[incstackp].lineno, - yytext, s); - plogv(LLV_WARNING, LOCATION, NULL, fmt, ap); - va_end(ap); -} - -int -yycf_switch_buffer(path) - char *path; -{ - char* filepath = NULL; - /* got the include file name */ - if (incstackp >= MAX_INCLUDE_DEPTH) { - plog(LLV_ERROR, LOCATION, NULL, - "Includes nested too deeply"); - return -1; - } - - if (glob(path, GLOB_TILDE, NULL, &incstack[incstackp].matches) != 0 || - incstack[incstackp].matches.gl_pathc == 0) - { - plog(LLV_DEBUG, LOCATION, NULL, - "glob found no matches for path\n"); - return 0; - } - incstack[incstackp].matchon = 0; - incstack[incstackp].prevstate = YY_CURRENT_BUFFER; - -nextmatch: - if (incstack[incstackp].matchon >= incstack[incstackp].matches.gl_pathc) return -1; - filepath = incstack[incstackp].matches.gl_pathv[incstack[incstackp].matchon]; - incstack[incstackp].matchon++; - incstackp++; - - if (yycf_set_buffer(filepath) != 0) - { - incstackp--; - goto nextmatch; - } - - yy_switch_to_buffer(yy_create_buffer(yyin, YY_BUF_SIZE)); - - BEGIN(S_INI); - - return 0; -} - -int -yycf_set_buffer(path) - char *path; -{ - yyin = fopen(path, "r"); - if (yyin == NULL) { - fprintf(stderr, "failed to open file %s (%s)\n", - path, strerror(errno)); - plog(LLV_ERROR, LOCATION, NULL, - "failed to open file %s (%s)\n", - path, strerror(errno)); - return -1; - } - - /* initialize */ - incstack[incstackp].fp = yyin; - incstack[incstackp].path = strdup(path); - incstack[incstackp].lineno = 1; - plog(LLV_DEBUG, LOCATION, NULL, - "reading config file %s\n", - path, 0); - - return 0; -} - -void -yycf_init_buffer() -{ - int i; - - for (i = 0; i < MAX_INCLUDE_DEPTH; i++) - memset(&incstack[i], 0, sizeof(incstack[i])); - incstackp = 0; -} - -void -yycf_clean_buffer() -{ - int i; - - for (i = 0; i < MAX_INCLUDE_DEPTH; i++) { - if (incstack[i].path != NULL) { - if (incstack[i].fp >= 0) - fclose(incstack[i].fp); - racoon_free(incstack[i].path); - incstack[i].path = NULL; - } - } -} - diff --git a/racoon.tproj/crypto_cssm.c b/racoon.tproj/crypto_cssm.c deleted file mode 100644 index aa6f83b..0000000 --- a/racoon.tproj/crypto_cssm.c +++ /dev/null @@ -1,534 +0,0 @@ - -/* - * Copyright (c) 2001-2004 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. - * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - - -/* - * Racoon module for verifying and signing certificates through Security - * Framework and CSSM - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "plog.h" -#include "debug.h" -#include "misc.h" - -#include "crypto_cssm.h" - - - -static OSStatus FindPolicy(const CSSM_OID *policyOID, SecPolicyRef *policyRef); -static OSStatus EvaluateCert(SecCertificateRef cert, CFTypeRef policyRef); -static OSStatus CopySystemKeychain(SecKeychainRef *keychainRef); -static const char *GetSecurityErrorString(OSStatus err); - - -/* - * Verify cert using security framework - */ -int crypto_cssm_check_x509cert(vchar_t *cert) -{ - OSStatus status; - SecCertificateRef certRef = 0; - CSSM_DATA certData; - CSSM_OID ourPolicyOID = CSSMOID_APPLE_TP_IP_SEC; - SecPolicyRef policyRef = 0; - - // create cert ref - certData.Length = cert->l; - certData.Data = cert->v; - status = SecCertificateCreateFromData(&certData, CSSM_CERT_X_509v3, CSSM_CERT_ENCODING_DER, - &certRef); - if (status != noErr) - goto end; - - // get our policy object - status = FindPolicy(&ourPolicyOID, &policyRef); - if (status != noErr) - goto end; - - // setup policy options ??? - // no options used at present - verification of subjectAltName fields, etc. - // are done elsewhere in racoon in oakley_check_certid() - - // evaluate cert - status = EvaluateCert(certRef, policyRef); - - -end: - - if (certRef) - CFRelease(certRef); - if (policyRef) - CFRelease(policyRef); - - if (status != noErr && status != -1) { - plog(LLV_ERROR, LOCATION, NULL, - "error %d %s.\n", status, GetSecurityErrorString(status)); - status = -1; - } - return status; - -} - -/* - * Encrypt a hash via CSSM using the private key in the keychain - * from an identity. - */ -vchar_t* crypto_cssm_getsign(CFDataRef persistentCertRef, vchar_t* hash) -{ - - OSStatus status; - SecCertificateRef certificateRef = NULL; - SecIdentityRef identityRef = NULL; - SecIdentitySearchRef idSearchRef = NULL; - SecKeychainRef keychainRef = NULL; - SecKeyRef privateKeyRef = NULL; - const CSSM_KEY *cssmKey = NULL; - CSSM_CSP_HANDLE cspHandle = nil; - CSSM_CC_HANDLE cssmContextHandle = nil; - const CSSM_ACCESS_CREDENTIALS *credentials = NULL; - uint32 bytesEncrypted = 0; - CSSM_DATA clearData; - CSSM_DATA cipherData; - CSSM_DATA remData; - CSSM_CONTEXT_ATTRIBUTE newAttr; - vchar_t *sig = NULL; - - remData.Length = 0; - remData.Data = 0; - - if (persistentCertRef) { - // get cert from keychain - status = SecKeychainItemCopyFromPersistentReference(persistentCertRef, (SecKeychainItemRef*)&certificateRef); - if (status != noErr) - goto end; - - // get keychain ref where cert is contained - status = SecKeychainItemCopyKeychain((SecKeychainItemRef)certificateRef, &keychainRef); - if (status != noErr) - goto end; - - // get identity from the certificate - status = SecIdentityCreateWithCertificate(keychainRef, certificateRef, &identityRef); - if (status != noErr) - goto end; - - } else { - // copy system keychain - status = CopySystemKeychain(&keychainRef); - if (status != noErr) - goto end; - - // serach for first identity in system keychain - status = SecIdentitySearchCreate(keychainRef, CSSM_KEYUSE_SIGN, &idSearchRef); - if (status != noErr) - goto end; - - status = SecIdentitySearchCopyNext(idSearchRef, &identityRef); - if (status != noErr) - goto end; - - // get certificate from identity - status = SecIdentityCopyCertificate(identityRef, &certificateRef); - if (status != noErr) - goto end; - } - - - // get private key from identity - status = SecIdentityCopyPrivateKey(identityRef, &privateKeyRef); - if (status != noErr) - goto end; - - // get CSSM_KEY pointer from key ref - status = SecKeyGetCSSMKey(privateKeyRef, &cssmKey); - if (status != noErr) - goto end; - - // get CSSM CSP handle - status = SecKeychainGetCSPHandle(keychainRef, &cspHandle); - if (status != noErr) - goto end; - - // create CSSM credentials to unlock private key for encryption - no UI to be used - status = SecKeyGetCredentials(privateKeyRef, CSSM_ACL_AUTHORIZATION_ENCRYPT, - kSecCredentialTypeNoUI, &credentials); - if (status != noErr) - goto end; - - // create asymmetric context for encryption - status = CSSM_CSP_CreateAsymmetricContext(cspHandle, CSSM_ALGID_RSA, credentials, cssmKey, - CSSM_PADDING_PKCS1, &cssmContextHandle); - if (status != noErr) - goto end; - - // add mode attribute to use private key for encryption - newAttr.AttributeType = CSSM_ATTRIBUTE_MODE; - newAttr.AttributeLength = sizeof(uint32); - newAttr.Attribute.Data = (CSSM_DATA_PTR)CSSM_ALGMODE_PRIVATE_KEY; - status = CSSM_UpdateContextAttributes(cssmContextHandle, 1, &newAttr); - if(status != noErr) - goto end; - - // and finally - encrypt data - clearData.Length = hash->l; - clearData.Data = hash->v; - cipherData.Length = 0; - cipherData.Data = NULL; - status = CSSM_EncryptData(cssmContextHandle, &clearData, 1, &cipherData, 1, &bytesEncrypted, - &remData); - if (status != noErr) - goto end; - - if (remData.Length != 0) { // something didn't go right - should be zero - status = -1; - plog(LLV_ERROR, LOCATION, NULL, - "unencrypted data remaining after encrypting hash.\n"); - goto end; - } - - // alloc buffer for result - sig = vmalloc(cipherData.Length); - if (sig == NULL) - goto end; - - sig->v = cipherData.Data; - -end: - if (certificateRef) - CFRelease(certificateRef); - if (keychainRef) - CFRelease(keychainRef); - if (identityRef) - CFRelease(identityRef); - if (privateKeyRef) - CFRelease(privateKeyRef); - if (idSearchRef) - CFRelease(idSearchRef); - if (cssmContextHandle) - CSSM_DeleteContext(cssmContextHandle); - if (status != noErr) { - if (sig) { - vfree(sig); - sig = NULL; - } - } - - if (status != noErr && status != -1) { - plog(LLV_ERROR, LOCATION, NULL, - "error %d %s.\n", status, GetSecurityErrorString(status)); - status = -1; - } - return sig; - -} - - -/* - * Retrieve a cert from the keychain - */ -vchar_t* crypto_cssm_get_x509cert(CFDataRef persistentCertRef) -{ - - OSStatus status; - CSSM_DATA cssmData; - vchar_t *cert = NULL; - SecIdentityRef identityRef = NULL; - SecIdentitySearchRef idSearchRef = NULL; - SecKeychainRef keychainRef = NULL; - SecCertificateRef certificateRef = NULL; - - - // get cert ref - if (persistentCertRef) { - status = SecKeychainItemCopyFromPersistentReference(persistentCertRef, (SecKeychainItemRef*)&certificateRef); - if (status != noErr) - goto end; - } else { - // copy system keychain - status = CopySystemKeychain(&keychainRef); - if (status != noErr) - goto end; - - // find first identity in system keychain - status = SecIdentitySearchCreate(keychainRef, CSSM_KEYUSE_SIGN, &idSearchRef); - if (status != noErr) - goto end; - - status = SecIdentitySearchCopyNext(idSearchRef, &identityRef); - if (status != noErr) - goto end; - - // get certificate from identity - status = SecIdentityCopyCertificate(identityRef, &certificateRef); - if (status != noErr) - goto end; - - } - - // get certificate data - cssmData.Length = 0; - cssmData.Data = NULL; - status = SecCertificateGetData(certificateRef, &cssmData); - if (status != noErr) - goto end; - - if (cssmData.Length == 0) - goto end; - - cert = vmalloc(cssmData.Length); - if (cert == NULL) - goto end; - - // cssmData struct just points to the data - // data must be copied to be returned - memcpy(cert->v, cssmData.Data, cssmData.Length); - -end: - if (certificateRef) - CFRelease(certificateRef); - if (identityRef) - CFRelease(identityRef); - if (idSearchRef) - CFRelease(idSearchRef); - if (keychainRef) - CFRelease(keychainRef); - - if (status != noErr && status != -1) { - plog(LLV_ERROR, LOCATION, NULL, - "error %d %s.\n", status, GetSecurityErrorString(status)); - status = -1; - } - return cert; - -} - - -/* - * Find a policy ref by OID - */ -static OSStatus FindPolicy(const CSSM_OID *policyOID, SecPolicyRef *policyRef) -{ - - OSStatus status; - SecPolicySearchRef searchRef = nil; - - status = SecPolicySearchCreate(CSSM_CERT_X_509v3, policyOID, NULL, &searchRef); - if (status != noErr) - goto end; - - status = SecPolicySearchCopyNext(searchRef, policyRef); - -end: - if (searchRef) - CFRelease(searchRef); - - if (status != noErr) { - plog(LLV_ERROR, LOCATION, NULL, - "error %d %s.\n", status, GetSecurityErrorString(status)); - status = -1; - } - return status; -} - - -/* - * Evaluate the trust of a cert using the policy provided - */ -static OSStatus EvaluateCert(SecCertificateRef cert, CFTypeRef policyRef) -{ - OSStatus status; - SecTrustRef trustRef = 0; - SecTrustResultType evalResult; - - SecCertificateRef evalCertArray[1] = { cert }; - - CFArrayRef cfCertRef = CFArrayCreate((CFAllocatorRef) NULL, (void*)evalCertArray, 1, - &kCFTypeArrayCallBacks); - - if (!cfCertRef) { - plog(LLV_ERROR, LOCATION, NULL, - "unable to create CFArray.\n"); - return -1; - } - - status = SecTrustCreateWithCertificates(cfCertRef, policyRef, &trustRef); - if (status != noErr) - goto end; - - status = SecTrustEvaluate(trustRef, &evalResult); - if (status != noErr) - goto end; - - if (evalResult != kSecTrustResultProceed && evalResult != kSecTrustResultUnspecified) { - plog(LLV_ERROR, LOCATION, NULL, - "error evaluating certificate.\n"); - status = -1; - } - - -end: - if (cfCertRef) - CFRelease(cfCertRef); - if (trustRef) - CFRelease(trustRef); - - if (status != noErr && status != -1) { - plog(LLV_ERROR, LOCATION, NULL, - "error %d %s.\n", status, GetSecurityErrorString(status)); - status = -1; - } - return status; -} - - -/* - * Copy the system keychain - */ -static OSStatus CopySystemKeychain(SecKeychainRef *keychainRef) -{ - - OSStatus status; - - status = SecKeychainSetPreferenceDomain(kSecPreferencesDomainSystem); - if (status != noErr) - goto end; - - status = SecKeychainCopyDomainDefault(kSecPreferencesDomainSystem, keychainRef); - -end: - - if (status != noErr) { - plog(LLV_ERROR, LOCATION, NULL, - "error %d %s.\n", status, GetSecurityErrorString(status)); - status = -1; - } - return status; - -} - - -/* - * Return string representation of Security-related OSStatus. - */ -const char * -GetSecurityErrorString(OSStatus err) -{ - switch(err) { - case noErr: - return "noErr"; - case memFullErr: - return "memFullErr"; - case paramErr: - return "paramErr"; - case unimpErr: - return "unimpErr"; - - /* SecBase.h: */ - case errSecNotAvailable: - return "errSecNotAvailable"; - case errSecReadOnly: - return "errSecReadOnly"; - case errSecAuthFailed: - return "errSecAuthFailed"; - case errSecNoSuchKeychain: - return "errSecNoSuchKeychain"; - case errSecInvalidKeychain: - return "errSecInvalidKeychain"; - case errSecDuplicateKeychain: - return "errSecDuplicateKeychain"; - case errSecDuplicateCallback: - return "errSecDuplicateCallback"; - case errSecInvalidCallback: - return "errSecInvalidCallback"; - case errSecDuplicateItem: - return "errSecDuplicateItem"; - case errSecItemNotFound: - return "errSecItemNotFound"; - case errSecBufferTooSmall: - return "errSecBufferTooSmall"; - case errSecDataTooLarge: - return "errSecDataTooLarge"; - case errSecNoSuchAttr: - return "errSecNoSuchAttr"; - case errSecInvalidItemRef: - return "errSecInvalidItemRef"; - case errSecInvalidSearchRef: - return "errSecInvalidSearchRef"; - case errSecNoSuchClass: - return "errSecNoSuchClass"; - case errSecNoDefaultKeychain: - return "errSecNoDefaultKeychain"; - case errSecInteractionNotAllowed: - return "errSecInteractionNotAllowed"; - case errSecReadOnlyAttr: - return "errSecReadOnlyAttr"; - case errSecWrongSecVersion: - return "errSecWrongSecVersion"; - case errSecKeySizeNotAllowed: - return "errSecKeySizeNotAllowed"; - case errSecNoStorageModule: - return "errSecNoStorageModule"; - case errSecNoCertificateModule: - return "errSecNoCertificateModule"; - case errSecNoPolicyModule: - return "errSecNoPolicyModule"; - case errSecInteractionRequired: - return "errSecInteractionRequired"; - case errSecDataNotAvailable: - return "errSecDataNotAvailable"; - case errSecDataNotModifiable: - return "errSecDataNotModifiable"; - case errSecCreateChainFailed: - return "errSecCreateChainFailed"; - case errSecACLNotSimple: - return "errSecACLNotSimple"; - case errSecPolicyNotFound: - return "errSecPolicyNotFound"; - case errSecInvalidTrustSetting: - return "errSecInvalidTrustSetting"; - case errSecNoAccessForItem: - return "errSecNoAccessForItem"; - case errSecInvalidOwnerEdit: - return "errSecInvalidOwnerEdit"; - default: - return ""; - } -} - diff --git a/racoon.tproj/crypto_cssm.h b/racoon.tproj/crypto_cssm.h deleted file mode 100644 index 6152770..0000000 --- a/racoon.tproj/crypto_cssm.h +++ /dev/null @@ -1,41 +0,0 @@ - -/* - * Copyright (c) 2001-2004 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. - * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - -#ifndef __CRYPTO_CSSM_H__ -#define __CRYPTO_CSSM_H__ - -/* - * Racoon module for verifying and signing certificates through Security - * Framework and CSSM - */ - -#include "vmbuf.h" - - -extern int crypto_cssm_check_x509cert(vchar_t *cert); -extern vchar_t* crypto_cssm_getsign(CFDataRef persistentCertRef, vchar_t* hash); -extern vchar_t* crypto_cssm_get_x509cert(CFDataRef persistentCertRef); - - -#endif /* __CRYPTO_CSSM_H__ */ - diff --git a/racoon.tproj/crypto_openssl.c b/racoon.tproj/crypto_openssl.c deleted file mode 100644 index 37bd183..0000000 --- a/racoon.tproj/crypto_openssl.c +++ /dev/null @@ -1,2373 +0,0 @@ -/* $KAME: crypto_openssl.c,v 1.73 2003/04/24 02:21:22 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include - -#include -#include -#include -#include - -/* get openssl/ssleay version number */ -#ifdef HAVE_OPENSSL_OPENSSLV_H -# include -#else -# error no opensslv.h found. -#endif - -#ifndef OPENSSL_VERSION_NUMBER -#error OPENSSL_VERSION_NUMBER is not defined. OpenSSL0.9.4 or later required. -#endif - -#ifdef HAVE_OPENSSL_PEM_H -#include -#endif -#ifdef HAVE_OPENSSL_EVP_H -#include -#endif -#ifdef HAVE_OPENSSL_X509_H -#include -#include -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_OPENSSL_IDEA_H -#include -#endif -#include -#ifdef HAVE_OPENSSL_RC5_H -#include -#endif -#include -#include -#ifdef HAVE_OPENSSL_RIJNDAEL_H -#include -#else -#include "rijndael-api-fst.h" -#endif -#ifdef HAVE_OPENSSL_SHA2_H -#include -#else -#include "sha2.h" -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "crypto_openssl.h" -#include "debug.h" -#include "gcmalloc.h" - -/* - * I hate to cast every parameter to des_xx into void *, but it is - * necessary for SSLeay/OpenSSL portability. It sucks. - */ - -#ifdef HAVE_SIGNING_C -static int cb_check_cert_local __P((int, X509_STORE_CTX *)); -static int cb_check_cert_remote __P((int, X509_STORE_CTX *)); -static X509 *mem2x509 __P((vchar_t *)); -#endif - -static caddr_t eay_hmac_init __P((vchar_t *, const EVP_MD *)); - -#ifdef HAVE_SIGNING_C -/* X509 Certificate */ -/* - * convert the string of the subject name into DER - * e.g. str = "C=JP, ST=Kanagawa"; - */ -vchar_t * -eay_str2asn1dn(str, len) - char *str; - int len; -{ - X509_NAME *name; - char *buf; - char *field, *value; - int i, j; - vchar_t *ret; - caddr_t p; - - buf = racoon_malloc(len + 1); - if (!buf) { - printf("failed to allocate buffer\n"); - return NULL; - } - memcpy(buf, str, len); - - name = X509_NAME_new(); - - field = &buf[0]; - value = NULL; - for (i = 0; i < len; i++) { - if (!value && buf[i] == '=') { - buf[i] = '\0'; - value = &buf[i + 1]; - continue; - } else if (buf[i] == ',' || buf[i] == '/') { - buf[i] = '\0'; -#if 0 - printf("[%s][%s]\n", field, value); -#endif - if (!X509_NAME_add_entry_by_txt(name, field, - MBSTRING_ASC, value, -1, -1, 0)) - goto err; - for (j = i + 1; j < len; j++) { - if (buf[j] != ' ') - break; - } - field = &buf[j]; - value = NULL; - continue; - } - } - buf[len] = '\0'; -#if 0 - printf("[%s][%s]\n", field, value); -#endif - if (!X509_NAME_add_entry_by_txt(name, field, - MBSTRING_ASC, value, -1, -1, 0)) - goto err; - - i = i2d_X509_NAME(name, NULL); - if (!i) - goto err; - ret = vmalloc(i); - if (!ret) - goto err; - p = ret->v; - i = i2d_X509_NAME(name, (unsigned char **)&p); - if (!i) - goto err; - - return ret; - - err: - if (buf) - racoon_free(buf); - if (name) - X509_NAME_free(name); - return NULL; -} - -/* - * compare two subjectNames. - * OUT: 0: equal - * positive: - * -1: other error. - */ -int -eay_cmp_asn1dn(n1, n2) - vchar_t *n1, *n2; -{ - X509_NAME *a = NULL, *b = NULL; - caddr_t p; - int i = -1; - - p = n1->v; - if (!d2i_X509_NAME(&a, (unsigned char **)&p, n1->l)) - goto end; - p = n2->v; - if (!d2i_X509_NAME(&b, (unsigned char **)&p, n2->l)) - goto end; - - i = X509_NAME_cmp(a, b); - - end: - if (a) - X509_NAME_free(a); - if (b) - X509_NAME_free(b); - return i; -} - -/* - * this functions is derived from apps/verify.c in OpenSSL0.9.5 - */ -int -eay_check_x509cert(cert, CApath, local) - vchar_t *cert; - char *CApath; - int local; -{ - X509_STORE *cert_ctx = NULL; - X509_LOOKUP *lookup = NULL; - X509 *x509 = NULL; -#if OPENSSL_VERSION_NUMBER >= 0x00905100L - X509_STORE_CTX *csc; -#else - X509_STORE_CTX csc; -#endif - int error = -1; - - /* XXX define only functions required. */ -#if OPENSSL_VERSION_NUMBER >= 0x00905100L - OpenSSL_add_all_algorithms(); -#else - SSLeay_add_all_algorithms(); -#endif - - cert_ctx = X509_STORE_new(); - if (cert_ctx == NULL) - goto end; - - if (local) - X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_local); - else - X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_remote); - - lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file()); - if (lookup == NULL) - goto end; - X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); /* XXX */ - - lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir()); - if (lookup == NULL) - goto end; - error = X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM); - if(!error) { - error = -1; - goto end; - } - error = -1; /* initialized */ - - /* read the certificate to be verified */ - x509 = mem2x509(cert); - if (x509 == NULL) - goto end; - -#if OPENSSL_VERSION_NUMBER >= 0x00905100L - csc = X509_STORE_CTX_new(); - if (csc == NULL) - goto end; - X509_STORE_CTX_init(csc, cert_ctx, x509, NULL); - -#if OPENSSL_VERSION_NUMBER >= 0x00907000L - X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CRL_CHECK); - X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CRL_CHECK_ALL); -#endif - - error = X509_verify_cert(csc); - X509_STORE_CTX_cleanup(csc); -#else - X509_STORE_CTX_init(&csc, cert_ctx, x509, NULL); - error = X509_verify_cert(&csc); - X509_STORE_CTX_cleanup(&csc); -#endif - - /* - * if x509_verify_cert() is successful then the value of error is - * set non-zero. - */ - error = error ? 0 : -1; - - end: - if (error) - printf("%s\n", eay_strerror()); - if (cert_ctx != NULL) - X509_STORE_free(cert_ctx); - if (x509 != NULL) - X509_free(x509); - - return(error); -} - -/* - * callback function for verifing certificate. - * Derived from cb() in openssl/apps/s_server.c - * - * This one is called for certificates obtained from - * 'peers_certfile' directive. - */ -static int -cb_check_cert_local(ok, ctx) - int ok; - X509_STORE_CTX *ctx; -{ - char buf[256]; - int log_tag; - - if (!ok) { - X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), - buf, - 256); - /* - * since we are just checking the certificates, it is - * ok if they are self signed. But we should still warn - * the user. - */ - switch (ctx->error) { - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: -#if OPENSSL_VERSION_NUMBER >= 0x00905100L - case X509_V_ERR_INVALID_PURPOSE: - case X509_V_ERR_UNABLE_TO_GET_CRL: -#endif - ok = 1; - log_tag = LLV_WARNING; - break; - - default: - log_tag = LLV_ERROR; - } - - -#ifndef EAYDEBUG - plog(log_tag, LOCATION, NULL, - "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, - buf); -#else - printf("%d: %s(%d) at depth:%d SubjectName:%s\n", - log_tag, - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, - buf); -#endif - } - ERR_clear_error(); - - return ok; -} - -/* - * Similar to cb_check_cert_local() but this one is called - * for certificates obtained from the IKE payload. - */ -static int -cb_check_cert_remote(ok, ctx) - int ok; - X509_STORE_CTX *ctx; -{ - char buf[256]; - int log_tag; - - if (!ok) { - X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), - buf, - 256); - switch (ctx->error) { - case X509_V_ERR_UNABLE_TO_GET_CRL: - ok = 1; - log_tag = LLV_WARNING; - break; - default: - log_tag = LLV_ERROR; - } -#ifndef EAYDEBUG - plog(log_tag, LOCATION, NULL, - "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, - buf); -#else - printf("%d: %s(%d) at depth:%d SubjectName:%s\n", - log_tag, - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, - buf); -#endif - } - ERR_clear_error(); - - return ok; -} - -/* - * get a subjectAltName from X509 certificate. - */ -vchar_t * -eay_get_x509asn1subjectname(cert) - vchar_t *cert; -{ - X509 *x509 = NULL; - u_char *bp; - vchar_t *name = NULL; - int len; - int error = -1; - - bp = cert->v; - - x509 = mem2x509(cert); - if (x509 == NULL) - goto end; - - /* get the length of the name */ - len = i2d_X509_NAME(x509->cert_info->subject, NULL); - name = vmalloc(len); - if (!name) - goto end; - /* get the name */ - bp = name->v; - len = i2d_X509_NAME(x509->cert_info->subject, &bp); - - error = 0; - - end: - if (error) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#else - printf("%s\n", eay_strerror()); -#endif - if (name) { - vfree(name); - name = NULL; - } - } - if (x509) - X509_free(x509); - - return name; -} - -/* - * Get the common name from a cert - */ -#define EAY_MAX_CN_LEN 256 -vchar_t * -eay_get_x509_common_name(cert) - vchar_t *cert; -{ - X509 *x509 = NULL; - X509_NAME *name; - vchar_t *commonName = NULL; - - commonName = vmalloc(EAY_MAX_CN_LEN); - if (commonName == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "no memory\n"); - return NULL; - } - - x509 = mem2x509(cert); - if (x509 == NULL) { - vfree(commonName); - return NULL; - } - - name = X509_get_subject_name(x509); - X509_NAME_get_text_by_NID(name, NID_commonName, commonName->v, EAY_MAX_CN_LEN); - - commonName->l = strlen(commonName->v); - - if (x509) - X509_free(x509); - return commonName; -} - -/* - * get the subjectAltName from X509 certificate. - * the name must be terminated by '\0'. - */ -int -eay_get_x509subjectaltname(cert, altname, type, pos, len) - vchar_t *cert; - char **altname; - int *type; - int pos; - int *len; -{ - X509 *x509 = NULL; - int i; - GENERAL_NAMES *gens; - GENERAL_NAME *gen; - int error = -1; - - *altname = NULL; - *type = GENT_OTHERNAME; - - x509 = mem2x509(cert); - if (x509 == NULL) - goto end; - - gens = X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL); - if (gens == NULL) - goto end; - - for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { - if (i + 1 != pos) - continue; - break; - } - - /* there is no data at "pos" */ - if (i == sk_GENERAL_NAME_num(gens)) - goto end; - - gen = sk_GENERAL_NAME_value(gens, i); - - /* make sure the data is terminated by '\0'. */ - if (gen->d.ia5->data[gen->d.ia5->length] != '\0') { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "data is not terminated by '\0'."); -#endif - hexdump(gen->d.ia5->data, gen->d.ia5->length + 1); - goto end; - } - - *len = gen->d.ia5->length + 1; - *altname = racoon_malloc(*len); - if (!*altname) - goto end; - - strlcpy(*altname, gen->d.ia5->data, *len); - *type = gen->type; - - error = 0; - - end: - if (error) { - if (*altname) { - racoon_free(*altname); - *altname = NULL; - } -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#else - printf("%s\n", eay_strerror()); -#endif - } - if (x509) - X509_free(x509); - - return error; -} - - -/* - * decode a X509 certificate and make a readable text terminated '\n'. - * return the buffer allocated, so must free it later. - */ -char * -eay_get_x509text(cert) - vchar_t *cert; -{ - X509 *x509 = NULL; - BIO *bio = NULL; - char *text = NULL; - u_char *bp = NULL; - int len = 0; - int error = -1; - - x509 = mem2x509(cert); - if (x509 == NULL) - goto end; - - bio = BIO_new(BIO_s_mem()); - if (bio == NULL) - goto end; - - error = X509_print(bio, x509); - if (error != 1) { - error = -1; - goto end; - } - - len = BIO_get_mem_data(bio, &bp); - text = racoon_malloc(len + 1); - if (text == NULL) - goto end; - memcpy(text, bp, len); - text[len] = '\0'; - - error = 0; - - end: - if (error) { - if (text) { - racoon_free(text); - text = NULL; - } -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#else - printf("%s\n", eay_strerror()); -#endif - } - if (bio) - BIO_free(bio); - if (x509) - X509_free(x509); - - return text; -} - -/* get X509 structure from buffer. */ -static X509 * -mem2x509(cert) - vchar_t *cert; -{ - X509 *x509; - -#ifndef EAYDEBUG - { - u_char *bp; - - bp = cert->v; - - x509 = d2i_X509(NULL, &bp, cert->l); - } -#else - { - BIO *bio; - int len; - - bio = BIO_new(BIO_s_mem()); - if (bio == NULL) - return NULL; - len = BIO_write(bio, cert->v, cert->l); - if (len == -1) - return NULL; - x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); - BIO_free(bio); - } -#endif - return x509; -} - -/* - * get a X509 certificate from local file. - * a certificate must be PEM format. - * Input: - * path to a certificate. - * Output: - * NULL if error occured - * other is the cert. - */ -vchar_t * -eay_get_x509cert(path) - char *path; -{ - FILE *fp; - X509 *x509; - vchar_t *cert; - u_char *bp; - int len; - int error; - - /* Read private key */ - fp = fopen(path, "r"); - if (fp == NULL) - return NULL; -#if OPENSSL_VERSION_NUMBER >= 0x00904100L - x509 = PEM_read_X509(fp, NULL, NULL, NULL); -#else - x509 = PEM_read_X509(fp, NULL, NULL); -#endif - fclose (fp); - - if (x509 == NULL) - return NULL; - - len = i2d_X509(x509, NULL); - cert = vmalloc(len); - if (cert == NULL) { - X509_free(x509); - return NULL; - } - bp = cert->v; - error = i2d_X509(x509, &bp); - X509_free(x509); - - if (error == 0) - return NULL; - - return cert; -} - -/* - * sign a souce by X509 signature. - * XXX: to be get hash type from my cert ? - * to be handled EVP_dss(). - */ -vchar_t * -eay_get_x509sign(source, privkey, cert) - vchar_t *source; - vchar_t *privkey; - vchar_t *cert; -{ - vchar_t *sig = NULL; - - sig = eay_rsa_sign(source, privkey); - - return sig; -} - -/* - * check a X509 signature - * XXX: to be get hash type from my cert ? - * to be handled EVP_dss(). - * OUT: return -1 when error. - * 0 - */ -int -eay_check_x509sign(source, sig, cert) - vchar_t *source; - vchar_t *sig; - vchar_t *cert; -{ - X509 *x509; - u_char *bp; - EVP_PKEY *evp; - - bp = cert->v; - - x509 = d2i_X509(NULL, &bp, cert->l); - if (x509 == NULL) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#endif - return -1; - } - - evp = X509_get_pubkey(x509); - if (!evp) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "X509_get_pubkey: %s\n", eay_strerror()); -#endif - return -1; - } - - return eay_rsa_verify(source, sig, evp); -} - -/* - * check a signature by signed with PKCS7 certificate. - * XXX: to be get hash type from my cert ? - * to be handled EVP_dss(). - * OUT: return -1 when error. - * 0 - */ -int -eay_check_pkcs7sign(source, sig, cert) - vchar_t *source; - vchar_t *sig; - vchar_t *cert; -{ - X509 *x509; - EVP_MD_CTX md_ctx; - EVP_PKEY *evp; - int error; - BIO *bio = BIO_new(BIO_s_mem()); - char *bp; - - if (bio == NULL) - return -1; - error = BIO_write(bio, cert->v, cert->l); - if (error != cert->l) - return -1; - - bp = cert->v; - x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); - BIO_free(bio); - if (x509 == NULL) - return -1; - - evp = X509_get_pubkey(x509); - X509_free(x509); - if (evp == NULL) - return -1; - - /* Verify the signature */ - /* XXX: to be handled EVP_dss() */ - EVP_VerifyInit(&md_ctx, EVP_sha1()); - EVP_VerifyUpdate(&md_ctx, source->v, source->l); - error = EVP_VerifyFinal(&md_ctx, sig->v, sig->l, evp); - - EVP_PKEY_free(evp); - - if (error != 1) - return -1; - - return 0; -} - -/* - * get PKCS#1 Private Key of PEM format from local file. - */ -vchar_t * -eay_get_pkcs1privkey(path) - char *path; -{ - FILE *fp; - EVP_PKEY *evp = NULL; - vchar_t *pkey = NULL; - u_char *bp; - int pkeylen; - int error = -1; - - /* Read private key */ - fp = fopen(path, "r"); - if (fp == NULL) - return NULL; - -#if OPENSSL_VERSION_NUMBER >= 0x00904100L - evp = PEM_read_PrivateKey(fp, NULL, NULL, NULL); -#else - evp = PEM_read_PrivateKey(fp, NULL, NULL); -#endif - fclose (fp); - - if (evp == NULL) - return NULL; - - pkeylen = i2d_PrivateKey(evp, NULL); - if (pkeylen == 0) - goto end; - pkey = vmalloc(pkeylen); - if (pkey == NULL) - goto end; - bp = pkey->v; - pkeylen = i2d_PrivateKey(evp, &bp); - if (pkeylen == 0) - goto end; - - error = 0; - -end: - if (evp != NULL) - EVP_PKEY_free(evp); - if (error != 0 && pkey != NULL) { - vfree(pkey); - pkey = NULL; - } - - return pkey; -} - -/* - * get PKCS#1 Public Key of PEM format from local file. - */ -vchar_t * -eay_get_pkcs1pubkey(path) - char *path; -{ - FILE *fp; - EVP_PKEY *evp = NULL; - vchar_t *pkey = NULL; - X509 *x509 = NULL; - u_char *bp; - int pkeylen; - int error = -1; - - /* Read private key */ - fp = fopen(path, "r"); - if (fp == NULL) - return NULL; - -#if OPENSSL_VERSION_NUMBER >= 0x00904100L - x509 = PEM_read_X509(fp, NULL, NULL, NULL); -#else - x509 = PEM_read_X509(fp, NULL, NULL); -#endif - fclose (fp); - - if (x509 == NULL) - return NULL; - - /* Get public key - eay */ - evp = X509_get_pubkey(x509); - if (evp == NULL) - return NULL; - - pkeylen = i2d_PublicKey(evp, NULL); - if (pkeylen == 0) - goto end; - pkey = vmalloc(pkeylen); - if (pkey == NULL) - goto end; - bp = pkey->v; - pkeylen = i2d_PublicKey(evp, &bp); - if (pkeylen == 0) - goto end; - - error = 0; -end: - if (evp != NULL) - EVP_PKEY_free(evp); - if (error != 0 && pkey != NULL) { - vfree(pkey); - pkey = NULL; - } - - return pkey; -} -#endif - -vchar_t * -eay_rsa_sign(src, privkey) - vchar_t *src, *privkey; -{ - EVP_PKEY *evp; - u_char *bp = privkey->v; - vchar_t *sig = NULL; - int len; - int pad = RSA_PKCS1_PADDING; - - /* XXX to be handled EVP_PKEY_DSA */ - evp = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &bp, privkey->l); - if (evp == NULL) - return NULL; - - /* XXX: to be handled EVP_dss() */ - /* XXX: Where can I get such parameters ? From my cert ? */ - - len = RSA_size(evp->pkey.rsa); - - sig = vmalloc(len); - if (sig == NULL) - return NULL; - - len = RSA_private_encrypt(src->l, src->v, sig->v, evp->pkey.rsa, pad); - EVP_PKEY_free(evp); - if (len == 0 || len != sig->l) { - vfree(sig); - sig = NULL; - } - - return sig; -} - -int -eay_rsa_verify(src, sig, evp) - vchar_t *src, *sig; - EVP_PKEY *evp; -{ - vchar_t *xbuf = NULL; - int pad = RSA_PKCS1_PADDING; - int len = 0; - int error; - - len = RSA_size(evp->pkey.rsa); - - xbuf = vmalloc(len); - if (xbuf == NULL) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#endif - EVP_PKEY_free(evp); - return -1; - } - - len = RSA_public_decrypt(sig->l, sig->v, xbuf->v, evp->pkey.rsa, pad); -#ifndef EAYDEBUG - if (len == 0 || len != src->l) - plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); -#endif - EVP_PKEY_free(evp); - if (len == 0 || len != src->l) { - vfree(xbuf); - return -1; - } - - error = memcmp(src->v, xbuf->v, src->l); - vfree(xbuf); - if (error != 0) - return -1; - - return 0; -} - -/* - * get error string - * MUST load ERR_load_crypto_strings() first. - */ -char * -eay_strerror() -{ - static char ebuf[512]; - int len = 0, n; - unsigned long l; - char buf[200]; -#if OPENSSL_VERSION_NUMBER >= 0x00904100L - const char *file, *data; -#else - char *file, *data; -#endif - int line, flags; - unsigned long es; - - es = CRYPTO_thread_id(); - - while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){ - n = snprintf(ebuf + len, sizeof(ebuf) - len, - "%lu:%s:%s:%d:%s ", - es, ERR_error_string(l, buf), file, line, - (flags & ERR_TXT_STRING) ? data : ""); - if (n < 0 || n >= sizeof(ebuf) - len) - break; - len += n; - if (sizeof(ebuf) < len) - break; - } - - return ebuf; -} - -void -eay_init_error() -{ - ERR_load_crypto_strings(); -} - -/* - * DES-CBC - */ -vchar_t * -eay_des_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - des_key_schedule ks; - - if (des_key_sched((void *)key->v, ks) != 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - des_cbc_encrypt((void *)data->v, (void *)res->v, data->l, - ks, (void *)iv->v, DES_ENCRYPT); - - return res; -} - -vchar_t * -eay_des_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - des_key_schedule ks; - - if (des_key_sched((void *)key->v, ks) != 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - des_cbc_encrypt((void *)data->v, (void *)res->v, data->l, - ks, (void *)iv->v, DES_DECRYPT); - - return res; -} - -int -eay_des_weakkey(key) - vchar_t *key; -{ - return des_is_weak_key((void *)key->v); -} - -int -eay_des_keylen(len) - int len; -{ - if (len != 0 && len != 64) - return -1; - return 64; -} - -#ifdef HAVE_OPENSSL_IDEA_H -/* - * IDEA-CBC - */ -vchar_t * -eay_idea_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - IDEA_KEY_SCHEDULE ks; - - idea_set_encrypt_key(key->v, &ks); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - idea_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, IDEA_ENCRYPT); - - return res; -} - -vchar_t * -eay_idea_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - IDEA_KEY_SCHEDULE ks, dks; - - idea_set_encrypt_key(key->v, &ks); - idea_set_decrypt_key(&ks, &dks); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - idea_cbc_encrypt(data->v, res->v, data->l, - &dks, iv->v, IDEA_DECRYPT); - - return res; -} - -int -eay_idea_weakkey(key) - vchar_t *key; -{ - return 0; /* XXX */ -} - -int -eay_idea_keylen(len) - int len; -{ - if (len != 0 && len != 128) - return -1; - return 128; -} -#endif - -/* - * BLOWFISH-CBC - */ -vchar_t * -eay_bf_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - BF_KEY ks; - - BF_set_key(&ks, key->l, key->v); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - BF_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, BF_ENCRYPT); - - return res; -} - -vchar_t * -eay_bf_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - BF_KEY ks; - - BF_set_key(&ks, key->l, key->v); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - BF_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, BF_DECRYPT); - - return res; -} - -int -eay_bf_weakkey(key) - vchar_t *key; -{ - return 0; /* XXX to be done. refer to RFC 2451 */ -} - -int -eay_bf_keylen(len) - int len; -{ - if (len == 0) - return 448; - if (len < 40 || len > 448) - return -1; - return (len + 7) / 8; -} - -#ifdef HAVE_OPENSSL_RC5_H -/* - * RC5-CBC - */ -vchar_t * -eay_rc5_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - RC5_32_KEY ks; - - /* in RFC 2451, there is information about the number of round. */ - RC5_32_set_key(&ks, key->l, key->v, 16); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - RC5_32_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, RC5_ENCRYPT); - - return res; -} - -vchar_t * -eay_rc5_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - RC5_32_KEY ks; - - /* in RFC 2451, there is information about the number of round. */ - RC5_32_set_key(&ks, key->l, key->v, 16); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - RC5_32_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, RC5_DECRYPT); - - return res; -} - -int -eay_rc5_weakkey(key) - vchar_t *key; -{ - return 0; /* No known weak keys when used with 16 rounds. */ - -} - -int -eay_rc5_keylen(len) - int len; -{ - if (len == 0) - return 128; - if (len < 40 || len > 2040) - return -1; - return (len + 7) / 8; -} -#endif - -/* - * 3DES-CBC - */ -vchar_t * -eay_3des_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - des_key_schedule ks1, ks2, ks3; - - if (key->l < 24) - return NULL; - - if (des_key_sched((void *)key->v, ks1) != 0) - return NULL; - if (des_key_sched((void *)(key->v + 8), ks2) != 0) - return NULL; - if (des_key_sched((void *)(key->v + 16), ks3) != 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - des_ede3_cbc_encrypt((void *)data->v, (void *)res->v, data->l, - ks1, ks2, ks3, (void *)iv->v, DES_ENCRYPT); - - return res; -} - -vchar_t * -eay_3des_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - des_key_schedule ks1, ks2, ks3; - - if (key->l < 24) - return NULL; - - if (des_key_sched((void *)key->v, ks1) != 0) - return NULL; - if (des_key_sched((void *)(key->v + 8), ks2) != 0) - return NULL; - if (des_key_sched((void *)(key->v + 16), ks3) != 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - des_ede3_cbc_encrypt((void *)data->v, (void *)res->v, data->l, - ks1, ks2, ks3, (void *)iv->v, DES_DECRYPT); - - return res; -} - -int -eay_3des_weakkey(key) - vchar_t *key; -{ - if (key->l < 24) - return NULL; - - return (des_is_weak_key((void *)key->v) - || des_is_weak_key((void *)(key->v + 8)) - || des_is_weak_key((void *)(key->v + 16))); -} - -int -eay_3des_keylen(len) - int len; -{ - if (len != 0 && len != 192) - return -1; - return 192; -} - -/* - * CAST-CBC - */ -vchar_t * -eay_cast_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - CAST_KEY ks; - - CAST_set_key(&ks, key->l, key->v); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - CAST_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, DES_ENCRYPT); - - return res; -} - -vchar_t * -eay_cast_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - CAST_KEY ks; - - CAST_set_key(&ks, key->l, key->v); - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - CAST_cbc_encrypt(data->v, res->v, data->l, - &ks, iv->v, DES_DECRYPT); - - return res; -} - -int -eay_cast_weakkey(key) - vchar_t *key; -{ - return 0; /* No known weak keys. */ -} - -int -eay_cast_keylen(len) - int len; -{ - if (len == 0) - return 128; - if (len < 40 || len > 128) - return -1; - return (len + 7) / 8; -} - -/* - * AES(RIJNDAEL)-CBC - */ -vchar_t * -eay_aes_encrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - keyInstance k; - cipherInstance c; - - memset(&k, 0, sizeof(k)); - if (rijndael_makeKey(&k, DIR_ENCRYPT, key->l << 3, key->v) < 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* encryption data */ - memset(&c, 0, sizeof(c)); - if (rijndael_cipherInit(&c, MODE_CBC, iv->v) < 0) - return NULL; - if (rijndael_blockEncrypt(&c, &k, data->v, data->l << 3, res->v) < 0) - return NULL; - - return res; -} - -vchar_t * -eay_aes_decrypt(data, key, iv) - vchar_t *data, *key, *iv; -{ - vchar_t *res; - keyInstance k; - cipherInstance c; - - memset(&k, 0, sizeof(k)); - if (rijndael_makeKey(&k, DIR_DECRYPT, key->l << 3, key->v) < 0) - return NULL; - - /* allocate buffer for result */ - if ((res = vmalloc(data->l)) == NULL) - return NULL; - - /* decryption data */ - memset(&c, 0, sizeof(c)); - if (rijndael_cipherInit(&c, MODE_CBC, iv->v) < 0) - return NULL; - if (rijndael_blockDecrypt(&c, &k, data->v, data->l << 3, res->v) < 0) - return NULL; - - return res; -} - -int -eay_aes_weakkey(key) - vchar_t *key; -{ - return 0; -} - -int -eay_aes_keylen(len) - int len; -{ - if (len == 0) - return 128; - if (len != 128 && len != 192 && len != 256) - return -1; - return len; -} - -/* for ipsec part */ -int -eay_null_hashlen() -{ - return 0; -} - -int -eay_kpdk_hashlen() -{ - return 0; -} - -int -eay_twofish_keylen(len) - int len; -{ - if (len < 0 || len > 256) - return -1; - return len; -} - -int -eay_null_keylen(len) - int len; -{ - return 0; -} - -/* - * HMAC functions - */ -static caddr_t -eay_hmac_init(key, md) - vchar_t *key; - const EVP_MD *md; -{ - HMAC_CTX *c = racoon_malloc(sizeof(*c)); - - HMAC_CTX_init(c); - HMAC_Init(c, key->v, key->l, md); - - return (caddr_t)c; -} - -/* - * HMAC SHA2-512 - */ -vchar_t * -eay_hmacsha2_512_one(key, data) - vchar_t *key, *data; -{ - vchar_t *res; - caddr_t ctx; - - ctx = eay_hmacsha2_512_init(key); - eay_hmacsha2_512_update(ctx, data); - res = eay_hmacsha2_512_final(ctx); - - return(res); -} - -caddr_t -eay_hmacsha2_512_init(key) - vchar_t *key; -{ - return eay_hmac_init(key, EVP_sha2_512()); -} - -void -eay_hmacsha2_512_update(c, data) - caddr_t c; - vchar_t *data; -{ - HMAC_Update((HMAC_CTX *)c, data->v, data->l); -} - -vchar_t * -eay_hmacsha2_512_final(c) - caddr_t c; -{ - vchar_t *res; - unsigned int l; - - if ((res = vmalloc(SHA512_DIGEST_LENGTH)) == 0) - return NULL; - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; - HMAC_CTX_cleanup(c); - (void)racoon_free(c); - - if (SHA512_DIGEST_LENGTH != res->l) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "hmac sha2_512 length mismatch %d.\n", res->l); -#else - printf("hmac sha2_512 length mismatch %d.\n", res->l); -#endif - vfree(res); - return NULL; - } - - return(res); -} - -/* - * HMAC SHA2-384 - */ -vchar_t * -eay_hmacsha2_384_one(key, data) - vchar_t *key, *data; -{ - vchar_t *res; - caddr_t ctx; - - ctx = eay_hmacsha2_384_init(key); - eay_hmacsha2_384_update(ctx, data); - res = eay_hmacsha2_384_final(ctx); - - return(res); -} - -caddr_t -eay_hmacsha2_384_init(key) - vchar_t *key; -{ - return eay_hmac_init(key, EVP_sha2_384()); -} - -void -eay_hmacsha2_384_update(c, data) - caddr_t c; - vchar_t *data; -{ - HMAC_Update((HMAC_CTX *)c, data->v, data->l); -} - -vchar_t * -eay_hmacsha2_384_final(c) - caddr_t c; -{ - vchar_t *res; - unsigned int l; - - if ((res = vmalloc(SHA384_DIGEST_LENGTH)) == 0) - return NULL; - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; - HMAC_CTX_cleanup(c); - (void)racoon_free(c); - - if (SHA384_DIGEST_LENGTH != res->l) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "hmac sha2_384 length mismatch %d.\n", res->l); -#else - printf("hmac sha2_384 length mismatch %d.\n", res->l); -#endif - vfree(res); - return NULL; - } - - return(res); -} - -/* - * HMAC SHA2-256 - */ -vchar_t * -eay_hmacsha2_256_one(key, data) - vchar_t *key, *data; -{ - vchar_t *res; - caddr_t ctx; - - ctx = eay_hmacsha2_256_init(key); - eay_hmacsha2_256_update(ctx, data); - res = eay_hmacsha2_256_final(ctx); - - return(res); -} - -caddr_t -eay_hmacsha2_256_init(key) - vchar_t *key; -{ - return eay_hmac_init(key, EVP_sha2_256()); -} - -void -eay_hmacsha2_256_update(c, data) - caddr_t c; - vchar_t *data; -{ - HMAC_Update((HMAC_CTX *)c, data->v, data->l); -} - -vchar_t * -eay_hmacsha2_256_final(c) - caddr_t c; -{ - vchar_t *res; - unsigned int l; - - if ((res = vmalloc(SHA256_DIGEST_LENGTH)) == 0) - return NULL; - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; - HMAC_CTX_cleanup(c); - (void)racoon_free(c); - - if (SHA256_DIGEST_LENGTH != res->l) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "hmac sha2_256 length mismatch %d.\n", res->l); -#else - printf("hmac sha2_256 length mismatch %d.\n", res->l); -#endif - vfree(res); - return NULL; - } - - return(res); -} - -/* - * HMAC SHA1 - */ -vchar_t * -eay_hmacsha1_one(key, data) - vchar_t *key, *data; -{ - vchar_t *res; - caddr_t ctx; - - ctx = eay_hmacsha1_init(key); - eay_hmacsha1_update(ctx, data); - res = eay_hmacsha1_final(ctx); - - return(res); -} - -caddr_t -eay_hmacsha1_init(key) - vchar_t *key; -{ - return eay_hmac_init(key, EVP_sha1()); -} - -void -eay_hmacsha1_update(c, data) - caddr_t c; - vchar_t *data; -{ - HMAC_Update((HMAC_CTX *)c, data->v, data->l); -} - -vchar_t * -eay_hmacsha1_final(c) - caddr_t c; -{ - vchar_t *res; - unsigned int l; - - if ((res = vmalloc(SHA_DIGEST_LENGTH)) == 0) - return NULL; - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; - HMAC_CTX_cleanup(c); - (void)racoon_free(c); - - if (SHA_DIGEST_LENGTH != res->l) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "hmac sha1 length mismatch %d.\n", res->l); -#else - printf("hmac sha1 length mismatch %d.\n", res->l); -#endif - vfree(res); - return NULL; - } - - return(res); -} - -/* - * HMAC MD5 - */ -vchar_t * -eay_hmacmd5_one(key, data) - vchar_t *key, *data; -{ - vchar_t *res; - caddr_t ctx; - - ctx = eay_hmacmd5_init(key); - eay_hmacmd5_update(ctx, data); - res = eay_hmacmd5_final(ctx); - - return(res); -} - -caddr_t -eay_hmacmd5_init(key) - vchar_t *key; -{ - return eay_hmac_init(key, EVP_md5()); -} - -void -eay_hmacmd5_update(c, data) - caddr_t c; - vchar_t *data; -{ - HMAC_Update((HMAC_CTX *)c, data->v, data->l); -} - -vchar_t * -eay_hmacmd5_final(c) - caddr_t c; -{ - vchar_t *res; - unsigned int l; - - if ((res = vmalloc(MD5_DIGEST_LENGTH)) == 0) - return NULL; - - HMAC_Final((HMAC_CTX *)c, res->v, &l); - res->l = l; - HMAC_CTX_cleanup(c); - (void)racoon_free(c); - - if (MD5_DIGEST_LENGTH != res->l) { -#ifndef EAYDEBUG - plog(LLV_ERROR, LOCATION, NULL, - "hmac md5 length mismatch %d.\n", res->l); -#else - printf("hmac md5 length mismatch %d.\n", res->l); -#endif - vfree(res); - return NULL; - } - - return(res); -} - -/* - * SHA2-512 functions - */ -caddr_t -eay_sha2_512_init() -{ - SHA512_CTX *c = racoon_malloc(sizeof(*c)); - - SHA512_Init(c); - - return((caddr_t)c); -} - -void -eay_sha2_512_update(c, data) - caddr_t c; - vchar_t *data; -{ - SHA512_Update((SHA512_CTX *)c, data->v, data->l); - - return; -} - -vchar_t * -eay_sha2_512_final(c) - caddr_t c; -{ - vchar_t *res; - - if ((res = vmalloc(SHA512_DIGEST_LENGTH)) == 0) - return(0); - - SHA512_Final(res->v, (SHA512_CTX *)c); - (void)racoon_free(c); - - return(res); -} - -vchar_t * -eay_sha2_512_one(data) - vchar_t *data; -{ - caddr_t ctx; - vchar_t *res; - - ctx = eay_sha2_512_init(); - eay_sha2_512_update(ctx, data); - res = eay_sha2_512_final(ctx); - - return(res); -} - -int -eay_sha2_512_hashlen() -{ - return SHA512_DIGEST_LENGTH << 3; -} - -/* - * SHA2-384 functions - */ -caddr_t -eay_sha2_384_init() -{ - SHA384_CTX *c = racoon_malloc(sizeof(*c)); - - SHA384_Init(c); - - return((caddr_t)c); -} - -void -eay_sha2_384_update(c, data) - caddr_t c; - vchar_t *data; -{ - SHA384_Update((SHA384_CTX *)c, data->v, data->l); - - return; -} - -vchar_t * -eay_sha2_384_final(c) - caddr_t c; -{ - vchar_t *res; - - if ((res = vmalloc(SHA384_DIGEST_LENGTH)) == 0) - return(0); - - SHA384_Final(res->v, (SHA384_CTX *)c); - (void)racoon_free(c); - - return(res); -} - -vchar_t * -eay_sha2_384_one(data) - vchar_t *data; -{ - caddr_t ctx; - vchar_t *res; - - ctx = eay_sha2_384_init(); - eay_sha2_384_update(ctx, data); - res = eay_sha2_384_final(ctx); - - return(res); -} - -int -eay_sha2_384_hashlen() -{ - return SHA384_DIGEST_LENGTH << 3; -} - -/* - * SHA2-256 functions - */ -caddr_t -eay_sha2_256_init() -{ - SHA256_CTX *c = racoon_malloc(sizeof(*c)); - - SHA256_Init(c); - - return((caddr_t)c); -} - -void -eay_sha2_256_update(c, data) - caddr_t c; - vchar_t *data; -{ - SHA256_Update((SHA256_CTX *)c, data->v, data->l); - - return; -} - -vchar_t * -eay_sha2_256_final(c) - caddr_t c; -{ - vchar_t *res; - - if ((res = vmalloc(SHA256_DIGEST_LENGTH)) == 0) - return(0); - - SHA256_Final(res->v, (SHA256_CTX *)c); - (void)racoon_free(c); - - return(res); -} - -vchar_t * -eay_sha2_256_one(data) - vchar_t *data; -{ - caddr_t ctx; - vchar_t *res; - - ctx = eay_sha2_256_init(); - eay_sha2_256_update(ctx, data); - res = eay_sha2_256_final(ctx); - - return(res); -} - -int -eay_sha2_256_hashlen() -{ - return SHA256_DIGEST_LENGTH << 3; -} - -/* - * SHA functions - */ -caddr_t -eay_sha1_init() -{ - SHA_CTX *c = racoon_malloc(sizeof(*c)); - - SHA1_Init(c); - - return((caddr_t)c); -} - -void -eay_sha1_update(c, data) - caddr_t c; - vchar_t *data; -{ - SHA1_Update((SHA_CTX *)c, data->v, data->l); - - return; -} - -vchar_t * -eay_sha1_final(c) - caddr_t c; -{ - vchar_t *res; - - if ((res = vmalloc(SHA_DIGEST_LENGTH)) == 0) - return(0); - - SHA1_Final(res->v, (SHA_CTX *)c); - (void)racoon_free(c); - - return(res); -} - -vchar_t * -eay_sha1_one(data) - vchar_t *data; -{ - caddr_t ctx; - vchar_t *res; - - ctx = eay_sha1_init(); - eay_sha1_update(ctx, data); - res = eay_sha1_final(ctx); - - return(res); -} - -int -eay_sha1_hashlen() -{ - return SHA_DIGEST_LENGTH << 3; -} - -/* - * MD5 functions - */ -caddr_t -eay_md5_init() -{ - MD5_CTX *c = racoon_malloc(sizeof(*c)); - - MD5_Init(c); - - return((caddr_t)c); -} - -void -eay_md5_update(c, data) - caddr_t c; - vchar_t *data; -{ - MD5_Update((MD5_CTX *)c, data->v, data->l); - - return; -} - -vchar_t * -eay_md5_final(c) - caddr_t c; -{ - vchar_t *res; - - if ((res = vmalloc(MD5_DIGEST_LENGTH)) == 0) - return(0); - - MD5_Final(res->v, (MD5_CTX *)c); - (void)racoon_free(c); - - return(res); -} - -vchar_t * -eay_md5_one(data) - vchar_t *data; -{ - caddr_t ctx; - vchar_t *res; - - ctx = eay_md5_init(); - eay_md5_update(ctx, data); - res = eay_md5_final(ctx); - - return(res); -} - -int -eay_md5_hashlen() -{ - return MD5_DIGEST_LENGTH << 3; -} - -/* - * eay_set_random - * size: number of bytes. - */ -vchar_t * -eay_set_random(size) - u_int32_t size; -{ - BIGNUM *r = NULL; - vchar_t *res = 0; - - if ((r = BN_new()) == NULL) - goto end; - BN_rand(r, size * 8, 0, 0); - eay_bn2v(&res, r); - -end: - if (r) - BN_free(r); - return(res); -} - -/* DH */ -int -eay_dh_generate(prime, g, publen, pub, priv) - vchar_t *prime, **pub, **priv; - u_int publen; - u_int32_t g; -{ - BIGNUM *p = NULL; - DH *dh = NULL; - int error = -1; - - /* initialize */ - /* pre-process to generate number */ - if (eay_v2bn(&p, prime) < 0) - goto end; - - if ((dh = DH_new()) == NULL) - goto end; - dh->p = p; - p = NULL; /* p is now part of dh structure */ - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) - goto end; - if (!BN_set_word(dh->g, g)) - goto end; - - if (publen != 0) - dh->length = publen; - - /* generate public and private number */ - if (!DH_generate_key(dh)) - goto end; - - /* copy results to buffers */ - if (eay_bn2v(pub, dh->pub_key) < 0) - goto end; - if (eay_bn2v(priv, dh->priv_key) < 0) { - vfree(*pub); - goto end; - } - - error = 0; - -end: - if (dh != NULL) - DH_free(dh); - if (p != 0) - BN_free(p); - return(error); -} - -int -eay_dh_compute(prime, g, pub, priv, pub2, key) - vchar_t *prime, *pub, *priv, *pub2, **key; - u_int32_t g; -{ - BIGNUM *dh_pub = NULL; - DH *dh = NULL; - int l; - caddr_t v = NULL; - int error = -1; - - /* make public number to compute */ - if (eay_v2bn(&dh_pub, pub2) < 0) - goto end; - - /* make DH structure */ - if ((dh = DH_new()) == NULL) - goto end; - if (eay_v2bn(&dh->p, prime) < 0) - goto end; - if (eay_v2bn(&dh->pub_key, pub) < 0) - goto end; - if (eay_v2bn(&dh->priv_key, priv) < 0) - goto end; - dh->length = pub2->l * 8; - - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) - goto end; - if (!BN_set_word(dh->g, g)) - goto end; - - if ((v = (caddr_t)racoon_calloc(prime->l, sizeof(u_char))) == NULL) - goto end; - if ((l = DH_compute_key(v, dh_pub, dh)) == -1) - goto end; - memcpy((*key)->v + (prime->l - l), v, l); - - error = 0; - -end: - if (dh_pub != NULL) - BN_free(dh_pub); - if (dh != NULL) - DH_free(dh); - if (v != NULL) - racoon_free(v); - return(error); -} - -#if 1 -int -eay_v2bn(bn, var) - BIGNUM **bn; - vchar_t *var; -{ - if ((*bn = BN_bin2bn(var->v, var->l, NULL)) == NULL) - return -1; - - return 0; -} -#else -/* - * convert vchar_t <-> BIGNUM. - * - * vchar_t: unit is u_char, network endian, most significant byte first. - * BIGNUM: unit is BN_ULONG, each of BN_ULONG is in host endian, - * least significant BN_ULONG must come first. - * - * hex value of "0x3ffe050104" is represented as follows: - * vchar_t: 3f fe 05 01 04 - * BIGNUM (BN_ULONG = u_int8_t): 04 01 05 fe 3f - * BIGNUM (BN_ULONG = u_int16_t): 0x0104 0xfe05 0x003f - * BIGNUM (BN_ULONG = u_int32_t_t): 0xfe050104 0x0000003f - */ -int -eay_v2bn(bn, var) - BIGNUM **bn; - vchar_t *var; -{ - u_char *p; - u_char *q; - BN_ULONG *r; - int l; - BN_ULONG num; - - *bn = BN_new(); - if (*bn == NULL) - goto err; - l = (var->l * 8 + BN_BITS2 - 1) / BN_BITS2; - if (bn_expand(*bn, l * BN_BITS2) == NULL) - goto err; - (*bn)->top = l; - - /* scan from least significant byte */ - p = (u_char *)var->v; - q = (u_char *)(var->v + var->l); - r = (*bn)->d; - num = 0; - l = 0; - do { - q--; - num = num | ((BN_ULONG)*q << (l++ * 8)); - if (l == BN_BYTES) { - *r++ = num; - num = 0; - l = 0; - } - } while (p < q); - if (l) - *r = num; - return 0; - -err: - if (*bn) - BN_free(*bn); - return -1; -} -#endif - -int -eay_bn2v(var, bn) - vchar_t **var; - BIGNUM *bn; -{ - *var = vmalloc(bn->top * BN_BYTES); - if (*var == NULL) - return(-1); - - (*var)->l = BN_bn2bin(bn, (*var)->v); - - return 0; -} - -const char * -eay_version() -{ - return SSLeay_version(SSLEAY_VERSION); -} diff --git a/racoon.tproj/crypto_openssl.h b/racoon.tproj/crypto_openssl.h deleted file mode 100644 index 3efb418..0000000 --- a/racoon.tproj/crypto_openssl.h +++ /dev/null @@ -1,205 +0,0 @@ -/* $KAME: crypto_openssl.h,v 1.25 2002/04/25 09:48:32 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __CRYPTO_OPENSSL_H__ -#define __CRYPTO_OPENSSL_H__ - -#ifdef HAVE_OPENSSL_EVP_H -#include -#endif - -#ifdef HAVE_SIGNING_C -/* X509 Certificate */ -#include - -#define GENT_OTHERNAME GEN_OTHERNAME -#define GENT_EMAIL GEN_EMAIL -#define GENT_DNS GEN_DNS -#define GENT_X400 GEN_X400 -#define GENT_DIRNAME GEN_DIRNAME -#define GENT_EDIPARTY GEN_EDIPARTY -#define GENT_URI GEN_URI -#define GENT_IPADD GEN_IPADD -#define GENT_RID GEN_RID - - -extern vchar_t *eay_str2asn1dn __P((char *, int)); -extern int eay_cmp_asn1dn __P((vchar_t *, vchar_t *)); -extern int eay_check_x509cert __P((vchar_t *, char *, int)); -extern vchar_t *eay_get_x509asn1subjectname __P((vchar_t *)); -extern vchar_t *eay_get_x509_common_name __P((vchar_t *)); -extern int eay_get_x509subjectaltname __P((vchar_t *, char **, int *, int, int *)); -extern char *eay_get_x509text __P((vchar_t *)); -extern vchar_t *eay_get_x509cert __P((char *)); -extern vchar_t *eay_get_x509sign __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_check_x509sign __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_check_pkcs7sign __P((vchar_t *, vchar_t *, vchar_t *)); - -/* RSA */ -extern vchar_t *eay_rsa_sign __P((vchar_t *, vchar_t *)); -extern int eay_rsa_verify __P((vchar_t *, vchar_t *, EVP_PKEY *)); - -/* ASN.1 */ -extern vchar_t *eay_get_pkcs1privkey __P((char *)); -extern vchar_t *eay_get_pkcs1pubkey __P((char *)); -#endif - -/* string error */ -extern char *eay_strerror __P((void)); -extern void eay_init_error __P((void)); - -/* DES */ -extern vchar_t *eay_des_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_des_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_des_weakkey __P((vchar_t *)); -extern int eay_des_keylen __P((int)); - -/* IDEA */ -extern vchar_t *eay_idea_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_idea_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_idea_weakkey __P((vchar_t *)); -extern int eay_idea_keylen __P((int)); - -/* blowfish */ -extern vchar_t *eay_bf_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_bf_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_bf_weakkey __P((vchar_t *)); -extern int eay_bf_keylen __P((int)); - -/* RC5 */ -extern vchar_t *eay_rc5_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_rc5_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_rc5_weakkey __P((vchar_t *)); -extern int eay_rc5_keylen __P((int)); - -/* 3DES */ -extern vchar_t *eay_3des_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_3des_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_3des_weakkey __P((vchar_t *)); -extern int eay_3des_keylen __P((int)); - -/* CAST */ -extern vchar_t *eay_cast_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_cast_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_cast_weakkey __P((vchar_t *)); -extern int eay_cast_keylen __P((int)); - -/* AES(RIJNDAEL) */ -extern vchar_t *eay_aes_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *eay_aes_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -extern int eay_aes_weakkey __P((vchar_t *)); -extern int eay_aes_keylen __P((int)); - -/* misc */ -extern int eay_null_keylen __P((int)); -extern int eay_null_hashlen __P((void)); -extern int eay_kpdk_hashlen __P((void)); -extern int eay_twofish_keylen __P((int)); - -/* hash */ -/* HMAC SHA2 */ -extern vchar_t *eay_hmacsha2_512_one __P((vchar_t *, vchar_t *)); -extern caddr_t eay_hmacsha2_512_init __P((vchar_t *)); -extern void eay_hmacsha2_512_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_hmacsha2_512_final __P((caddr_t)); -extern vchar_t *eay_hmacsha2_384_one __P((vchar_t *, vchar_t *)); -extern caddr_t eay_hmacsha2_384_init __P((vchar_t *)); -extern void eay_hmacsha2_384_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_hmacsha2_384_final __P((caddr_t)); -extern vchar_t *eay_hmacsha2_256_one __P((vchar_t *, vchar_t *)); -extern caddr_t eay_hmacsha2_256_init __P((vchar_t *)); -extern void eay_hmacsha2_256_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_hmacsha2_256_final __P((caddr_t)); -/* HMAC SHA1 */ -extern vchar_t *eay_hmacsha1_one __P((vchar_t *, vchar_t *)); -extern caddr_t eay_hmacsha1_init __P((vchar_t *)); -extern void eay_hmacsha1_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_hmacsha1_final __P((caddr_t)); -/* HMAC MD5 */ -extern vchar_t *eay_hmacmd5_one __P((vchar_t *, vchar_t *)); -extern caddr_t eay_hmacmd5_init __P((vchar_t *)); -extern void eay_hmacmd5_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_hmacmd5_final __P((caddr_t)); - -/* SHA2 functions */ -extern caddr_t eay_sha2_512_init __P((void)); -extern void eay_sha2_512_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_sha2_512_final __P((caddr_t)); -extern vchar_t *eay_sha2_512_one __P((vchar_t *)); -extern int eay_sha2_512_hashlen __P((void)); - -extern caddr_t eay_sha2_384_init __P((void)); -extern void eay_sha2_384_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_sha2_384_final __P((caddr_t)); -extern vchar_t *eay_sha2_384_one __P((vchar_t *)); -extern int eay_sha2_384_hashlen __P((void)); - -extern caddr_t eay_sha2_256_init __P((void)); -extern void eay_sha2_256_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_sha2_256_final __P((caddr_t)); -extern vchar_t *eay_sha2_256_one __P((vchar_t *)); -extern int eay_sha2_256_hashlen __P((void)); - -/* SHA functions */ -extern caddr_t eay_sha1_init __P((void)); -extern void eay_sha1_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_sha1_final __P((caddr_t)); -extern vchar_t *eay_sha1_one __P((vchar_t *)); -extern int eay_sha1_hashlen __P((void)); - -/* MD5 functions */ -extern caddr_t eay_md5_init __P((void)); -extern void eay_md5_update __P((caddr_t, vchar_t *)); -extern vchar_t *eay_md5_final __P((caddr_t)); -extern vchar_t *eay_md5_one __P((vchar_t *)); -extern int eay_md5_hashlen __P((void)); - -/* eay_set_random */ -extern vchar_t *eay_set_random __P((u_int32_t)); - -/* DH */ -extern int eay_dh_generate __P((vchar_t *, u_int32_t, u_int, vchar_t **, vchar_t **)); -extern int eay_dh_compute __P((vchar_t *, u_int32_t, vchar_t *, vchar_t *, vchar_t *, vchar_t **)); - -/* misc */ -extern int eay_revbnl __P((vchar_t *)); -#include -extern int eay_v2bn __P((BIGNUM **, vchar_t *)); -extern int eay_bn2v __P((vchar_t **, BIGNUM *)); - -extern const char *eay_version __P((void)); - -#define CBC_BLOCKLEN 8 -#define IPSEC_ENCRYPTKEYLEN 8 - - -#endif /* __CRYPTO_OPENSSL_H__ */ - diff --git a/racoon.tproj/debug.h b/racoon.tproj/debug.h deleted file mode 100644 index eb08f9b..0000000 --- a/racoon.tproj/debug.h +++ /dev/null @@ -1,42 +0,0 @@ -/* $KAME: debug.h,v 1.17 2001/01/10 02:58:58 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __DEBUG_H__ -#define __DEBUG_H__ - - -/* define by main.c */ -extern int f_local; -extern int vflag; - - -#endif /* __DEBUG_H__ */ - diff --git a/racoon.tproj/dhgroup.h b/racoon.tproj/dhgroup.h deleted file mode 100644 index ac63144..0000000 --- a/racoon.tproj/dhgroup.h +++ /dev/null @@ -1,206 +0,0 @@ -/* $KAME: dhgroup.h,v 1.2 2001/12/12 18:23:41 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __DHGROUP_H__ -#define __DHGROUP_H__ - - -#define OAKLEY_PRIME_MODP768 \ - "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ - "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ - "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ - "E485B576 625E7EC6 F44C42E9 A63A3620 FFFFFFFF FFFFFFFF" - -#define OAKLEY_PRIME_MODP1024 \ - "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ - "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ - "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ - "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ - "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381" \ - "FFFFFFFF FFFFFFFF" - -#define OAKLEY_PRIME_MODP1536 \ - "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ - "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ - "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ - "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ - "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ - "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ - "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ - "670C354E 4ABC9804 F1746C08 CA237327 FFFFFFFF FFFFFFFF" - -/* draft-ietf-ipsec-ike-modp-groups-03.txt */ -#define OAKLEY_PRIME_MODP2048 \ - "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ - "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ - "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ - "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ - "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ - "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ - "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ - "670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B" \ - "E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9" \ - "DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510" \ - "15728E5A 8AACAA68 FFFFFFFF FFFFFFFF" - -#define OAKLEY_PRIME_MODP3072 \ - "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ - "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ - "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ - "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ - "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ - "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ - "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ - "670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B" \ - "E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9" \ - "DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510" \ - "15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64" \ - "ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7" \ - "ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B" \ - "F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C" \ - "BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31" \ - "43DB5BFC E0FD108E 4B82D120 A93AD2CA FFFFFFFF FFFFFFFF" - -#define OAKLEY_PRIME_MODP4096 \ - "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ - "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ - "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ - "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ - "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ - "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ - "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ - "670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B" \ - "E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9" \ - "DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510" \ - "15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64" \ - "ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7" \ - "ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B" \ - "F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C" \ - "BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31" \ - "43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7" \ - "88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA" \ - "2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6" \ - "287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED" \ - "1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9" \ - "93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34063199" \ - "FFFFFFFF FFFFFFFF" - -#define OAKLEY_PRIME_MODP6144 \ - "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ - "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ - "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ - "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ - "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ - "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ - "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ - "670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B" \ - "E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9" \ - "DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510" \ - "15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64" \ - "ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7" \ - "ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B" \ - "F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C" \ - "BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31" \ - "43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7" \ - "88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA" \ - "2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6" \ - "287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED" \ - "1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9" \ - "93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492" \ - "36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD" \ - "F8FF9406 AD9E530E E5DB382F 413001AE B06A53ED 9027D831" \ - "179727B0 865A8918 DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B" \ - "DB7F1447 E6CC254B 33205151 2BD7AF42 6FB8F401 378CD2BF" \ - "5983CA01 C64B92EC F032EA15 D1721D03 F482D7CE 6E74FEF6" \ - "D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F BEC7E8F3" \ - "23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA" \ - "CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328" \ - "06A1D58B B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C" \ - "DA56C9EC 2EF29632 387FE8D7 6E3C0468 043E8F66 3F4860EE" \ - "12BF2D5B 0B7474D6 E694F91E 6DCC4024 FFFFFFFF FFFFFFFF" - -#define OAKLEY_PRIME_MODP8192 \ - "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ - "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ - "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ - "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ - "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ - "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ - "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ - "670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B" \ - "E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9" \ - "DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510" \ - "15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64" \ - "ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7" \ - "ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B" \ - "F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C" \ - "BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31" \ - "43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7" \ - "88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA" \ - "2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6" \ - "287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED" \ - "1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9" \ - "93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492" \ - "36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD" \ - "F8FF9406 AD9E530E E5DB382F 413001AE B06A53ED 9027D831" \ - "179727B0 865A8918 DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B" \ - "DB7F1447 E6CC254B 33205151 2BD7AF42 6FB8F401 378CD2BF" \ - "5983CA01 C64B92EC F032EA15 D1721D03 F482D7CE 6E74FEF6" \ - "D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F BEC7E8F3" \ - "23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA" \ - "CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328" \ - "06A1D58B B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C" \ - "DA56C9EC 2EF29632 387FE8D7 6E3C0468 043E8F66 3F4860EE" \ - "12BF2D5B 0B7474D6 E694F91E 6DBE1159 74A3926F 12FEE5E4" \ - "38777CB6 A932DF8C D8BEC4D0 73B931BA 3BC832B6 8D9DD300" \ - "741FA7BF 8AFC47ED 2576F693 6BA42466 3AAB639C 5AE4F568" \ - "3423B474 2BF1C978 238F16CB E39D652D E3FDB8BE FC848AD9" \ - "22222E04 A4037C07 13EB57A8 1A23F0C7 3473FC64 6CEA306B" \ - "4BCBC886 2F8385DD FA9D4B7F A2C087E8 79683303 ED5BDD3A" \ - "062B3CF5 B3A278A6 6D2A13F8 3F44F82D DF310EE0 74AB6A36" \ - "4597E899 A0255DC1 64F31CC5 0846851D F9AB4819 5DED7EA1" \ - "B1D510BD 7EE74D73 FAF36BC3 1ECFA268 359046F4 EB879F92" \ - "4009438B 481C6CD7 889A002E D5EE382B C9190DA6 FC026E47" \ - "9558E447 5677E9AA 9E3050E2 765694DF C81F56E8 80B96E71" \ - "60C980DD 98EDD3DF FFFFFFFF FFFFFFFF" - -extern struct dhgroup dh_modp768; -extern struct dhgroup dh_modp1024; -extern struct dhgroup dh_modp1536; -extern struct dhgroup dh_modp2048; -extern struct dhgroup dh_modp3072; -extern struct dhgroup dh_modp4096; -extern struct dhgroup dh_modp6144; -extern struct dhgroup dh_modp8192; - - -#endif /* __DHGROUP_H__ */ - diff --git a/racoon.tproj/dnssec.c b/racoon.tproj/dnssec.c deleted file mode 100644 index c9fe652..0000000 --- a/racoon.tproj/dnssec.c +++ /dev/null @@ -1,147 +0,0 @@ -/* $KAME: dnssec.c,v 1.2 2001/08/05 18:46:07 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include "var.h" -#include "vmbuf.h" -#include "misc.h" -#include "plog.h" -#include "debug.h" - -#include "isakmp_var.h" -#include "isakmp.h" -#include "ipsec_doi.h" -#include "oakley.h" -#include "netdb_dnssec.h" -#include "strnames.h" -#include "dnssec.h" -#include "gcmalloc.h" - -extern int h_errno; - -cert_t * -dnssec_getcert(id) - vchar_t *id; -{ - cert_t *cert = NULL; - struct certinfo *res = NULL; - struct ipsecdoi_id_b *id_b; - int type; - char *name = NULL; - int namelen; - int error; - - id_b = (struct ipsecdoi_id_b *)id->v; - - namelen = id->l - sizeof(*id_b); - name = racoon_malloc(namelen + 1); - if (!name) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer.\n"); - return NULL; - } - memcpy(name, id_b + 1, namelen); - name[namelen] = '\0'; - - switch (id_b->type) { - case IPSECDOI_ID_FQDN: - error = getcertsbyname(name, &res); - if (error != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "getcertsbyname(\"%s\") failed.\n", name); - goto err; - } - break; - case IPSECDOI_ID_IPV4_ADDR: - case IPSECDOI_ID_IPV6_ADDR: - /* XXX should be processed to query PTR ? */ - default: - plog(LLV_ERROR, LOCATION, NULL, - "inpropper ID type passed %s " - "though getcert method is dnssec.\n", - s_ipsecdoi_ident(id_b->type)); - return NULL; - } - - /* check response */ - if (res->ci_next == NULL) { - plog(LLV_WARNING, LOCATION, NULL, - "not supported multiple CERT RR.\n"); - } - switch (res->ci_type) { - case DNSSEC_TYPE_PKIX: - /* XXX is it enough condition to set this type ? */ - type = ISAKMP_CERT_X509SIGN; - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "not supported CERT RR type %d.\n", res->ci_type); - goto err; - } - - /* create cert holder */ - cert = oakley_newcert(); - if (cert == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get cert buffer.\n"); - goto err; - } - cert->pl = vmalloc(res->ci_certlen + 1); - if (cert->pl == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get cert buffer.\n"); - goto err; - } - memcpy(cert->pl->v + 1, res->ci_cert, res->ci_certlen); - cert->pl->v[0] = type; - cert->cert.v = cert->pl->v + 1; - cert->cert.l = cert->pl->l - 1; - - plog(LLV_DEBUG, LOCATION, NULL, "created CERT payload:\n"); - plogdump(LLV_DEBUG, cert->pl->v, cert->pl->l); - -end: - if (res) - freecertinfo(res); - - return cert; - -err: - if (name) - racoon_free(name); - if (cert) - oakley_delcert(cert); - goto end; -} diff --git a/racoon.tproj/dnssec.h b/racoon.tproj/dnssec.h deleted file mode 100644 index 9c6b2d1..0000000 --- a/racoon.tproj/dnssec.h +++ /dev/null @@ -1,38 +0,0 @@ -/* $KAME: dnssec.h,v 1.1 2001/04/11 06:11:55 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __DNSSEC_H__ -#define __DNSSEC_H__ - -extern cert_t *dnssec_getcert __P((vchar_t *)); - -#endif /* __DNSSEC_H__ */ - diff --git a/racoon.tproj/gcmalloc.h b/racoon.tproj/gcmalloc.h deleted file mode 100644 index b4343ec..0000000 --- a/racoon.tproj/gcmalloc.h +++ /dev/null @@ -1,115 +0,0 @@ -/* $KAME: gcmalloc.h,v 1.4 2001/11/16 04:34:57 sakane Exp $ */ - -/* - * Copyright (C) 2000, 2001 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Debugging malloc glue for Racoon. - */ - -#ifndef __GCMALLOC_H__ -#define __GCMALLOC_H__ - -/* ElectricFence needs no special handling. */ - -/* - * Boehm-GC provides GC_malloc(), GC_realloc(), GC_free() functions, - * but not the traditional entry points. So what we do is provide - * malloc(), calloc(), realloc(), and free() entry points in the main - * program and letting the linker do the rest. - */ -#ifdef GC -#define GC_DEBUG -#include - -#ifdef RACOON_MAIN_PROGRAM -void * -malloc(size_t size) -{ - - return (GC_MALLOC(size)); -} - -void * -calloc(size_t number, size_t size) -{ - - /* GC_malloc() clears the storage. */ - return (GC_MALLOC(number * size)); -} - -void * -realloc(void *ptr, size_t size) -{ - - return (GC_REALLOC(ptr, size)); -} - -void -free(void *ptr) -{ - - GC_FREE(ptr); -} -#endif /* RACOON_MAIN_PROGRAM */ - -#define racoon_malloc(sz) GC_debug_malloc(sz, GC_EXTRAS) -#define racoon_calloc(cnt, sz) GC_debug_malloc(cnt * sz, GC_EXTRAS) -#define racoon_realloc(old, sz) GC_debug_realloc(old, sz, GC_EXTRAS) -#define racoon_free(p) GC_debug_free(p) - -#endif /* GC */ - -/* - * Dmalloc only requires that you pull in a header file and link - * against libdmalloc. - */ -#ifdef DMALLOC -#include -#endif /* DMALLOC */ - -#ifdef DEBUG_RECORD_MALLOCATION -#include -#else -#ifndef racoon_malloc -#define racoon_malloc(sz) malloc((sz)) -#endif -#ifndef racoon_calloc -#define racoon_calloc(cnt, sz) calloc((cnt), (sz)) -#endif -#ifndef racoon_realloc -#define racoon_realloc(old, sz) realloc((old), (sz)) -#endif -#ifndef racoon_free -#define racoon_free(p) free((p)) -#endif -#endif /* DEBUG_RECORD_MALLOCATION */ - -#endif /* __GCMALLOC_H__ */ - diff --git a/racoon.tproj/getcertsbyname.c b/racoon.tproj/getcertsbyname.c deleted file mode 100644 index d9f4d94..0000000 --- a/racoon.tproj/getcertsbyname.c +++ /dev/null @@ -1,412 +0,0 @@ -/* $KAME: getcertsbyname.c,v 1.7 2001/11/16 04:12:59 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define BIND_8_COMPAT - -#include -#include -#include - -#include -#include -#include -#ifdef HAVE_LWRES_GETRRSETBYNAME -#include -#include -#else -#include -#endif -#include -#include -#include - -#ifdef DNSSEC_DEBUG -#include -#include -#endif - -#include "netdb_dnssec.h" - -/* XXX should it use ci_errno to hold errno instead of h_errno ? */ -extern int h_errno; - -static struct certinfo *getnewci __P((int, int, int, int, int, char *)); - -static struct certinfo * -getnewci(qtype, keytag, algorithm, flags, certlen, cert) - int qtype, keytag, algorithm, flags, certlen; - char *cert; -{ - struct certinfo *res; - - res = malloc(sizeof(*res)); - if (!res) - return NULL; - - memset(res, 0, sizeof(*res)); - res->ci_type = qtype; - res->ci_keytag = keytag; - res->ci_algorithm = algorithm; - res->ci_flags = flags; - res->ci_certlen = certlen; - res->ci_cert = malloc(certlen); - if (!res->ci_cert) { - free(res); - return NULL; - } - memcpy(res->ci_cert, cert, certlen); - - return res; -} - -void -freecertinfo(ci) - struct certinfo *ci; -{ - struct certinfo *next; - - do { - next = ci->ci_next; - if (ci->ci_cert) - free(ci->ci_cert); - free(ci); - ci = next; - } while (ci); -} - -/* - * get CERT RR by FQDN and create certinfo structure chain. - */ -#ifdef HAVE_LWRES_GETRRSETBYNAME -#define getrrsetbyname lwres_getrrsetbyname -#define freerrset lwres_freerrset -#define hstrerror lwres_hstrerror -#endif -#if defined(HAVE_LWRES_GETRRSETBYNAME) || defined(AHVE_GETRRSETBYNAME) -int -getcertsbyname(name, res) - char *name; - struct certinfo **res; -{ - int rdlength; - char *cp; - int type, keytag, algorithm; - struct certinfo head, *cur; - struct rrsetinfo *rr = NULL; - int i; - int error = -1; - - /* initialize res */ - *res = NULL; - - memset(&head, 0, sizeof(head)); - cur = &head; - - error = getrrsetbyname(name, C_IN, T_CERT, 0, &rr); - if (error) { -#ifdef DNSSEC_DEBUG - printf("getrrsetbyname: %s\n", hstrerror(error)); -#endif - h_errno = NO_RECOVERY; - goto end; - } - - if (rr->rri_rdclass != C_IN - || rr->rri_rdtype != T_CERT - || rr->rri_nrdatas == 0) { -#ifdef DNSSEC_DEBUG - printf("getrrsetbyname: %s", hstrerror(error)); -#endif - h_errno = NO_RECOVERY; - goto end; - } -#ifdef DNSSEC_DEBUG - if (!(rr->rri_flags & LWRDATA_VALIDATED)) - printf("rr is not valid"); -#endif - - for (i = 0; i < rr->rri_nrdatas; i++) { - rdlength = rr->rri_rdatas[i].rdi_length; - cp = rr->rri_rdatas[i].rdi_data; - - GETSHORT(type, cp); /* type */ - rdlength -= INT16SZ; - GETSHORT(keytag, cp); /* key tag */ - rdlength -= INT16SZ; - algorithm = *cp++; /* algorithm */ - rdlength -= 1; - -#ifdef DNSSEC_DEBUG - printf("type=%d keytag=%d alg=%d len=%d\n", - type, keytag, algorithm, rdlength); -#endif - - /* create new certinfo */ - cur->ci_next = getnewci(type, keytag, algorithm, - rr->rri_flags, rdlength, cp); - if (!cur->ci_next) { -#ifdef DNSSEC_DEBUG - printf("getnewci: %s", strerror(errno)); -#endif - h_errno = NO_RECOVERY; - goto end; - } - cur = cur->ci_next; - } - - *res = head.ci_next; - error = 0; - -end: - if (rr) - freerrset(rr); - if (error && head.ci_next) - freecertinfo(head.ci_next); - - return error; -} -#else /*!HAVE_LWRES_GETRRSETBYNAME*/ -int -getcertsbyname(name, res) - char *name; - struct certinfo **res; -{ - caddr_t answer = NULL, p; - int buflen, anslen, len; - HEADER *hp; - int qdcount, ancount, rdlength; - char *cp, *eom; - char hostbuf[1024]; /* XXX */ - int qtype, qclass, keytag, algorithm; - struct certinfo head, *cur; - int error = -1; - - /* initialize res */ - *res = NULL; - - memset(&head, 0, sizeof(head)); - cur = &head; - - /* get CERT RR */ - buflen = 512; - do { - - buflen *= 2; - p = realloc(answer, buflen); - if (!p) { -#ifdef DNSSEC_DEBUG - printf("realloc: %s", strerror(errno)); -#endif - h_errno = NO_RECOVERY; - goto end; - } - answer = p; - - anslen = res_query(name, C_IN, T_CERT, answer, buflen); - if (anslen == -1) - goto end; - - } while (buflen < anslen); - -#ifdef DNSSEC_DEBUG - printf("get a DNS packet len=%d\n", anslen); -#endif - - /* parse CERT RR */ - eom = answer + anslen; - - hp = (HEADER *)answer; - qdcount = ntohs(hp->qdcount); - ancount = ntohs(hp->ancount); - - /* question section */ - if (qdcount != 1) { -#ifdef DNSSEC_DEBUG - printf("query count is not 1.\n"); -#endif - h_errno = NO_RECOVERY; - goto end; - } - cp = (char *)(hp + 1); - len = dn_expand(answer, eom, cp, hostbuf, sizeof(hostbuf)); - if (len < 0) { -#ifdef DNSSEC_DEBUG - printf("dn_expand failed.\n"); -#endif - goto end; - } - cp += len; - GETSHORT(qtype, cp); /* QTYPE */ - GETSHORT(qclass, cp); /* QCLASS */ - - /* answer section */ - while (ancount-- && cp < eom) { - len = dn_expand(answer, eom, cp, hostbuf, sizeof(hostbuf)); - if (len < 0) { -#ifdef DNSSEC_DEBUG - printf("dn_expand failed.\n"); -#endif - goto end; - } - cp += len; - GETSHORT(qtype, cp); /* TYPE */ - GETSHORT(qclass, cp); /* CLASS */ - cp += INT32SZ; /* TTL */ - GETSHORT(rdlength, cp); /* RDLENGTH */ - - /* CERT RR */ - if (qtype != T_CERT) { -#ifdef DNSSEC_DEBUG - printf("not T_CERT\n"); -#endif - h_errno = NO_RECOVERY; - goto end; - } - GETSHORT(qtype, cp); /* type */ - rdlength -= INT16SZ; - GETSHORT(keytag, cp); /* key tag */ - rdlength -= INT16SZ; - algorithm = *cp++; /* algorithm */ - rdlength -= 1; - if (cp + rdlength > eom) { -#ifdef DNSSEC_DEBUG - printf("rdlength is too long.\n"); -#endif - h_errno = NO_RECOVERY; - goto end; - } -#ifdef DNSSEC_DEBUG - printf("type=%d keytag=%d alg=%d len=%d\n", - qtype, keytag, algorithm, rdlength); -#endif - - /* create new certinfo */ - cur->ci_next = getnewci(qtype, keytag, algorithm, - 0, rdlength, cp); - if (!cur->ci_next) { -#ifdef DNSSEC_DEBUG - printf("getnewci: %s", strerror(errno)); -#endif - h_errno = NO_RECOVERY; - goto end; - } - cur = cur->ci_next; - - cp += rdlength; - } - - *res = head.ci_next; - error = 0; - -end: - if (answer) - free(answer); - if (error && head.ci_next) - freecertinfo(head.ci_next); - - return error; -} -#endif - -#ifdef DNSSEC_DEBUG -int -b64encode(p, len) - char *p; - int len; -{ - static const char b64t[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz" - "0123456789+/="; - - while (len > 2) { - printf("%c", b64t[(p[0] >> 2) & 0x3f]); - printf("%c", b64t[((p[0] << 4) & 0x30) | ((p[1] >> 4) & 0x0f)]); - printf("%c", b64t[((p[1] << 2) & 0x3c) | ((p[2] >> 6) & 0x03)]); - printf("%c", b64t[p[2] & 0x3f]); - len -= 3; - p += 3; - } - - if (len == 2) { - printf("%c", b64t[(p[0] >> 2) & 0x3f]); - printf("%c", b64t[((p[0] << 4) & 0x30)| ((p[1] >> 4) & 0x0f)]); - printf("%c", b64t[((p[1] << 2) & 0x3c)]); - printf("%c", '='); - } else if (len == 1) { - printf("%c", b64t[(p[0] >> 2) & 0x3f]); - printf("%c", b64t[((p[0] << 4) & 0x30)]); - printf("%c", '='); - printf("%c", '='); - } - - return 0; -} - -int -main(ac, av) - int ac; - char **av; -{ - struct certinfo *res, *p; - int i; - - if (ac < 2) { - printf("Usage: a.out (FQDN)\n"); - exit(1); - } - - i = getcertsbyname(*(av + 1), &res); - if (i != 0) { - herror("getcertsbyname"); - exit(1); - } - printf("getcertsbyname succeeded.\n"); - - i = 0; - for (p = res; p; p = p->ci_next) { - printf("certinfo[%d]:\n", i); - printf("\tci_type=%d\n", p->ci_type); - printf("\tci_keytag=%d\n", p->ci_keytag); - printf("\tci_algorithm=%d\n", p->ci_algorithm); - printf("\tci_flags=%d\n", p->ci_flags); - printf("\tci_certlen=%d\n", p->ci_certlen); - printf("\tci_cert: "); - b64encode(p->ci_cert, p->ci_certlen); - printf("\n"); - i++; - } - - freecertinfo(res); - - exit(0); -} -#endif diff --git a/racoon.tproj/grabmyaddr.c b/racoon.tproj/grabmyaddr.c deleted file mode 100644 index 5abd87f..0000000 --- a/racoon.tproj/grabmyaddr.c +++ /dev/null @@ -1,537 +0,0 @@ -/* $KAME: grabmyaddr.c,v 1.35 2003/01/14 07:07:36 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#if defined(__FreeBSD__) && __FreeBSD__ >= 3 -#include -#endif -#include -#include -#include -#include - -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#ifdef HAVE_GETIFADDRS -#include -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "debug.h" - -#include "localconf.h" -#include "grabmyaddr.h" -#include "sockmisc.h" -#include "isakmp_var.h" -#include "gcmalloc.h" - -#ifndef HAVE_GETIFADDRS -static unsigned int if_maxindex __P((void)); -#endif -static struct myaddrs *find_myaddr __P((struct myaddrs *, struct sockaddr *)); -static int suitable_ifaddr __P((const char *, const struct sockaddr *)); -#ifdef INET6 -static int suitable_ifaddr6 __P((const char *, const struct sockaddr *)); -#endif - -#ifndef HAVE_GETIFADDRS -static unsigned int -if_maxindex() -{ - struct if_nameindex *p, *p0; - unsigned int max = 0; - - p0 = if_nameindex(); - for (p = p0; p && p->if_index && p->if_name; p++) { - if (max < p->if_index) - max = p->if_index; - } - if_freenameindex(p0); - return max; -} -#endif - -void -clear_myaddr(db) - struct myaddrs **db; -{ - struct myaddrs *p; - - while (*db) { - p = (*db)->next; - delmyaddr(*db); - *db = p; - } -} - -static struct myaddrs * -find_myaddr(db, addr) - struct myaddrs *db; - struct sockaddr *addr; -{ - struct myaddrs *q; - char h1[NI_MAXHOST], h2[NI_MAXHOST]; - - if (getnameinfo(addr, addr->sa_len, h1, sizeof(h1), NULL, 0, - NI_NUMERICHOST | niflags) != 0) - return NULL; - - for (q = db; q; q = q->next) { - if (!q->addr) - continue; - if (addr->sa_len != q->addr->sa_len) - continue; - if (getnameinfo(q->addr, q->addr->sa_len, h2, sizeof(h2), - NULL, 0, NI_NUMERICHOST | niflags) != 0) - return NULL; - if (strcmp(h1, h2) == 0) - return q; - } - - return NULL; -} - -// 1/19/04 - modified to avoid closing and opening sockets for -// all interfaces each time an interface change occurs. -// on return: addrcount = zero indicates address no longer used -// sock = -1 indicates a new address - no socket opened yet. -void -grab_myaddrs() -{ -#ifdef HAVE_GETIFADDRS - struct myaddrs *p; - struct ifaddrs *ifa0, *ifap; -#ifdef INET6 -#ifdef __KAME__ - struct sockaddr_in6 *sin6; -#endif -#endif - - char addr1[NI_MAXHOST]; - - if (getifaddrs(&ifa0)) { - plog(LLV_ERROR, LOCATION, NULL, - "getifaddrs failed: %s\n", strerror(errno)); - exit(1); - /*NOTREACHED*/ - } - - // zero the count for each address in our list - for (p = lcconf->myaddrs; p; p = p->next) - p->addrcount = 0; - - for (ifap = ifa0; ifap; ifap = ifap->ifa_next) { - - if (ifap->ifa_addr->sa_family != AF_INET -#ifdef INET6 - && ifap->ifa_addr->sa_family != AF_INET6 -#endif - ) - continue; - - if (!suitable_ifaddr(ifap->ifa_name, ifap->ifa_addr)) { - plog(LLV_ERROR, LOCATION, NULL, - "unsuitable address: %s %s\n", - ifap->ifa_name, - saddrwop2str(ifap->ifa_addr)); - continue; - } - -#ifdef INET6 -#ifdef __KAME__ - if (ifap->ifa_addr->sa_family == AF_INET6) { - sin6 = (struct sockaddr_in6 *)ifap->ifa_addr; - if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr) - || IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) { - sin6->sin6_scope_id = - ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]); - sin6->sin6_addr.s6_addr[2] = 0; - sin6->sin6_addr.s6_addr[3] = 0; - } - } -#endif -#endif - - p = find_myaddr(lcconf->myaddrs, ifap->ifa_addr); - if (p) - p->addrcount++; - else { - p = newmyaddr(); - if (p == NULL) { - exit(1); - /*NOTREACHED*/ - } - p->addr = dupsaddr(ifap->ifa_addr); - if (p->addr == NULL) { - exit(1); - /*NOTREACHED*/ - } - p->sock = -1; -#ifdef IKE_NAT_T - p->nattsock = -1; -#endif - p->addrcount = 1; - - if (getnameinfo(p->addr, p->addr->sa_len, - addr1, sizeof(addr1), - NULL, 0, - NI_NUMERICHOST | niflags)) - strlcpy(addr1, "(invalid)", sizeof(addr1)); - plog(LLV_DEBUG, LOCATION, NULL, - "my interface: %s (%s)\n", - addr1, ifap->ifa_name); - - p->next = lcconf->myaddrs; - lcconf->myaddrs = p; - } - } - - freeifaddrs(ifa0); - - -#else /*!HAVE_GETIFADDRS*/ -#error "NOT SUPPORTED" -#endif /*HAVE_GETIFADDRS*/ -} - -/* - * check the interface is suitable or not - */ -static int -suitable_ifaddr(ifname, ifaddr) - const char *ifname; - const struct sockaddr *ifaddr; -{ - switch(ifaddr->sa_family) { - case AF_INET: - return 1; -#ifdef INET6 - case AF_INET6: - return suitable_ifaddr6(ifname, ifaddr); -#endif - default: - return 0; - } - /*NOTREACHED*/ -} - -#ifdef INET6 -static int -suitable_ifaddr6(ifname, ifaddr) - const char *ifname; - const struct sockaddr *ifaddr; -{ - struct in6_ifreq ifr6; - int s; - - if (ifaddr->sa_family != AF_INET6) - return 0; - - s = socket(PF_INET6, SOCK_DGRAM, 0); - if (s == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "socket(SOCK_DGRAM) failed:%s\n", strerror(errno)); - return 0; - } - - memset(&ifr6, 0, sizeof(ifr6)); - strncpy(ifr6.ifr_name, ifname, strlen(ifname)); - - ifr6.ifr_addr = *(const struct sockaddr_in6 *)ifaddr; - - if (ioctl(s, SIOCGIFAFLAG_IN6, &ifr6) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "ioctl(SIOCGIFAFLAG_IN6) failed:%s\n", strerror(errno)); - close(s); - return 0; - } - - close(s); - - if (ifr6.ifr_ifru.ifru_flags6 & IN6_IFF_DUPLICATED - || ifr6.ifr_ifru.ifru_flags6 & IN6_IFF_DETACHED) - return 0; - - /* suitable */ - return 1; -} -#endif - -int -update_myaddrs() -{ - char msg[BUFSIZ]; - int len; - struct rt_msghdr *rtm; - - len = read(lcconf->rtsock, msg, sizeof(msg)); - if (len < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "read(PF_ROUTE) failed: %s\n", - strerror(errno)); - return 0; - } - rtm = (struct rt_msghdr *)msg; - if (len < rtm->rtm_msglen) { - plog(LLV_ERROR, LOCATION, NULL, - "read(PF_ROUTE) short read\n"); - return 0; - } - if (rtm->rtm_version != RTM_VERSION) { - plog(LLV_ERROR, LOCATION, NULL, - "routing socket version mismatch\n"); - close(lcconf->rtsock); - lcconf->rtsock = -1; - return 0; - } - switch (rtm->rtm_type) { - case RTM_NEWADDR: - case RTM_DELADDR: - case RTM_DELETE: - case RTM_IFINFO: - break; - case RTM_MISS: - /* ignore this message silently */ - return 0; - default: - plog(LLV_DEBUG, LOCATION, NULL, - "msg %d not interesting\n", rtm->rtm_type); - return 0; - } - /* XXX more filters here? */ - - plog(LLV_DEBUG, LOCATION, NULL, - "caught rtm:%d, need update interface address list\n", - rtm->rtm_type); - return 1; -} - -/* - * initialize default port for ISAKMP to send, if no "listen" - * directive is specified in config file. - * - * DO NOT listen to wildcard addresses. if you receive packets to - * wildcard address, you'll be in trouble (DoS attack possible by - * broadcast storm). - */ -int -autoconf_myaddrsport() -{ - struct myaddrs *p; - struct sockaddr_in *sin4; -#ifdef INET6 - struct sockaddr_in6 *sin6; -#endif - int n; - - plog(LLV_DEBUG, LOCATION, NULL, - "configuring default isakmp port.\n"); - n = 0; - for (p = lcconf->myaddrs; p; p = p->next) { - if (!p->addr) - continue; - switch (p->addr->sa_family) { - case AF_INET: - sin4 = (struct sockaddr_in *)p->addr; - sin4->sin_port = htons(lcconf->port_isakmp); - break; -#ifdef INET6 - case AF_INET6: - sin6 = (struct sockaddr_in6 *)p->addr; - sin6->sin6_port = htons(lcconf->port_isakmp); - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "unsupported AF %d\n", p->addr->sa_family); - goto err; - } - n++; - } - plog(LLV_DEBUG, LOCATION, NULL, - "%d addrs are configured successfully\n", n); - - return 0; -err: - plog(LLV_ERROR, LOCATION, NULL, "address autoconfiguration failed\n"); - return -1; -} - -/* - * get a port number to which racoon binded. - * NOTE: network byte order returned. - */ -u_short -getmyaddrsport(local) - struct sockaddr *local; -{ - struct myaddrs *p; - - /* get a relative port */ - for (p = lcconf->myaddrs; p; p = p->next) { - if (!p->addr) - continue; - if (!cmpsaddrwop(local, p->addr)) { - switch (p->addr->sa_family) { - case AF_INET: - return ((struct sockaddr_in *)p->addr)->sin_port; -#ifdef INET6 - case AF_INET6: - return ((struct sockaddr_in6 *)p->addr)->sin6_port; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", - p->addr->sa_family); - return -1; - } - } - continue; - } - - return htons(PORT_ISAKMP); -} - -struct myaddrs * -newmyaddr() -{ - struct myaddrs *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate buffer for myaddrs.\n"); - return NULL; - } - - new->next = NULL; - new->addr = NULL; - - return new; -} - -void -insmyaddr(new, head) - struct myaddrs *new; - struct myaddrs **head; -{ - new->next = *head; - *head = new; -} - -void -delmyaddr(myaddr) - struct myaddrs *myaddr; -{ - if (myaddr->addr) - racoon_free(myaddr->addr); - racoon_free(myaddr); -} - -int -initmyaddr() -{ - /* initialize routing socket */ - lcconf->rtsock = socket(PF_ROUTE, SOCK_RAW, PF_UNSPEC); - if (lcconf->rtsock < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "socket(PF_ROUTE) failed: %s", - strerror(errno)); - return -1; - } - - if (lcconf->myaddrs == NULL && lcconf->autograbaddr == 1) { - grab_myaddrs(); - - if (autoconf_myaddrsport() < 0) - return -1; - } - - return 0; -} - -/* select the socket to be sent */ -/* should implement other method. */ -int -getsockmyaddr(my) - struct sockaddr *my; -{ - struct myaddrs *p, *lastresort = NULL; - - for (p = lcconf->myaddrs; p; p = p->next) { - if (p->addr == NULL) - continue; - if (my->sa_family == p->addr->sa_family) - lastresort = p; - if (my->sa_len == p->addr->sa_len - && memcmp(my, p->addr, my->sa_len) == 0) { - break; - } -#ifdef IKE_NAT_T - if (my->sa_family == p->addr->sa_family && - my->sa_family == AF_INET && - ((struct sockaddr_in*)my)->sin_addr.s_addr == - ((struct sockaddr_in*)p->addr)->sin_addr.s_addr && - ((struct sockaddr_in*)my)->sin_port == htons(PORT_ISAKMP_NATT)) - { - plog(LLV_DEBUG, LOCATION, NULL, - "picked natt socket (%d - %s) for sending\n", - p->nattsock, saddr2str(my)); - return p->nattsock; - } -#endif - } - if (!p) - p = lastresort; - if (!p) { - plog(LLV_ERROR, LOCATION, NULL, - "no socket matches address family %d\n", - my->sa_family); - return -1; - } - - return p->sock; -} diff --git a/racoon.tproj/grabmyaddr.h b/racoon.tproj/grabmyaddr.h deleted file mode 100644 index f9eab2d..0000000 --- a/racoon.tproj/grabmyaddr.h +++ /dev/null @@ -1,60 +0,0 @@ -/* $KAME: grabmyaddr.h,v 1.6 2001/12/12 15:29:12 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __GRABMYADDR_H__ -#define __GRABMYADDR_H__ - - -struct myaddrs { - struct myaddrs *next; - struct sockaddr *addr; - int sock; -#ifdef IKE_NAT_T - int nattsock; /* nat-traversal socket (port PORT_ISAKMP_NATT), for IPv4 sockets only */ -#endif - int addrcount; /* number of interfaces associated with this address */ - -}; - -extern void clear_myaddr __P((struct myaddrs **)); -extern void grab_myaddrs __P((void)); -extern int update_myaddrs __P((void)); -extern int autoconf_myaddrsport __P((void)); -extern u_short getmyaddrsport __P((struct sockaddr *)); -extern struct myaddrs *newmyaddr __P((void)); -extern void insmyaddr __P((struct myaddrs *, struct myaddrs **)); -extern void delmyaddr __P((struct myaddrs *)); -extern int initmyaddr __P((void)); -extern int getsockmyaddr __P((struct sockaddr *)); - - -#endif /* __GRABMYADDR_H__ */ - diff --git a/racoon.tproj/gssapi.c b/racoon.tproj/gssapi.c deleted file mode 100644 index af25582..0000000 --- a/racoon.tproj/gssapi.c +++ /dev/null @@ -1,709 +0,0 @@ -/* $KAME: gssapi.c,v 1.19 2001/04/03 15:51:55 thorpej Exp $ */ - -/* - * Copyright 2000 Wasabi Systems, Inc. - * All rights reserved. - * - * This software was written by Frank van der Linden of Wasabi Systems - * for Zembu Labs, Inc. http://www.zembu.com/ - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Wasabi Systems for - * Zembu Labs, Inc. http://www.zembu.com/ - * 4. The name of Wasabi Systems, Inc. may not be used to endorse - * or promote products derived from this software without specific prior - * written permission. - * - * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC - * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -#ifdef HAVE_GSSAPI -#include -#include -#include -#include - -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "schedule.h" -#include "debug.h" - -#include "localconf.h" -#include "remoteconf.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "oakley.h" -#include "handler.h" -#include "ipsec_doi.h" -#include "crypto_openssl.h" -#include "pfkey.h" -#include "isakmp_ident.h" -#include "isakmp_inf.h" -#include "vendorid.h" -#include "gcmalloc.h" - -#include "gssapi.h" - -static void -gssapi_error(OM_uint32 status_code, const char *where, - const char *fmt, ...) -{ - OM_uint32 message_context, maj_stat, min_stat; - gss_buffer_desc status_string; - va_list ap; - - va_start(ap, fmt); - plogv(LLV_ERROR, where, NULL, fmt, ap); - va_end(ap); - - message_context = 0; - - do { - maj_stat = gss_display_status(&min_stat, status_code, - GSS_C_MECH_CODE, GSS_C_NO_OID, &message_context, - &status_string); - if (GSS_ERROR(maj_stat)) - plog(LLV_ERROR, LOCATION, NULL, - "UNABLE TO GET GSSAPI ERROR CODE\n"); - else { - plog(LLV_ERROR, where, NULL, - "%s\n", status_string.value); - gss_release_buffer(&min_stat, &status_string); - } - } while (message_context != 0); -} - -/* - * vmbufs and gss_buffer_descs are really just the same on NetBSD, but - * this is to be portable. - */ -static int -gssapi_vm2gssbuf(vchar_t *vmbuf, gss_buffer_t gsstoken) -{ - - gsstoken->value = racoon_malloc(vmbuf->l); - if (gsstoken->value == NULL) - return -1; - memcpy(gsstoken->value, vmbuf->v, vmbuf->l); - gsstoken->length = vmbuf->l; - - return 0; -} - -static int -gssapi_gss2vmbuf(gss_buffer_t gsstoken, vchar_t **vmbuf) -{ - - *vmbuf = vmalloc(gsstoken->length); - if (*vmbuf == NULL) - return -1; - memcpy((*vmbuf)->v, gsstoken->value, gsstoken->length); - (*vmbuf)->l = gsstoken->length; - - return 0; -} - -static int -gssapi_get_default_name(struct ph1handle *iph1, int remote, gss_name_t *service) -{ - char name[NI_MAXHOST]; - struct sockaddr *sa; - gss_buffer_desc name_token; - OM_uint32 min_stat, maj_stat; - - sa = remote ? iph1->remote : iph1->local; - - if (getnameinfo(sa, sa->sa_len, name, NI_MAXHOST, NULL, 0, 0) != 0) - return -1; - - name_token.length = asprintf((char **)&name_token.value, - "%s@%s", GSSAPI_DEF_NAME, name); - maj_stat = gss_import_name(&min_stat, &name_token, - GSS_C_NT_HOSTBASED_SERVICE, service); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "import name\n"); - maj_stat = gss_release_buffer(&min_stat, &name_token); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release name_token"); - return -1; - } - maj_stat = gss_release_buffer(&min_stat, &name_token); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release name_token"); - - return 0; -} - -static int -gssapi_init(struct ph1handle *iph1) -{ - struct gssapi_ph1_state *gps; - gss_buffer_desc id_token, cred_token; - gss_buffer_t cred = &cred_token; - gss_name_t princ, canon_princ; - OM_uint32 maj_stat, min_stat; - - gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state)); - if (gps == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n"); - return -1; - } - gps->gss_context = GSS_C_NO_CONTEXT; - gps->gss_cred = GSS_C_NO_CREDENTIAL; - - gssapi_set_state(iph1, gps); - - if (iph1->rmconf->proposal->gssid != NULL) { - id_token.length = iph1->rmconf->proposal->gssid->l; - id_token.value = iph1->rmconf->proposal->gssid->v; - maj_stat = gss_import_name(&min_stat, &id_token, GSS_C_NO_OID, - &princ); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "import name\n"); - gssapi_free_state(iph1); - return -1; - } - } else - gssapi_get_default_name(iph1, 0, &princ); - - maj_stat = gss_canonicalize_name(&min_stat, princ, GSS_C_NO_OID, - &canon_princ); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "canonicalize name\n"); - maj_stat = gss_release_name(&min_stat, &princ); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release princ\n"); - gssapi_free_state(iph1); - return -1; - } - maj_stat = gss_release_name(&min_stat, &princ); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release princ\n"); - - maj_stat = gss_export_name(&min_stat, canon_princ, cred); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "export name\n"); - maj_stat = gss_release_name(&min_stat, &canon_princ); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, - "release canon_princ\n"); - gssapi_free_state(iph1); - return -1; - } - - plog(LLV_DEBUG, LOCATION, NULL, "will try to acquire '%*s' creds\n", - cred->length, cred->value); - maj_stat = gss_release_buffer(&min_stat, cred); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release cred buffer\n"); - - maj_stat = gss_acquire_cred(&min_stat, canon_princ, GSS_C_INDEFINITE, - GSS_C_NO_OID_SET, GSS_C_BOTH, &gps->gss_cred, NULL, NULL); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "acquire cred\n"); - maj_stat = gss_release_name(&min_stat, &canon_princ); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, - "release canon_princ\n"); - gssapi_free_state(iph1); - return -1; - } - maj_stat = gss_release_name(&min_stat, &canon_princ); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release canon_princ\n"); - - return 0; -} - -int -gssapi_get_itoken(struct ph1handle *iph1, int *lenp) -{ - struct gssapi_ph1_state *gps; - gss_buffer_desc empty, name_token; - gss_buffer_t itoken, rtoken, dummy; - OM_uint32 maj_stat, min_stat; - gss_name_t partner; - - if (gssapi_get_state(iph1) == NULL && gssapi_init(iph1) < 0) - return -1; - - gps = gssapi_get_state(iph1); - - empty.length = 0; - empty.value = NULL; - dummy = ∅ - - if (iph1->approval != NULL && iph1->approval->gssid != NULL) { - plog(LLV_DEBUG, LOCATION, NULL, "using provided service '%s'\n", - iph1->approval->gssid->v); - name_token.length = iph1->approval->gssid->l; - name_token.value = iph1->approval->gssid->v; - maj_stat = gss_import_name(&min_stat, &name_token, - GSS_C_NO_OID, &partner); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "import of %s\n", - name_token.value); - return -1; - } - } else - if (gssapi_get_default_name(iph1, 1, &partner) < 0) - return -1; - - rtoken = gps->gsscnt_p == 0 ? dummy : &gps->gss_p[gps->gsscnt_p - 1]; - itoken = &gps->gss[gps->gsscnt]; - - gps->gss_status = gss_init_sec_context(&min_stat, gps->gss_cred, - &gps->gss_context, partner, GSS_C_NO_OID, - GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG | - GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG, - 0, GSS_C_NO_CHANNEL_BINDINGS, rtoken, NULL, - itoken, NULL, NULL); - - if (GSS_ERROR(gps->gss_status)) { - gssapi_error(min_stat, LOCATION, "init_sec_context\n"); - maj_stat = gss_release_name(&min_stat, &partner); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release name\n"); - return -1; - } - maj_stat = gss_release_name(&min_stat, &partner); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release name\n"); - - plog(LLV_DEBUG, LOCATION, NULL, "gss_init_sec_context status %x\n", - gps->gss_status); - - if (lenp) - *lenp = itoken->length; - - if (itoken->length != 0) - gps->gsscnt++; - - return 0; -} - -/* - * Call gss_accept_context, with token just read from the wire. - */ -int -gssapi_get_rtoken(struct ph1handle *iph1, int *lenp) -{ - struct gssapi_ph1_state *gps; - gss_buffer_desc name_token; - gss_buffer_t itoken, rtoken; - OM_uint32 min_stat, maj_stat; - gss_name_t client_name; - - if (gssapi_get_state(iph1) == NULL && gssapi_init(iph1) < 0) - return -1; - - gps = gssapi_get_state(iph1); - - rtoken = &gps->gss_p[gps->gsscnt_p - 1]; - itoken = &gps->gss[gps->gsscnt]; - - gps->gss_status = gss_accept_sec_context(&min_stat, &gps->gss_context, - gps->gss_cred, rtoken, GSS_C_NO_CHANNEL_BINDINGS, &client_name, - NULL, itoken, NULL, NULL, NULL); - - if (GSS_ERROR(gps->gss_status)) { - gssapi_error(min_stat, LOCATION, "accept_sec_context\n"); - return -1; - } - - maj_stat = gss_display_name(&min_stat, client_name, &name_token, NULL); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "gss_display_name\n"); - maj_stat = gss_release_name(&min_stat, &client_name); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, - "release client_name\n"); - return -1; - } - maj_stat = gss_release_name(&min_stat, &client_name); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release client_name\n"); - - plog(LLV_DEBUG, LOCATION, NULL, - "gss_accept_sec_context: other side is %s\n", - name_token.value); - maj_stat = gss_release_buffer(&min_stat, &name_token); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release name buffer\n"); - - if (itoken->length != 0) - gps->gsscnt++; - - if (lenp) - *lenp = itoken->length; - - return 0; -} - -int -gssapi_save_received_token(struct ph1handle *iph1, vchar_t *token) -{ - struct gssapi_ph1_state *gps; - gss_buffer_t gsstoken; - int ret; - - if (gssapi_get_state(iph1) == NULL && gssapi_init(iph1) < 0) - return -1; - - gps = gssapi_get_state(iph1); - - gsstoken = &gps->gss_p[gps->gsscnt_p]; - - ret = gssapi_vm2gssbuf(token, gsstoken); - if (ret < 0) - return ret; - gps->gsscnt_p++; - - return 0; -} - -int -gssapi_get_token_to_send(struct ph1handle *iph1, vchar_t **token) -{ - struct gssapi_ph1_state *gps; - gss_buffer_t gsstoken; - int ret; - - gps = gssapi_get_state(iph1); - if (gps == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "gssapi not yet initialized?\n"); - return -1; - } - gsstoken = &gps->gss[gps->gsscnt - 1]; - ret = gssapi_gss2vmbuf(gsstoken, token); - if (ret < 0) - return ret; - - return 0; -} - -int -gssapi_get_itokens(struct ph1handle *iph1, vchar_t **tokens) -{ - struct gssapi_ph1_state *gps; - int len, i; - vchar_t *toks; - char *p; - - gps = gssapi_get_state(iph1); - if (gps == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "gssapi not yet initialized?\n"); - return -1; - } - - for (i = len = 0; i < gps->gsscnt; i++) - len += gps->gss[i].length; - - toks = vmalloc(len); - if (toks == 0) - return -1; - p = (char *)toks->v; - for (i = 0; i < gps->gsscnt; i++) { - memcpy(p, gps->gss[i].value, gps->gss[i].length); - p += gps->gss[i].length; - } - - *tokens = toks; - - plog(LLV_DEBUG, LOCATION, NULL, - "%d itokens of length %d\n", gps->gsscnt, (*tokens)->l); - - return 0; -} - -int -gssapi_get_rtokens(struct ph1handle *iph1, vchar_t **tokens) -{ - struct gssapi_ph1_state *gps; - int len, i; - vchar_t *toks; - char *p; - - gps = gssapi_get_state(iph1); - if (gps == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "gssapi not yet initialized?\n"); - return -1; - } - - if (gssapi_more_tokens(iph1)) { - plog(LLV_ERROR, LOCATION, NULL, - "gssapi roundtrips not complete\n"); - return -1; - } - - for (i = len = 0; i < gps->gsscnt_p; i++) - len += gps->gss_p[i].length; - - toks = vmalloc(len); - if (toks == 0) - return -1; - p = (char *)toks->v; - for (i = 0; i < gps->gsscnt_p; i++) { - memcpy(p, gps->gss_p[i].value, gps->gss_p[i].length); - p += gps->gss_p[i].length; - } - - *tokens = toks; - - return 0; -} - -vchar_t * -gssapi_wraphash(struct ph1handle *iph1) -{ - struct gssapi_ph1_state *gps; - OM_uint32 maj_stat, min_stat; - gss_buffer_desc hash_in_buf, hash_out_buf; - gss_buffer_t hash_in = &hash_in_buf, hash_out = &hash_out_buf; - vchar_t *outbuf; - - gps = gssapi_get_state(iph1); - if (gps == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "gssapi not yet initialized?\n"); - return NULL; - } - - if (gssapi_more_tokens(iph1)) { - plog(LLV_ERROR, LOCATION, NULL, - "gssapi roundtrips not complete\n"); - return NULL; - } - - if (gssapi_vm2gssbuf(iph1->hash, hash_in) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "vm2gssbuf failed\n"); - return NULL; - } - - maj_stat = gss_wrap(&min_stat, gps->gss_context, 1, GSS_C_QOP_DEFAULT, - hash_in, NULL, hash_out); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "wrapping hash value\n"); - maj_stat = gss_release_buffer(&min_stat, hash_in); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, - "release hash_in buffer\n"); - return NULL; - } - - plog(LLV_DEBUG, LOCATION, NULL, "wrapped HASH, ilen %d olen %d\n", - hash_in->length, hash_out->length); - - maj_stat = gss_release_buffer(&min_stat, hash_in); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release hash_in buffer\n"); - - if (gssapi_gss2vmbuf(hash_out, &outbuf) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "gss2vmbuf failed\n"); - maj_stat = gss_release_buffer(&min_stat, hash_out); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, - "release hash_out buffer\n"); - return NULL; - } - maj_stat = gss_release_buffer(&min_stat, hash_out); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release hash_out buffer\n"); - - return outbuf; -} - -vchar_t * -gssapi_unwraphash(struct ph1handle *iph1) -{ - struct gssapi_ph1_state *gps; - OM_uint32 maj_stat, min_stat; - gss_buffer_desc hashbuf, hash_outbuf; - gss_buffer_t hash_in = &hashbuf, hash_out = &hash_outbuf; - vchar_t *outbuf; - - gps = gssapi_get_state(iph1); - if (gps == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "gssapi not yet initialized?\n"); - return NULL; - } - - - hashbuf.length = ntohs(iph1->pl_hash->h.len) - sizeof(*iph1->pl_hash); - hashbuf.value = (char *)(iph1->pl_hash + 1); - - plog(LLV_DEBUG, LOCATION, NULL, "unwrapping HASH of len %d\n", - hashbuf.length); - - maj_stat = gss_unwrap(&min_stat, gps->gss_context, hash_in, hash_out, - NULL, NULL); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "unwrapping hash value\n"); - return NULL; - } - - if (gssapi_gss2vmbuf(hash_out, &outbuf) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "gss2vmbuf failed\n"); - maj_stat = gss_release_buffer(&min_stat, hash_out); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, - "release hash_out buffer\n"); - return NULL; - } - maj_stat = gss_release_buffer(&min_stat, hash_out); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release hash_out buffer\n"); - - return outbuf; -} - -void -gssapi_set_id_sent(struct ph1handle *iph1) -{ - struct gssapi_ph1_state *gps; - - gps = gssapi_get_state(iph1); - - gps->gss_flags |= GSSFLAG_ID_SENT; -} - -int -gssapi_id_sent(struct ph1handle *iph1) -{ - struct gssapi_ph1_state *gps; - - gps = gssapi_get_state(iph1); - - return (gps->gss_flags & GSSFLAG_ID_SENT) != 0; -} - -void -gssapi_set_id_rcvd(struct ph1handle *iph1) -{ - struct gssapi_ph1_state *gps; - - gps = gssapi_get_state(iph1); - - gps->gss_flags |= GSSFLAG_ID_RCVD; -} - -int -gssapi_id_rcvd(struct ph1handle *iph1) -{ - struct gssapi_ph1_state *gps; - - gps = gssapi_get_state(iph1); - - return (gps->gss_flags & GSSFLAG_ID_RCVD) != 0; -} - -void -gssapi_free_state(struct ph1handle *iph1) -{ - struct gssapi_ph1_state *gps; - OM_uint32 maj_stat, min_stat; - - gps = gssapi_get_state(iph1); - - if (gps == NULL) - return; - - gssapi_set_state(iph1, NULL); - - if (gps->gss_cred != GSS_C_NO_CREDENTIAL) { - maj_stat = gss_release_cred(&min_stat, &gps->gss_cred); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, - "releasing credentials\n"); - } - racoon_free(gps); -} - -vchar_t * -gssapi_get_default_id(struct ph1handle *iph1) -{ - gss_buffer_desc id_buffer; - gss_buffer_t id = &id_buffer; - gss_name_t defname, canon_name; - OM_uint32 min_stat, maj_stat; - vchar_t *vmbuf; - - if (gssapi_get_default_name(iph1, 0, &defname) < 0) - return NULL; - - maj_stat = gss_canonicalize_name(&min_stat, defname, GSS_C_NO_OID, - &canon_name); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "canonicalize name\n"); - maj_stat = gss_release_name(&min_stat, &defname); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, - "release default name\n"); - return NULL; - } - maj_stat = gss_release_name(&min_stat, &defname); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release default name\n"); - - maj_stat = gss_export_name(&min_stat, canon_name, id); - if (GSS_ERROR(maj_stat)) { - gssapi_error(min_stat, LOCATION, "export name\n"); - maj_stat = gss_release_name(&min_stat, &canon_name); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, - "release canonical name\n"); - return NULL; - } - maj_stat = gss_release_name(&min_stat, &canon_name); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release canonical name\n"); - - plog(LLV_DEBUG, LOCATION, NULL, "will try to acquire '%*s' creds\n", - id->length, id->value); - - if (gssapi_gss2vmbuf(id, &vmbuf) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "gss2vmbuf failed\n"); - maj_stat = gss_release_buffer(&min_stat, id); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release id buffer\n"); - return NULL; - } - maj_stat = gss_release_buffer(&min_stat, id); - if (GSS_ERROR(maj_stat)) - gssapi_error(min_stat, LOCATION, "release id buffer\n"); - - return vmbuf; -} -#else -int __gssapi_dUmMy; -#endif diff --git a/racoon.tproj/gssapi.h b/racoon.tproj/gssapi.h deleted file mode 100644 index e5a6eb2..0000000 --- a/racoon.tproj/gssapi.h +++ /dev/null @@ -1,96 +0,0 @@ -/* $KAME: gssapi.h,v 1.5 2002/05/07 18:13:25 sakane Exp $ */ - -/* - * Copyright 2000 Wasabi Systems, Inc. - * All rights reserved. - * - * This software was written by Frank van der Linden of Wasabi Systems - * for Zembu Labs, Inc. http://www.zembu.com/ - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Wasabi Systems for - * Zembu Labs, Inc. http://www.zembu.com/ - * 4. The name of Wasabi Systems, Inc. may not be used to endorse - * or promote products derived from this software without specific prior - * written permission. - * - * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC - * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef __GSSAPI_H__ -#define __GSSAPI_H__ - - -#include - -#define GSSAPI_DEF_NAME "ike" - -struct ph1handle; -struct isakmpsa; - -struct gssapi_ph1_state { - int gsscnt; /* # of token we're working on */ - int gsscnt_p; /* # of token we're working on */ - - gss_buffer_desc gss[3]; /* gss-api tokens. */ - /* NOTE: XXX this restricts the max # */ - /* to 3. More should never happen */ - - gss_buffer_desc gss_p[3]; - - gss_ctx_id_t gss_context; /* context for gss_init_sec_context */ - - OM_uint32 gss_status; /* retval from gss_init_sec_context */ - gss_cred_id_t gss_cred; /* acquired credentials */ - - int gss_flags; -#define GSSFLAG_ID_SENT 0x0001 -#define GSSFLAG_ID_RCVD 0x0001 -}; - -#define gssapi_get_state(ph) \ - ((struct gssapi_ph1_state *)((ph)->gssapi_state)) - -#define gssapi_set_state(ph, st) \ - (ph)->gssapi_state = (st) - -#define gssapi_more_tokens(ph) \ - ((gssapi_get_state(ph)->gss_status & GSS_S_CONTINUE_NEEDED) != 0) - -int gssapi_get_itoken __P((struct ph1handle *, int *)); -int gssapi_get_rtoken __P((struct ph1handle *, int *)); -int gssapi_save_received_token __P((struct ph1handle *, vchar_t *)); -int gssapi_get_token_to_send __P((struct ph1handle *, vchar_t **)); -int gssapi_get_itokens __P((struct ph1handle *, vchar_t **)); -int gssapi_get_rtokens __P((struct ph1handle *, vchar_t **)); -vchar_t *gssapi_wraphash __P((struct ph1handle *)); -vchar_t *gssapi_unwraphash __P((struct ph1handle *)); -void gssapi_set_id_sent __P((struct ph1handle *)); -int gssapi_id_sent __P((struct ph1handle *)); -void gssapi_set_id_rcvd __P((struct ph1handle *)); -int gssapi_id_rcvd __P((struct ph1handle *)); -void gssapi_free_state __P((struct ph1handle *)); -vchar_t *gssapi_get_default_id __P((struct ph1handle *)); - - -#endif /* __GSSAPI_H__ */ - diff --git a/racoon.tproj/handler.c b/racoon.tproj/handler.c deleted file mode 100644 index d4dd8fd..0000000 --- a/racoon.tproj/handler.c +++ /dev/null @@ -1,874 +0,0 @@ -/* $KAME: handler.c,v 1.57 2002/01/21 08:45:54 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "debug.h" - -#include "schedule.h" -#include "grabmyaddr.h" -#include "algorithm.h" -#include "crypto_openssl.h" -#include "policy.h" -#include "proposal.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "isakmp_inf.h" -#include "oakley.h" -#include "remoteconf.h" -#include "localconf.h" -#include "handler.h" -#include "gcmalloc.h" - -#ifdef HAVE_GSSAPI -#include "gssapi.h" -#endif - -static LIST_HEAD(_ph1tree_, ph1handle) ph1tree; -static LIST_HEAD(_ph2tree_, ph2handle) ph2tree; -static LIST_HEAD(_ctdtree_, contacted) ctdtree; -static LIST_HEAD(_rcptree_, recvdpkt) rcptree; - -static void del_recvdpkt __P((struct recvdpkt *)); -static void rem_recvdpkt __P((struct recvdpkt *)); -static void sweep_recvdpkt __P((void *)); - -/* - * functions about management of the isakmp status table - */ -/* %%% management phase 1 handler */ -/* - * search for isakmpsa handler with isakmp index. - */ - -extern caddr_t val2str(const char *, size_t); - -struct ph1handle * -getph1byindex(index) - isakmp_index *index; -{ - struct ph1handle *p; - - LIST_FOREACH(p, &ph1tree, chain) { - if (p->status == PHASE1ST_EXPIRED) - continue; - if (memcmp(&p->index, index, sizeof(*index)) == 0) - return p; - } - - return NULL; -} - -/* - * search for isakmp handler by i_ck in index. - */ -struct ph1handle * -getph1byindex0(index) - isakmp_index *index; -{ - struct ph1handle *p; - - LIST_FOREACH(p, &ph1tree, chain) { - if (p->status == PHASE1ST_EXPIRED) - continue; - if (memcmp(&p->index, index, sizeof(cookie_t)) == 0) - return p; - } - - return NULL; -} - -/* - * search for isakmpsa handler by remote address. - * don't use port number to search because this function search - * with phase 2's destinaion. - */ -struct ph1handle * -getph1byaddr(local, remote) - struct sockaddr *local, *remote; -{ - struct ph1handle *p; - - LIST_FOREACH(p, &ph1tree, chain) { - if (p->status == PHASE1ST_EXPIRED) - continue; - if (cmpsaddrwop(local, p->local) == 0 - && cmpsaddrwop(remote, p->remote) == 0) - return p; - } - - return NULL; -} - -/* - * dump isakmp-sa - */ -vchar_t * -dumpph1() -{ - struct ph1handle *iph1; - struct ph1dump *pd; - int cnt = 0; - vchar_t *buf; - - /* get length of buffer */ - LIST_FOREACH(iph1, &ph1tree, chain) - cnt++; - - buf = vmalloc(cnt * sizeof(struct ph1dump)); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer\n"); - return NULL; - } - pd = (struct ph1dump *)buf->v; - - LIST_FOREACH(iph1, &ph1tree, chain) { - memcpy(&pd->index, &iph1->index, sizeof(iph1->index)); - pd->status = iph1->status; - pd->side = iph1->side; - memcpy(&pd->remote, iph1->remote, iph1->remote->sa_len); - memcpy(&pd->local, iph1->local, iph1->local->sa_len); - pd->version = iph1->version; - pd->etype = iph1->etype; - pd->created = iph1->created; - pd->ph2cnt = iph1->ph2cnt; - pd++; - } - - return buf; -} - -/* - * create new isakmp Phase 1 status record to handle isakmp in Phase1 - */ -struct ph1handle * -newph1() -{ - struct ph1handle *iph1; - - /* create new iph1 */ - iph1 = racoon_calloc(1, sizeof(*iph1)); - if (iph1 == NULL) - return NULL; - - iph1->status = PHASE1ST_SPAWN; - - return iph1; -} - -/* - * delete new isakmp Phase 1 status record to handle isakmp in Phase1 - */ -void -delph1(iph1) - struct ph1handle *iph1; -{ - if (iph1->remote) { - racoon_free(iph1->remote); - iph1->remote = NULL; - } - if (iph1->local) { - racoon_free(iph1->local); - iph1->local = NULL; - } - - VPTRINIT(iph1->authstr); - - sched_scrub_param(iph1); - iph1->sce = NULL; - iph1->scr = NULL; - - VPTRINIT(iph1->sendbuf); - - VPTRINIT(iph1->dhpriv); - VPTRINIT(iph1->dhpub); - VPTRINIT(iph1->dhpub_p); - VPTRINIT(iph1->dhgxy); - VPTRINIT(iph1->nonce); - VPTRINIT(iph1->nonce_p); - VPTRINIT(iph1->skeyid); - VPTRINIT(iph1->skeyid_d); - VPTRINIT(iph1->skeyid_a); - VPTRINIT(iph1->skeyid_e); - VPTRINIT(iph1->key); - VPTRINIT(iph1->hash); - VPTRINIT(iph1->sig); - VPTRINIT(iph1->sig_p); - oakley_delcert(iph1->cert); - iph1->cert = NULL; - oakley_delcert(iph1->cert_p); - iph1->cert_p = NULL; - oakley_delcert(iph1->crl_p); - iph1->crl_p = NULL; - oakley_delcert(iph1->cr_p); - iph1->cr_p = NULL; - VPTRINIT(iph1->id); - VPTRINIT(iph1->id_p); - - if (iph1->ivm) { - oakley_delivm(iph1->ivm); - iph1->ivm = NULL; - } - - VPTRINIT(iph1->sa); - VPTRINIT(iph1->sa_ret); - -#ifdef HAVE_GSSAPI - VPTRINIT(iph1->gi_i); - VPTRINIT(iph1->gi_r); - - gssapi_free_state(iph1); -#endif - -#ifdef IKE_NAT_T - VPTRINIT(iph1->local_natd); - VPTRINIT(iph1->remote_natd); -#endif - - racoon_free(iph1); -} - -/* - * create new isakmp Phase 1 status record to handle isakmp in Phase1 - */ -int -insph1(iph1) - struct ph1handle *iph1; -{ - /* validity check */ - if (iph1->remote == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid isakmp SA handler. no remote address.\n"); - return -1; - } - LIST_INSERT_HEAD(&ph1tree, iph1, chain); - - return 0; -} - -void -remph1(iph1) - struct ph1handle *iph1; -{ - LIST_REMOVE(iph1, chain); -} - -/* - * flush isakmp-sa - */ -void -flushph1() -{ - struct ph1handle *p, *next; - - for (p = LIST_FIRST(&ph1tree); p; p = next) { - next = LIST_NEXT(p, chain); - - /* send delete information */ - if (p->status == PHASE1ST_ESTABLISHED) - isakmp_info_send_d1(p); - - remph1(p); - delph1(p); - } -} - -void -initph1tree() -{ - LIST_INIT(&ph1tree); -} - -/* %%% management phase 2 handler */ -/* - * search ph2handle with policy id. - */ -struct ph2handle * -getph2byspid(spid) - u_int32_t spid; -{ - struct ph2handle *p; - - LIST_FOREACH(p, &ph2tree, chain) { - /* - * there are ph2handle independent on policy - * such like informational exchange. - */ - if (p->spid == spid) - return p; - } - - return NULL; -} - -/* - * search ph2handle with sequence number. - */ -struct ph2handle * -getph2byseq(seq) - u_int32_t seq; -{ - struct ph2handle *p; - - LIST_FOREACH(p, &ph2tree, chain) { - if (p->seq == seq) - return p; - } - - return NULL; -} - -/* - * search ph2handle with message id. - */ -struct ph2handle * -getph2bymsgid(iph1, msgid) - struct ph1handle *iph1; - u_int32_t msgid; -{ - struct ph2handle *p; - - LIST_FOREACH(p, &ph2tree, chain) { - if (p->msgid == msgid) - return p; - } - - return NULL; -} - -/* - * call by pk_recvexpire(). - */ -struct ph2handle * -getph2bysaidx(src, dst, proto_id, spi) - struct sockaddr *src, *dst; - u_int proto_id; - u_int32_t spi; -{ - struct ph2handle *iph2; - struct saproto *pr; - - LIST_FOREACH(iph2, &ph2tree, chain) { - if (iph2->proposal == NULL && iph2->approval == NULL) - continue; - if (iph2->approval != NULL) { - for (pr = iph2->approval->head; pr != NULL; - pr = pr->next) { - if (proto_id != pr->proto_id) - break; - if (spi == pr->spi || spi == pr->spi_p) - return iph2; - } - } else if (iph2->proposal != NULL) { - for (pr = iph2->proposal->head; pr != NULL; - pr = pr->next) { - if (proto_id != pr->proto_id) - break; - if (spi == pr->spi) - return iph2; - } - } - } - - return NULL; -} - -/* - * create new isakmp Phase 2 status record to handle isakmp in Phase2 - */ -struct ph2handle * -newph2() -{ - struct ph2handle *iph2 = NULL; - - /* create new iph2 */ - iph2 = racoon_calloc(1, sizeof(*iph2)); - if (iph2 == NULL) - return NULL; - - iph2->status = PHASE1ST_SPAWN; - - return iph2; -} - -/* - * initialize ph2handle - * NOTE: don't initialize src/dst. - * SPI in the proposal is cleared. - */ -void -initph2(iph2) - struct ph2handle *iph2; -{ - sched_scrub_param(iph2); - iph2->sce = NULL; - iph2->scr = NULL; - - VPTRINIT(iph2->sendbuf); - VPTRINIT(iph2->msg1); - - /* clear spi, keep variables in the proposal */ - if (iph2->proposal) { - struct saproto *pr; - for (pr = iph2->proposal->head; pr != NULL; pr = pr->next) - pr->spi = 0; - } - - /* clear approval */ - if (iph2->approval) { - flushsaprop(iph2->approval); - iph2->approval = NULL; - } - - /* clear the generated policy */ - if (iph2->spidx_gen) { - delsp_bothdir((struct policyindex *)iph2->spidx_gen); - racoon_free(iph2->spidx_gen); - iph2->spidx_gen = NULL; - } - - if (iph2->pfsgrp) { - oakley_dhgrp_free(iph2->pfsgrp); - iph2->pfsgrp = NULL; - } - - VPTRINIT(iph2->dhpriv); - VPTRINIT(iph2->dhpub); - VPTRINIT(iph2->dhpub_p); - VPTRINIT(iph2->dhgxy); - VPTRINIT(iph2->id); - VPTRINIT(iph2->id_p); - VPTRINIT(iph2->nonce); - VPTRINIT(iph2->nonce_p); - VPTRINIT(iph2->sa); - VPTRINIT(iph2->sa_ret); - - if (iph2->ivm) { - oakley_delivm(iph2->ivm); - iph2->ivm = NULL; - } -} - -/* - * delete new isakmp Phase 2 status record to handle isakmp in Phase2 - */ -void -delph2(iph2) - struct ph2handle *iph2; -{ - initph2(iph2); - - if (iph2->src) { - racoon_free(iph2->src); - iph2->src = NULL; - } - if (iph2->dst) { - racoon_free(iph2->dst); - iph2->dst = NULL; - } - if (iph2->src_id) { - racoon_free(iph2->src_id); - iph2->src_id = NULL; - } - if (iph2->dst_id) { - racoon_free(iph2->dst_id); - iph2->dst_id = NULL; - } - - if (iph2->proposal) { - flushsaprop(iph2->proposal); - iph2->proposal = NULL; - } - - racoon_free(iph2); -} - -/* - * create new isakmp Phase 2 status record to handle isakmp in Phase2 - */ -int -insph2(iph2) - struct ph2handle *iph2; -{ - LIST_INSERT_HEAD(&ph2tree, iph2, chain); - - return 0; -} - -void -remph2(iph2) - struct ph2handle *iph2; -{ - LIST_REMOVE(iph2, chain); -} - -void -initph2tree() -{ - LIST_INIT(&ph2tree); -} - -void -flushph2() -{ - struct ph2handle *p, *next; - - for (p = LIST_FIRST(&ph2tree); p; p = next) { - next = LIST_NEXT(p, chain); - - /* send delete information */ - if (p->status == PHASE2ST_ESTABLISHED) - isakmp_info_send_d2(p); - - unbindph12(p); - remph2(p); - delph2(p); - } -} - -/* - * Delete all Phase 2 handlers for this src/dst/proto. This - * is used during INITIAL-CONTACT processing (so no need to - * send a message to the peer). - */ -void -deleteallph2(src, dst, proto_id) - struct sockaddr *src, *dst; - u_int proto_id; -{ - struct ph2handle *iph2, *next; - struct saproto *pr; - - for (iph2 = LIST_FIRST(&ph2tree); iph2 != NULL; iph2 = next) { - next = LIST_NEXT(iph2, chain); - if (iph2->proposal == NULL && iph2->approval == NULL) - continue; - if (iph2->approval != NULL) { - for (pr = iph2->approval->head; pr != NULL; - pr = pr->next) { - if (proto_id == pr->proto_id) - goto zap_it; - } - } else if (iph2->proposal != NULL) { - for (pr = iph2->proposal->head; pr != NULL; - pr = pr->next) { - if (proto_id == pr->proto_id) - goto zap_it; - } - } - continue; - zap_it: - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - } -} - -/* %%% */ -void -bindph12(iph1, iph2) - struct ph1handle *iph1; - struct ph2handle *iph2; -{ - iph2->ph1 = iph1; - LIST_INSERT_HEAD(&iph1->ph2tree, iph2, ph1bind); -} - -void -unbindph12(iph2) - struct ph2handle *iph2; -{ - if (iph2->ph1 != NULL) { - iph2->ph1 = NULL; - LIST_REMOVE(iph2, ph1bind); - } -} - -/* %%% management contacted list */ -/* - * search contacted list. - */ -struct contacted * -getcontacted(remote) - struct sockaddr *remote; -{ - struct contacted *p; - - LIST_FOREACH(p, &ctdtree, chain) { - if (cmpsaddrstrict(remote, p->remote) == 0) - return p; - } - - return NULL; -} - -/* - * create new isakmp Phase 2 status record to handle isakmp in Phase2 - */ -int -inscontacted(remote) - struct sockaddr *remote; -{ - struct contacted *new; - - /* create new iph2 */ - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - return -1; - - new->remote = dupsaddr(remote); - - LIST_INSERT_HEAD(&ctdtree, new, chain); - - return 0; -} - -void -initctdtree() -{ - LIST_INIT(&ctdtree); -} - -/* - * check the response has been sent to the peer. when not, simply reply - * the buffered packet to the peer. - * OUT: - * 0: the packet is received at the first time. - * 1: the packet was processed before. - * 2: the packet was processed before, but the address mismatches. - * -1: error happened. - */ -int -check_recvdpkt(remote, local, rbuf) - struct sockaddr *remote, *local; - vchar_t *rbuf; -{ - vchar_t *hash; - struct recvdpkt *r; - time_t t; - int len, s; - - /* set current time */ - t = time(NULL); - - hash = eay_md5_one(rbuf); - if (!hash) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate buffer.\n"); - return -1; - } - - LIST_FOREACH(r, &rcptree, chain) { - if (memcmp(hash->v, r->hash->v, r->hash->l) == 0) - break; - } - vfree(hash); - - /* this is the first time to receive the packet */ - if (r == NULL) - return 0; - - /* - * the packet was processed before, but the remote address mismatches. - */ - if (cmpsaddrstrict(remote, r->remote) != 0) - return 2; - - /* - * it should not check the local address because the packet - * may arrive at other interface. - */ - - /* check the previous time to send */ - if (t - r->time_send < 1) { - plog(LLV_WARNING, LOCATION, NULL, - "the packet retransmitted in a short time from %s\n", - saddr2str(remote)); - /*XXX should it be error ? */ - } - - /* select the socket to be sent */ - s = getsockmyaddr(r->local); - if (s == -1) - return -1; - - /* resend the packet if needed */ - len = sendfromto(s, r->sendbuf->v, r->sendbuf->l, - r->local, r->remote, lcconf->count_persend); - if (len == -1) { - plog(LLV_ERROR, LOCATION, NULL, "sendfromto failed\n"); - return -1; - } - - /* check the retry counter */ - r->retry_counter--; - if (r->retry_counter <= 0) { - rem_recvdpkt(r); - del_recvdpkt(r); - plog(LLV_DEBUG, LOCATION, NULL, - "deleted the retransmission packet to %s.\n", - saddr2str(remote)); - } else - r->time_send = t; - - return 1; -} - -/* - * adding a hash of received packet into the received list. - */ -int -add_recvdpkt(remote, local, sbuf, rbuf) - struct sockaddr *remote, *local; - vchar_t *sbuf, *rbuf; -{ - struct recvdpkt *new = NULL; - - if (lcconf->retry_counter == 0) { - /* no need to add it */ - return 0; - } - - new = racoon_calloc(1, sizeof(*new)); - if (!new) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate buffer.\n"); - return -1; - } - - new->hash = eay_md5_one(rbuf); - if (!new->hash) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate buffer.\n"); - del_recvdpkt(new); - return -1; - } - new->remote = dupsaddr(remote); - if (new->remote == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate buffer.\n"); - del_recvdpkt(new); - return -1; - } - new->local = dupsaddr(local); - if (new->local == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate buffer.\n"); - del_recvdpkt(new); - return -1; - } - new->sendbuf = vdup(sbuf); - if (new->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate buffer.\n"); - del_recvdpkt(new); - return -1; - } - - new->retry_counter = lcconf->retry_counter; - new->time_send = 0; - new->created = time(NULL); - - LIST_INSERT_HEAD(&rcptree, new, chain); - - return 0; -} - -void -del_recvdpkt(r) - struct recvdpkt *r; -{ - if (r->remote) - racoon_free(r->remote); - if (r->local) - racoon_free(r->local); - if (r->hash) - vfree(r->hash); - if (r->sendbuf) - vfree(r->sendbuf); - racoon_free(r); -} - -void -rem_recvdpkt(r) - struct recvdpkt *r; -{ - LIST_REMOVE(r, chain); -} - -void -sweep_recvdpkt(dummy) - void *dummy; -{ - struct recvdpkt *r, *next; - time_t t, lt; - - /* set current time */ - t = time(NULL); - - /* set the lifetime of the retransmission */ - lt = lcconf->retry_counter * lcconf->retry_interval; - - for (r = LIST_FIRST(&rcptree); r; r = next) { - next = LIST_NEXT(r, chain); - - if (t - r->created > lt) { - rem_recvdpkt(r); - del_recvdpkt(r); - } - } - - sched_new(lt, sweep_recvdpkt, NULL); -} - -void -init_recvdpkt() -{ - time_t lt = lcconf->retry_counter * lcconf->retry_interval; - - LIST_INIT(&rcptree); - - sched_new(lt, sweep_recvdpkt, NULL); -} diff --git a/racoon.tproj/handler.h b/racoon.tproj/handler.h deleted file mode 100644 index 34853c1..0000000 --- a/racoon.tproj/handler.h +++ /dev/null @@ -1,448 +0,0 @@ -/* $KAME: handler.h,v 1.44 2002/07/10 23:22:03 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __HANDLER_H__ -#define __HANDLER_H__ - -/* Phase 1 handler */ -/* - * main mode: - * initiator responder - * 0 (---) (---) - * 1 start start (1st msg received) - * 2 (---) 1st valid msg received - * 3 1st msg sent 1st msg sent - * 4 1st valid msg received 2st valid msg received - * 5 2nd msg sent 2nd msg sent - * 6 2nd valid msg received 3rd valid msg received - * 7 3rd msg sent 3rd msg sent - * 8 3rd valid msg received (---) - * 9 SA established SA established - * - * aggressive mode: - * initiator responder - * 0 (---) (---) - * 1 start start (1st msg received) - * 2 (---) 1st valid msg received - * 3 1st msg sent 1st msg sent - * 4 1st valid msg received 2st valid msg received - * 5 (---) (---) - * 6 (---) (---) - * 7 (---) (---) - * 8 (---) (---) - * 9 SA established SA established - * - * base mode: - * initiator responder - * 0 (---) (---) - * 1 start start (1st msg received) - * 2 (---) 1st valid msg received - * 3 1st msg sent 1st msg sent - * 4 1st valid msg received 2st valid msg received - * 5 2nd msg sent (---) - * 6 (---) (---) - * 7 (---) (---) - * 8 (---) (---) - * 9 SA established SA established - */ -#define PHASE1ST_SPAWN 0 -#define PHASE1ST_START 1 -#define PHASE1ST_MSG1RECEIVED 2 -#define PHASE1ST_MSG1SENT 3 -#define PHASE1ST_MSG2RECEIVED 4 -#define PHASE1ST_MSG2SENT 5 -#define PHASE1ST_MSG3RECEIVED 6 -#define PHASE1ST_MSG3SENT 7 -#define PHASE1ST_MSG4RECEIVED 8 -#define PHASE1ST_ESTABLISHED 9 -#define PHASE1ST_EXPIRED 10 -#define PHASE1ST_MAX 11 - -typedef enum { - natt_natd_received = 0x0001, - natt_no_remote_nat = 0x0010, - natt_no_local_nat = 0x0020, - natt_type_rfc = 0x0100, - natt_type_apple = 0x0200, - natt_type_02 = 0x0400, - natt_type_02N = 0x0800 -} natt_flags_t; - -#define NATT_TYPE_MASK 0x0F00 - -/* About address semantics in each case. - * initiator(addr=I) responder(addr=R) - * src dst src dst - * (local) (remote) (local) (remote) - * phase 1 handler I R R I - * phase 2 handler I R R I - * getspi msg R I I R - * acquire msg I R - * ID payload I R I R - */ -struct ph1handle { - isakmp_index index; - - int status; /* status of this SA */ - int side; /* INITIATOR or RESPONDER */ - - struct sockaddr *remote; /* remote address to negosiate ph1 */ - struct sockaddr *local; /* local address to negosiate ph1 */ - /* XXX copy from rmconf due to anonymous configuration. - * If anonymous will be forbidden, we do delete them. */ - - struct remoteconf *rmconf; /* pointer to remote configuration */ - - struct isakmpsa *approval; /* pointer to SA(s) approved. */ - vchar_t *authstr; /* place holder of string for auth. */ - /* for example pre-shared key */ - - u_int8_t version; /* ISAKMP version */ - u_int8_t etype; /* Exchange type actually for use */ - u_int8_t flags; /* Flags */ - u_int32_t msgid; /* message id */ - - struct sched *sce; /* schedule for expire */ - - struct sched *scr; /* schedule for resend */ - int retry_counter; /* for resend. */ - vchar_t *sendbuf; /* buffer for re-sending */ - - vchar_t *dhpriv; /* DH; private value */ - vchar_t *dhpub; /* DH; public value */ - vchar_t *dhpub_p; /* DH; partner's public value */ - vchar_t *dhgxy; /* DH; shared secret */ - vchar_t *nonce; /* nonce value */ - vchar_t *nonce_p; /* partner's nonce value */ - vchar_t *skeyid; /* SKEYID */ - vchar_t *skeyid_d; /* SKEYID_d */ - vchar_t *skeyid_a; /* SKEYID_a, i.e. hash */ - vchar_t *skeyid_e; /* SKEYID_e, i.e. encryption */ - vchar_t *key; /* cipher key */ - vchar_t *hash; /* HASH minus general header */ - vchar_t *sig; /* SIG minus general header */ - vchar_t *sig_p; /* peer's SIG minus general header */ - cert_t *cert; /* CERT minus general header */ - cert_t *cert_p; /* peer's CERT minus general header */ - cert_t *crl_p; /* peer's CRL minus general header */ - cert_t *cr_p; /* peer's CR not including general */ - vchar_t *id; /* ID minus gen header */ - vchar_t *id_p; /* partner's ID minus general header */ - /* i.e. strut ipsecdoi_id_b*. */ - struct isakmp_ivm *ivm; /* IVs */ - - vchar_t *sa; /* whole SA payload to send/to be sent*/ - /* to calculate HASH */ - /* NOT INCLUDING general header. */ - - vchar_t *sa_ret; /* SA payload to reply/to be replyed */ - /* NOT INCLUDING general header. */ - /* NOTE: Should be release after use. */ - -#ifdef HAVE_GSSAPI - void *gssapi_state; /* GSS-API specific state. */ - /* Allocated when needed */ - vchar_t *gi_i; /* optional initiator GSS id */ - vchar_t *gi_r; /* optional responder GSS id */ -#endif - - struct isakmp_pl_hash *pl_hash; /* pointer to hash payload */ - - time_t created; /* timestamp for establish */ -#ifdef ENABLE_STATS - struct timeval start; - struct timeval end; -#endif - -#ifdef IKE_NAT_T - natt_flags_t natt_flags; - int natd_payload_type; - vchar_t *local_natd; - vchar_t *remote_natd; -#endif - - u_int32_t msgid2; /* msgid counter for Phase 2 */ - int ph2cnt; /* the number which is negotiated by this phase 1 */ - LIST_HEAD(_ph2ofph1_, ph2handle) ph2tree; - - LIST_ENTRY(ph1handle) chain; -}; - -/* Phase 2 handler */ -/* allocated per a SA or SA bundles of a pair of peer's IP addresses. */ -/* - * initiator responder - * 0 (---) (---) - * 1 start start (1st msg received) - * 2 acquire msg get 1st valid msg received - * 3 getspi request sent getspi request sent - * 4 getspi done getspi done - * 5 1st msg sent 1st msg sent - * 6 1st valid msg received 2nd valid msg received - * 7 (commit bit) (commit bit) - * 8 SAs added SAs added - * 9 SAs established SAs established - * 10 SAs expired SAs expired - */ -#define PHASE2ST_SPAWN 0 -#define PHASE2ST_START 1 -#define PHASE2ST_STATUS2 2 -#define PHASE2ST_GETSPISENT 3 -#define PHASE2ST_GETSPIDONE 4 -#define PHASE2ST_MSG1SENT 5 -#define PHASE2ST_STATUS6 6 -#define PHASE2ST_COMMIT 7 -#define PHASE2ST_ADDSA 8 -#define PHASE2ST_ESTABLISHED 9 -#define PHASE2ST_EXPIRED 10 -#define PHASE2ST_MAX 11 - -struct ph2handle { - struct sockaddr *src; /* my address of SA. */ - struct sockaddr *dst; /* peer's address of SA. */ - - /* - * copy ip address from ID payloads when ID type is ip address. - * In other case, they must be null. - */ - struct sockaddr *src_id; - struct sockaddr *dst_id; - - u_int32_t spid; /* policy id by kernel */ - - int status; /* ipsec sa status */ - u_int8_t side; /* INITIATOR or RESPONDER */ - - struct sched *sce; /* schedule for expire */ - struct sched *scr; /* schedule for resend */ - int retry_counter; /* for resend. */ - vchar_t *sendbuf; /* buffer for re-sending */ - vchar_t *msg1; /* buffer for re-sending */ - /* used for responder's first message */ - - int retry_checkph1; /* counter to wait phase 1 finished. */ - /* NOTE: actually it's timer. */ - - u_int32_t seq; /* sequence number used by PF_KEY */ - /* - * NOTE: In responder side, we can't identify each SAs - * with same destination address for example, when - * socket based SA is required. So we set a identifier - * number to "seq", and sent kernel by pfkey. - */ - u_int8_t satype; /* satype in PF_KEY */ - /* - * saved satype in the original PF_KEY request from - * the kernel in order to reply a error. - */ - - u_int8_t flags; /* Flags for phase 2 */ - u_int32_t msgid; /* msgid for phase 2 */ - - struct sainfo *sainfo; /* place holder of sainfo */ - struct saprop *proposal; /* SA(s) proposal. */ - struct saprop *approval; /* SA(s) approved. */ - caddr_t spidx_gen; /* policy from peer's proposal */ - - struct dhgroup *pfsgrp; /* DH; prime number */ - vchar_t *dhpriv; /* DH; private value */ - vchar_t *dhpub; /* DH; public value */ - vchar_t *dhpub_p; /* DH; partner's public value */ - vchar_t *dhgxy; /* DH; shared secret */ - vchar_t *id; /* ID minus gen header */ - vchar_t *id_p; /* peer's ID minus general header */ - vchar_t *nonce; /* nonce value in phase 2 */ - vchar_t *nonce_p; /* partner's nonce value in phase 2 */ - - vchar_t *sa; /* whole SA payload to send/to be sent*/ - /* to calculate HASH */ - /* NOT INCLUDING general header. */ - - vchar_t *sa_ret; /* SA payload to reply/to be replyed */ - /* NOT INCLUDING general header. */ - /* NOTE: Should be release after use. */ - - - struct isakmp_ivm *ivm; /* IVs */ - -#ifdef ENABLE_STATS - struct timeval start; - struct timeval end; -#endif - struct ph1handle *ph1; /* back pointer to isakmp status */ - - LIST_ENTRY(ph2handle) chain; - LIST_ENTRY(ph2handle) ph1bind; /* chain to ph1handle */ -}; - -/* - * for handling initial contact. - */ -struct contacted { - struct sockaddr *remote; /* remote address to negosiate ph1 */ - LIST_ENTRY(contacted) chain; -}; - -/* - * for checking a packet retransmited. - */ -struct recvdpkt { - struct sockaddr *remote; /* the remote address */ - struct sockaddr *local; /* the local address */ - vchar_t *hash; /* hash of the received packet */ - vchar_t *sendbuf; /* buffer for the response */ - int retry_counter; /* how many times to send */ - time_t time_send; /* timestamp to send a packet */ - time_t created; /* timestamp to create a queue */ - - struct sched *scr; /* schedule for resend, may not used */ - - LIST_ENTRY(recvdpkt) chain; -}; - -/* for parsing ISAKMP header. */ -struct isakmp_parse_t { - u_char type; /* payload type of mine */ - int len; /* ntohs(ptr->len) */ - struct isakmp_gen *ptr; -}; - -/* - * for IV management. - * - * - normal case - * initiator responder - * ------------------------- -------------------------- - * initialize iv(A), ive(A). initialize iv(A), ive(A). - * encode by ive(A). - * save to iv(B). ---[packet(B)]--> save to ive(B). - * decode by iv(A). - * packet consistency. - * sync iv(B) with ive(B). - * check auth, integrity. - * encode by ive(B). - * save to ive(C). <--[packet(C)]--- save to iv(C). - * decoded by iv(B). - * : - * - * - In the case that a error is found while cipher processing, - * initiator responder - * ------------------------- -------------------------- - * initialize iv(A), ive(A). initialize iv(A), ive(A). - * encode by ive(A). - * save to iv(B). ---[packet(B)]--> save to ive(B). - * decode by iv(A). - * packet consistency. - * sync iv(B) with ive(B). - * check auth, integrity. - * error found. - * create notify. - * get ive2(X) from iv(B). - * encode by ive2(X). - * get iv2(X) from iv(B). <--[packet(Y)]--- save to iv2(Y). - * save to ive2(Y). - * decoded by iv2(X). - * : - * - * The reason why the responder synchronizes iv with ive after checking the - * packet consistency is that it is required to leave the IV for decoding - * packet. Because there is a potential of error while checking the packet - * consistency. Also the reason why that is before authentication and - * integirty check is that the IV for informational exchange has to be made - * by the IV which is after packet decoded and checking the packet consistency. - * Otherwise IV mismatched happens between the intitiator and the responder. - */ -struct isakmp_ivm { - vchar_t *iv; /* for decoding packet */ - /* if phase 1, it's for computing phase2 iv */ - vchar_t *ive; /* for encoding packet */ -}; - -/* for dumping */ -struct ph1dump { - isakmp_index index; - int status; - int side; - struct sockaddr_storage remote; - struct sockaddr_storage local; - u_int8_t version; - u_int8_t etype; - time_t created; - int ph2cnt; -}; - -struct sockaddr; -struct ph1handle; -struct ph2handle; -struct policyindex; - -extern struct ph1handle *getph1byindex __P((isakmp_index *)); -extern struct ph1handle *getph1byindex0 __P((isakmp_index *)); -extern struct ph1handle *getph1byaddr __P((struct sockaddr *, - struct sockaddr *)); -extern vchar_t *dumpph1 __P((void)); -extern struct ph1handle *newph1 __P((void)); -extern void delph1 __P((struct ph1handle *)); -extern int insph1 __P((struct ph1handle *)); -extern void remph1 __P((struct ph1handle *)); -extern void flushph1 __P((void)); -extern void initph1tree __P((void)); - -extern struct ph2handle *getph2byspidx __P((struct policyindex *)); -extern struct ph2handle *getph2byspid __P((u_int32_t)); -extern struct ph2handle *getph2byseq __P((u_int32_t)); -extern struct ph2handle *getph2bymsgid __P((struct ph1handle *, u_int32_t)); -extern struct ph2handle *getph2bysaidx __P((struct sockaddr *, - struct sockaddr *, u_int, u_int32_t)); -extern struct ph2handle *newph2 __P((void)); -extern void initph2 __P((struct ph2handle *)); -extern void delph2 __P((struct ph2handle *)); -extern int insph2 __P((struct ph2handle *)); -extern void remph2 __P((struct ph2handle *)); -extern void flushph2 __P((void)); -extern void deleteallph2 __P((struct sockaddr *, struct sockaddr *, u_int)); -extern void initph2tree __P((void)); - -extern void bindph12 __P((struct ph1handle *, struct ph2handle *)); -extern void unbindph12 __P((struct ph2handle *)); - -extern struct contacted *getcontacted __P((struct sockaddr *)); -extern int inscontacted __P((struct sockaddr *)); -extern void initctdtree __P((void)); - -extern int check_recvdpkt __P((struct sockaddr *, - struct sockaddr *, vchar_t *)); -extern int add_recvdpkt __P((struct sockaddr *, struct sockaddr *, - vchar_t *, vchar_t *)); -extern void init_recvdpkt __P((void)); - -#endif /* __HANDLER_H__ */ - diff --git a/racoon.tproj/ipsec_doi.c b/racoon.tproj/ipsec_doi.c deleted file mode 100644 index 26567af..0000000 --- a/racoon.tproj/ipsec_doi.c +++ /dev/null @@ -1,4009 +0,0 @@ -/* $KAME: ipsec_doi.c,v 1.158 2002/09/27 05:55:52 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include - -#ifdef IPV6_INRIA_VERSION -#include -#else -#include -#endif - -#include -#include -#include -#include -#include -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#include "var.h" -#include "vmbuf.h" -#include "misc.h" -#include "plog.h" -#include "debug.h" - -#include "cfparse.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "ipsec_doi.h" -#include "oakley.h" -#include "remoteconf.h" -#include "localconf.h" -#include "sockmisc.h" -#include "handler.h" -#include "policy.h" -#include "algorithm.h" -#include "sainfo.h" -#include "proposal.h" -#include "crypto_openssl.h" -#include "strnames.h" -#include "gcmalloc.h" -#include "isakmp_natd.h" - -#ifdef HAVE_GSSAPI -#include "gssapi.h" -#endif - -int verbose_proposal_check = 1; - -static vchar_t *get_ph1approval __P((struct ph1handle *, struct prop_pair **)); -static struct isakmpsa *get_ph1approvalx __P((struct prop_pair *, - struct isakmpsa *, struct isakmpsa *)); -static void print_ph1mismatched __P((struct prop_pair *, struct isakmpsa *)); -static int t2isakmpsa __P((struct isakmp_pl_t *, struct isakmpsa *)); -static int cmp_aproppair_i __P((struct prop_pair *, struct prop_pair *)); -static struct prop_pair *get_ph2approval __P((struct ph2handle *, - struct prop_pair **)); -static struct prop_pair *get_ph2approvalx __P((struct ph2handle *, - struct prop_pair *)); -static void free_proppair0 __P((struct prop_pair *)); - -static int get_transform - __P((struct isakmp_pl_p *, struct prop_pair **, int *)); -static u_int32_t ipsecdoi_set_ld __P((vchar_t *)); - -static int check_doi __P((u_int32_t)); -static int check_situation __P((u_int32_t)); - -static int check_prot_main __P((int)); -static int check_prot_quick __P((int)); -static int (*check_protocol[]) __P((int)) = { - check_prot_main, /* IPSECDOI_TYPE_PH1 */ - check_prot_quick, /* IPSECDOI_TYPE_PH2 */ -}; - -static int check_spi_size __P((int, int)); - -static int check_trns_isakmp __P((int)); -static int check_trns_ah __P((int)); -static int check_trns_esp __P((int)); -static int check_trns_ipcomp __P((int)); -static int (*check_transform[]) __P((int)) = { - 0, - check_trns_isakmp, /* IPSECDOI_PROTO_ISAKMP */ - check_trns_ah, /* IPSECDOI_PROTO_IPSEC_AH */ - check_trns_esp, /* IPSECDOI_PROTO_IPSEC_ESP */ - check_trns_ipcomp, /* IPSECDOI_PROTO_IPCOMP */ -}; - -static int check_attr_isakmp __P((struct isakmp_pl_t *)); -static int check_attr_ah __P((struct isakmp_pl_t *)); -static int check_attr_esp __P((struct isakmp_pl_t *)); -static int check_attr_ipsec __P((int, struct isakmp_pl_t *)); -static int check_attr_ipcomp __P((struct isakmp_pl_t *)); -static int (*check_attributes[]) __P((struct isakmp_pl_t *)) = { - 0, - check_attr_isakmp, /* IPSECDOI_PROTO_ISAKMP */ - check_attr_ah, /* IPSECDOI_PROTO_IPSEC_AH */ - check_attr_esp, /* IPSECDOI_PROTO_IPSEC_ESP */ - check_attr_ipcomp, /* IPSECDOI_PROTO_IPCOMP */ -}; - -static int setph1prop __P((struct isakmpsa *, caddr_t)); -static int setph1trns __P((struct isakmpsa *, caddr_t)); -static int setph1attr __P((struct isakmpsa *, caddr_t)); -static vchar_t *setph2proposal0 __P((const struct ph2handle *, - const struct saprop *, const struct saproto *)); - -static vchar_t *getidval __P((int, vchar_t *)); - -#ifdef HAVE_GSSAPI -static struct isakmpsa *fixup_initiator_sa __P((struct isakmpsa *, - struct isakmpsa *)); -#endif - -/*%%%*/ -/* - * check phase 1 SA payload. - * make new SA payload to be replyed not including general header. - * the pointer to one of isakmpsa in proposal is set into iph1->approval. - * OUT: - * positive: the pointer to new buffer of SA payload. - * network byte order. - * NULL : error occurd. - */ -int -ipsecdoi_checkph1proposal(sa, iph1) - vchar_t *sa; - struct ph1handle *iph1; -{ - vchar_t *newsa; /* new SA payload approved. */ - struct prop_pair **pair; - - /* get proposal pair */ - pair = get_proppair(sa, IPSECDOI_TYPE_PH1); - if (pair == NULL) - return -1; - - /* check and get one SA for use */ - newsa = get_ph1approval(iph1, pair); - - free_proppair(pair); - - if (newsa == NULL) - return -1; - - iph1->sa_ret = newsa; - - return 0; -} - -/* - * acceptable check for remote configuration. - * return a new SA payload to be reply to peer. - */ -static vchar_t * -get_ph1approval(iph1, pair) - struct ph1handle *iph1; - struct prop_pair **pair; -{ - vchar_t *newsa; - struct isakmpsa *sa, tsa; - struct prop_pair *s, *p; - int prophlen; - int i; - - iph1->approval = NULL; - - for (i = 0; i < MAXPROPPAIRLEN; i++) { - if (pair[i] == NULL) - continue; - for (s = pair[i]; s; s = s->next) { - prophlen = sizeof(struct isakmp_pl_p) - + s->prop->spi_size; - /* compare proposal and select one */ - for (p = s; p; p = p->tnext) { - sa = get_ph1approvalx(p, iph1->rmconf->proposal, - &tsa); - if (sa != NULL) - goto found; - } - } - } - - /* - * if there is no suitable proposal, racoon complains about all of - * mismatched items in those proposal. - */ - if (verbose_proposal_check) { - for (i = 0; i < MAXPROPPAIRLEN; i++) { - if (pair[i] == NULL) - continue; - for (s = pair[i]; s; s = s->next) { - prophlen = sizeof(struct isakmp_pl_p) - + s->prop->spi_size; - for (p = s; p; p = p->tnext) { - print_ph1mismatched(p, - iph1->rmconf->proposal); - } - } - } - } - plog(LLV_ERROR, LOCATION, NULL, "no suitable proposal found.\n"); - - return NULL; - -found: - plog(LLV_DEBUG, LOCATION, NULL, "an acceptable proposal found.\n"); - - /* check DH group settings */ - if (sa->dhgrp) { - if (sa->dhgrp->prime && sa->dhgrp->gen1) { - /* it's ok */ - goto saok; - } - plog(LLV_WARNING, LOCATION, NULL, - "invalid DH parameter found, use default.\n"); - oakley_dhgrp_free(sa->dhgrp); - } - - if (oakley_setdhgroup(sa->dh_group, &sa->dhgrp) == -1) { - sa->dhgrp = NULL; - return NULL; - } - -saok: -#ifdef HAVE_GSSAPI - if (sa->gssid != NULL) - plog(LLV_DEBUG, LOCATION, NULL, "gss id in new sa '%s'\n", - sa->gssid->v); - if (iph1-> side == INITIATOR) { - if (iph1->rmconf->proposal->gssid != NULL) - iph1->gi_i = vdup(iph1->rmconf->proposal->gssid); - if (tsa.gssid != NULL) - iph1->gi_r = vdup(tsa.gssid); - iph1->approval = fixup_initiator_sa(sa, &tsa); - } else { - if (tsa.gssid != NULL) { - iph1->gi_r = vdup(tsa.gssid); - if (iph1->rmconf->proposal->gssid != NULL) - iph1->gi_i = - vdup(iph1->rmconf->proposal->gssid); - else - iph1->gi_i = gssapi_get_default_id(iph1); - if (sa->gssid == NULL && iph1->gi_i != NULL) - sa->gssid = vdup(iph1->gi_i); - } - iph1->approval = sa; - } - if (iph1->gi_i != NULL) - plog(LLV_DEBUG, LOCATION, NULL, "GIi is %*s\n", - iph1->gi_i->l, iph1->gi_i->v); - if (iph1->gi_r != NULL) - plog(LLV_DEBUG, LOCATION, NULL, "GIr is %*s\n", - iph1->gi_r->l, iph1->gi_r->v); -#else - iph1->approval = sa; -#endif - - newsa = get_sabyproppair(p, iph1); - if (newsa == NULL) - iph1->approval = NULL; - - return newsa; -} - -/* - * compare peer's single proposal and all of my proposal. - * and select one if suiatable. - * p : one of peer's proposal. - * proposal: my proposals. - */ -static struct isakmpsa * -get_ph1approvalx(p, proposal, sap) - struct prop_pair *p; - struct isakmpsa *proposal, *sap; -{ - struct isakmp_pl_p *prop = p->prop; - struct isakmp_pl_t *trns = p->trns; - struct isakmpsa sa, *s, *tsap; - - plog(LLV_DEBUG, LOCATION, NULL, - "prop#=%d, prot-id=%s, spi-size=%d, #trns=%d\n", - prop->p_no, s_ipsecdoi_proto(prop->proto_id), - prop->spi_size, prop->num_t); - - plog(LLV_DEBUG, LOCATION, NULL, - "trns#=%d, trns-id=%s\n", - trns->t_no, - s_ipsecdoi_trns(prop->proto_id, trns->t_id)); - - tsap = sap != NULL ? sap : &sa; - - memset(tsap, 0, sizeof(*tsap)); - if (t2isakmpsa(trns, tsap) < 0) - return NULL; - for (s = proposal; s != NULL; s = s->next) { - plog(LLV_DEBUG, LOCATION, NULL, "Compared: DB:Peer\n"); - plog(LLV_DEBUG, LOCATION, NULL, "(lifetime = %ld:%ld)\n", - s->lifetime, tsap->lifetime); - plog(LLV_DEBUG, LOCATION, NULL, "(lifebyte = %ld:%ld)\n", - s->lifebyte, tsap->lifebyte); - plog(LLV_DEBUG, LOCATION, NULL, "enctype = %s:%s\n", - s_oakley_attr_v(OAKLEY_ATTR_ENC_ALG, - s->enctype), - s_oakley_attr_v(OAKLEY_ATTR_ENC_ALG, - tsap->enctype)); - plog(LLV_DEBUG, LOCATION, NULL, "(encklen = %d:%d)\n", - s->encklen, tsap->encklen); - plog(LLV_DEBUG, LOCATION, NULL, "hashtype = %s:%s\n", - s_oakley_attr_v(OAKLEY_ATTR_HASH_ALG, - s->hashtype), - s_oakley_attr_v(OAKLEY_ATTR_HASH_ALG, - tsap->hashtype)); - plog(LLV_DEBUG, LOCATION, NULL, "authmethod = %s:%s\n", - s_oakley_attr_v(OAKLEY_ATTR_AUTH_METHOD, - s->authmethod), - s_oakley_attr_v(OAKLEY_ATTR_AUTH_METHOD, - tsap->authmethod)); - plog(LLV_DEBUG, LOCATION, NULL, "dh_group = %s:%s\n", - s_oakley_attr_v(OAKLEY_ATTR_GRP_DESC, - s->dh_group), - s_oakley_attr_v(OAKLEY_ATTR_GRP_DESC, - tsap->dh_group)); -#if 0 - /* XXX to be considered */ - if (tsap->lifetime > s->lifetime) ; - if (tsap->lifebyte > s->lifebyte) ; -#endif - /* - * if responder side and peer's key length in proposal - * is bigger than mine, it might be accepted. - */ - if(tsap->enctype == s->enctype - && tsap->authmethod == s->authmethod - && tsap->hashtype == s->hashtype - && tsap->dh_group == s->dh_group - && tsap->encklen == s->encklen) - break; - } - - if (tsap->dhgrp != NULL) - oakley_dhgrp_free(tsap->dhgrp); - return s; -} - -/* - * print all of items in peer's proposal which are mismatched to my proposal. - * p : one of peer's proposal. - * proposal: my proposals. - */ -static void -print_ph1mismatched(p, proposal) - struct prop_pair *p; - struct isakmpsa *proposal; -{ - struct isakmpsa sa, *s; - - memset(&sa, 0, sizeof(sa)); - if (t2isakmpsa(p->trns, &sa) < 0) - return; - for (s = proposal; s ; s = s->next) { - if (sa.enctype != s->enctype) { - plog(LLV_ERROR, LOCATION, NULL, - "rejected enctype: " - "DB(prop#%d:trns#%d):Peer(prop#%d:trns#%d) = " - "%s:%s\n", - s->prop_no, s->trns_no, - p->prop->p_no, p->trns->t_no, - s_oakley_attr_v(OAKLEY_ATTR_ENC_ALG, - s->enctype), - s_oakley_attr_v(OAKLEY_ATTR_ENC_ALG, - sa.enctype)); - } - if (sa.authmethod != s->authmethod) { - plog(LLV_ERROR, LOCATION, NULL, - "rejected authmethod: " - "DB(prop#%d:trns#%d):Peer(prop#%d:trns#%d) = " - "%s:%s\n", - s->prop_no, s->trns_no, - p->prop->p_no, p->trns->t_no, - s_oakley_attr_v(OAKLEY_ATTR_AUTH_METHOD, - s->authmethod), - s_oakley_attr_v(OAKLEY_ATTR_AUTH_METHOD, - sa.authmethod)); - } - if (sa.hashtype != s->hashtype) { - plog(LLV_ERROR, LOCATION, NULL, - "rejected hashtype: " - "DB(prop#%d:trns#%d):Peer(prop#%d:trns#%d) = " - "%s:%s\n", - s->prop_no, s->trns_no, - p->prop->p_no, p->trns->t_no, - s_oakley_attr_v(OAKLEY_ATTR_HASH_ALG, - s->hashtype), - s_oakley_attr_v(OAKLEY_ATTR_HASH_ALG, - sa.hashtype)); - } - if (sa.dh_group != s->dh_group) { - plog(LLV_ERROR, LOCATION, NULL, - "rejected dh_group: " - "DB(prop#%d:trns#%d):Peer(prop#%d:trns#%d) = " - "%s:%s\n", - s->prop_no, s->trns_no, - p->prop->p_no, p->trns->t_no, - s_oakley_attr_v(OAKLEY_ATTR_GRP_DESC, - s->dh_group), - s_oakley_attr_v(OAKLEY_ATTR_GRP_DESC, - sa.dh_group)); - } - } - - if (sa.dhgrp != NULL) - oakley_dhgrp_free(sa.dhgrp); -} - -/* - * get ISAKMP data attributes - */ -static int -t2isakmpsa(trns, sa) - struct isakmp_pl_t *trns; - struct isakmpsa *sa; -{ - struct isakmp_data *d, *prev; - int flag, type; - int error = -1; - int life_t; - int keylen = 0; - vchar_t *val = NULL; - int len, tlen; - u_char *p; - - tlen = ntohs(trns->h.len) - sizeof(*trns); - prev = (struct isakmp_data *)NULL; - d = (struct isakmp_data *)(trns + 1); - - /* default */ - life_t = OAKLEY_ATTR_SA_LD_TYPE_DEFAULT; - sa->lifetime = OAKLEY_ATTR_SA_LD_SEC_DEFAULT; - sa->lifebyte = 0; - sa->dhgrp = racoon_calloc(1, sizeof(struct dhgroup)); - if (!sa->dhgrp) - goto err; - - while (tlen > 0) { - - type = ntohs(d->type) & ~ISAKMP_GEN_MASK; - flag = ntohs(d->type) & ISAKMP_GEN_MASK; - - plog(LLV_DEBUG, LOCATION, NULL, - "type=%s, flag=0x%04x, lorv=%s\n", - s_oakley_attr(type), flag, - s_oakley_attr_v(type, ntohs(d->lorv))); - - /* get variable-sized item */ - switch (type) { - case OAKLEY_ATTR_GRP_PI: - case OAKLEY_ATTR_GRP_GEN_ONE: - case OAKLEY_ATTR_GRP_GEN_TWO: - case OAKLEY_ATTR_GRP_CURVE_A: - case OAKLEY_ATTR_GRP_CURVE_B: - case OAKLEY_ATTR_SA_LD: - case OAKLEY_ATTR_GRP_ORDER: - if (flag) { /*TV*/ - len = 2; - p = (u_char *)&d->lorv; - } else { /*TLV*/ - len = ntohs(d->lorv); - p = (u_char *)(d + 1); - } - val = vmalloc(len); - if (!val) - return -1; - memcpy(val->v, p, len); - break; - - default: - break; - } - - switch (type) { - case OAKLEY_ATTR_ENC_ALG: - sa->enctype = (u_int16_t)ntohs(d->lorv); - break; - - case OAKLEY_ATTR_HASH_ALG: - sa->hashtype = (u_int16_t)ntohs(d->lorv); - break; - - case OAKLEY_ATTR_AUTH_METHOD: - sa->authmethod = ntohs(d->lorv); - break; - - case OAKLEY_ATTR_GRP_DESC: - sa->dh_group = (u_int16_t)ntohs(d->lorv); - break; - - case OAKLEY_ATTR_GRP_TYPE: - { - int type = (int)ntohs(d->lorv); - if (type == OAKLEY_ATTR_GRP_TYPE_MODP) - sa->dhgrp->type = type; - else - return -1; - break; - } - case OAKLEY_ATTR_GRP_PI: - sa->dhgrp->prime = val; - break; - - case OAKLEY_ATTR_GRP_GEN_ONE: - vfree(val); - if (!flag) - sa->dhgrp->gen1 = ntohs(d->lorv); - else { - int len = ntohs(d->lorv); - sa->dhgrp->gen1 = 0; - if (len > 4) - return -1; - memcpy(&sa->dhgrp->gen1, d + 1, len); - sa->dhgrp->gen1 = ntohl(sa->dhgrp->gen1); - } - break; - - case OAKLEY_ATTR_GRP_GEN_TWO: - vfree(val); - if (!flag) - sa->dhgrp->gen2 = ntohs(d->lorv); - else { - int len = ntohs(d->lorv); - sa->dhgrp->gen2 = 0; - if (len > 4) - return -1; - memcpy(&sa->dhgrp->gen2, d + 1, len); - sa->dhgrp->gen2 = ntohl(sa->dhgrp->gen2); - } - break; - - case OAKLEY_ATTR_GRP_CURVE_A: - sa->dhgrp->curve_a = val; - break; - - case OAKLEY_ATTR_GRP_CURVE_B: - sa->dhgrp->curve_b = val; - break; - - case OAKLEY_ATTR_SA_LD_TYPE: - { - int type = (int)ntohs(d->lorv); - switch (type) { - case OAKLEY_ATTR_SA_LD_TYPE_SEC: - case OAKLEY_ATTR_SA_LD_TYPE_KB: - life_t = type; - break; - default: - life_t = OAKLEY_ATTR_SA_LD_TYPE_DEFAULT; - break; - } - break; - } - case OAKLEY_ATTR_SA_LD: - if (!prev - || (ntohs(prev->type) & ~ISAKMP_GEN_MASK) != - OAKLEY_ATTR_SA_LD_TYPE) { - plog(LLV_ERROR, LOCATION, NULL, - "life duration must follow ltype\n"); - break; - } - - switch (life_t) { - case IPSECDOI_ATTR_SA_LD_TYPE_SEC: - sa->lifetime = ipsecdoi_set_ld(val); - vfree(val); - if (sa->lifetime == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid life duration.\n"); - goto err; - } - break; - case IPSECDOI_ATTR_SA_LD_TYPE_KB: - sa->lifebyte = ipsecdoi_set_ld(val); - vfree(val); - if (sa->lifetime == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid life duration.\n"); - goto err; - } - break; - default: - vfree(val); - plog(LLV_ERROR, LOCATION, NULL, - "invalid life type: %d\n", life_t); - goto err; - } - break; - - case OAKLEY_ATTR_KEY_LEN: - { - int len = ntohs(d->lorv); - if (len % 8 != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "keylen %d: not multiple of 8\n", - len); - goto err; - } - sa->encklen = (u_int16_t)len; - keylen++; - break; - } - case OAKLEY_ATTR_PRF: - case OAKLEY_ATTR_FIELD_SIZE: - /* unsupported */ - break; - - case OAKLEY_ATTR_GRP_ORDER: - sa->dhgrp->order = val; - break; -#ifdef HAVE_GSSAPI - case OAKLEY_ATTR_GSS_ID: - { - int len = ntohs(d->lorv); - - sa->gssid = vmalloc(len); - memcpy(sa->gssid->v, d + 1, len); - plog(LLV_DEBUG, LOCATION, NULL, - "received gss id '%s' (len %d)\n", sa->gssid->v, - sa->gssid->l); - break; - } -#endif - - default: - break; - } - - prev = d; - if (flag) { - tlen -= sizeof(*d); - d = (struct isakmp_data *)((char *)d + sizeof(*d)); - } else { - tlen -= (sizeof(*d) + ntohs(d->lorv)); - d = (struct isakmp_data *)((char *)d + sizeof(*d) + ntohs(d->lorv)); - } - } - - /* key length must not be specified on some algorithms */ - if (keylen) { - if (sa->enctype == OAKLEY_ATTR_ENC_ALG_DES -#ifdef HAVE_OPENSSL_IDEA_H - || sa->enctype == OAKLEY_ATTR_ENC_ALG_IDEA -#endif - || sa->enctype == OAKLEY_ATTR_ENC_ALG_3DES) { - plog(LLV_ERROR, LOCATION, NULL, - "keylen must not be specified " - "for encryption algorithm %d\n", - sa->enctype); - return -1; - } - } - - return 0; -err: - return error; -} - -/*%%%*/ -/* - * check phase 2 SA payload and select single proposal. - * make new SA payload to be replyed not including general header. - * This function is called by responder only. - * OUT: - * 0: succeed. - * -1: error occured. - */ -int -ipsecdoi_selectph2proposal(iph2) - struct ph2handle *iph2; -{ - struct prop_pair **pair; - struct prop_pair *ret; - - /* get proposal pair */ - pair = get_proppair(iph2->sa, IPSECDOI_TYPE_PH2); - if (pair == NULL) - return -1; - - /* check and select a proposal. */ - ret = get_ph2approval(iph2, pair); - free_proppair(pair); - if (ret == NULL) - return -1; - - /* make a SA to be replayed. */ - /* SPI must be updated later. */ - iph2->sa_ret = get_sabyproppair(ret, iph2->ph1); - - free_proppair0(ret); - if (iph2->sa_ret == NULL) - return -1; - - return 0; -} - -/* - * check phase 2 SA payload returned from responder. - * This function is called by initiator only. - * OUT: - * 0: valid. - * -1: invalid. - */ -int -ipsecdoi_checkph2proposal(iph2) - struct ph2handle *iph2; -{ - struct prop_pair **rpair = NULL, **spair = NULL; - struct prop_pair *p; - int i, n, num; - int error = -1; - - /* get proposal pair of SA sent. */ - spair = get_proppair(iph2->sa, IPSECDOI_TYPE_PH2); - if (spair == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get prop pair.\n"); - goto end; - } - - /* XXX should check the number of transform */ - - /* get proposal pair of SA replyed */ - rpair = get_proppair(iph2->sa_ret, IPSECDOI_TYPE_PH2); - if (rpair == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get prop pair.\n"); - goto end; - } - - /* check proposal is only one ? */ - n = 0; - num = 0; - for (i = 0; i < MAXPROPPAIRLEN; i++) { - if (rpair[i]) { - n = i; - num++; - } - } - if (num == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "no proposal received.\n"); - goto end; - } - if (num != 1) { - plog(LLV_ERROR, LOCATION, NULL, - "some proposals received.\n"); - goto end; - } - - if (spair[n] == NULL) { - plog(LLV_WARNING, LOCATION, NULL, - "invalid proposal number:%d received.\n", i); - } - - - if (rpair[n]->tnext != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "multi transforms replyed.\n"); - goto end; - } - - if (cmp_aproppair_i(rpair[n], spair[n])) { - plog(LLV_ERROR, LOCATION, NULL, - "proposal mismathed.\n"); - goto end; - } - - /* - * check and select a proposal. - * ensure that there is no modification of the proposal by - * cmp_aproppair_i() - */ - p = get_ph2approval(iph2, rpair); - if (p == NULL) - goto end; - - /* make a SA to be replayed. */ - vfree(iph2->sa_ret); - iph2->sa_ret = get_sabyproppair(p, iph2->ph1); - free_proppair0(p); - if (iph2->sa_ret == NULL) - goto end; - - error = 0; - -end: - if (rpair) - free_proppair(rpair); - if (spair) - free_proppair(spair); - - return error; -} - -/* - * compare two prop_pair which is assumed to have same proposal number. - * the case of bundle or single SA, NOT multi transforms. - * a: a proposal that is multi protocols and single transform, usually replyed. - * b: a proposal that is multi protocols and multi transform, usually sent. - * NOTE: this function is for initiator. - * OUT - * 0: equal - * 1: not equal - * XXX cannot understand the comment! - */ -static int -cmp_aproppair_i(a, b) - struct prop_pair *a, *b; -{ - struct prop_pair *p, *q, *r; - int len; - - for (p = a, q = b; p && q; p = p->next, q = q->next) { - for (r = q; r; r = r->tnext) { - /* compare trns */ - if (p->trns->t_no == r->trns->t_no) - break; - } - if (!r) { - /* no suitable transform found */ - plog(LLV_ERROR, LOCATION, NULL, - "no suitable transform found.\n"); - return -1; - } - - /* compare prop */ - if (p->prop->p_no != r->prop->p_no) { - plog(LLV_WARNING, LOCATION, NULL, - "proposal #%d mismatched, " - "expected #%d.\n", - r->prop->p_no, p->prop->p_no); - /*FALLTHROUGH*/ - } - - if (p->prop->proto_id != r->prop->proto_id) { - plog(LLV_ERROR, LOCATION, NULL, - "proto_id mismathed: my:%d peer:%d\n", - r->prop->proto_id, p->prop->proto_id); - return -1; - } - - if (p->prop->proto_id != r->prop->proto_id) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid spi size: %d.\n", - p->prop->proto_id); - return -1; - } - - /* check #of transforms */ - if (p->prop->num_t != 1) { - plog(LLV_WARNING, LOCATION, NULL, - "#of transform is %d, " - "but expected 1.\n", p->prop->num_t); - /*FALLTHROUGH*/ - } - - if (p->trns->t_id != r->trns->t_id) { - plog(LLV_WARNING, LOCATION, NULL, - "transform number has been modified.\n"); - /*FALLTHROUGH*/ - } - if (p->trns->reserved != r->trns->reserved) { - plog(LLV_WARNING, LOCATION, NULL, - "reserved field should be zero.\n"); - /*FALLTHROUGH*/ - } - - /* compare attribute */ - len = ntohs(r->trns->h.len) - sizeof(*p->trns); - if (memcmp(p->trns + 1, r->trns + 1, len) != 0) { - plog(LLV_WARNING, LOCATION, NULL, - "attribute has been modified.\n"); - /*FALLTHROUGH*/ - } - } - if ((p && !q) || (!p && q)) { - /* # of protocols mismatched */ - plog(LLV_ERROR, LOCATION, NULL, - "#of protocols mismatched.\n"); - return -1; - } - - return 0; -} - -/* - * acceptable check for policy configuration. - * return a new SA payload to be reply to peer. - */ -static struct prop_pair * -get_ph2approval(iph2, pair) - struct ph2handle *iph2; - struct prop_pair **pair; -{ - struct prop_pair *ret; - int i; - - iph2->approval = NULL; - - plog(LLV_DEBUG, LOCATION, NULL, - "begin compare proposals.\n"); - - for (i = 0; i < MAXPROPPAIRLEN; i++) { - if (pair[i] == NULL) - continue; - plog(LLV_DEBUG, LOCATION, NULL, - "pair[%d]: %p\n", i, pair[i]); - print_proppair(LLV_DEBUG, pair[i]);; - - /* compare proposal and select one */ - ret = get_ph2approvalx(iph2, pair[i]); - if (ret != NULL) { - /* found */ - return ret; - } - } - - plog(LLV_ERROR, LOCATION, NULL, "no suitable policy found.\n"); - - return NULL; -} - -/* - * compare my proposal and peers just one proposal. - * set a approval. - */ -static struct prop_pair * -get_ph2approvalx(iph2, pp) - struct ph2handle *iph2; - struct prop_pair *pp; -{ - struct prop_pair *ret = NULL; - struct saprop *pr0, *pr = NULL; - struct saprop *q1, *q2; - - pr0 = aproppair2saprop(pp); - if (pr0 == NULL) - return NULL; - - for (q1 = pr0; q1; q1 = q1->next) { - for (q2 = iph2->proposal; q2; q2 = q2->next) { - plog(LLV_DEBUG, LOCATION, NULL, - "peer's single bundle:\n"); - printsaprop0(LLV_DEBUG, q1); - plog(LLV_DEBUG, LOCATION, NULL, - "my single bundle:\n"); - printsaprop0(LLV_DEBUG, q2); - - pr = cmpsaprop_alloc(iph2->ph1, q1, q2, iph2->side); - if (pr != NULL) - goto found; - - plog(LLV_ERROR, LOCATION, NULL, - "not matched\n"); - } - } - /* no proposal matching */ -err: - flushsaprop(pr0); - return NULL; - -found: - flushsaprop(pr0); - plog(LLV_DEBUG, LOCATION, NULL, "matched\n"); - iph2->approval = pr; - - { - struct saproto *sp; - struct prop_pair *p, *n, *x; - - ret = NULL; - - for (p = pp; p; p = p->next) { - /* - * find a proposal with matching proto_id. - * we have analyzed validity already, in cmpsaprop_alloc(). - */ - for (sp = pr->head; sp; sp = sp->next) { - if (sp->proto_id == p->prop->proto_id) - break; - } - if (!sp) - goto err; - if (sp->head->next) - goto err; /* XXX */ - - for (x = p; x; x = x->tnext) - if (sp->head->trns_no == x->trns->t_no) - break; - if (!x) - goto err; /* XXX */ - - n = racoon_calloc(1, sizeof(struct prop_pair)); - if (!n) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer.\n"); - goto err; - } - - n->prop = x->prop; - n->trns = x->trns; - - /* need to preserve the order */ - for (x = ret; x && x->next; x = x->next) - ; - if (x && x->prop == n->prop) { - for (/*nothing*/; x && x->tnext; x = x->tnext) - ; - x->tnext = n; - } else { - if (x) - x->next = n; - else { - ret = n; - } - } - - /* #of transforms should be updated ? */ - } - } - - return ret; -} - -void -free_proppair(pair) - struct prop_pair **pair; -{ - int i; - - for (i = 0; i < MAXPROPPAIRLEN; i++) { - free_proppair0(pair[i]); - pair[i] = NULL; - } - racoon_free(pair); -} - -static void -free_proppair0(pair) - struct prop_pair *pair; -{ - struct prop_pair *p, *q, *r, *s; - - for (p = pair; p; p = q) { - q = p->next; - for (r = p; r; r = s) { - s = r->tnext; - racoon_free(r); - } - } -} - -/* - * get proposal pairs from SA payload. - * tiny check for proposal payload. - */ -struct prop_pair ** -get_proppair(sa, mode) - vchar_t *sa; - int mode; -{ - struct prop_pair **pair; - int num_p = 0; /* number of proposal for use */ - int tlen; - caddr_t bp; - int i; - struct ipsecdoi_sa_b *sab = (struct ipsecdoi_sa_b *)sa->v; - - plog(LLV_DEBUG, LOCATION, NULL, "total SA len=%d\n", sa->l); - plogdump(LLV_DEBUG, sa->v, sa->l); - - /* check SA payload size */ - if (sa->l < sizeof(*sab)) { - plog(LLV_ERROR, LOCATION, NULL, - "Invalid SA length = %d.\n", sa->l); - return NULL; - } - - /* check DOI */ - if (check_doi(ntohl(sab->doi)) < 0) - return NULL; - - /* check SITUATION */ - if (check_situation(ntohl(sab->sit)) < 0) - return NULL; - - pair = racoon_calloc(1, MAXPROPPAIRLEN * sizeof(*pair)); - if (pair == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer.\n"); - return NULL; - } - memset(pair, 0, sizeof(pair)); - - bp = (caddr_t)(sab + 1); - tlen = sa->l - sizeof(*sab); - - { - struct isakmp_pl_p *prop; - int proplen; - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - - pbuf = isakmp_parsewoh(ISAKMP_NPTYPE_P, (struct isakmp_gen *)bp, tlen); - if (pbuf == NULL) - return NULL; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - /* check the value of next payload */ - if (pa->type != ISAKMP_NPTYPE_P) { - plog(LLV_ERROR, LOCATION, NULL, - "Invalid payload type=%u\n", pa->type); - vfree(pbuf); - return NULL; - } - - prop = (struct isakmp_pl_p *)pa->ptr; - proplen = pa->len; - - plog(LLV_DEBUG, LOCATION, NULL, - "proposal #%u len=%d\n", prop->p_no, proplen); - - if (proplen == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid proposal with length %d\n", proplen); - vfree(pbuf); - return NULL; - } - - /* check Protocol ID */ - if (!check_protocol[mode]) { - plog(LLV_ERROR, LOCATION, NULL, - "unsupported mode %d\n", mode); - continue; - } - - if (check_protocol[mode](prop->proto_id) < 0) - continue; - - /* check SPI length when IKE. */ - if (check_spi_size(prop->proto_id, prop->spi_size) < 0) - continue; - - /* get transform */ - if (get_transform(prop, pair, &num_p) < 0) { - vfree(pbuf); - return NULL; - } - } - vfree(pbuf); - pbuf = NULL; - } - - { - int notrans, nprop; - struct prop_pair *p, *q; - - /* check for proposals with no transforms */ - for (i = 0; i < MAXPROPPAIRLEN; i++) { - if (!pair[i]) - continue; - - plog(LLV_DEBUG, LOCATION, NULL, "pair %d:\n", i); - print_proppair(LLV_DEBUG, pair[i]); - - notrans = nprop = 0; - for (p = pair[i]; p; p = p->next) { - if (p->trns == NULL) { - notrans++; - break; - } - for (q = p; q; q = q->tnext) - nprop++; - } - -#if 0 - /* - * XXX at this moment, we cannot accept proposal group - * with multiple proposals. this should be fixed. - */ - if (pair[i]->next) { - plog(LLV_WARNING, LOCATION, NULL, - "proposal #%u ignored " - "(multiple proposal not supported)\n", - pair[i]->prop->p_no); - notrans++; - } -#endif - - if (notrans) { - for (p = pair[i]; p; p = q) { - q = p->next; - racoon_free(p); - } - pair[i] = NULL; - num_p--; - } else { - plog(LLV_DEBUG, LOCATION, NULL, - "proposal #%u: %d transform\n", - pair[i]->prop->p_no, nprop); - } - } - } - - /* bark if no proposal is found. */ - if (num_p <= 0) { - plog(LLV_ERROR, LOCATION, NULL, - "no Proposal found.\n"); - return NULL; - } - - return pair; -} - -/* - * check transform payload. - * OUT: - * positive: return the pointer to the payload of valid transform. - * 0 : No valid transform found. - */ -static int -get_transform(prop, pair, num_p) - struct isakmp_pl_p *prop; - struct prop_pair **pair; - int *num_p; -{ - int tlen; /* total length of all transform in a proposal */ - caddr_t bp; - struct isakmp_pl_t *trns; - int trnslen; - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - struct prop_pair *p = NULL, *q; - int num_t; - - bp = (caddr_t)prop + sizeof(struct isakmp_pl_p) + prop->spi_size; - tlen = ntohs(prop->h.len) - - (sizeof(struct isakmp_pl_p) + prop->spi_size); - pbuf = isakmp_parsewoh(ISAKMP_NPTYPE_T, (struct isakmp_gen *)bp, tlen); - if (pbuf == NULL) - return -1; - - /* check and get transform for use */ - num_t = 0; - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - num_t++; - - /* check the value of next payload */ - if (pa->type != ISAKMP_NPTYPE_T) { - plog(LLV_ERROR, LOCATION, NULL, - "Invalid payload type=%u\n", pa->type); - break; - } - - trns = (struct isakmp_pl_t *)pa->ptr; - trnslen = pa->len; - - plog(LLV_DEBUG, LOCATION, NULL, - "transform #%u len=%u\n", trns->t_no, trnslen); - - /* check transform ID */ - if (prop->proto_id >= ARRAYLEN(check_transform)) { - plog(LLV_WARNING, LOCATION, NULL, - "unsupported proto_id %u\n", - prop->proto_id); - continue; - } - if (prop->proto_id >= ARRAYLEN(check_attributes)) { - plog(LLV_WARNING, LOCATION, NULL, - "unsupported proto_id %u\n", - prop->proto_id); - continue; - } - - if (!check_transform[prop->proto_id] - || !check_attributes[prop->proto_id]) { - plog(LLV_WARNING, LOCATION, NULL, - "unsupported proto_id %u\n", - prop->proto_id); - continue; - } - if (check_transform[prop->proto_id](trns->t_id) < 0) - continue; - - /* check data attributes */ - if (check_attributes[prop->proto_id](trns) != 0) - continue; - - p = racoon_calloc(1, sizeof(*p)); - if (p == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer.\n"); - vfree(pbuf); - return -1; - } - p->prop = prop; - p->trns = trns; - - /* need to preserve the order */ - for (q = pair[prop->p_no]; q && q->next; q = q->next) - ; - if (q && q->prop == p->prop) { - for (/*nothing*/; q && q->tnext; q = q->tnext) - ; - q->tnext = p; - } else { - if (q) - q->next = p; - else { - pair[prop->p_no] = p; - (*num_p)++; - } - } - } - - vfree(pbuf); - - return 0; -} - -/* - * make a new SA payload from prop_pair. - * NOTE: this function make spi value clear. - */ -vchar_t * -get_sabyproppair(pair, iph1) - struct prop_pair *pair; - struct ph1handle *iph1; -{ - vchar_t *newsa; - int newtlen; - u_int8_t *np_p = NULL; - struct prop_pair *p; - int prophlen, trnslen; - caddr_t bp; - - newtlen = sizeof(struct ipsecdoi_sa_b); - for (p = pair; p; p = p->next) { - newtlen += (sizeof(struct isakmp_pl_p) - + p->prop->spi_size - + ntohs(p->trns->h.len)); - } - - newsa = vmalloc(newtlen); - if (newsa == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "failed to get newsa.\n"); - return NULL; - } - bp = newsa->v; - - ((struct isakmp_gen *)bp)->len = htons(newtlen); - - /* update some of values in SA header */ - ((struct ipsecdoi_sa_b *)bp)->doi = htonl(iph1->rmconf->doitype); - ((struct ipsecdoi_sa_b *)bp)->sit = htonl(iph1->rmconf->sittype); - bp += sizeof(struct ipsecdoi_sa_b); - - /* create proposal payloads */ - for (p = pair; p; p = p->next) { - prophlen = sizeof(struct isakmp_pl_p) - + p->prop->spi_size; - trnslen = ntohs(p->trns->h.len); - - if (np_p) - *np_p = ISAKMP_NPTYPE_P; - - /* create proposal */ - - memcpy(bp, p->prop, prophlen); - ((struct isakmp_pl_p *)bp)->h.np = ISAKMP_NPTYPE_NONE; - ((struct isakmp_pl_p *)bp)->h.len = htons(prophlen + trnslen); - ((struct isakmp_pl_p *)bp)->num_t = 1; - np_p = &((struct isakmp_pl_p *)bp)->h.np; - memset(bp + sizeof(struct isakmp_pl_p), 0, p->prop->spi_size); - bp += prophlen; - - /* create transform */ - memcpy(bp, p->trns, trnslen); - ((struct isakmp_pl_t *)bp)->h.np = ISAKMP_NPTYPE_NONE; - ((struct isakmp_pl_t *)bp)->h.len = htons(trnslen); - bp += trnslen; - } - - return newsa; -} - -/* - * update responder's spi - */ -int -ipsecdoi_updatespi(iph2) - struct ph2handle *iph2; -{ - struct prop_pair **pair, *p; - struct saprop *pp; - struct saproto *pr; - int i; - int error = -1; - u_int8_t *spi; - - pair = get_proppair(iph2->sa_ret, IPSECDOI_TYPE_PH2); - if (pair == NULL) - return -1; - for (i = 0; i < MAXPROPPAIRLEN; i++) { - if (pair[i]) - break; - } - if (i == MAXPROPPAIRLEN || pair[i]->tnext) { - /* multiple transform must be filtered by selectph2proposal.*/ - goto end; - } - - pp = iph2->approval; - - /* create proposal payloads */ - for (p = pair[i]; p; p = p->next) { - /* - * find a proposal/transform with matching proto_id/t_id. - * we have analyzed validity already, in cmpsaprop_alloc(). - */ - for (pr = pp->head; pr; pr = pr->next) { - if (p->prop->proto_id == pr->proto_id && - p->trns->t_id == pr->head->trns_id) { - break; - } - } - if (!pr) - goto end; - - /* - * XXX SPI bits are left-filled, for use with IPComp. - * we should be switching to variable-length spi field... - */ - spi = (u_int8_t *)&pr->spi; - spi += sizeof(pr->spi); - spi -= pr->spisize; - memcpy((caddr_t)p->prop + sizeof(*p->prop), spi, pr->spisize); - } - - error = 0; -end: - free_proppair(pair); - return error; -} - -/* - * make a new SA payload from prop_pair. - */ -vchar_t * -get_sabysaprop(pp0, sa0) - struct saprop *pp0; - vchar_t *sa0; -{ - struct prop_pair **pair; - vchar_t *newsa; - int newtlen; - u_int8_t *np_p = NULL; - struct prop_pair *p = NULL; - struct saprop *pp; - struct saproto *pr; - struct satrns *tr; - int prophlen, trnslen; - caddr_t bp; - - /* get proposal pair */ - pair = get_proppair(sa0, IPSECDOI_TYPE_PH2); - if (pair == NULL) - return NULL; - - newtlen = sizeof(struct ipsecdoi_sa_b); - for (pp = pp0; pp; pp = pp->next) { - - if (pair[pp->prop_no] == NULL) - return NULL; - - for (pr = pp->head; pr; pr = pr->next) { - newtlen += (sizeof(struct isakmp_pl_p) - + pr->spisize); - - for (tr = pr->head; tr; tr = tr->next) { - for (p = pair[pp->prop_no]; p; p = p->tnext) { - if (tr->trns_no == p->trns->t_no) - break; - } - if (p == NULL) - return NULL; - - newtlen += ntohs(p->trns->h.len); - } - } - } - - newsa = vmalloc(newtlen); - if (newsa == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "failed to get newsa.\n"); - return NULL; - } - bp = newsa->v; - - /* some of values of SA must be updated in the out of this function */ - ((struct isakmp_gen *)bp)->len = htons(newtlen); - bp += sizeof(struct ipsecdoi_sa_b); - - /* create proposal payloads */ - for (pp = pp0; pp; pp = pp->next) { - - for (pr = pp->head; pr; pr = pr->next) { - prophlen = sizeof(struct isakmp_pl_p) - + p->prop->spi_size; - - for (tr = pr->head; tr; tr = tr->next) { - for (p = pair[pp->prop_no]; p; p = p->tnext) { - if (tr->trns_no == p->trns->t_no) - break; - } - if (p == NULL) - return NULL; - - trnslen = ntohs(p->trns->h.len); - - if (np_p) - *np_p = ISAKMP_NPTYPE_P; - - /* create proposal */ - - memcpy(bp, p->prop, prophlen); - ((struct isakmp_pl_p *)bp)->h.np = ISAKMP_NPTYPE_NONE; - ((struct isakmp_pl_p *)bp)->h.len = htons(prophlen + trnslen); - ((struct isakmp_pl_p *)bp)->num_t = 1; - np_p = &((struct isakmp_pl_p *)bp)->h.np; - bp += prophlen; - - /* create transform */ - memcpy(bp, p->trns, trnslen); - ((struct isakmp_pl_t *)bp)->h.np = ISAKMP_NPTYPE_NONE; - ((struct isakmp_pl_t *)bp)->h.len = htons(trnslen); - bp += trnslen; - } - } - } - - return newsa; -} - -/* - * If some error happens then return 0. Although 0 means that lifetime is zero, - * such a value should not be accepted. - * Also 0 of lifebyte should not be included in a packet although 0 means not - * to care of it. - */ -static u_int32_t -ipsecdoi_set_ld(buf) - vchar_t *buf; -{ - u_int32_t ld; - - if (buf == 0) - return 0; - - switch (buf->l) { - case 2: - ld = ntohs(*(u_int16_t *)buf->v); - break; - case 4: - ld = ntohl(*(u_int32_t *)buf->v); - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "length %d of life duration " - "isn't supported.\n", buf->l); - return 0; - } - - return ld; -} - -/*%%%*/ -/* - * check DOI - */ -static int -check_doi(doi) - u_int32_t doi; -{ - switch (doi) { - case IPSEC_DOI: - return 0; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid value of DOI 0x%08x.\n", doi); - return -1; - } - /* NOT REACHED */ -} - -/* - * check situation - */ -static int -check_situation(sit) - u_int32_t sit; -{ - switch (sit) { - case IPSECDOI_SIT_IDENTITY_ONLY: - return 0; - - case IPSECDOI_SIT_SECRECY: - case IPSECDOI_SIT_INTEGRITY: - plog(LLV_ERROR, LOCATION, NULL, - "situation 0x%08x unsupported yet.\n", sit); - return -1; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid situation 0x%08x.\n", sit); - return -1; - } - /* NOT REACHED */ -} - -/* - * check protocol id in main mode - */ -static int -check_prot_main(proto_id) - int proto_id; -{ - switch (proto_id) { - case IPSECDOI_PROTO_ISAKMP: - return 0; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "Illegal protocol id=%u.\n", proto_id); - return -1; - } - /* NOT REACHED */ -} - -/* - * check protocol id in quick mode - */ -static int -check_prot_quick(proto_id) - int proto_id; -{ - switch (proto_id) { - case IPSECDOI_PROTO_IPSEC_AH: - case IPSECDOI_PROTO_IPSEC_ESP: - return 0; - - case IPSECDOI_PROTO_IPCOMP: - return 0; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid protocol id %d.\n", proto_id); - return -1; - } - /* NOT REACHED */ -} - -static int -check_spi_size(proto_id, size) - int proto_id, size; -{ - switch (proto_id) { - case IPSECDOI_PROTO_ISAKMP: - if (size != 0) { - /* WARNING */ - plog(LLV_WARNING, LOCATION, NULL, - "SPI size isn't zero, but IKE proposal.\n"); - } - return 0; - - case IPSECDOI_PROTO_IPSEC_AH: - case IPSECDOI_PROTO_IPSEC_ESP: - if (size != 4) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid SPI size=%d for IPSEC proposal.\n", - size); - return -1; - } - return 0; - - case IPSECDOI_PROTO_IPCOMP: - if (size != 2 && size != 4) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid SPI size=%d for IPCOMP proposal.\n", - size); - return -1; - } - return 0; - - default: - /* ??? */ - return -1; - } - /* NOT REACHED */ -} - -/* - * check transform ID in ISAKMP. - */ -static int -check_trns_isakmp(t_id) - int t_id; -{ - switch (t_id) { - case IPSECDOI_KEY_IKE: - return 0; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid transform-id=%u in proto_id=%u.\n", - t_id, IPSECDOI_KEY_IKE); - return -1; - } - /* NOT REACHED */ -} - -/* - * check transform ID in AH. - */ -static int -check_trns_ah(t_id) - int t_id; -{ - switch (t_id) { - case IPSECDOI_AH_MD5: - case IPSECDOI_AH_SHA: - return 0; - case IPSECDOI_AH_DES: - plog(LLV_ERROR, LOCATION, NULL, - "not support transform-id=%u in AH.\n", t_id); - return -1; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid transform-id=%u in AH.\n", t_id); - return -1; - } - /* NOT REACHED */ -} - -/* - * check transform ID in ESP. - */ -static int -check_trns_esp(t_id) - int t_id; -{ - switch (t_id) { - case IPSECDOI_ESP_DES: - case IPSECDOI_ESP_3DES: - case IPSECDOI_ESP_NULL: - case IPSECDOI_ESP_RC5: - case IPSECDOI_ESP_CAST: - case IPSECDOI_ESP_BLOWFISH: - case IPSECDOI_ESP_RIJNDAEL: - case IPSECDOI_ESP_TWOFISH: - return 0; - case IPSECDOI_ESP_DES_IV32: - case IPSECDOI_ESP_DES_IV64: - case IPSECDOI_ESP_IDEA: - case IPSECDOI_ESP_3IDEA: - case IPSECDOI_ESP_RC4: - plog(LLV_ERROR, LOCATION, NULL, - "not support transform-id=%u in ESP.\n", t_id); - return -1; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid transform-id=%u in ESP.\n", t_id); - return -1; - } - /* NOT REACHED */ -} - -/* - * check transform ID in IPCOMP. - */ -static int -check_trns_ipcomp(t_id) - int t_id; -{ - switch (t_id) { - case IPSECDOI_IPCOMP_OUI: - case IPSECDOI_IPCOMP_DEFLATE: - case IPSECDOI_IPCOMP_LZS: - return 0; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid transform-id=%u in IPCOMP.\n", t_id); - return -1; - } - /* NOT REACHED */ -} - -/* - * check data attributes in IKE. - */ -static int -check_attr_isakmp(trns) - struct isakmp_pl_t *trns; -{ - struct isakmp_data *d; - int tlen; - int flag, type; - u_int16_t lorv; - - tlen = ntohs(trns->h.len) - sizeof(struct isakmp_pl_t); - d = (struct isakmp_data *)((caddr_t)trns + sizeof(struct isakmp_pl_t)); - - while (tlen > 0) { - type = ntohs(d->type) & ~ISAKMP_GEN_MASK; - flag = ntohs(d->type) & ISAKMP_GEN_MASK; - lorv = ntohs(d->lorv); - - plog(LLV_DEBUG, LOCATION, NULL, - "type=%s, flag=0x%04x, lorv=%s\n", - s_oakley_attr(type), flag, - s_oakley_attr_v(type, lorv)); - - /* - * some of the attributes must be encoded in TV. - * see RFC2409 Appendix A "Attribute Classes". - */ - switch (type) { - case OAKLEY_ATTR_ENC_ALG: - case OAKLEY_ATTR_HASH_ALG: - case OAKLEY_ATTR_AUTH_METHOD: - case OAKLEY_ATTR_GRP_DESC: - case OAKLEY_ATTR_GRP_TYPE: - case OAKLEY_ATTR_SA_LD_TYPE: - case OAKLEY_ATTR_PRF: - case OAKLEY_ATTR_KEY_LEN: - case OAKLEY_ATTR_FIELD_SIZE: - if (!flag) { /* TLV*/ - plog(LLV_ERROR, LOCATION, NULL, - "oakley attribute %d must be TV.\n", - type); - return -1; - } - break; - } - - /* sanity check for TLV. length must be specified. */ - if (!flag && lorv == 0) { /*TLV*/ - plog(LLV_ERROR, LOCATION, NULL, - "invalid length %d for TLV attribute %d.\n", - lorv, type); - return -1; - } - - switch (type) { - case OAKLEY_ATTR_ENC_ALG: - if (!alg_oakley_encdef_ok(lorv)) { - plog(LLV_ERROR, LOCATION, NULL, - "invalied encryption algorithm=%d.\n", - lorv); - return -1; - } - break; - - case OAKLEY_ATTR_HASH_ALG: - if (!alg_oakley_hashdef_ok(lorv)) { - plog(LLV_ERROR, LOCATION, NULL, - "invalied hash algorithm=%d.\n", - lorv); - return -1; - } - break; - - case OAKLEY_ATTR_AUTH_METHOD: - switch (lorv) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: - break; - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - plog(LLV_ERROR, LOCATION, NULL, - "auth method %d isn't supported.\n", - lorv); - return -1; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid auth method %d.\n", - lorv); - return -1; - } - break; - - case OAKLEY_ATTR_GRP_DESC: - if (!alg_oakley_dhdef_ok(lorv)) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid DH group %d.\n", - lorv); - return -1; - } - break; - - case OAKLEY_ATTR_GRP_TYPE: - switch (lorv) { - case OAKLEY_ATTR_GRP_TYPE_MODP: - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "unsupported DH group type %d.\n", - lorv); - return -1; - } - break; - - case OAKLEY_ATTR_GRP_PI: - case OAKLEY_ATTR_GRP_GEN_ONE: - /* sanity checks? */ - break; - - case OAKLEY_ATTR_GRP_GEN_TWO: - case OAKLEY_ATTR_GRP_CURVE_A: - case OAKLEY_ATTR_GRP_CURVE_B: - plog(LLV_ERROR, LOCATION, NULL, - "attr type=%u isn't supported.\n", type); - return -1; - - case OAKLEY_ATTR_SA_LD_TYPE: - switch (lorv) { - case OAKLEY_ATTR_SA_LD_TYPE_SEC: - case OAKLEY_ATTR_SA_LD_TYPE_KB: - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid life type %d.\n", lorv); - return -1; - } - break; - - case OAKLEY_ATTR_SA_LD: - /* should check the value */ - break; - - case OAKLEY_ATTR_PRF: - case OAKLEY_ATTR_KEY_LEN: - break; - - case OAKLEY_ATTR_FIELD_SIZE: - plog(LLV_ERROR, LOCATION, NULL, - "attr type=%u isn't supported.\n", type); - return -1; - - case OAKLEY_ATTR_GRP_ORDER: - break; - - case OAKLEY_ATTR_GSS_ID: - break; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid attribute type %d.\n", type); - return -1; - } - - if (flag) { - tlen -= sizeof(*d); - d = (struct isakmp_data *)((char *)d - + sizeof(*d)); - } else { - tlen -= (sizeof(*d) + lorv); - d = (struct isakmp_data *)((char *)d - + sizeof(*d) + lorv); - } - } - - return 0; -} - -/* - * check data attributes in IPSEC AH/ESP. - */ -static int -check_attr_ah(trns) - struct isakmp_pl_t *trns; -{ - return check_attr_ipsec(IPSECDOI_PROTO_IPSEC_AH, trns); -} - -static int -check_attr_esp(trns) - struct isakmp_pl_t *trns; -{ - return check_attr_ipsec(IPSECDOI_PROTO_IPSEC_ESP, trns); -} - -static int -check_attr_ipsec(proto_id, trns) - int proto_id; - struct isakmp_pl_t *trns; -{ - struct isakmp_data *d; - int tlen; - int flag, type = 0; - u_int16_t lorv; - int attrseen[16]; /* XXX magic number */ - - tlen = ntohs(trns->h.len) - sizeof(struct isakmp_pl_t); - d = (struct isakmp_data *)((caddr_t)trns + sizeof(struct isakmp_pl_t)); - memset(attrseen, 0, sizeof(attrseen)); - - while (tlen > 0) { - type = ntohs(d->type) & ~ISAKMP_GEN_MASK; - flag = ntohs(d->type) & ISAKMP_GEN_MASK; - lorv = ntohs(d->lorv); - - plog(LLV_DEBUG, LOCATION, NULL, - "type=%s, flag=0x%04x, lorv=%s\n", - s_ipsecdoi_attr(type), flag, - s_ipsecdoi_attr_v(type, lorv)); - - if (type < sizeof(attrseen)/sizeof(attrseen[0])) - attrseen[type]++; - - switch (type) { - case IPSECDOI_ATTR_ENC_MODE: - if (! flag) { - plog(LLV_ERROR, LOCATION, NULL, - "must be TV when ENC_MODE.\n"); - return -1; - } - - switch (lorv) { - case IPSECDOI_ATTR_ENC_MODE_TUNNEL: - case IPSECDOI_ATTR_ENC_MODE_TRNS: - case IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC: - case IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC: - case IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT: - case IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT: - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid encryption mode=%u.\n", - lorv); - return -1; - } - break; - - case IPSECDOI_ATTR_AUTH: - if (! flag) { - plog(LLV_ERROR, LOCATION, NULL, - "must be TV when AUTH.\n"); - return -1; - } - - switch (lorv) { - case IPSECDOI_ATTR_AUTH_HMAC_MD5: - if (proto_id == IPSECDOI_PROTO_IPSEC_AH - && trns->t_id != IPSECDOI_AH_MD5) { -ahmismatch: - plog(LLV_ERROR, LOCATION, NULL, - "auth algorithm %u conflicts " - "with transform %u.\n", - lorv, trns->t_id); - return -1; - } - break; - case IPSECDOI_ATTR_AUTH_HMAC_SHA1: - if (proto_id == IPSECDOI_PROTO_IPSEC_AH) { - if (trns->t_id != IPSECDOI_AH_SHA) - goto ahmismatch; - } - break; - case IPSECDOI_ATTR_AUTH_DES_MAC: - case IPSECDOI_ATTR_AUTH_KPDK: - plog(LLV_ERROR, LOCATION, NULL, - "auth algorithm %u isn't supported.\n", - lorv); - return -1; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid auth algorithm=%u.\n", - lorv); - return -1; - } - break; - - case IPSECDOI_ATTR_SA_LD_TYPE: - if (! flag) { - plog(LLV_ERROR, LOCATION, NULL, - "must be TV when LD_TYPE.\n"); - return -1; - } - - switch (lorv) { - case IPSECDOI_ATTR_SA_LD_TYPE_SEC: - case IPSECDOI_ATTR_SA_LD_TYPE_KB: - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid life type %d.\n", lorv); - return -1; - } - break; - - case IPSECDOI_ATTR_SA_LD: - if (flag) { - /* i.e. ISAKMP_GEN_TV */ - plog(LLV_DEBUG, LOCATION, NULL, - "life duration was in TLV.\n"); - } else { - /* i.e. ISAKMP_GEN_TLV */ - if (lorv == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid length of LD\n"); - return -1; - } - } - break; - - case IPSECDOI_ATTR_GRP_DESC: - if (! flag) { - plog(LLV_ERROR, LOCATION, NULL, - "must be TV when GRP_DESC.\n"); - return -1; - } - - if (!alg_oakley_dhdef_ok(lorv)) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid group description=%u.\n", - lorv); - return -1; - } - break; - - case IPSECDOI_ATTR_KEY_LENGTH: - if (! flag) { - plog(LLV_ERROR, LOCATION, NULL, - "must be TV when KEY_LENGTH.\n"); - return -1; - } - break; - - case IPSECDOI_ATTR_KEY_ROUNDS: - case IPSECDOI_ATTR_COMP_DICT_SIZE: - case IPSECDOI_ATTR_COMP_PRIVALG: - plog(LLV_ERROR, LOCATION, NULL, - "attr type=%u isn't supported.\n", type); - return -1; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid attribute type %d.\n", type); - return -1; - } - - if (flag) { - tlen -= sizeof(*d); - d = (struct isakmp_data *)((char *)d - + sizeof(*d)); - } else { - tlen -= (sizeof(*d) + lorv); - d = (struct isakmp_data *)((caddr_t)d - + sizeof(*d) + lorv); - } - } - - if (proto_id == IPSECDOI_PROTO_IPSEC_AH - && !attrseen[IPSECDOI_ATTR_AUTH]) { - plog(LLV_ERROR, LOCATION, NULL, - "attr AUTH must be present for AH.\n", type); - return -1; - } - - return 0; -} - -static int -check_attr_ipcomp(trns) - struct isakmp_pl_t *trns; -{ - struct isakmp_data *d; - int tlen; - int flag, type = 0; - u_int16_t lorv; - int attrseen[16]; /* XXX magic number */ - - tlen = ntohs(trns->h.len) - sizeof(struct isakmp_pl_t); - d = (struct isakmp_data *)((caddr_t)trns + sizeof(struct isakmp_pl_t)); - memset(attrseen, 0, sizeof(attrseen)); - - while (tlen > 0) { - type = ntohs(d->type) & ~ISAKMP_GEN_MASK; - flag = ntohs(d->type) & ISAKMP_GEN_MASK; - lorv = ntohs(d->lorv); - - plog(LLV_DEBUG, LOCATION, NULL, - "type=%d, flag=0x%04x, lorv=0x%04x\n", - type, flag, lorv); - - if (type < sizeof(attrseen)/sizeof(attrseen[0])) - attrseen[type]++; - - switch (type) { - case IPSECDOI_ATTR_ENC_MODE: - if (! flag) { - plog(LLV_ERROR, LOCATION, NULL, - "must be TV when ENC_MODE.\n"); - return -1; - } - - switch (lorv) { - case IPSECDOI_ATTR_ENC_MODE_TUNNEL: - case IPSECDOI_ATTR_ENC_MODE_TRNS: - case IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC: - case IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC: - case IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT: - case IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT: - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid encryption mode=%u.\n", - lorv); - return -1; - } - break; - - case IPSECDOI_ATTR_SA_LD_TYPE: - if (! flag) { - plog(LLV_ERROR, LOCATION, NULL, - "must be TV when LD_TYPE.\n"); - return -1; - } - - switch (lorv) { - case IPSECDOI_ATTR_SA_LD_TYPE_SEC: - case IPSECDOI_ATTR_SA_LD_TYPE_KB: - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid life type %d.\n", lorv); - return -1; - } - break; - - case IPSECDOI_ATTR_SA_LD: - if (flag) { - /* i.e. ISAKMP_GEN_TV */ - plog(LLV_DEBUG, LOCATION, NULL, - "life duration was in TLV.\n"); - } else { - /* i.e. ISAKMP_GEN_TLV */ - if (lorv == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid length of LD\n"); - return -1; - } - } - break; - - case IPSECDOI_ATTR_GRP_DESC: - if (! flag) { - plog(LLV_ERROR, LOCATION, NULL, - "must be TV when GRP_DESC.\n"); - return -1; - } - - if (!alg_oakley_dhdef_ok(lorv)) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid group description=%u.\n", - lorv); - return -1; - } - break; - - case IPSECDOI_ATTR_AUTH: - plog(LLV_ERROR, LOCATION, NULL, - "invalid attr type=%u.\n", type); - return -1; - - case IPSECDOI_ATTR_KEY_LENGTH: - case IPSECDOI_ATTR_KEY_ROUNDS: - case IPSECDOI_ATTR_COMP_DICT_SIZE: - case IPSECDOI_ATTR_COMP_PRIVALG: - plog(LLV_ERROR, LOCATION, NULL, - "attr type=%u isn't supported.\n", type); - return -1; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid attribute type %d.\n", type); - return -1; - } - - if (flag) { - tlen -= sizeof(*d); - d = (struct isakmp_data *)((char *)d - + sizeof(*d)); - } else { - tlen -= (sizeof(*d) + lorv); - d = (struct isakmp_data *)((caddr_t)d - + sizeof(*d) + lorv); - } - } - -#if 0 - if (proto_id == IPSECDOI_PROTO_IPCOMP - && !attrseen[IPSECDOI_ATTR_AUTH]) { - plog(LLV_ERROR, LOCATION, NULL, - "attr AUTH must be present for AH.\n", type); - return -1; - } -#endif - - return 0; -} - -/* %%% */ -/* - * create phase1 proposal from remote configuration. - * NOT INCLUDING isakmp general header of SA payload - */ -vchar_t * -ipsecdoi_setph1proposal(props) - struct isakmpsa *props; -{ - vchar_t *mysa; - int sablen; - - /* count total size of SA minus isakmp general header */ - /* not including isakmp general header of SA payload */ - sablen = sizeof(struct ipsecdoi_sa_b); - sablen += setph1prop(props, NULL); - - mysa = vmalloc(sablen); - if (mysa == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate my sa buffer\n"); - return NULL; - } - - /* create SA payload */ - /* not including isakmp general header */ - ((struct ipsecdoi_sa_b *)mysa->v)->doi = htonl(props->rmconf->doitype); - ((struct ipsecdoi_sa_b *)mysa->v)->sit = htonl(props->rmconf->sittype); - - (void)setph1prop(props, mysa->v + sizeof(struct ipsecdoi_sa_b)); - - return mysa; -} - -static int -setph1prop(props, buf) - struct isakmpsa *props; - caddr_t buf; -{ - struct isakmp_pl_p *prop = NULL; - struct isakmpsa *s = NULL; - int proplen, trnslen; - u_int8_t *np_t; /* pointer next trns type in previous header */ - int trns_num; - caddr_t p = buf; - - proplen = sizeof(*prop); - if (buf) { - /* create proposal */ - prop = (struct isakmp_pl_p *)p; - prop->h.np = ISAKMP_NPTYPE_NONE; - prop->p_no = props->prop_no; - prop->proto_id = IPSECDOI_PROTO_ISAKMP; - prop->spi_size = 0; - p += sizeof(*prop); - } - - np_t = NULL; - trns_num = 0; - - for (s = props; s != NULL; s = s->next) { - if (np_t) - *np_t = ISAKMP_NPTYPE_T; - - trnslen = setph1trns(s, p); - proplen += trnslen; - if (buf) { - /* save buffer to pre-next payload */ - np_t = &((struct isakmp_pl_t *)p)->h.np; - p += trnslen; - - /* count up transform length */ - trns_num++; - } - } - - /* update proposal length */ - if (buf) { - prop->h.len = htons(proplen); - prop->num_t = trns_num; - } - - return proplen; -} - -static int -setph1trns(sa, buf) - struct isakmpsa *sa; - caddr_t buf; -{ - struct isakmp_pl_t *trns = NULL; - int trnslen, attrlen; - caddr_t p = buf; - - trnslen = sizeof(*trns); - if (buf) { - /* create transform */ - trns = (struct isakmp_pl_t *)p; - trns->h.np = ISAKMP_NPTYPE_NONE; - trns->t_no = sa->trns_no; - trns->t_id = IPSECDOI_KEY_IKE; - p += sizeof(*trns); - } - - attrlen = setph1attr(sa, p); - trnslen += attrlen; - if (buf) - p += attrlen; - - if (buf) - trns->h.len = htons(trnslen); - - return trnslen; -} - -static int -setph1attr(sa, buf) - struct isakmpsa *sa; - caddr_t buf; -{ - caddr_t p = buf; - int attrlen = 0; - - if (sa->lifetime) { - attrlen += sizeof(struct isakmp_data) - + sizeof(struct isakmp_data); - if (sa->lifetime > 0xffff) - attrlen += sizeof(sa->lifetime); - if (buf) { - p = isakmp_set_attr_l(p, OAKLEY_ATTR_SA_LD_TYPE, - OAKLEY_ATTR_SA_LD_TYPE_SEC); - if (sa->lifetime > 0xffff) { - u_int32_t v = htonl((u_int32_t)sa->lifetime); - p = isakmp_set_attr_v(p, OAKLEY_ATTR_SA_LD, - (caddr_t)&v, sizeof(v)); - } else { - p = isakmp_set_attr_l(p, OAKLEY_ATTR_SA_LD, - sa->lifetime); - } - } - } - - if (sa->lifebyte) { - attrlen += sizeof(struct isakmp_data) - + sizeof(struct isakmp_data); - if (sa->lifebyte > 0xffff) - attrlen += sizeof(sa->lifebyte); - if (buf) { - p = isakmp_set_attr_l(p, OAKLEY_ATTR_SA_LD_TYPE, - OAKLEY_ATTR_SA_LD_TYPE_KB); - if (sa->lifebyte > 0xffff) { - u_int32_t v = htonl((u_int32_t)sa->lifebyte); - p = isakmp_set_attr_v(p, OAKLEY_ATTR_SA_LD, - (caddr_t)&v, sizeof(v)); - } else { - p = isakmp_set_attr_l(p, OAKLEY_ATTR_SA_LD, - sa->lifebyte); - } - } - } - - if (sa->enctype) { - attrlen += sizeof(struct isakmp_data); - if (buf) - p = isakmp_set_attr_l(p, OAKLEY_ATTR_ENC_ALG, sa->enctype); - } - if (sa->encklen) { - attrlen += sizeof(struct isakmp_data); - if (buf) - p = isakmp_set_attr_l(p, OAKLEY_ATTR_KEY_LEN, sa->encklen); - } - if (sa->authmethod) { - attrlen += sizeof(struct isakmp_data); - if (buf) - p = isakmp_set_attr_l(p, OAKLEY_ATTR_AUTH_METHOD, sa->authmethod); - } - if (sa->hashtype) { - attrlen += sizeof(struct isakmp_data); - if (buf) - p = isakmp_set_attr_l(p, OAKLEY_ATTR_HASH_ALG, sa->hashtype); - } - switch (sa->dh_group) { - case OAKLEY_ATTR_GRP_DESC_MODP768: - case OAKLEY_ATTR_GRP_DESC_MODP1024: - case OAKLEY_ATTR_GRP_DESC_MODP1536: - case OAKLEY_ATTR_GRP_DESC_MODP2048: - case OAKLEY_ATTR_GRP_DESC_MODP3072: - case OAKLEY_ATTR_GRP_DESC_MODP4096: - case OAKLEY_ATTR_GRP_DESC_MODP6144: - case OAKLEY_ATTR_GRP_DESC_MODP8192: - /* don't attach group type for known groups */ - attrlen += sizeof(struct isakmp_data); - if (buf) { - p = isakmp_set_attr_l(p, OAKLEY_ATTR_GRP_DESC, - sa->dh_group); - } - break; - case OAKLEY_ATTR_GRP_DESC_EC2N155: - case OAKLEY_ATTR_GRP_DESC_EC2N185: - /* don't attach group type for known groups */ - attrlen += sizeof(struct isakmp_data); - if (buf) { - p = isakmp_set_attr_l(p, OAKLEY_ATTR_GRP_TYPE, - OAKLEY_ATTR_GRP_TYPE_EC2N); - } - break; - case 0: - default: - break; - } - -#ifdef HAVE_GSSAPI - if (sa->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB && - sa->gssid != NULL) { - attrlen += sizeof(struct isakmp_data); - attrlen += sa->gssid->l; - if (buf) { - plog(LLV_DEBUG, LOCATION, NULL, "gss id attr: len %d, " - "val '%s'\n", sa->gssid->l, sa->gssid->v); - p = isakmp_set_attr_v(p, OAKLEY_ATTR_GSS_ID, - (caddr_t)sa->gssid->v, - sa->gssid->l); - } - } -#endif - - return attrlen; -} - -static vchar_t * -setph2proposal0(iph2, pp, pr) - const struct ph2handle *iph2; - const struct saprop *pp; - const struct saproto *pr; -{ - vchar_t *p; - struct isakmp_pl_p *prop; - struct isakmp_pl_t *trns; - struct satrns *tr; - int attrlen; - size_t trnsoff; - caddr_t x0, x; - u_int8_t *np_t; /* pointer next trns type in previous header */ - const u_int8_t *spi; - - p = vmalloc(sizeof(*prop) + sizeof(pr->spi)); - if (p == NULL) - return NULL; - - /* create proposal */ - prop = (struct isakmp_pl_p *)p->v; - prop->h.np = ISAKMP_NPTYPE_NONE; - prop->p_no = pp->prop_no; - prop->proto_id = pr->proto_id; - prop->num_t = 1; - - spi = (const u_int8_t *)&pr->spi; - switch (pr->proto_id) { - case IPSECDOI_PROTO_IPCOMP: - /* - * draft-shacham-ippcp-rfc2393bis-05.txt: - * construct 16bit SPI (CPI). - * XXX we may need to provide a configuration option to - * generate 32bit SPI. otherwise we cannot interoeprate - * with nodes that uses 32bit SPI, in case we are initiator. - */ - prop->spi_size = sizeof(u_int16_t); - spi += sizeof(pr->spi) - sizeof(u_int16_t); - p->l -= sizeof(pr->spi); - p->l += sizeof(u_int16_t); - break; - default: - prop->spi_size = sizeof(pr->spi); - break; - } - memcpy(prop + 1, spi, prop->spi_size); - - /* create transform */ - trnsoff = sizeof(*prop) + prop->spi_size; - np_t = NULL; - - for (tr = pr->head; tr; tr = tr->next) { - - if (np_t) { - *np_t = ISAKMP_NPTYPE_T; - prop->num_t++; - } - - /* get attribute length */ - attrlen = 0; - if (pp->lifetime) { - attrlen += sizeof(struct isakmp_data) - + sizeof(struct isakmp_data); - if (pp->lifetime > 0xffff) - attrlen += sizeof(u_int32_t); - } - if (pp->lifebyte && pp->lifebyte != IPSECDOI_ATTR_SA_LD_KB_MAX) { - attrlen += sizeof(struct isakmp_data) - + sizeof(struct isakmp_data); - if (pp->lifebyte > 0xffff) - attrlen += sizeof(u_int32_t); - } - attrlen += sizeof(struct isakmp_data); /* enc mode */ - if (tr->encklen) - attrlen += sizeof(struct isakmp_data); - - switch (pr->proto_id) { - case IPSECDOI_PROTO_IPSEC_ESP: - /* non authentication mode ? */ - if (tr->authtype != IPSECDOI_ATTR_AUTH_NONE) - attrlen += sizeof(struct isakmp_data); - break; - case IPSECDOI_PROTO_IPSEC_AH: - if (tr->authtype == IPSECDOI_ATTR_AUTH_NONE) { - plog(LLV_ERROR, LOCATION, NULL, - "no authentication algorithm found " - "but protocol is AH.\n"); - vfree(p); - return NULL; - } - attrlen += sizeof(struct isakmp_data); - break; - case IPSECDOI_PROTO_IPCOMP: - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid protocol: %d\n", pr->proto_id); - vfree(p); - return NULL; - } - - if (alg_oakley_dhdef_ok(iph2->sainfo->pfs_group)) - attrlen += sizeof(struct isakmp_data); - - p = vrealloc(p, p->l + sizeof(*trns) + attrlen); - if (p == NULL) - return NULL; - prop = (struct isakmp_pl_p *)p->v; - - /* set transform's values */ - trns = (struct isakmp_pl_t *)(p->v + trnsoff); - trns->h.np = ISAKMP_NPTYPE_NONE; - trns->t_no = tr->trns_no; - trns->t_id = tr->trns_id; - - /* set attributes */ - x = x0 = p->v + trnsoff + sizeof(*trns); - - if (pp->lifetime) { - x = isakmp_set_attr_l(x, IPSECDOI_ATTR_SA_LD_TYPE, - IPSECDOI_ATTR_SA_LD_TYPE_SEC); - if (pp->lifetime > 0xffff) { - u_int32_t v = htonl((u_int32_t)pp->lifetime); - x = isakmp_set_attr_v(x, IPSECDOI_ATTR_SA_LD, - (caddr_t)&v, sizeof(v)); - } else { - x = isakmp_set_attr_l(x, IPSECDOI_ATTR_SA_LD, - pp->lifetime); - } - } - - if (pp->lifebyte && pp->lifebyte != IPSECDOI_ATTR_SA_LD_KB_MAX) { - x = isakmp_set_attr_l(x, IPSECDOI_ATTR_SA_LD_TYPE, - IPSECDOI_ATTR_SA_LD_TYPE_KB); - if (pp->lifebyte > 0xffff) { - u_int32_t v = htonl((u_int32_t)pp->lifebyte); - x = isakmp_set_attr_v(x, IPSECDOI_ATTR_SA_LD, - (caddr_t)&v, sizeof(v)); - } else { - x = isakmp_set_attr_l(x, IPSECDOI_ATTR_SA_LD, - pp->lifebyte); - } - } - - x = isakmp_set_attr_l(x, IPSECDOI_ATTR_ENC_MODE, pr->encmode); - - if (tr->encklen) - x = isakmp_set_attr_l(x, IPSECDOI_ATTR_KEY_LENGTH, tr->encklen); - - /* mandatory check has done above. */ - if ((pr->proto_id == IPSECDOI_PROTO_IPSEC_ESP && tr->authtype != IPSECDOI_ATTR_AUTH_NONE) - || pr->proto_id == IPSECDOI_PROTO_IPSEC_AH) - x = isakmp_set_attr_l(x, IPSECDOI_ATTR_AUTH, tr->authtype); - - if (alg_oakley_dhdef_ok(iph2->sainfo->pfs_group)) - x = isakmp_set_attr_l(x, IPSECDOI_ATTR_GRP_DESC, - iph2->sainfo->pfs_group); - - /* update length of this transform. */ - trns = (struct isakmp_pl_t *)(p->v + trnsoff); - trns->h.len = htons(sizeof(*trns) + attrlen); - - /* save buffer to pre-next payload */ - np_t = &trns->h.np; - - trnsoff += (sizeof(*trns) + attrlen); - } - - /* update length of this protocol. */ - prop->h.len = htons(p->l); - - return p; -} - -/* - * create phase2 proposal from policy configuration. - * NOT INCLUDING isakmp general header of SA payload. - * This function is called by initiator only. - */ -int -ipsecdoi_setph2proposal(iph2) - struct ph2handle *iph2; -{ - struct saprop *proposal, *a; - struct saproto *b = NULL; - vchar_t *q; - struct ipsecdoi_sa_b *sab; - struct isakmp_pl_p *prop; - size_t propoff; /* for previous field of type of next payload. */ - - proposal = iph2->proposal; - - iph2->sa = vmalloc(sizeof(*sab)); - if (iph2->sa == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate my sa buffer\n"); - return -1; - } - - /* create SA payload */ - sab = (struct ipsecdoi_sa_b *)iph2->sa->v; - sab->doi = htonl(IPSEC_DOI); - sab->sit = htonl(IPSECDOI_SIT_IDENTITY_ONLY); /* XXX configurable ? */ - - prop = NULL; - propoff = 0; - for (a = proposal; a; a = a->next) { - for (b = a->head; b; b = b->next) { -#ifdef IKE_NAT_T - /* - * Hack to fix encmode, we may have detected a nat since - * we last set pr->encmode. We need to fix this if - * we now have a NAT. NAT-T doesn't work with AH. - */ - int nattype; - if (iph2->ph1 && (nattype = natd_hasnat(iph2->ph1)) && - b->proto_id != IPSECDOI_PROTO_IPSEC_AH) - { - switch (b->encmode) - { - - case IPSECDOI_ATTR_ENC_MODE_TUNNEL: - if (nattype == natt_type_rfc || - nattype == natt_type_apple) - b->encmode = IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC; - else - b->encmode = IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT; - break; - case IPSECDOI_ATTR_ENC_MODE_TRNS: - if (nattype == natt_type_rfc || - nattype == natt_type_apple) - b->encmode = IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC; - else - b->encmode = IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT; - break; - } - } -#endif - - q = setph2proposal0(iph2, a, b); - if (q == NULL) { - vfree(iph2->sa); - return -1; - } - - iph2->sa = vrealloc(iph2->sa, iph2->sa->l + q->l); - if (iph2->sa == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate my sa buffer\n"); - if (q) - vfree(q); - return -1; - } - memcpy(iph2->sa->v + iph2->sa->l - q->l, q->v, q->l); - if (propoff != 0) { - prop = (struct isakmp_pl_p *)(iph2->sa->v + - propoff); - prop->h.np = ISAKMP_NPTYPE_P; - } - propoff = iph2->sa->l - q->l; - - vfree(q); - } - } - - return 0; -} - -/* - * return 1 if all of the proposed protocols are tunnel mode. - */ -int -ipsecdoi_tunnelmode(iph2) - struct ph2handle *iph2; -{ - struct saprop *pp; - struct saproto *pr = NULL; - - for (pp = iph2->proposal; pp; pp = pp->next) { - for (pr = pp->head; pr; pr = pr->next) { - if (pr->encmode != IPSECDOI_ATTR_ENC_MODE_TUNNEL && - pr->encmode != IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC && - pr->encmode != IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT) - return 0; - } - } - - return 1; -} - -/* - * return 1 if all of the proposed protocols are transport mode. - */ -int -ipsecdoi_transportmode(iph2) - struct ph2handle *iph2; -{ - struct saprop *pp; - struct saproto *pr = NULL; - - for (pp = iph2->proposal; pp; pp = pp->next) { - for (pr = pp->head; pr; pr = pr->next) { - if (pr->encmode != IPSECDOI_ATTR_ENC_MODE_TRNS && - pr->encmode != IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC && - pr->encmode != IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT) - return 0; - } - } - - return 1; -} - - -int -ipsecdoi_get_defaultlifetime() -{ - return IPSECDOI_ATTR_SA_LD_SEC_DEFAULT; -} - -int -ipsecdoi_checkalgtypes(proto_id, enc, auth, comp) - int proto_id, enc, auth, comp; -{ -#define TMPALGTYPE2STR(n) s_algtype(algclass_ipsec_##n, n) - switch (proto_id) { - case IPSECDOI_PROTO_IPSEC_ESP: - if (enc == 0 || comp != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "illegal algorithm defined " - "ESP enc=%s auth=%s comp=%s.\n", - TMPALGTYPE2STR(enc), - TMPALGTYPE2STR(auth), - TMPALGTYPE2STR(comp)); - return -1; - } - break; - case IPSECDOI_PROTO_IPSEC_AH: - if (enc != 0 || auth == 0 || comp != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "illegal algorithm defined " - "AH enc=%s auth=%s comp=%s.\n", - TMPALGTYPE2STR(enc), - TMPALGTYPE2STR(auth), - TMPALGTYPE2STR(comp)); - return -1; - } - break; - case IPSECDOI_PROTO_IPCOMP: - if (enc != 0 || auth != 0 || comp == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "illegal algorithm defined " - "IPcomp enc=%s auth=%s comp=%s.\n", - TMPALGTYPE2STR(enc), - TMPALGTYPE2STR(auth), - TMPALGTYPE2STR(comp)); - return -1; - } - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid ipsec protocol %d\n", proto_id); - return -1; - } -#undef TMPALGTYPE2STR - return 0; -} - -int -ipproto2doi(proto) - int proto; -{ - switch (proto) { - case IPPROTO_AH: - return IPSECDOI_PROTO_IPSEC_AH; - case IPPROTO_ESP: - return IPSECDOI_PROTO_IPSEC_ESP; - case IPPROTO_IPCOMP: - return IPSECDOI_PROTO_IPCOMP; - } - return -1; /* XXX */ -} - -int -doi2ipproto(proto) - int proto; -{ - switch (proto) { - case IPSECDOI_PROTO_IPSEC_AH: - return IPPROTO_AH; - case IPSECDOI_PROTO_IPSEC_ESP: - return IPPROTO_ESP; - case IPSECDOI_PROTO_IPCOMP: - return IPPROTO_IPCOMP; - } - return -1; /* XXX */ -} - -/* - * check the following: - * - In main mode with pre-shared key, only address type can be used. - * - if proper type for phase 1 ? - * - if phase 1 ID payload conformed RFC2407 4.6.2. - * (proto, port) must be (0, 0), (udp, 500) or (udp, [specified]). - * - if ID payload sent from peer is equal to the ID expected by me. - * - * both of "id" and "id_p" should be ID payload without general header, - */ -int -ipsecdoi_checkid1(iph1) - struct ph1handle *iph1; -{ - struct ipsecdoi_id_b *id_b; - struct sockaddr *sa; - caddr_t sa1, sa2; - - if (iph1->id_p == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid iph1 passed id_p == NULL\n"); - return ISAKMP_INTERNAL_ERROR; - } - if (iph1->id_p->l < sizeof(*id_b)) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid value passed as \"ident\" (len=%lu)\n", - (u_long)iph1->id_p->l); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - - id_b = (struct ipsecdoi_id_b *)iph1->id_p->v; - - /* In main mode with pre-shared key, only address type can be used. - If NAT Traversal draft 02 being used - allow this. */ - if (iph1->etype == ISAKMP_ETYPE_IDENT - && iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_PSKEY - && !natd_hasnat(iph1)) { - if (id_b->type != IPSECDOI_ID_IPV4_ADDR - && id_b->type != IPSECDOI_ID_IPV6_ADDR) { - plog(LLV_ERROR, LOCATION, NULL, - "Expecting IP address type in main mode, " - "but %s.\n", s_ipsecdoi_ident(id_b->type)); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - } - - /* if proper type for phase 1 ? */ - switch (id_b->type) { - case IPSECDOI_ID_IPV4_ADDR_SUBNET: - case IPSECDOI_ID_IPV6_ADDR_SUBNET: - case IPSECDOI_ID_IPV4_ADDR_RANGE: - case IPSECDOI_ID_IPV6_ADDR_RANGE: - plog(LLV_WARNING, LOCATION, NULL, - "such ID type %s is not proper.\n", - s_ipsecdoi_ident(id_b->type)); - /*FALLTHROUGH*/ - } - - /* if phase 1 ID payload conformed RFC2407 4.6.2. */ - if (id_b->type == IPSECDOI_ID_IPV4_ADDR - && id_b->type == IPSECDOI_ID_IPV6_ADDR) { - - if (id_b->proto_id == 0 && ntohs(id_b->port) != 0) { - plog(LLV_WARNING, LOCATION, NULL, - "protocol ID and Port mismatched. " - "proto_id:%d port:%d\n", - id_b->proto_id, ntohs(id_b->port)); - /*FALLTHROUGH*/ - - } else if (id_b->proto_id == IPPROTO_UDP) { - /* - * copmaring with expecting port. - * always permit if port is equal to PORT_ISAKMP - */ - if (ntohs(id_b->port) != PORT_ISAKMP) { - - u_int16_t port; - - switch (iph1->remote->sa_family) { - case AF_INET: - port = ((struct sockaddr_in *)iph1->remote)->sin_port; - break; -#ifdef INET6 - case AF_INET6: - port = ((struct sockaddr_in6 *)iph1->remote)->sin6_port; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", - iph1->remote->sa_family); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - if (ntohs(id_b->port) != port) { - plog(LLV_WARNING, LOCATION, NULL, - "port %d expected, but %d\n", - port, ntohs(id_b->port)); - /*FALLTHROUGH*/ - } - } - } - } - - /* compare with the ID if specified. */ - if (iph1->rmconf->idv_p) { - vchar_t *ident0 = NULL; - vchar_t ident; - - /* check the type of both IDs */ - if (iph1->rmconf->idvtype_p != doi2idtype(id_b->type)) { - plog(LLV_WARNING, LOCATION, NULL, - "ID type mismatched.\n"); - if (iph1->rmconf->verify_identifier) - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - - /* compare defined ID with the ID sent by peer. */ - ident0 = getidval(iph1->rmconf->idvtype_p, iph1->rmconf->idv_p); - - switch (iph1->rmconf->idvtype_p) { - case IDTYPE_ASN1DN: - ident.v = (caddr_t)(id_b + 1); - ident.l = ident0->l; - if (eay_cmp_asn1dn(ident0, &ident)) - goto err; - break; - case IDTYPE_ADDRESS: - sa = (struct sockaddr *)ident0->v; - sa2 = (caddr_t)(id_b + 1); - switch (sa->sa_family) { - case AF_INET: - if (iph1->id_p->l - sizeof(*id_b) != sizeof(struct in_addr)) - goto err; - - sa1 = (caddr_t)&((struct sockaddr_in *)sa)->sin_addr; - if (memcmp(sa1, sa2, sizeof(struct in_addr)) != 0) - goto err; - break; -#ifdef INET6 - case AF_INET6: - if (iph1->id_p->l - sizeof(*id_b) != sizeof(struct in6_addr)) - goto err; - sa1 = (caddr_t)&((struct sockaddr_in6 *)sa)->sin6_addr; - if (memcmp(sa1, sa2, sizeof(struct in6_addr)) != 0) - goto err; - break; -#endif - default: - goto err; - } - break; - default: - if (memcmp(ident0->v, id_b + 1, ident0->l)) { -err: - plog(LLV_WARNING, LOCATION, NULL, - "ID value mismatched.\n"); - if (iph1->rmconf->verify_identifier) { - vfree(ident0); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - } - break; - } - vfree(ident0); - } - - return 0; -} - -/* - * create ID payload for phase 1 and set into iph1->id. - * NOT INCLUDING isakmp general header. - * see, RFC2407 4.6.2.1 - */ -int -ipsecdoi_setid1(iph1) - struct ph1handle *iph1; -{ - vchar_t *ret = NULL; - struct ipsecdoi_id_b id_b; - vchar_t *ident = NULL; - struct sockaddr *ipid = NULL; - - /* init */ - id_b.proto_id = 0; - id_b.port = 0; - ident = NULL; - - switch (iph1->rmconf->idvtype) { - case IDTYPE_FQDN: - id_b.type = IPSECDOI_ID_FQDN; - ident = getidval(iph1->rmconf->idvtype, iph1->rmconf->idv); - break; - case IDTYPE_USERFQDN: - id_b.type = IPSECDOI_ID_USER_FQDN; - ident = getidval(iph1->rmconf->idvtype, iph1->rmconf->idv); - break; - case IDTYPE_KEYID: - case IDTYPE_KEYIDUSE: - id_b.type = IPSECDOI_ID_KEY_ID; - ident = getidval(iph1->rmconf->idvtype, iph1->rmconf->idv); - break; -#ifdef HAVE_SIGNING_C - case IDTYPE_ASN1DN: - id_b.type = IPSECDOI_ID_DER_ASN1_DN; - if (iph1->rmconf->idv) { - /* XXX it must be encoded to asn1dn. */ - ident = vdup(iph1->rmconf->idv); - } else { - if (oakley_getmycert(iph1) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get own CERT.\n"); - goto err; - } - ident = eay_get_x509asn1subjectname(&iph1->cert->cert); - } - break; -#endif - case IDTYPE_ADDRESS: - /* - * if the value of the id type was set by the configuration - * file, then use it. otherwise the value is get from local - * ip address by using ike negotiation. - */ - if (iph1->rmconf->idv) - ipid = (struct sockaddr *)iph1->rmconf->idv->v; - /*FALLTHROUGH*/ - default: - { - int l; - caddr_t p; - - if (ipid == NULL) - ipid = iph1->local; - - /* use IP address */ - switch (ipid->sa_family) { - case AF_INET: - id_b.type = IPSECDOI_ID_IPV4_ADDR; - l = sizeof(struct in_addr); - p = (caddr_t)&((struct sockaddr_in *)ipid)->sin_addr; - break; -#ifdef INET6 - case AF_INET6: - id_b.type = IPSECDOI_ID_IPV6_ADDR; - l = sizeof(struct in6_addr); - p = (caddr_t)&((struct sockaddr_in6 *)ipid)->sin6_addr; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid address family.\n"); - goto err; - } - id_b.proto_id = IPPROTO_UDP; - id_b.port = htons(PORT_ISAKMP); - ident = vmalloc(l); - if (!ident) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID buffer.\n"); - return 0; - } - memcpy(ident->v, p, ident->l); - } - } - if (!ident) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID buffer.\n"); - return 0; - } - - ret = vmalloc(sizeof(id_b) + ident->l); - if (ret == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID buffer.\n"); - goto err; - } - - memcpy(ret->v, &id_b, sizeof(id_b)); - memcpy(ret->v + sizeof(id_b), ident->v, ident->l); - - iph1->id = ret; - - plog(LLV_DEBUG, LOCATION, NULL, - "use ID type of %s\n", s_ipsecdoi_ident(id_b.type)); - if (ident) - vfree(ident); - return 0; - -err: - if (ident) - vfree(ident); - plog(LLV_ERROR, LOCATION, NULL, "failed get my ID\n"); - return -1; -} - -static vchar_t * -getidval(type, val) - int type; - vchar_t *val; -{ - vchar_t *new = NULL; - - if (val) - new = vdup(val); - else if (lcconf->ident[type]) - new = vdup(lcconf->ident[type]); - - return new; -} - -/* it's only called by cfparse.y. */ -int -set_identifier(vpp, type, value) - vchar_t **vpp, *value; - int type; -{ - vchar_t *new = NULL; - - /* simply return if value is null. */ - if (!value) - return 0; - - switch (type) { - case IDTYPE_FQDN: - case IDTYPE_USERFQDN: - case IDTYPE_KEYIDUSE: - /* length is adjusted since QUOTEDSTRING teminates NULL. */ - new = vmalloc(value->l - 1); - if (new == NULL) - return -1; - memcpy(new->v, value->v, new->l); - break; - case IDTYPE_KEYID: - { - FILE *fp; - char b[512]; - int tlen, len; - - fp = fopen(value->v, "r"); - if (fp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "can not open %s\n", value->v); - return -1; - } - tlen = 0; - while ((len = fread(b, 1, sizeof(b), fp)) != 0) { - new = vrealloc(new, tlen + len); - if (!new) { - fclose(fp); - return -1; - } - memcpy(new->v + tlen, b, len); - tlen += len; - } - break; - } - case IDTYPE_ADDRESS: - { - struct sockaddr *sa; - - /* length is adjusted since QUOTEDSTRING teminates NULL. */ - if (value->l == 0) - break; - - sa = str2saddr(value->v, NULL); - if (sa == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid ip address %s\n", value->v); - return -1; - } - - new = vmalloc(sa->sa_len); - if (new == NULL) - return -1; - memcpy(new->v, sa, new->l); - break; - } - case IDTYPE_ASN1DN: - new = eay_str2asn1dn(value->v, value->l - 1); - if (new == NULL) - return -1; - break; - } - - *vpp = new; - - return 0; -} - -/* - * create ID payload for phase 2, and set into iph2->id and id_p. There are - * NOT INCLUDING isakmp general header. - * this function is for initiator. responder will get to copy from payload. - * responder ID type is always address type. - * see, RFC2407 4.6.2.1 - */ -int -ipsecdoi_setid2(iph2) - struct ph2handle *iph2; -{ - struct secpolicy *sp; - - /* check there is phase 2 handler ? */ - sp = getspbyspid(iph2->spid); - if (sp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no policy found for spid:%lu.\n", iph2->spid); - return -1; - } - - if (!iph2->sainfo->idv) { - iph2->id = ipsecdoi_sockaddr2id((struct sockaddr *)&sp->spidx.src, - sp->spidx.prefs, sp->spidx.ul_proto); - if (iph2->id == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID for %s\n", - spidx2str(&sp->spidx)); - return -1; - } - plog(LLV_DEBUG, LOCATION, NULL, "use local ID type %s\n", - s_ipsecdoi_ident(((struct ipsecdoi_id_b *)iph2->id->v)->type)); - } else { - struct ipsecdoi_id_b id_b; - vchar_t *ident; - - id_b.type = idtype2doi(iph2->sainfo->idvtype); - if (id_b.type == 255) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to convert ID type to DOI.\n"); - return -1; - } - id_b.proto_id = 0; - id_b.port = 0; - - ident = getidval(iph2->sainfo->idvtype, iph2->sainfo->idv); - if (!ident) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID value.\n"); - return -1; - } - iph2->id = vmalloc(sizeof(id_b) + ident->l); - if (iph2->id == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID buffer.\n"); - vfree(ident); - return -1; - } - - memcpy(iph2->id->v, &id_b, sizeof(id_b)); - memcpy(iph2->id->v + sizeof(id_b), ident->v, ident->l); - vfree(ident); - } - - /* remote side */ - iph2->id_p = ipsecdoi_sockaddr2id((struct sockaddr *)&sp->spidx.dst, - sp->spidx.prefd, sp->spidx.ul_proto); - if (iph2->id_p == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID for %s\n", - spidx2str(&sp->spidx)); - vfree(iph2->id); - iph2->id = NULL; - return -1; - } - plog(LLV_DEBUG, LOCATION, NULL, - "use remote ID type %s\n", - s_ipsecdoi_ident(((struct ipsecdoi_id_b *)iph2->id_p->v)->type)); - - return 0; -} - -/* - * set address type of ID. - * NOT INCLUDING general header. - */ -vchar_t * -ipsecdoi_sockaddr2id(saddr, prefixlen, ul_proto) - struct sockaddr *saddr; - u_int prefixlen; - u_int ul_proto; -{ - vchar_t *new; - int type, len1, len2; - caddr_t sa; - u_short port; - - /* - * Q. When type is SUBNET, is it allowed to be ::1/128. - * A. Yes. (consensus at bake-off) - */ - switch (saddr->sa_family) { - case AF_INET: - len1 = sizeof(struct in_addr); - if (prefixlen == (sizeof(struct in_addr) << 3)) { - type = IPSECDOI_ID_IPV4_ADDR; - len2 = 0; - } else { - type = IPSECDOI_ID_IPV4_ADDR_SUBNET; - len2 = sizeof(struct in_addr); - } - sa = (caddr_t)&((struct sockaddr_in *)(saddr))->sin_addr; - port = ((struct sockaddr_in *)(saddr))->sin_port; - break; -#ifdef INET6 - case AF_INET6: - len1 = sizeof(struct in6_addr); - if (prefixlen == (sizeof(struct in6_addr) << 3)) { - type = IPSECDOI_ID_IPV6_ADDR; - len2 = 0; - } else { - type = IPSECDOI_ID_IPV6_ADDR_SUBNET; - len2 = sizeof(struct in6_addr); - } - sa = (caddr_t)&((struct sockaddr_in6 *)(saddr))->sin6_addr; - port = ((struct sockaddr_in6 *)(saddr))->sin6_port; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d.\n", saddr->sa_family); - return NULL; - } - - /* get ID buffer */ - new = vmalloc(sizeof(struct ipsecdoi_id_b) + len1 + len2); - if (new == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID buffer.\n"); - return NULL; - } - - memset(new->v, 0, new->l); - - /* set the part of header. */ - ((struct ipsecdoi_id_b *)new->v)->type = type; - - /* set ul_proto and port */ - /* - * NOTE: we use both IPSEC_ULPROTO_ANY and IPSEC_PORT_ANY as wild card - * because 0 means port number of 0. Instead of 0, we use IPSEC_*_ANY. - */ - ((struct ipsecdoi_id_b *)new->v)->proto_id = - ul_proto == IPSEC_ULPROTO_ANY ? 0 : ul_proto; - ((struct ipsecdoi_id_b *)new->v)->port = - port == IPSEC_PORT_ANY ? 0 : port; - memcpy(new->v + sizeof(struct ipsecdoi_id_b), sa, len1); - - /* set address */ - - /* set prefix */ - if (len2) { - u_char *p = new->v + sizeof(struct ipsecdoi_id_b) + len1; - u_int bits = prefixlen; - - while (bits >= 8) { - *p++ = 0xff; - bits -= 8; - } - - if (bits > 0) - *p = ~((1 << (8 - bits)) - 1); - } - - return new; -} - -/* - * create sockaddr structure from ID payload (buf). - * buffers (saddr, prefixlen, ul_proto) must be allocated. - * see, RFC2407 4.6.2.1 - */ -int -ipsecdoi_id2sockaddr(buf, saddr, prefixlen, ul_proto) - vchar_t *buf; - struct sockaddr *saddr; - u_int8_t *prefixlen; - u_int16_t *ul_proto; -{ - struct ipsecdoi_id_b *id_b = (struct ipsecdoi_id_b *)buf->v; - u_int plen = 0; - - /* - * When a ID payload of subnet type with a IP address of full bit - * masked, it has to be processed as host address. - * e.g. below 2 type are same. - * type = ipv6 subnet, data = 2001::1/128 - * type = ipv6 address, data = 2001::1 - */ - switch (id_b->type) { - case IPSECDOI_ID_IPV4_ADDR: - case IPSECDOI_ID_IPV4_ADDR_SUBNET: - saddr->sa_len = sizeof(struct sockaddr_in); - saddr->sa_family = AF_INET; - ((struct sockaddr_in *)saddr)->sin_port = - (id_b->port == 0 - ? IPSEC_PORT_ANY - : id_b->port); /* see sockaddr2id() */ - memcpy(&((struct sockaddr_in *)saddr)->sin_addr, - buf->v + sizeof(*id_b), sizeof(struct in_addr)); - break; -#ifdef INET6 - case IPSECDOI_ID_IPV6_ADDR: - case IPSECDOI_ID_IPV6_ADDR_SUBNET: - saddr->sa_len = sizeof(struct sockaddr_in6); - saddr->sa_family = AF_INET6; - ((struct sockaddr_in6 *)saddr)->sin6_port = - (id_b->port == 0 - ? IPSEC_PORT_ANY - : id_b->port); /* see sockaddr2id() */ - memcpy(&((struct sockaddr_in6 *)saddr)->sin6_addr, - buf->v + sizeof(*id_b), sizeof(struct in6_addr)); - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "unsupported ID type %d\n", id_b->type); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - - /* get prefix length */ - switch (id_b->type) { - case IPSECDOI_ID_IPV4_ADDR: - plen = sizeof(struct in_addr) << 3; - break; -#ifdef INET6 - case IPSECDOI_ID_IPV6_ADDR: - plen = sizeof(struct in6_addr) << 3; - break; -#endif - case IPSECDOI_ID_IPV4_ADDR_SUBNET: -#ifdef INET6 - case IPSECDOI_ID_IPV6_ADDR_SUBNET: -#endif - { - u_char *p; - u_int max; - int alen = sizeof(struct in_addr); - - switch (id_b->type) { - case IPSECDOI_ID_IPV4_ADDR_SUBNET: - alen = sizeof(struct in_addr); - break; -#ifdef INET6 - case IPSECDOI_ID_IPV6_ADDR_SUBNET: - alen = sizeof(struct in6_addr); - break; -#endif - } - - /* sanity check */ - if (buf->l < alen) - return ISAKMP_INTERNAL_ERROR; - - /* get subnet mask length */ - plen = 0; - max = alen <<3; - - p = buf->v - + sizeof(struct ipsecdoi_id_b) - + alen; - - for (; *p == 0xff; p++) { - if (plen >= max) - break; - plen += 8; - } - - if (plen < max) { - u_int l = 0; - u_char b = ~(*p); - - while (b) { - b >>= 1; - l++; - } - - l = 8 - l; - plen += l; - } - } - break; - } - - *prefixlen = plen; - *ul_proto = id_b->proto_id == 0 - ? IPSEC_ULPROTO_ANY - : id_b->proto_id; /* see sockaddr2id() */ - - return 0; -} - -/* - * make printable string from ID payload except of general header. - */ -const char * -ipsecdoi_id2str(id) - const vchar_t *id; -{ - static char buf[256]; - - /* XXX */ - buf[0] = '\0'; - - return buf; -} - -/* - * set IPsec data attributes into a proposal. - * NOTE: MUST called per a transform. - */ -int -ipsecdoi_t2satrns(t, pp, pr, tr) - struct isakmp_pl_t *t; - struct saprop *pp; - struct saproto *pr; - struct satrns *tr; -{ - struct isakmp_data *d, *prev; - int flag, type; - int error = -1; - int life_t; - int tlen; - - tr->trns_no = t->t_no; - tr->trns_id = t->t_id; - - tlen = ntohs(t->h.len) - sizeof(*t); - prev = (struct isakmp_data *)NULL; - d = (struct isakmp_data *)(t + 1); - - /* default */ - life_t = IPSECDOI_ATTR_SA_LD_TYPE_DEFAULT; - pp->lifetime = IPSECDOI_ATTR_SA_LD_SEC_DEFAULT; - pp->lifebyte = 0; - tr->authtype = IPSECDOI_ATTR_AUTH_NONE; - - while (tlen > 0) { - - type = ntohs(d->type) & ~ISAKMP_GEN_MASK; - flag = ntohs(d->type) & ISAKMP_GEN_MASK; - - plog(LLV_DEBUG, LOCATION, NULL, - "type=%s, flag=0x%04x, lorv=%s\n", - s_ipsecdoi_attr(type), flag, - s_ipsecdoi_attr_v(type, ntohs(d->lorv))); - - switch (type) { - case IPSECDOI_ATTR_SA_LD_TYPE: - { - int type = ntohs(d->lorv); - switch (type) { - case IPSECDOI_ATTR_SA_LD_TYPE_SEC: - case IPSECDOI_ATTR_SA_LD_TYPE_KB: - life_t = type; - break; - default: - plog(LLV_WARNING, LOCATION, NULL, - "invalid life duration type. " - "use default\n"); - life_t = IPSECDOI_ATTR_SA_LD_TYPE_DEFAULT; - break; - } - break; - } - case IPSECDOI_ATTR_SA_LD: - if (prev == NULL - || (ntohs(prev->type) & ~ISAKMP_GEN_MASK) != - IPSECDOI_ATTR_SA_LD_TYPE) { - plog(LLV_ERROR, LOCATION, NULL, - "life duration must follow ltype\n"); - break; - } - - { - u_int32_t t; - vchar_t *ld_buf = NULL; - - if (flag) { - /* i.e. ISAKMP_GEN_TV */ - ld_buf = vmalloc(sizeof(d->lorv)); - if (ld_buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get LD buffer.\n"); - goto end; - } - memcpy(ld_buf->v, &d->lorv, sizeof(d->lorv)); - } else { - int len = ntohs(d->lorv); - /* i.e. ISAKMP_GEN_TLV */ - ld_buf = vmalloc(len); - if (ld_buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get LD buffer.\n"); - goto end; - } - memcpy(ld_buf->v, d + 1, len); - } - switch (life_t) { - case IPSECDOI_ATTR_SA_LD_TYPE_SEC: - t = ipsecdoi_set_ld(ld_buf); - vfree(ld_buf); - if (t == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid life duration.\n"); - goto end; - } - /* lifetime must be equal in a proposal. */ - if (pp->lifetime == IPSECDOI_ATTR_SA_LD_SEC_DEFAULT) - pp->lifetime = t; - else if (pp->lifetime != t) { - plog(LLV_ERROR, LOCATION, NULL, - "lifetime mismatched " - "in a proposal, " - "prev:%ld curr:%ld.\n", - pp->lifetime, t); - goto end; - } - break; - case IPSECDOI_ATTR_SA_LD_TYPE_KB: - t = ipsecdoi_set_ld(ld_buf); - vfree(ld_buf); - if (t == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid life duration.\n"); - goto end; - } - /* lifebyte must be equal in a proposal. */ - if (pp->lifebyte == 0) - pp->lifebyte = t; - else if (pp->lifebyte != t) { - plog(LLV_ERROR, LOCATION, NULL, - "lifebyte mismatched " - "in a proposal, " - "prev:%ld curr:%ld.\n", - pp->lifebyte, t); - goto end; - } - break; - default: - vfree(ld_buf); - plog(LLV_ERROR, LOCATION, NULL, - "invalid life type: %d\n", life_t); - goto end; - } - } - break; - - case IPSECDOI_ATTR_GRP_DESC: - /* - * RFC2407: 4.5 IPSEC Security Association Attributes - * Specifies the Oakley Group to be used in a PFS QM - * negotiation. For a list of supported values, see - * Appendix A of [IKE]. - */ - if (pp->pfs_group == 0) - pp->pfs_group = (u_int16_t)ntohs(d->lorv); - else if (pp->pfs_group != (u_int16_t)ntohs(d->lorv)) { - plog(LLV_ERROR, LOCATION, NULL, - "pfs_group mismatched " - "in a proposal.\n"); - goto end; - } - break; - - case IPSECDOI_ATTR_ENC_MODE: - if (pr->encmode - && pr->encmode != (u_int16_t)ntohs(d->lorv)) { - plog(LLV_ERROR, LOCATION, NULL, - "multiple encmode exist " - "in a transform.\n"); - goto end; - } - pr->encmode = (u_int16_t)ntohs(d->lorv); - break; - - case IPSECDOI_ATTR_AUTH: - if (tr->authtype != IPSECDOI_ATTR_AUTH_NONE) { - plog(LLV_ERROR, LOCATION, NULL, - "multiple authtype exist " - "in a transform.\n"); - goto end; - } - tr->authtype = (u_int16_t)ntohs(d->lorv); - break; - - case IPSECDOI_ATTR_KEY_LENGTH: - if (pr->proto_id != IPSECDOI_PROTO_IPSEC_ESP) { - plog(LLV_ERROR, LOCATION, NULL, - "key length defined but not ESP"); - goto end; - } - tr->encklen = ntohs(d->lorv); - break; - - case IPSECDOI_ATTR_KEY_ROUNDS: - case IPSECDOI_ATTR_COMP_DICT_SIZE: - case IPSECDOI_ATTR_COMP_PRIVALG: - default: - break; - } - - prev = d; - if (flag) { - tlen -= sizeof(*d); - d = (struct isakmp_data *)((char *)d + sizeof(*d)); - } else { - tlen -= (sizeof(*d) + ntohs(d->lorv)); - d = (struct isakmp_data *)((caddr_t)d + sizeof(*d) + ntohs(d->lorv)); - } - } - - error = 0; -end: - return error; -} - -int -ipsecdoi_authalg2trnsid(alg) - int alg; -{ - switch (alg) { - case IPSECDOI_ATTR_AUTH_HMAC_MD5: - return IPSECDOI_AH_MD5; - case IPSECDOI_ATTR_AUTH_HMAC_SHA1: - return IPSECDOI_AH_SHA; - case IPSECDOI_ATTR_AUTH_DES_MAC: - return IPSECDOI_AH_DES; - case IPSECDOI_ATTR_AUTH_KPDK: - return IPSECDOI_AH_MD5; /* XXX */ - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid authentication algorithm:%d\n", alg); - } - return -1; -} - -#ifdef HAVE_GSSAPI -struct isakmpsa * -fixup_initiator_sa(match, received) - struct isakmpsa *match, *received; -{ - struct isakmpsa *newsa; - - if (received->gssid == NULL) - return match; - - newsa = newisakmpsa(); - memcpy(newsa, match, sizeof *newsa); - - if (match->dhgrp != NULL) { - newsa->dhgrp = racoon_calloc(1, sizeof(struct dhgroup)); - memcpy(newsa->dhgrp, match->dhgrp, sizeof (struct dhgroup)); - } - newsa->next = NULL; - newsa->rmconf = NULL; - - newsa->gssid = vdup(received->gssid); - - return newsa; -} -#endif - -static int rm_idtype2doi[] = { - IPSECDOI_ID_FQDN, - IPSECDOI_ID_USER_FQDN, - IPSECDOI_ID_KEY_ID, - 255, /* it's type of "address" - * it expands into 4 types by another function. */ - IPSECDOI_ID_DER_ASN1_DN, -}; - -/* - * convert idtype to DOI value. - * OUT 255 : NG - * other: converted. - */ -int -idtype2doi(idtype) - int idtype; -{ - if (ARRAYLEN(rm_idtype2doi) > idtype) - return rm_idtype2doi[idtype]; - return 255; -} - -int -doi2idtype(doi) - int doi; -{ - switch(doi) { - case IPSECDOI_ID_FQDN: - return(IDTYPE_FQDN); - case IPSECDOI_ID_USER_FQDN: - return(IDTYPE_USERFQDN); - case IPSECDOI_ID_KEY_ID: - return(IDTYPE_KEYID); - case IPSECDOI_ID_DER_ASN1_DN: - return(IDTYPE_ASN1DN); - case IPSECDOI_ID_IPV4_ADDR: - case IPSECDOI_ID_IPV4_ADDR_SUBNET: - case IPSECDOI_ID_IPV6_ADDR: - case IPSECDOI_ID_IPV6_ADDR_SUBNET: - return(IDTYPE_ADDRESS); - default: - plog(LLV_WARNING, LOCATION, NULL, - "Inproper idtype:%d in this function.\n", - s_ipsecdoi_ident(doi)); - return(IDTYPE_ADDRESS); /* XXX */ - } - /*NOTREACHED*/ -} - diff --git a/racoon.tproj/ipsec_doi.h b/racoon.tproj/ipsec_doi.h deleted file mode 100644 index aabd681..0000000 --- a/racoon.tproj/ipsec_doi.h +++ /dev/null @@ -1,244 +0,0 @@ -/* $KAME: ipsec_doi.h,v 1.34 2001/08/16 06:20:35 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __IPSEC_DOI_H__ -#define __IPSEC_DOI_H__ - -/* refered to RFC2407 */ - -#define IPSEC_DOI 1 - -/* 4.2 IPSEC Situation Definition */ -#define IPSECDOI_SIT_IDENTITY_ONLY 0x00000001 -#define IPSECDOI_SIT_SECRECY 0x00000002 -#define IPSECDOI_SIT_INTEGRITY 0x00000004 - -/* 4.4.1 IPSEC Security Protocol Identifiers */ - /* 4.4.2 IPSEC ISAKMP Transform Values */ -#define IPSECDOI_PROTO_ISAKMP 1 -#define IPSECDOI_KEY_IKE 1 - -/* 4.4.1 IPSEC Security Protocol Identifiers */ -#define IPSECDOI_PROTO_IPSEC_AH 2 - /* 4.4.3 IPSEC AH Transform Values */ -#define IPSECDOI_AH_MD5 2 -#define IPSECDOI_AH_SHA 3 -#define IPSECDOI_AH_DES 4 -#define IPSECDOI_AH_SHA2_256 5 -#define IPSECDOI_AH_SHA2_384 6 -#define IPSECDOI_AH_SHA2_512 7 - -/* 4.4.1 IPSEC Security Protocol Identifiers */ -#define IPSECDOI_PROTO_IPSEC_ESP 3 - /* 4.4.4 IPSEC ESP Transform Identifiers */ -#define IPSECDOI_ESP_DES_IV64 1 -#define IPSECDOI_ESP_DES 2 -#define IPSECDOI_ESP_3DES 3 -#define IPSECDOI_ESP_RC5 4 -#define IPSECDOI_ESP_IDEA 5 -#define IPSECDOI_ESP_CAST 6 -#define IPSECDOI_ESP_BLOWFISH 7 -#define IPSECDOI_ESP_3IDEA 8 -#define IPSECDOI_ESP_DES_IV32 9 -#define IPSECDOI_ESP_RC4 10 -#define IPSECDOI_ESP_NULL 11 -#define IPSECDOI_ESP_RIJNDAEL 12 -#define IPSECDOI_ESP_AES 12 -#if 1 - /* draft-ietf-ipsec-ciph-aes-cbc-00.txt */ -#define IPSECDOI_ESP_TWOFISH 253 -#else - /* SSH uses these value for now */ -#define IPSECDOI_ESP_TWOFISH 250 -#endif - -/* 4.4.1 IPSEC Security Protocol Identifiers */ -#define IPSECDOI_PROTO_IPCOMP 4 - /* 4.4.5 IPSEC IPCOMP Transform Identifiers */ -#define IPSECDOI_IPCOMP_OUI 1 -#define IPSECDOI_IPCOMP_DEFLATE 2 -#define IPSECDOI_IPCOMP_LZS 3 - -/* 4.5 IPSEC Security Association Attributes */ -/* NOTE: default value is not included in a packet. */ -#define IPSECDOI_ATTR_SA_LD_TYPE 1 /* B */ -#define IPSECDOI_ATTR_SA_LD_TYPE_DEFAULT 1 -#define IPSECDOI_ATTR_SA_LD_TYPE_SEC 1 -#define IPSECDOI_ATTR_SA_LD_TYPE_KB 2 -#define IPSECDOI_ATTR_SA_LD_TYPE_MAX 3 -#define IPSECDOI_ATTR_SA_LD 2 /* V */ -#define IPSECDOI_ATTR_SA_LD_SEC_DEFAULT 28800 /* 8 hours */ -#define IPSECDOI_ATTR_SA_LD_KB_MAX (~(1 << ((sizeof(int) << 3) - 1))) -#define IPSECDOI_ATTR_GRP_DESC 3 /* B */ -#define IPSECDOI_ATTR_ENC_MODE 4 /* B */ - /* default value: host dependent */ -#define IPSECDOI_ATTR_ENC_MODE_ANY 0 /* NOTE:internal use */ -#define IPSECDOI_ATTR_ENC_MODE_TUNNEL 1 -#define IPSECDOI_ATTR_ENC_MODE_TRNS 2 - -/* NAT-T up to draft-ietf-ipsec-nat-t-ike-04 */ -#define IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT 61443 -#define IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT 61444 - -/* NAT-T draft-ietf-ipsec-nat-t-ike-05 and later */ -#define IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC 3 -#define IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC 4 - - -#define IPSECDOI_ATTR_AUTH 5 /* B */ - /* 0 means not to use authentication. */ -#define IPSECDOI_ATTR_AUTH_HMAC_MD5 1 -#define IPSECDOI_ATTR_AUTH_HMAC_SHA1 2 -#define IPSECDOI_ATTR_AUTH_DES_MAC 3 -#define IPSECDOI_ATTR_AUTH_KPDK 4 /*RFC-1826(Key/Pad/Data/Key)*/ -#define IPSECDOI_ATTR_SHA2_256 5 -#define IPSECDOI_ATTR_SHA2_384 6 -#define IPSECDOI_ATTR_SHA2_512 7 -#define IPSECDOI_ATTR_AUTH_NONE 254 /* NOTE:internal use */ - /* - * When negotiating ESP without authentication, the Auth - * Algorithm attribute MUST NOT be included in the proposal. - * When negotiating ESP without confidentiality, the Auth - * Algorithm attribute MUST be included in the proposal and - * the ESP transform ID must be ESP_NULL. - */ -#define IPSECDOI_ATTR_KEY_LENGTH 6 /* B */ -#define IPSECDOI_ATTR_KEY_ROUNDS 7 /* B */ -#define IPSECDOI_ATTR_COMP_DICT_SIZE 8 /* B */ -#define IPSECDOI_ATTR_COMP_PRIVALG 9 /* V */ - -/* 4.6.1 Security Association Payload */ -struct ipsecdoi_pl_sa { - struct isakmp_gen h; - struct ipsecdoi_sa_b { - u_int32_t doi; /* Domain of Interpretation */ - u_int32_t sit; /* Situation */ - } b; - /* followed by Leveled Domain Identifier and so on. */ -} __attribute__((__packed__)); - -struct ipsecdoi_secrecy_h { - u_int16_t len; - u_int16_t reserved; - /* followed by the value */ -} __attribute__((__packed__)); - -/* 4.6.2 Identification Payload Content */ -struct ipsecdoi_pl_id { - struct isakmp_gen h; - struct ipsecdoi_id_b { - u_int8_t type; /* ID Type */ - u_int8_t proto_id; /* Protocol ID */ - u_int16_t port; /* Port */ - } b; - /* followed by Identification Data */ -} __attribute__((__packed__)); - -#define IPSECDOI_ID_IPV4_ADDR 1 -#define IPSECDOI_ID_FQDN 2 -#define IPSECDOI_ID_USER_FQDN 3 -#define IPSECDOI_ID_IPV4_ADDR_SUBNET 4 -#define IPSECDOI_ID_IPV6_ADDR 5 -#define IPSECDOI_ID_IPV6_ADDR_SUBNET 6 -#define IPSECDOI_ID_IPV4_ADDR_RANGE 7 -#define IPSECDOI_ID_IPV6_ADDR_RANGE 8 -#define IPSECDOI_ID_DER_ASN1_DN 9 -#define IPSECDOI_ID_DER_ASN1_GN 10 -#define IPSECDOI_ID_KEY_ID 11 - -/* compressing doi type, it's internal use. */ -#define IDTYPE_FQDN 0 -#define IDTYPE_USERFQDN 1 -#define IDTYPE_KEYID 2 -#define IDTYPE_ADDRESS 3 -#define IDTYPE_ASN1DN 4 -#define IDTYPE_KEYIDUSE 5 - -/* shared secret type, it's internal use. */ -#define SECRETTYPE_USE 0 -#define SECRETTYPE_KEY 1 -#define SECRETTYPE_KEYCHAIN 2 - -/* verification modules */ -#define VERIFICATION_MODULE_OPENSSL 0 -#define VERIFICATION_MODULE_SEC_FRAMEWORK 1 - -/* verification options */ -#define VERIFICATION_OPTION_NONE 0 -#define VERIFICATION_OPTION_PEERS_IDENTIFIER 1 -#define VERIFICATION_OPTION_OPEN_DIR 2 - -/* The use for checking proposal payload. This is not exchange type. */ -#define IPSECDOI_TYPE_PH1 0 -#define IPSECDOI_TYPE_PH2 1 - -struct isakmpsa; -struct ipsecdoi_pl_sa; -struct saprop; -struct saproto; -struct satrns; -struct prop_pair; - -extern int ipsecdoi_checkph1proposal __P((vchar_t *, struct ph1handle *)); -extern int ipsecdoi_selectph2proposal __P((struct ph2handle *)); -extern int ipsecdoi_checkph2proposal __P((struct ph2handle *)); - -extern struct prop_pair **get_proppair __P((vchar_t *, int)); -extern vchar_t *get_sabyproppair __P((struct prop_pair *, struct ph1handle *)); -extern int ipsecdoi_updatespi __P((struct ph2handle *iph2)); -extern vchar_t *get_sabysaprop __P((struct saprop *, vchar_t *)); -extern int ipsecdoi_checkid1 __P((struct ph1handle *)); -extern int ipsecdoi_setid1 __P((struct ph1handle *)); -extern int set_identifier __P((vchar_t **, int, vchar_t *)); -extern int ipsecdoi_setid2 __P((struct ph2handle *)); -extern vchar_t *ipsecdoi_sockaddr2id __P((struct sockaddr *, u_int, u_int)); -extern int ipsecdoi_id2sockaddr __P((vchar_t *, struct sockaddr *, - u_int8_t *, u_int16_t *)); -extern const char *ipsecdoi_id2str __P((const vchar_t *)); - -extern vchar_t *ipsecdoi_setph1proposal __P((struct isakmpsa *)); -extern int ipsecdoi_setph2proposal __P((struct ph2handle *)); -extern int ipsecdoi_transportmode __P((struct ph2handle *)); -extern int ipsecdoi_tunnelmode __P((struct ph2handle *)); -extern int ipsecdoi_get_defaultlifetime __P((void)); -extern int ipsecdoi_checkalgtypes __P((int, int, int, int)); -extern int ipproto2doi __P((int)); -extern int doi2ipproto __P((int)); - -extern int ipsecdoi_t2satrns __P((struct isakmp_pl_t *, - struct saprop *, struct saproto *, struct satrns *)); -extern int ipsecdoi_authalg2trnsid __P((int)); -extern int idtype2doi __P((int)); -extern int doi2idtype __P((int)); - - -#endif /* __IPSEC_DOI_H__ */ - diff --git a/racoon.tproj/isakmp.c b/racoon.tproj/isakmp.c deleted file mode 100644 index 900a052..0000000 --- a/racoon.tproj/isakmp.c +++ /dev/null @@ -1,2784 +0,0 @@ -/* $KAME: isakmp.c,v 1.176 2002/08/28 04:08:30 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#include - -#if !defined(HAVE_GETADDRINFO) || !defined(HAVE_GETNAMEINFO) -#include "addrinfo.h" -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "schedule.h" -#include "debug.h" - -#include "remoteconf.h" -#include "localconf.h" -#include "grabmyaddr.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "oakley.h" -#include "handler.h" -#include "ipsec_doi.h" -#include "pfkey.h" -#include "crypto_openssl.h" -#include "policy.h" -#include "isakmp_ident.h" -#include "isakmp_agg.h" -#include "isakmp_base.h" -#include "isakmp_quick.h" -#include "isakmp_inf.h" -#include "isakmp_newg.h" -#include "strnames.h" -#ifndef HAVE_ARC4RANDOM -#include "arc4random.h" -#endif - -static int nostate1 __P((struct ph1handle *, vchar_t *)); -static int nostate2 __P((struct ph2handle *, vchar_t *)); - -extern caddr_t val2str(const char *, size_t); - -static int (*ph1exchange[][2][PHASE1ST_MAX]) - __P((struct ph1handle *, vchar_t *)) = { - /* error */ - { {}, {}, }, - /* Identity Protection exchange */ - { - { nostate1, ident_i1send, nostate1, ident_i2recv, ident_i2send, - ident_i3recv, ident_i3send, ident_i4recv, ident_i4send, nostate1, }, - { nostate1, ident_r1recv, ident_r1send, ident_r2recv, ident_r2send, - ident_r3recv, ident_r3send, nostate1, nostate1, nostate1, }, - }, - /* Aggressive exchange */ - { - { nostate1, agg_i1send, nostate1, agg_i2recv, agg_i2send, - nostate1, nostate1, nostate1, nostate1, nostate1, }, - { nostate1, agg_r1recv, agg_r1send, agg_r2recv, agg_r2send, - nostate1, nostate1, nostate1, nostate1, nostate1, }, - }, - /* Base exchange */ - { - { nostate1, base_i1send, nostate1, base_i2recv, base_i2send, - base_i3recv, base_i3send, nostate1, nostate1, nostate1, }, - { nostate1, base_r1recv, base_r1send, base_r2recv, base_r2send, - nostate1, nostate1, nostate1, nostate1, nostate1, }, - }, -}; - -static int (*ph2exchange[][2][PHASE2ST_MAX]) - __P((struct ph2handle *, vchar_t *)) = { - /* error */ - { {}, {}, }, - /* Quick mode for IKE*/ - { - { nostate2, nostate2, quick_i1prep, nostate2, quick_i1send, - quick_i2recv, quick_i2send, quick_i3recv, nostate2, nostate2, }, - { nostate2, quick_r1recv, quick_r1prep, nostate2, quick_r2send, - quick_r3recv, quick_r3prep, quick_r3send, nostate2, nostate2, } - }, -}; - -static u_char r_ck0[] = { 0,0,0,0,0,0,0,0 }; /* used to verify the r_ck. */ - -static int isakmp_main __P((vchar_t *, struct sockaddr *, struct sockaddr *)); -static int ph1_main __P((struct ph1handle *, vchar_t *)); -static int quick_main __P((struct ph2handle *, vchar_t *)); -static int isakmp_ph1begin_r __P((vchar_t *, - struct sockaddr *, struct sockaddr *, u_int8_t)); -static int isakmp_ph2begin_i __P((struct ph1handle *, struct ph2handle *)); -static int isakmp_ph2begin_r __P((struct ph1handle *, vchar_t *)); -static int etypesw1 __P((int)); -static int etypesw2 __P((int)); -static void isakmp_free_addrs __P((void)); - - -/* - * isakmp packet handler - */ -int -isakmp_handler(so_isakmp) - int so_isakmp; -{ - struct isakmp isakmp; - struct sockaddr_storage remote; - struct sockaddr_storage local; - int remote_len = sizeof(remote); - int local_len = sizeof(local); - int len; - u_short port; - vchar_t *buf = NULL; - int error = -1; - - /* read message by MSG_PEEK */ - while ((len = recvfromto(so_isakmp, (char *)&isakmp, sizeof(isakmp), - MSG_PEEK, (struct sockaddr *)&remote, &remote_len, - (struct sockaddr *)&local, &local_len)) < 0) { - if (errno == EINTR) - continue; - plog(LLV_ERROR, LOCATION, NULL, - "failed to receive isakmp packet\n"); - goto end; - } - - /* check isakmp header length, as well as sanity of header length */ - if (len < sizeof(isakmp) || ntohl(isakmp.len) < sizeof(isakmp)) { - plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, - "packet shorter than isakmp header size.\n"); - /* dummy receive */ - if ((len = recvfrom(so_isakmp, (char *)&isakmp, sizeof(isakmp), - 0, (struct sockaddr *)&remote, &remote_len)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to receive isakmp packet\n"); - } - goto end; - } - - /* reject if the size is toooo big */ - if (ntohl(isakmp.len) > 0xffff) { - plog(LLV_ERROR, LOCATION, NULL, - "the length in the isakmp header is too big.\n"); - if ((len = recvfrom(so_isakmp, (char *)&isakmp, sizeof(isakmp), - 0, (struct sockaddr *)&remote, &remote_len)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to receive isakmp packet\n"); - } - goto end; - } - - remote_len = sizeof(remote); - - /* read real message */ - if ((buf = vmalloc(ntohl(isakmp.len))) == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate reading buffer\n"); - /* dummy receive */ - if ((len = recvfrom(so_isakmp, (char *)&isakmp, sizeof(isakmp), - 0, (struct sockaddr *)&remote, &remote_len)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to receive isakmp packet\n"); - } - goto end; - } - - while ((len = recvfromto(so_isakmp, buf->v, buf->l, - 0, (struct sockaddr *)&remote, &remote_len, - (struct sockaddr *)&local, &local_len)) < 0) { - if (errno == EINTR) - continue; - plog(LLV_ERROR, LOCATION, NULL, - "failed to read isakmp packet from socket %d, len=%d\n", so_isakmp, buf->l); - error = -2; /* serious problem with socket */ - goto end; - } - - if (len != buf->l) { - plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, - "received invalid length, why ?\n"); - goto end; - } - - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - plog(LLV_DEBUG, LOCATION, (struct sockaddr *)&local, - "%d bytes message received from %s\n", - len, saddr2str((struct sockaddr *)&remote)); - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* avoid packets with malicious port/address */ - switch (remote.ss_family) { - case AF_INET: - port = ((struct sockaddr_in *)&remote)->sin_port; - break; -#ifdef INET6 - case AF_INET6: - port = ((struct sockaddr_in6 *)&remote)->sin6_port; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", remote.ss_family); - goto end; - } - if (port == 0) { - plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, - "src port == 0 (valid as UDP but not with IKE)\n"); - goto end; - } - - /* XXX: check sender whether to be allowed or not to accept */ - - /* XXX: I don't know how to check isakmp half connection attack. */ - - /* simply reply if the packet was processed. */ - if (check_recvdpkt((struct sockaddr *)&remote, - (struct sockaddr *)&local, buf)) { - plog(LLV_NOTIFY, LOCATION, NULL, - "the packet is retransmitted by %s.\n", - saddr2str((struct sockaddr *)&remote)); - error = 0; - goto end; - } - - /* isakmp main routine */ - if (isakmp_main(buf, (struct sockaddr *)&remote, - (struct sockaddr *)&local) != 0) goto end; - - error = 0; - -end: - if (buf != NULL) - vfree(buf); - - return(error); -} - -#ifdef IKE_NAT_T -/* - * isakmp packet handler for natt port (4500) - */ -int -isakmp_natt_handler(so_isakmp) - int so_isakmp; -{ - u_char temp_buffer[sizeof(struct isakmp) + 4]; - struct isakmp *isakmp = (struct isakmp*)(temp_buffer + 4); - struct sockaddr_storage remote; - struct sockaddr_storage local; - int remote_len = sizeof(remote); - int local_len = sizeof(local); - int len; - u_short port; - vchar_t *buf = NULL; - int error = -1; - - /* read message by MSG_PEEK */ - while ((len = recvfromto(so_isakmp, temp_buffer, sizeof(temp_buffer), - MSG_PEEK, (struct sockaddr *)&remote, &remote_len, - (struct sockaddr *)&local, &local_len)) < 0) { - if (errno == EINTR) - continue; - plog(LLV_ERROR, LOCATION, NULL, - "failed to receive isakmp packet\n"); - goto end; - } - - - /* check isakmp header length */ - if (len < sizeof(temp_buffer)) { - plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, - "packet shorter than isakmp header size.\n"); - /* dummy receive */ - if ((len = recvfrom(so_isakmp, (char *)temp_buffer, sizeof(temp_buffer), - 0, (struct sockaddr *)&remote, &remote_len)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to receive isakmp packet\n"); - } - goto end; - } - - /* reject if the size is toooo big */ - if (ntohl(isakmp->len) > 0xffff) { - plog(LLV_ERROR, LOCATION, NULL, - "the length in the isakmp header is too big.\n"); - if ((len = recvfrom(so_isakmp, (char *)temp_buffer, sizeof(temp_buffer), - 0, (struct sockaddr *)&remote, &remote_len)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to receive isakmp packet\n"); - } - goto end; - } - - /* remove the four bytes of zeros on nat traversal port */ - if (*(u_long*)temp_buffer != 0L) - { - /* - * This is a UDP encapsulated IPSec packet, - * we should drop it. - * The kernel intercepts these packets on Mac OS X - * so we should not get here. - */ - plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, - "invalid packet - expected non-ESP marker.\n"); - /* dummy receive */ - if ((len = recvfrom(so_isakmp, (char *)temp_buffer, sizeof(temp_buffer), - 0, (struct sockaddr *)&remote, &remote_len)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to receive isakmp packet\n"); - } - goto end; - } - - remote_len = sizeof(remote); - - /* read real message */ - if ((buf = vmalloc(ntohl(isakmp->len) + 4)) == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate reading buffer\n"); - /* dummy receive */ - if ((len = recvfrom(so_isakmp, (char *)temp_buffer, sizeof(temp_buffer), - 0, (struct sockaddr *)&remote, &remote_len)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to receive isakmp packet\n"); - } - goto end; - } - - while ((len = recvfromto(so_isakmp, buf->v, buf->l, - 0, (struct sockaddr *)&remote, &remote_len, - (struct sockaddr *)&local, &local_len)) < 0) { - if (errno == EINTR) - continue; - plog(LLV_ERROR, LOCATION, NULL, - "failed to read isakmp packet from socket %d, len=%d\n", so_isakmp, buf->l); - error = -2; /* serious problem with socket */ - goto end; - } - - if (len != buf->l) { - plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, - "received invalid length, header says %d, packet is %d bytes why ?\n", - len, buf->l); - goto end; - } - - /* - * Discard first 4 bytes, they're either: - * 0 - this is IKE traffic - * !0 - first four bytes are the SPI of a UDP encapsulated IPSec packet - * The seond type of packet should be interecepted by the kernel - * or dropped before we get to this point. - */ - { - vchar_t *newbuf = vmalloc(buf->l - 4); - if (newbuf == NULL) - { - plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, - "couldn't allocate smaller buffer.\n"); - goto end; - } - memcpy(newbuf->v, buf->v + 4, newbuf->l); - vfree(buf); - buf = newbuf; - len = buf->l; - } - - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - plog(LLV_DEBUG, LOCATION, (struct sockaddr *)&local, - "%d bytes message received from %s\n", - len, saddr2str((struct sockaddr *)&remote)); - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* avoid packets with malicious port/address */ - switch (remote.ss_family) { - case AF_INET: - port = ((struct sockaddr_in *)&remote)->sin_port; - break; -#ifdef INET6 - case AF_INET6: - port = ((struct sockaddr_in6 *)&remote)->sin6_port; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", remote.ss_family); - goto end; - } - if (port == 0) { - plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote, - "src port == 0 (valid as UDP but not with IKE)\n"); - goto end; - } - - { - struct isakmp *isakmp = (struct isakmp*)buf->v; - plog(LLV_DEBUG, LOCATION, (struct sockaddr*)&remote, - "natt receiving packet %.8X%.8X:%.8X%.8X %u\n", - *(u_long*)isakmp->i_ck, *(u_long*)&isakmp->i_ck[4], - *(u_long*)isakmp->r_ck, *(u_long*)&isakmp->r_ck[4], - isakmp->msgid); - } - - /* XXX: check sender whether to be allowed or not to accept */ - - /* XXX: I don't know how to check isakmp half connection attack. */ - - /* simply reply if the packet was processed. */ - if (check_recvdpkt((struct sockaddr *)&remote, - (struct sockaddr *)&local, buf)) { - plog(LLV_NOTIFY, LOCATION, NULL, - "the packet is retransmitted by %s.\n", - saddr2str((struct sockaddr *)&remote)); - error = 0; - goto end; - } - - /* isakmp main routine */ - if (isakmp_main(buf, (struct sockaddr *)&remote, - (struct sockaddr *)&local) != 0) goto end; - - error = 0; - -end: - if (buf != NULL) - vfree(buf); - - return(error); -} -#endif - - -/* - * main processing to handle isakmp payload - */ -static int -isakmp_main(msg, remote, local) - vchar_t *msg; - struct sockaddr *remote, *local; -{ - struct isakmp *isakmp = (struct isakmp *)msg->v; - isakmp_index *index = (isakmp_index *)isakmp; - u_int32_t msgid = isakmp->msgid; - struct ph1handle *iph1; - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(msg, remote, local, 0); -#endif - - /* the initiator's cookie must not be zero */ - if (memcmp(&isakmp->i_ck, r_ck0, sizeof(cookie_t)) == 0) { - plog(LLV_ERROR, LOCATION, remote, - "malformed cookie received.\n"); - return -1; - } - - /* Check the Major and Minor Version fields. */ - /* - * XXX Is is right to check version here ? - * I think it may no be here because the version depends - * on exchange status. - */ - if (isakmp->v < ISAKMP_VERSION_NUMBER) { - if (ISAKMP_GETMAJORV(isakmp->v) < ISAKMP_MAJOR_VERSION) { - plog(LLV_ERROR, LOCATION, remote, - "invalid major version %d.\n", - ISAKMP_GETMAJORV(isakmp->v)); - return -1; - } -#if ISAKMP_MINOR_VERSION > 0 - if (ISAKMP_GETMINORV(isakmp->v) < ISAKMP_MINOR_VERSION) { - plog(LLV_ERROR, LOCATION, remote, - "invalid minor version %d.\n", - ISAKMP_GETMINORV(isakmp->v)); - return -1; - } -#endif - } - - /* check the Flags field. */ - /* XXX How is the exclusive check, E and A ? */ - if (isakmp->flags & ~(ISAKMP_FLAG_E | ISAKMP_FLAG_C | ISAKMP_FLAG_A)) { - plog(LLV_ERROR, LOCATION, remote, - "invalid flag 0x%02x.\n", isakmp->flags); - return -1; - } - - /* ignore commit bit. */ - if (ISSET(isakmp->flags, ISAKMP_FLAG_C)) { - if (isakmp->msgid == 0) { - isakmp_info_send_nx(isakmp, remote, local, - ISAKMP_NTYPE_INVALID_FLAGS, NULL); - plog(LLV_ERROR, LOCATION, remote, - "Commit bit on phase1 forbidden.\n"); - return -1; - } - } - - iph1 = getph1byindex(index); - if (iph1 != NULL) { - /* validity check */ - if (memcmp(&isakmp->r_ck, r_ck0, sizeof(cookie_t)) == 0 && - iph1->side == INITIATOR) { - plog(LLV_DEBUG, LOCATION, remote, - "malformed cookie received or " - "the initiator's cookies collide.\n"); - return -1; - } - - /* must be same addresses in one stream of a phase at least. */ - if (cmpsaddrstrict(iph1->remote, remote) != 0) { -#ifdef IKE_NAT_T - if (iph1->side == RESPONDER && - (iph1->natt_flags & NATT_TYPE_MASK) != 0 && - cmpsaddrwop(iph1->remote, remote) == 0) - { - /* - * If the initiator detects a NAT it may switch to a - * new port. Technically, the remote address may change - * as well, depending on the NAT. Handling that would - * require more changes. - * - * We should record the new remote port so we can - * send - */ - plog(LLV_WARNING, LOCATION, remote, - "remote port changed from %s\n", saddr2str(iph1->remote)); - memcpy(iph1->remote, remote, iph1->remote->sa_len); - memcpy(iph1->local, local, iph1->local->sa_len); - } - else -#endif - { - char *saddr_db, *saddr_act; - - saddr_db = strdup(saddr2str(iph1->remote)); - saddr_act = strdup(saddr2str(remote)); - - plog(LLV_WARNING, LOCATION, remote, - "remote address mismatched. db=%s, act=%s\n", - saddr_db, saddr_act); - - racoon_free(saddr_db); - racoon_free(saddr_act); - } - } - /* - * don't check of exchange type here because other type will be - * with same index, for example, informational exchange. - */ - - /* XXX more acceptable check */ - } - - switch (isakmp->etype) { - case ISAKMP_ETYPE_IDENT: - case ISAKMP_ETYPE_AGG: - case ISAKMP_ETYPE_BASE: - /* phase 1 validity check */ - if (isakmp->msgid != 0) { - plog(LLV_ERROR, LOCATION, remote, - "message id should be zero in phase1.\n"); - return -1; - } - - /* search for isakmp status record of phase 1 */ - if (iph1 == NULL) { - /* - * the packet must be the 1st message from a initiator - * or the 2nd message from the responder. - */ - - /* search for phase1 handle by index without r_ck */ - iph1 = getph1byindex0(index); - if (iph1 == NULL) { - /*it must be the 1st message from a initiator.*/ - if (memcmp(&isakmp->r_ck, r_ck0, - sizeof(cookie_t)) != 0) { - - plog(LLV_DEBUG, LOCATION, remote, - "malformed cookie received " - "or the spi expired.\n"); - return -1; - } - - /* it must be responder's 1st exchange. */ - if (isakmp_ph1begin_r(msg, remote, local, - isakmp->etype) < 0) - return -1; - break; - - /*NOTREACHED*/ - } - - /* it must be the 2nd message from the responder. */ - if (iph1->side != INITIATOR) { - plog(LLV_DEBUG, LOCATION, remote, - "malformed cookie received. " - "it has to be as the initiator. %s\n", - isakmp_pindex(&iph1->index, 0)); - return -1; - } - } - - /* - * Don't delete phase 1 handler when the exchange type - * in handler is not equal to packet's one because of no - * authencication completed. - */ - if (iph1->etype != isakmp->etype) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "exchange type is mismatched: " - "db=%s packet=%s, ignore it.\n", - s_isakmp_etype(iph1->etype), - s_isakmp_etype(isakmp->etype)); - return -1; - } - - /* call main process of phase 1 */ - if (ph1_main(iph1, msg) < 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "phase1 negotiation failed.\n"); - remph1(iph1); - delph1(iph1); - return -1; - } - break; - - case ISAKMP_ETYPE_AUTH: - plog(LLV_INFO, LOCATION, remote, - "unsupported exchange %d received.\n", - isakmp->etype); - break; - - case ISAKMP_ETYPE_INFO: - case ISAKMP_ETYPE_ACKINFO: - /* - * iph1 must be present for Information message. - * if iph1 is null then trying to get the phase1 status - * as the packet from responder againt initiator's 1st - * exchange in phase 1. - * NOTE: We think such informational exchange should be ignored. - */ - if (iph1 == NULL) { - iph1 = getph1byindex0(index); - if (iph1 == NULL) { - plog(LLV_ERROR, LOCATION, remote, - "unknown Informational " - "exchange received.\n"); - return -1; - } - if (cmpsaddrstrict(iph1->remote, remote) != 0) { - plog(LLV_WARNING, LOCATION, remote, - "remote address mismatched. " - "db=%s\n", - saddr2str(iph1->remote)); - } - } - - if (isakmp_info_recv(iph1, msg) < 0) - return -1; - break; - - case ISAKMP_ETYPE_QUICK: - { - struct ph2handle *iph2; - - if (iph1 == NULL) { - isakmp_info_send_nx(isakmp, remote, local, - ISAKMP_NTYPE_INVALID_COOKIE, NULL); - plog(LLV_ERROR, LOCATION, remote, - "can't start the quick mode, " - "there is no ISAKMP-SA, %s\n", - isakmp_pindex((isakmp_index *)&isakmp->i_ck, - isakmp->msgid)); - return -1; - } - - /* check status of phase 1 whether negotiated or not. */ - if (iph1->status != PHASE1ST_ESTABLISHED) { - plog(LLV_ERROR, LOCATION, remote, - "can't start the quick mode, " - "there is no valid ISAKMP-SA, %s\n", - isakmp_pindex(&iph1->index, iph1->msgid)); - return -1; - } - - /* search isakmp phase 2 stauts record. */ - iph2 = getph2bymsgid(iph1, msgid); - if (iph2 == NULL) { - /* it must be new negotiation as responder */ - if (isakmp_ph2begin_r(iph1, msg) < 0) - return -1; - return 0; - /*NOTREACHED*/ - } - - /* commit bit. */ - /* XXX - * we keep to set commit bit during negotiation. - * When SA is configured, bit will be reset. - * XXX - * don't initiate commit bit. should be fixed in the future. - */ - if (ISSET(isakmp->flags, ISAKMP_FLAG_C)) - iph2->flags |= ISAKMP_FLAG_C; - - /* call main process of quick mode */ - if (quick_main(iph2, msg) < 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "phase2 negotiation failed.\n"); - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - return -1; - } - } - break; - - case ISAKMP_ETYPE_NEWGRP: - if (iph1 == NULL) { - plog(LLV_ERROR, LOCATION, remote, - "Unknown new group mode exchange, " - "there is no ISAKMP-SA.\n"); - return -1; - } - isakmp_newgroup_r(iph1, msg); - break; - - case ISAKMP_ETYPE_NONE: - default: - plog(LLV_ERROR, LOCATION, NULL, - "Invalid exchange type %d from %s.\n", - isakmp->etype, saddr2str(remote)); - return -1; - } - - return 0; -} - -/* - * main function of phase 1. - */ -static int -ph1_main(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - int error; -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - - /* ignore a packet */ - if (iph1->status == PHASE1ST_ESTABLISHED) - return 0; - -#ifdef ENABLE_STATS - gettimeofday(&start, NULL); -#endif - /* receive */ - if (ph1exchange[etypesw1(iph1->etype)] - [iph1->side] - [iph1->status] == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "why isn't the function defined.\n"); - return -1; - } - error = (ph1exchange[etypesw1(iph1->etype)] - [iph1->side] - [iph1->status])(iph1, msg); - if (error != 0) { -#if 0 - /* XXX - * When an invalid packet is received on phase1, it should - * be selected to process this packet. That is to respond - * with a notify and delete phase 1 handler, OR not to respond - * and keep phase 1 handler. - */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "failed to pre-process packet.\n"); - return -1; -#else - /* ignore the error and keep phase 1 handler */ - return 0; -#endif - } - - /* free resend buffer */ - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no buffer found as sendbuf\n"); - return -1; - } - vfree(iph1->sendbuf); - iph1->sendbuf = NULL; - - /* turn off schedule */ - if (iph1->scr) - SCHED_KILL(iph1->scr); - - /* send */ - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - if ((ph1exchange[etypesw1(iph1->etype)] - [iph1->side] - [iph1->status])(iph1, msg) != 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "failed to process packet.\n"); - return -1; - } - -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s): %8.6f", - "phase1", s_isakmp_state(iph1->etype, iph1->side, iph1->status), - timedelta(&start, &end)); -#endif - if (iph1->status == PHASE1ST_ESTABLISHED) { - -#ifdef ENABLE_STATS - gettimeofday(&iph1->end, NULL); - syslog(LOG_NOTICE, "%s(%s): %8.6f", - "phase1", s_isakmp_etype(iph1->etype), - timedelta(&iph1->start, &iph1->end)); -#endif - - /* save created date. */ - (void)time(&iph1->created); - - /* add to the schedule to expire, and seve back pointer. */ - iph1->sce = sched_new(iph1->approval->lifetime, - isakmp_ph1expire_stub, iph1); - - /* INITIAL-CONTACT processing */ - /* don't anything if local test mode. */ - if (!f_local - && iph1->rmconf->ini_contact && !getcontacted(iph1->remote)) { - /* send INITIAL-CONTACT */ - isakmp_info_send_n1(iph1, - ISAKMP_NTYPE_INITIAL_CONTACT, NULL); - /* insert a node into contacted list. */ - if (inscontacted(iph1->remote) == -1) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "failed to add contacted list.\n"); - /* ignore */ - } - } - - log_ph1established(iph1); - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - } - - return 0; -} - -/* - * main function of quick mode. - */ -static int -quick_main(iph2, msg) - struct ph2handle *iph2; - vchar_t *msg; -{ - struct isakmp *isakmp = (struct isakmp *)msg->v; - int error; -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - - /* ignore a packet */ - if (iph2->status == PHASE2ST_ESTABLISHED - || iph2->status == PHASE2ST_GETSPISENT) - return 0; - -#ifdef ENABLE_STATS - gettimeofday(&start, NULL); -#endif - - /* receive */ - if (ph2exchange[etypesw2(isakmp->etype)] - [iph2->side] - [iph2->status] == NULL) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "why isn't the function defined.\n"); - return -1; - } - error = (ph2exchange[etypesw2(isakmp->etype)] - [iph2->side] - [iph2->status])(iph2, msg); - if (error != 0) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "failed to pre-process packet.\n"); - if (error == ISAKMP_INTERNAL_ERROR) - return 0; - isakmp_info_send_n1(iph2->ph1, error, NULL); - return -1; - } - - /* free resend buffer */ - if (iph2->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no buffer found as sendbuf\n"); - return -1; - } - vfree(iph2->sendbuf); - iph2->sendbuf = NULL; - - /* turn off schedule */ - if (iph2->scr) - SCHED_KILL(iph2->scr); - - /* when using commit bit, status will be reached here. */ - if (iph2->status == PHASE2ST_ADDSA) - return 0; - - /* send */ - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - if ((ph2exchange[etypesw2(isakmp->etype)] - [iph2->side] - [iph2->status])(iph2, msg) != 0) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "failed to process packet.\n"); - return -1; - } - -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s): %8.6f", - "phase2", - s_isakmp_state(ISAKMP_ETYPE_QUICK, iph2->side, iph2->status), - timedelta(&start, &end)); -#endif - - return 0; -} - -/* new negotiation of phase 1 for initiator */ -int -isakmp_ph1begin_i(rmconf, remote) - struct remoteconf *rmconf; - struct sockaddr *remote; -{ - struct ph1handle *iph1; -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - - /* get new entry to isakmp status table. */ - iph1 = newph1(); - if (iph1 == NULL) - return -1; - - iph1->status = PHASE1ST_START; - iph1->rmconf = rmconf; - iph1->side = INITIATOR; - iph1->version = ISAKMP_VERSION_NUMBER; - iph1->msgid = 0; - iph1->flags = 0; - iph1->ph2cnt = 0; -#ifdef HAVE_GSSAPI - iph1->gssapi_state = NULL; -#endif - iph1->approval = NULL; - - /* XXX copy remote address */ - if (copy_ph1addresses(iph1, rmconf, remote, NULL) < 0) - return -1; - - (void)insph1(iph1); - - /* start phase 1 exchange */ - iph1->etype = rmconf->etypes->type; - - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - { - char *a; - - a = strdup(saddr2str(iph1->local)); - plog(LLV_INFO, LOCATION, NULL, - "initiate new phase 1 negotiation: %s<=>%s\n", - a, saddr2str(iph1->remote)); - racoon_free(a); - } - plog(LLV_INFO, LOCATION, NULL, - "begin %s mode.\n", - s_isakmp_etype(iph1->etype)); - -#ifdef ENABLE_STATS - gettimeofday(&iph1->start, NULL); - gettimeofday(&start, NULL); -#endif - /* start exchange */ - if ((ph1exchange[etypesw1(iph1->etype)] - [iph1->side] - [iph1->status])(iph1, NULL) != 0) { - /* failed to start phase 1 negotiation */ - remph1(iph1); - delph1(iph1); - - return -1; - } - -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s): %8.6f", - "phase1", - s_isakmp_state(iph1->etype, iph1->side, iph1->status), - timedelta(&start, &end)); -#endif - - return 0; -} - -/* new negotiation of phase 1 for responder */ -static int -isakmp_ph1begin_r(msg, remote, local, etype) - vchar_t *msg; - struct sockaddr *remote, *local; - u_int8_t etype; -{ - struct isakmp *isakmp = (struct isakmp *)msg->v; - struct remoteconf *rmconf; - struct ph1handle *iph1; - struct etypes *etypeok; -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - - /* look for my configuration */ - rmconf = getrmconf(remote); - if (rmconf == NULL) { - plog(LLV_ERROR, LOCATION, remote, - "couldn't find " - "configuration.\n"); - return -1; - } - - /* check to be acceptable exchange type */ - etypeok = check_etypeok(rmconf, etype); - if (etypeok == NULL) { - plog(LLV_ERROR, LOCATION, remote, - "not acceptable %s mode\n", s_isakmp_etype(etype)); - return -1; - } - - /* get new entry to isakmp status table. */ - iph1 = newph1(); - if (iph1 == NULL) - return -1; - - memcpy(&iph1->index.i_ck, &isakmp->i_ck, sizeof(iph1->index.i_ck)); - iph1->status = PHASE1ST_START; - iph1->rmconf = rmconf; - iph1->flags = 0; - iph1->side = RESPONDER; - iph1->etype = etypeok->type; - iph1->version = isakmp->v; - iph1->msgid = 0; -#ifdef HAVE_GSSAPI - iph1->gssapi_state = NULL; -#endif - iph1->approval = NULL; - - /* copy remote address */ - if (copy_ph1addresses(iph1, rmconf, remote, local) < 0) - return -1; - - (void)insph1(iph1); - - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - { - char *a; - - a = strdup(saddr2str(iph1->local)); - plog(LLV_INFO, LOCATION, NULL, - "respond new phase 1 negotiation: %s<=>%s\n", - a, saddr2str(iph1->remote)); - racoon_free(a); - } - plog(LLV_INFO, LOCATION, NULL, - "begin %s mode.\n", s_isakmp_etype(etype)); - -#ifdef ENABLE_STATS - gettimeofday(&iph1->start, NULL); - gettimeofday(&start, NULL); -#endif - /* start exchange */ - if ((ph1exchange[etypesw1(iph1->etype)] - [iph1->side] - [iph1->status])(iph1, msg) < 0 - || (ph1exchange[etypesw1(iph1->etype)] - [iph1->side] - [iph1->status])(iph1, msg) < 0) { - plog(LLV_ERROR, LOCATION, remote, - "failed to process packet.\n"); - remph1(iph1); - delph1(iph1); - return -1; - } -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s): %8.6f", - "phase1", - s_isakmp_state(iph1->etype, iph1->side, iph1->status), - timedelta(&start, &end)); -#endif - - return 0; -} - -/* new negotiation of phase 2 for initiator */ -static int -isakmp_ph2begin_i(iph1, iph2) - struct ph1handle *iph1; - struct ph2handle *iph2; -{ - /* found ISAKMP-SA. */ - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - plog(LLV_DEBUG, LOCATION, NULL, "begin QUICK mode.\n"); - { - char *a; - a = strdup(saddr2str(iph2->src)); - plog(LLV_INFO, LOCATION, NULL, - "initiate new phase 2 negotiation: %s<=>%s\n", - a, saddr2str(iph2->dst)); - racoon_free(a); - } - -#ifdef ENABLE_STATS - gettimeofday(&iph2->start, NULL); -#endif - /* found isakmp-sa */ - bindph12(iph1, iph2); - iph2->status = PHASE2ST_STATUS2; - - if ((ph2exchange[etypesw2(ISAKMP_ETYPE_QUICK)] - [iph2->side] - [iph2->status])(iph2, NULL) < 0) { - unbindph12(iph2); - /* release ipsecsa handler due to internal error. */ - remph2(iph2); - delph2(iph2); - return -1; - } - return 0; -} - -/* new negotiation of phase 2 for responder */ -static int -isakmp_ph2begin_r(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - struct isakmp *isakmp = (struct isakmp *)msg->v; - struct ph2handle *iph2 = 0; - int error; -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - - iph2 = newph2(); - if (iph2 == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate phase2 entry.\n"); - return -1; - } - - iph2->ph1 = iph1; - iph2->side = RESPONDER; - iph2->status = PHASE2ST_START; - iph2->flags = isakmp->flags; - iph2->msgid = isakmp->msgid; - iph2->seq = pk_getseq(); - iph2->ivm = oakley_newiv2(iph1, iph2->msgid); - if (iph2->ivm == NULL) { - delph2(iph2); - return -1; - } - iph2->dst = dupsaddr(iph1->remote); /* XXX should be considered */ - if (iph2->dst == NULL) { - delph2(iph2); - return -1; - } - switch (iph2->dst->sa_family) { - case AF_INET: - ((struct sockaddr_in *)iph2->dst)->sin_port = 0; - break; -#ifdef INET6 - case AF_INET6: - ((struct sockaddr_in6 *)iph2->dst)->sin6_port = 0; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", iph2->dst->sa_family); - delph2(iph2); - return -1; - } - - iph2->src = dupsaddr(iph1->local); /* XXX should be considered */ - if (iph2->src == NULL) { - delph2(iph2); - return -1; - } - switch (iph2->src->sa_family) { - case AF_INET: - ((struct sockaddr_in *)iph2->src)->sin_port = 0; - break; -#ifdef INET6 - case AF_INET6: - ((struct sockaddr_in6 *)iph2->src)->sin6_port = 0; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", iph2->src->sa_family); - delph2(iph2); - return -1; - } - - /* add new entry to isakmp status table */ - insph2(iph2); - bindph12(iph1, iph2); - - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - { - char *a; - - a = strdup(saddr2str(iph2->src)); - plog(LLV_INFO, LOCATION, NULL, - "respond new phase 2 negotiation: %s<=>%s\n", - a, saddr2str(iph2->dst)); - racoon_free(a); - } - -#ifdef ENABLE_STATS - gettimeofday(&start, NULL); -#endif - - error = (ph2exchange[etypesw2(ISAKMP_ETYPE_QUICK)] - [iph2->side] - [iph2->status])(iph2, msg); - if (error != 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "failed to pre-process packet.\n"); - if (error != ISAKMP_INTERNAL_ERROR) - isakmp_info_send_n1(iph2->ph1, error, NULL); - /* - * release handler because it's wrong that ph2handle is kept - * after failed to check message for responder's. - */ - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - return -1; - } - - /* send */ - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - if ((ph2exchange[etypesw2(isakmp->etype)] - [iph2->side] - [iph2->status])(iph2, msg) < 0) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "failed to process packet.\n"); - /* don't release handler */ - return -1; - } -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s): %8.6f", - "phase2", - s_isakmp_state(ISAKMP_ETYPE_QUICK, iph2->side, iph2->status), - timedelta(&start, &end)); -#endif - - return 0; -} - -/* - * parse ISAKMP payloads, without ISAKMP base header. - */ -vchar_t * -isakmp_parsewoh(np0, gen, len) - int np0; - struct isakmp_gen *gen; - int len; -{ - u_char np = np0 & 0xff; - int tlen, plen; - vchar_t *result; - struct isakmp_parse_t *p, *ep; - - plog(LLV_DEBUG, LOCATION, NULL, "begin.\n"); - - /* - * 5 is a magic number, but any value larger than 2 should be fine - * as we do vrealloc() in the following loop. - */ - result = vmalloc(sizeof(struct isakmp_parse_t) * 5); - if (result == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer.\n"); - return NULL; - } - p = (struct isakmp_parse_t *)result->v; - ep = (struct isakmp_parse_t *)(result->v + result->l - sizeof(*ep)); - - tlen = len; - - /* parse through general headers */ - while (0 < tlen && np != ISAKMP_NPTYPE_NONE) { - if (tlen <= sizeof(struct isakmp_gen)) { - /* don't send information, see isakmp_ident_r1() */ - plog(LLV_ERROR, LOCATION, NULL, - "invalid length of payload\n"); - vfree(result); - return NULL; - } - - plog(LLV_DEBUG, LOCATION, NULL, - "seen nptype=%u(%s)\n", np, s_isakmp_nptype(np)); - - p->type = np; - p->len = ntohs(gen->len); - if (p->len < sizeof(struct isakmp_gen) || p->len > tlen) { - plog(LLV_DEBUG, LOCATION, NULL, - "invalid length of payload\n"); - vfree(result); - return NULL; - } - p->ptr = gen; - p++; - if (ep <= p) { - int off; - - off = p - (struct isakmp_parse_t *)result->v; - result = vrealloc(result, result->l * 2); - if (result == NULL) { - plog(LLV_DEBUG, LOCATION, NULL, - "failed to realloc buffer.\n"); - vfree(result); - return NULL; - } - ep = (struct isakmp_parse_t *) - (result->v + result->l - sizeof(*ep)); - p = (struct isakmp_parse_t *)result->v; - p += off; - } - - np = gen->np; - plen = ntohs(gen->len); - gen = (struct isakmp_gen *)((caddr_t)gen + plen); - tlen -= plen; - } - p->type = ISAKMP_NPTYPE_NONE; - p->len = 0; - p->ptr = NULL; - - plog(LLV_DEBUG, LOCATION, NULL, "succeed.\n"); - - return result; -} - -/* - * parse ISAKMP payloads, including ISAKMP base header. - */ -vchar_t * -isakmp_parse(buf) - vchar_t *buf; -{ - struct isakmp *isakmp = (struct isakmp *)buf->v; - struct isakmp_gen *gen; - int tlen; - vchar_t *result; - u_char np; - - np = isakmp->np; - gen = (struct isakmp_gen *)(buf->v + sizeof(*isakmp)); - tlen = buf->l - sizeof(struct isakmp); - result = isakmp_parsewoh(np, gen, tlen); - - return result; -} - -/* %%% */ -int -isakmp_init() -{ - /* initialize a isakmp status table */ - initph1tree(); - initph2tree(); - initctdtree(); - init_recvdpkt(); - - if (isakmp_open() < 0) - goto err; - - return(0); - -err: - isakmp_close(); - return(-1); -} - -/* - * make strings containing i_cookie + r_cookie + msgid - */ -const char * -isakmp_pindex(index, msgid) - const isakmp_index *index; - const u_int32_t msgid; -{ - static char buf[64]; - const u_char *p; - int i, j; - - memset(buf, 0, sizeof(buf)); - - /* copy index */ - p = (const u_char *)index; - for (j = 0, i = 0; i < sizeof(isakmp_index); i++) { - snprintf((char *)&buf[j], sizeof(buf) - j, "%02x", p[i]); - j += 2; - switch (i) { - case 7: - buf[j++] = ':'; - } - } - - if (msgid == 0) - return buf; - - /* copy msgid */ - snprintf((char *)&buf[j], sizeof(buf) - j, ":%08x", ntohs(msgid)); - - return buf; -} - -int -isakmp_setup_socket(struct sockaddr* in_addr) -{ - int sock = -1; - const int yes = 1; -#ifdef INET6 - int pktinfo; -#endif - if ((sock = socket(in_addr->sa_family, SOCK_DGRAM, 0)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "socket (%s)\n", strerror(errno)); - return -1; - } - - /* receive my interface address on inbound packets. */ - switch (in_addr->sa_family) { - case AF_INET: - if (setsockopt(sock, IPPROTO_IP, IP_RECVDSTADDR, - (const void *)&yes, sizeof(yes)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt (%s)\n", strerror(errno)); - close(sock); - return -1; - } - break; -#ifdef INET6 - case AF_INET6: -#ifdef ADVAPI -#ifdef IPV6_RECVPKTINFO - pktinfo = IPV6_RECVPKTINFO; -#else /* old adv. API */ - pktinfo = IPV6_PKTINFO; -#endif /* IPV6_RECVPKTINFO */ -#else - pktinfo = IPV6_RECVDSTADDR; -#endif - if (setsockopt(sock, IPPROTO_IPV6, pktinfo, - (const void *)&yes, sizeof(yes)) < 0) - { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt(%d): %s\n", - pktinfo, strerror(errno)); - close(sock); - return -1; - } - break; -#endif - } - -#ifdef IPV6_USE_MIN_MTU - if (in_addr->sa_family == AF_INET6 && - setsockopt(sock, IPPROTO_IPV6, IPV6_USE_MIN_MTU, - (void *)&yes, sizeof(yes)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt (%s)\n", strerror(errno)); - close(sock); - return -1; - } -#endif - - if (setsockopt_bypass(sock, in_addr->sa_family) < 0) { - close(sock); - return -1; - } - - if (bind(sock, in_addr, in_addr->sa_len) < 0) { - plog(LLV_ERROR, LOCATION, in_addr, - "failed to bind (%s).\n", strerror(errno)); - close(sock); - return -1; - } - - return sock; -} - -/* open ISAKMP sockets. */ -int -isakmp_open() -{ - int ifnum; - struct myaddrs *p; - - ifnum = 0; - for (p = lcconf->myaddrs; p; p = p->next) { - if (!p->addr) - continue; - - if (p->sock != -1) { - ifnum++; - continue; // socket already open - } - - /* warn if wildcard address - should we forbid this? */ - switch (p->addr->sa_family) { - case AF_INET: - if (((struct sockaddr_in *)p->addr)->sin_addr.s_addr == 0) - plog(LLV_WARNING, LOCATION, NULL, - "listening to wildcard address," - "broadcast IKE packet may kill you\n"); - break; -#ifdef INET6 - case AF_INET6: - if (IN6_IS_ADDR_UNSPECIFIED(&((struct sockaddr_in6 *)p->addr)->sin6_addr)) - plog(LLV_WARNING, LOCATION, NULL, - "listening to wildcard address, " - "broadcast IKE packet may kill you\n"); - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "unsupported address family %d\n", - lcconf->default_af); - goto err_and_next; - } - - p->sock = isakmp_setup_socket(p->addr); - if (p->sock < 0) goto err_and_next; - - plog(LLV_DEBUG, LOCATION, NULL, - "%s used as isakmp port (fd=%d)\n", - saddr2str(p->addr), p->sock); - - ifnum++; - -#ifdef IKE_NAT_T - /* - * We have to listen on 4500 in addition to 500 with IPv4 - * to support NAT traversal. - */ - if (p->addr->sa_family == AF_INET) - { - struct sockaddr_in sin = *(struct sockaddr_in*)p->addr; - - sin.sin_port = htons(PORT_ISAKMP_NATT); - p->nattsock = isakmp_setup_socket((struct sockaddr*)&sin); - if (p->nattsock >= 0) - plog(LLV_DEBUG, LOCATION, NULL, - "%s used as nat-t isakmp port (fd=%d)\n", - saddr2str((struct sockaddr*)&sin), p->nattsock); - } -#endif - - continue; - - err_and_next: - racoon_free(p->addr); - p->addr = NULL; - if (! lcconf->autograbaddr && lcconf->strict_address) - return -1; - continue; - } - - if (!ifnum) { - plog(LLV_ERROR, LOCATION, NULL, - "no address could be bound.\n"); - return -1; - } - - return 0; -} - -void -isakmp_close() -{ - isakmp_close_sockets(); - isakmp_free_addrs(); -} - -void -isakmp_close_sockets() -{ - struct myaddrs *p; - - for (p = lcconf->myaddrs; p; p = p->next) { - - if (!p->addr) - continue; - - if (p->sock >= 0) { - close(p->sock); - p->sock = -1; - } - -#ifdef IKE_NAT_T - if (p->nattsock >= 0) { - close(p->nattsock); - p->nattsock = -1; - } -#endif - - } - -} - -void -isakmp_free_addrs() -{ - struct myaddrs *p, *next; - - for (p = lcconf->myaddrs; p; p = next) { - next = p->next; - - if (p->addr) - racoon_free(p->addr); - racoon_free(p); - } - - lcconf->myaddrs = NULL; - -} - - -// close sockets for addresses that have gone away -void -isakmp_close_unused() -{ - struct myaddrs *p, *next, **prev; - - prev = &(lcconf->myaddrs); - for (p = lcconf->myaddrs; p; p = next) { - next = p->next; - if (p->addrcount == 0) { // not in use ? - - if (p->sock >= 0) - close(p->sock); - - #ifdef IKE_NAT_T - if (p->nattsock >= 0) - close(p->nattsock); - #endif - *prev = p->next; - if (p->addr) - racoon_free(p->addr); - racoon_free(p); - } else - prev = &(p->next); - } -} - -int -isakmp_send(iph1, sbuf) - struct ph1handle *iph1; - vchar_t *sbuf; -{ - int len = 0; - int s; - vchar_t *newbuf = NULL; - - /* select the socket to be sent */ - s = getsockmyaddr(iph1->local); - if (s == -1) - return -1; - -#ifdef IKE_NAT_T - /* prepend four bytes of zeros if source or destination port is PORT_ISAKMP_NATT */ - if (iph1->remote->sa_family == AF_INET && - (((struct sockaddr_in*)(iph1->remote))->sin_port == htons(PORT_ISAKMP_NATT)) || - ((struct sockaddr_in*)(iph1->local))->sin_port == htons(PORT_ISAKMP_NATT)) - { - - /* There's probably a better way to do this */ - newbuf = vmalloc(sbuf->l + 4); - if (newbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "sendfromto natt prepend failed\n"); - return -1; - } - - memset(newbuf->v, 0, 4); - memcpy(newbuf->v + 4, sbuf->v, sbuf->l); - sbuf = newbuf; - } -#endif - - len = sendfromto(s, sbuf->v, sbuf->l, - iph1->local, iph1->remote, lcconf->count_persend); - if (len == -1) { - plog(LLV_ERROR, LOCATION, NULL, "sendfromto failed\n"); - return -1; - } - - if (newbuf) vfree(newbuf); - - return 0; -} - -/* called from scheduler */ -void -isakmp_ph1resend_stub(p) - void *p; -{ - (void)isakmp_ph1resend((struct ph1handle *)p); -} - -int -isakmp_ph1resend(iph1) - struct ph1handle *iph1; -{ - if (iph1->retry_counter < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "phase1 negotiation failed due to time up. %s\n", - isakmp_pindex(&iph1->index, iph1->msgid)); - - remph1(iph1); - delph1(iph1); - return -1; - } - - if (isakmp_send(iph1, iph1->sendbuf) < 0) - return -1; - - plog(LLV_DEBUG, LOCATION, NULL, - "resend phase1 packet %s\n", - isakmp_pindex(&iph1->index, iph1->msgid)); - - iph1->retry_counter--; - - iph1->scr = sched_new(iph1->rmconf->retry_interval, - isakmp_ph1resend_stub, iph1); - - return 0; -} - -/* called from scheduler */ -void -isakmp_ph2resend_stub(p) - void *p; -{ - - (void)isakmp_ph2resend((struct ph2handle *)p); -} - -int -isakmp_ph2resend(iph2) - struct ph2handle *iph2; -{ - if (iph2->retry_counter < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "phase2 negotiation failed due to time up. %s\n", - isakmp_pindex(&iph2->ph1->index, iph2->msgid)); - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - return -1; - } - - if (iph2->ph1 == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "internal error - attempt to re-send phase2 with no phase1 bound.\n"); - iph2->retry_counter = -1; - remph2(iph2); - delph2(iph2); - return -1; - } - - if (isakmp_send(iph2->ph1, iph2->sendbuf) < 0) - return -1; - - plog(LLV_DEBUG, LOCATION, NULL, - "resend phase2 packet %s\n", - isakmp_pindex(&iph2->ph1->index, iph2->msgid)); - - iph2->retry_counter--; - - iph2->scr = sched_new(iph2->ph1->rmconf->retry_interval, - isakmp_ph2resend_stub, iph2); - - return 0; -} - -/* called from scheduler */ -void -isakmp_ph1expire_stub(p) - void *p; -{ - - isakmp_ph1expire((struct ph1handle *)p); -} - -void -isakmp_ph1expire(iph1) - struct ph1handle *iph1; -{ - char *src, *dst; - - src = strdup(saddr2str(iph1->local)); - dst = strdup(saddr2str(iph1->remote)); - plog(LLV_INFO, LOCATION, NULL, - "ISAKMP-SA expired %s-%s spi:%s\n", - src, dst, - isakmp_pindex(&iph1->index, 0)); - racoon_free(src); - racoon_free(dst); - - SCHED_KILL(iph1->sce); - - iph1->status = PHASE1ST_EXPIRED; - - /* - * the phase1 deletion is postponed until there is no phase2. - */ - if (LIST_FIRST(&iph1->ph2tree) != NULL) { - iph1->sce = sched_new(1, isakmp_ph1expire_stub, iph1); - return; - } - - iph1->sce = sched_new(1, isakmp_ph1delete_stub, iph1); -} - -/* called from scheduler */ -void -isakmp_ph1delete_stub(p) - void *p; -{ - - isakmp_ph1delete((struct ph1handle *)p); -} - -void -isakmp_ph1delete(iph1) - struct ph1handle *iph1; -{ - char *src, *dst; - - SCHED_KILL(iph1->sce); - - if (LIST_FIRST(&iph1->ph2tree) != NULL) { - iph1->sce = sched_new(1, isakmp_ph1delete_stub, iph1); - return; - } - - /* don't re-negosiation when the phase 1 SA expires. */ - - src = strdup(saddr2str(iph1->local)); - dst = strdup(saddr2str(iph1->remote)); - plog(LLV_INFO, LOCATION, NULL, - "ISAKMP-SA deleted %s-%s spi:%s\n", - src, dst, isakmp_pindex(&iph1->index, 0)); - racoon_free(src); - racoon_free(dst); - - remph1(iph1); - delph1(iph1); - - return; -} - -/* called from scheduler. - * this function will call only isakmp_ph2delete(). - * phase 2 handler remain forever if kernel doesn't cry a expire of phase 2 SA - * by something cause. That's why this function is called after phase 2 SA - * expires in the userland. - */ -void -isakmp_ph2expire_stub(p) - void *p; -{ - - isakmp_ph2expire((struct ph2handle *)p); -} - -void -isakmp_ph2expire(iph2) - struct ph2handle *iph2; -{ - char *src, *dst; - - SCHED_KILL(iph2->sce); - - src = strdup(saddrwop2str(iph2->src)); - dst = strdup(saddrwop2str(iph2->dst)); - plog(LLV_INFO, LOCATION, NULL, - "phase2 sa expired %s-%s\n", src, dst); - racoon_free(src); - racoon_free(dst); - - iph2->status = PHASE2ST_EXPIRED; - - iph2->sce = sched_new(1, isakmp_ph2delete_stub, iph2); - - return; -} - -/* called from scheduler */ -void -isakmp_ph2delete_stub(p) - void *p; -{ - - isakmp_ph2delete((struct ph2handle *)p); -} - -void -isakmp_ph2delete(iph2) - struct ph2handle *iph2; -{ - char *src, *dst; - - SCHED_KILL(iph2->sce); - - src = strdup(saddrwop2str(iph2->src)); - dst = strdup(saddrwop2str(iph2->dst)); - plog(LLV_INFO, LOCATION, NULL, - "phase2 sa deleted %s-%s\n", src, dst); - racoon_free(src); - racoon_free(dst); - - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - - return; -} - -/* %%% - * Interface between PF_KEYv2 and ISAKMP - */ -/* - * receive ACQUIRE from kernel, and begin either phase1 or phase2. - * if phase1 has been finished, begin phase2. - */ -int -isakmp_post_acquire(iph2) - struct ph2handle *iph2; -{ - struct remoteconf *rmconf; - struct ph1handle *iph1 = NULL; - - /* search appropreate configuration with masking port. */ - rmconf = getrmconf(iph2->dst); - if (rmconf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no configuration found for %s.\n", - saddrwop2str(iph2->dst)); - return -1; - } - - /* if passive mode, ignore the acquire message */ - if (rmconf->passive) { - plog(LLV_DEBUG, LOCATION, NULL, - "because of passive mode, " - "ignore the acquire message for %s.\n", - saddrwop2str(iph2->dst)); - return 0; - } - - /* search isakmp status table by address with masking port */ - iph1 = getph1byaddr(iph2->src, iph2->dst); - - /* no ISAKMP-SA found. */ - if (iph1 == NULL) { - struct sched *sc; - - iph2->retry_checkph1 = lcconf->retry_checkph1; - sc = sched_new(1, isakmp_chkph1there_stub, iph2); - plog(LLV_INFO, LOCATION, NULL, - "IPsec-SA request for %s queued " - "due to no phase1 found.\n", - saddrwop2str(iph2->dst)); - - /* start phase 1 negotiation as a initiator. */ - if (isakmp_ph1begin_i(rmconf, iph2->dst) < 0) { - SCHED_KILL(sc); - return -1; - } - - return 0; - /*NOTREACHED*/ - } - - /* found ISAKMP-SA, but on negotiation. */ - if (iph1->status != PHASE1ST_ESTABLISHED) { - iph2->retry_checkph1 = lcconf->retry_checkph1; - sched_new(1, isakmp_chkph1there_stub, iph2); - plog(LLV_INFO, LOCATION, iph2->dst, - "request for establishing IPsec-SA was queued " - "due to no phase1 found.\n"); - return 0; - /*NOTREACHED*/ - } - - /* found established ISAKMP-SA */ - /* i.e. iph1->status == PHASE1ST_ESTABLISHED */ - - /* found ISAKMP-SA. */ - plog(LLV_DEBUG, LOCATION, NULL, "begin QUICK mode.\n"); - - /* begin quick mode */ - if (isakmp_ph2begin_i(iph1, iph2)) - return -1; - - return 0; -} - -/* - * receive GETSPI from kernel. - */ -int -isakmp_post_getspi(iph2) - struct ph2handle *iph2; -{ -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - - /* don't process it because there is no suitable phase1-sa. */ - if (iph2->ph1->status == PHASE2ST_EXPIRED) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "the negotiation is stopped, " - "because there is no suitable ISAKMP-SA.\n"); - return -1; - } - -#ifdef ENABLE_STATS - gettimeofday(&start, NULL); -#endif - if ((ph2exchange[etypesw2(ISAKMP_ETYPE_QUICK)] - [iph2->side] - [iph2->status])(iph2, NULL) != 0) - return -1; -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s): %8.6f", - "phase2", - s_isakmp_state(ISAKMP_ETYPE_QUICK, iph2->side, iph2->status), - timedelta(&start, &end)); -#endif - - return 0; -} - -/* called by scheduler */ -void -isakmp_chkph1there_stub(p) - void *p; -{ - isakmp_chkph1there((struct ph2handle *)p); -} - -void -isakmp_chkph1there(iph2) - struct ph2handle *iph2; -{ - struct ph1handle *iph1; - - iph2->retry_checkph1--; - if (iph2->retry_checkph1 < 0) { - plog(LLV_ERROR, LOCATION, iph2->dst, - "phase2 negotiation failed " - "due to time up waiting for phase1. %s\n", - sadbsecas2str(iph2->dst, iph2->src, - iph2->satype, 0, 0)); - plog(LLV_INFO, LOCATION, NULL, - "delete phase 2 handler.\n"); - - /* send acquire to kernel as error */ - pk_sendeacquire(iph2); - - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - - return; - } - - iph1 = getph1byaddr(iph2->src, iph2->dst); - - /* XXX Even if ph1 as responder is there, should we not start - * phase 2 negotiation ? */ - if (iph1 != NULL - && iph1->status == PHASE1ST_ESTABLISHED) { - /* found isakmp-sa */ - /* begin quick mode */ - (void)isakmp_ph2begin_i(iph1, iph2); - return; - } - - /* no isakmp-sa found */ - sched_new(1, isakmp_chkph1there_stub, iph2); - - return; -} - -/* copy variable data into ALLOCATED buffer. */ -caddr_t -isakmp_set_attr_v(buf, type, val, len) - caddr_t buf; - int type; - caddr_t val; - int len; -{ - struct isakmp_data *data; - - data = (struct isakmp_data *)buf; - data->type = htons((u_int16_t)type | ISAKMP_GEN_TLV); - data->lorv = htons((u_int16_t)len); - memcpy(data + 1, val, len); - - return buf + sizeof(*data) + len; -} - -/* copy fixed length data into ALLOCATED buffer. */ -caddr_t -isakmp_set_attr_l(buf, type, val) - caddr_t buf; - int type; - u_int32_t val; -{ - struct isakmp_data *data; - - data = (struct isakmp_data *)buf; - data->type = htons((u_int16_t)type | ISAKMP_GEN_TV); - data->lorv = htons((u_int16_t)val); - - return buf + sizeof(*data); -} - -/* add a variable data attribute to the buffer by reallocating it. */ -vchar_t * -isakmp_add_attr_v(buf0, type, val, len) - vchar_t *buf0; - int type; - caddr_t val; - int len; -{ - vchar_t *buf = NULL; - struct isakmp_data *data; - int tlen; - int oldlen = 0; - - tlen = sizeof(*data) + len; - - if (buf0) { - oldlen = buf0->l; - buf = vrealloc(buf0, oldlen + tlen); - } else - buf = vmalloc(tlen); - if (!buf) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get a attribute buffer.\n"); - return NULL; - } - - data = (struct isakmp_data *)(buf->v + oldlen); - data->type = htons((u_int16_t)type | ISAKMP_GEN_TLV); - data->lorv = htons((u_int16_t)len); - memcpy(data + 1, val, len); - - return buf; -} - -/* add a fixed data attribute to the buffer by reallocating it. */ -vchar_t * -isakmp_add_attr_l(buf0, type, val) - vchar_t *buf0; - int type; - u_int32_t val; -{ - vchar_t *buf = NULL; - struct isakmp_data *data; - int tlen; - int oldlen = 0; - - tlen = sizeof(*data); - - if (buf0) { - oldlen = buf0->l; - buf = vrealloc(buf0, oldlen + tlen); - } else - buf = vmalloc(tlen); - if (!buf) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get a attribute buffer.\n"); - return NULL; - } - - data = (struct isakmp_data *)(buf->v + oldlen); - data->type = htons((u_int16_t)type | ISAKMP_GEN_TV); - data->lorv = htons((u_int16_t)val); - - return buf; -} - -/* - * calculate cookie and set. - */ -int -isakmp_newcookie(place, remote, local) - caddr_t place; - struct sockaddr *remote; - struct sockaddr *local; -{ - vchar_t *buf = NULL, *buf2 = NULL; - char *p; - int blen; - int alen; - caddr_t sa1, sa2; - time_t t; - int error = -1; - u_short port; - - - if (remote->sa_family != local->sa_family) { - plog(LLV_ERROR, LOCATION, NULL, - "address family mismatch, remote:%d local:%d\n", - remote->sa_family, local->sa_family); - goto end; - } - switch (remote->sa_family) { - case AF_INET: - alen = sizeof(struct in_addr); - sa1 = (caddr_t)&((struct sockaddr_in *)remote)->sin_addr; - sa2 = (caddr_t)&((struct sockaddr_in *)local)->sin_addr; - break; -#ifdef INET6 - case AF_INET6: - alen = sizeof(struct in_addr); - sa1 = (caddr_t)&((struct sockaddr_in6 *)remote)->sin6_addr; - sa2 = (caddr_t)&((struct sockaddr_in6 *)local)->sin6_addr; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", remote->sa_family); - goto end; - } - blen = (alen + sizeof(u_short)) * 2 - + sizeof(time_t) + lcconf->secret_size; - buf = vmalloc(blen); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get a cookie.\n"); - goto end; - } - p = buf->v; - - /* copy my address */ - memcpy(p, sa1, alen); - p += alen; - port = ((struct sockaddr_in *)remote)->sin_port; - memcpy(p, &port, sizeof(u_short)); - p += sizeof(u_short); - - /* copy target address */ - memcpy(p, sa2, alen); - p += alen; - port = ((struct sockaddr_in *)local)->sin_port; - memcpy(p, &port, sizeof(u_short)); - p += sizeof(u_short); - - /* copy time */ - t = time(0); - memcpy(p, (caddr_t)&t, sizeof(t)); - p += sizeof(t); - - /* copy random value */ - buf2 = eay_set_random(lcconf->secret_size); - if (buf2 == NULL) - goto end; - memcpy(p, buf2->v, lcconf->secret_size); - p += lcconf->secret_size; - vfree(buf2); - - buf2 = eay_sha1_one(buf); - memcpy(place, buf2->v, sizeof(cookie_t)); - - sa1 = val2str(place, sizeof (cookie_t)); - plog(LLV_DEBUG, LOCATION, NULL, "new cookie:\n%s\n", sa1); - racoon_free(sa1); - - error = 0; -end: - if (buf != NULL) - vfree(buf); - if (buf2 != NULL) - vfree(buf2); - return error; -} - -/* - * save partner's(payload) data into phhandle. - */ -int -isakmp_p2ph(buf, gen) - vchar_t **buf; - struct isakmp_gen *gen; -{ - /* XXX to be checked in each functions for logging. */ - if (*buf) { - plog(LLV_WARNING, LOCATION, NULL, - "ignore this payload, same payload type exist.\n"); - return -1; - } - - *buf = vmalloc(ntohs(gen->len) - sizeof(*gen)); - if (*buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer.\n"); - return -1; - } - memcpy((*buf)->v, gen + 1, (*buf)->l); - - return 0; -} - -u_int32_t -isakmp_newmsgid2(iph1) - struct ph1handle *iph1; -{ - u_int32_t msgid2; - - do { - msgid2 = arc4random(); - } while (getph2bymsgid(iph1, msgid2)); - - return msgid2; -} - -/* - * set values into allocated buffer of isakmp header for phase 1 - */ -caddr_t -set_isakmp_header(vbuf, iph1, nptype) - vchar_t *vbuf; - struct ph1handle *iph1; - int nptype; -{ - struct isakmp *isakmp; - - if (vbuf->l < sizeof(*isakmp)) - return NULL; - - isakmp = (struct isakmp *)vbuf->v; - memcpy(&isakmp->i_ck, &iph1->index.i_ck, sizeof(cookie_t)); - memcpy(&isakmp->r_ck, &iph1->index.r_ck, sizeof(cookie_t)); - isakmp->np = nptype; - isakmp->v = iph1->version; - isakmp->etype = iph1->etype; - isakmp->flags = iph1->flags; - isakmp->msgid = iph1->msgid; - isakmp->len = htonl(vbuf->l); - - return vbuf->v + sizeof(*isakmp); -} - -/* - * set values into allocated buffer of isakmp header for phase 2 - */ -caddr_t -set_isakmp_header2(vbuf, iph2, nptype) - vchar_t *vbuf; - struct ph2handle *iph2; - int nptype; -{ - struct isakmp *isakmp; - - if (vbuf->l < sizeof(*isakmp)) - return NULL; - - isakmp = (struct isakmp *)vbuf->v; - memcpy(&isakmp->i_ck, &iph2->ph1->index.i_ck, sizeof(cookie_t)); - memcpy(&isakmp->r_ck, &iph2->ph1->index.r_ck, sizeof(cookie_t)); - isakmp->np = nptype; - isakmp->v = iph2->ph1->version; - isakmp->etype = ISAKMP_ETYPE_QUICK; - isakmp->flags = iph2->flags; - memcpy(&isakmp->msgid, &iph2->msgid, sizeof(isakmp->msgid)); - isakmp->len = htonl(vbuf->l); - - return vbuf->v + sizeof(*isakmp); -} - -/* - * set values into allocated buffer of isakmp payload. - */ -caddr_t -set_isakmp_payload(buf, src, nptype) - caddr_t buf; - vchar_t *src; - int nptype; -{ - struct isakmp_gen *gen; - caddr_t p = buf; - - plog(LLV_DEBUG, LOCATION, NULL, "add payload of len %d, next type %d\n", - src->l, nptype); - - gen = (struct isakmp_gen *)p; - gen->np = nptype; - gen->len = htons(sizeof(*gen) + src->l); - p += sizeof(*gen); - memcpy(p, src->v, src->l); - p += src->l; - - return p; -} - -static int -etypesw1(etype) - int etype; -{ - switch (etype) { - case ISAKMP_ETYPE_IDENT: - return 1; - case ISAKMP_ETYPE_AGG: - return 2; - case ISAKMP_ETYPE_BASE: - return 3; - default: - return 0; - } - /*NOTREACHED*/ -} - -static int -etypesw2(etype) - int etype; -{ - switch (etype) { - case ISAKMP_ETYPE_QUICK: - return 1; - default: - return 0; - } - /*NOTREACHED*/ -} - -#ifdef HAVE_PRINT_ISAKMP_C -/* for print-isakmp.c */ -char *snapend; -extern void isakmp_print __P((const u_char *, u_int, const u_char *)); - -char *getname __P((const u_char *)); -#ifdef INET6 -char *getname6 __P((const u_char *)); -#endif -int safeputchar __P((int)); - -/* - * Return a name for the IP address pointed to by ap. This address - * is assumed to be in network byte order. - */ -char * -getname(ap) - const u_char *ap; -{ - struct sockaddr_in addr; - static char ntop_buf[NI_MAXHOST]; - - memset(&addr, 0, sizeof(addr)); - addr.sin_len = sizeof(struct sockaddr_in); - addr.sin_family = AF_INET; - memcpy(&addr.sin_addr, ap, sizeof(addr.sin_addr)); - if (getnameinfo((struct sockaddr *)&addr, addr.sin_len, - ntop_buf, sizeof(ntop_buf), NULL, 0, - NI_NUMERICHOST | niflags)) - strlcpy(ntop_buf, "?", sizeof(ntop_buf)); - - return ntop_buf; -} - -#ifdef INET6 -/* - * Return a name for the IP6 address pointed to by ap. This address - * is assumed to be in network byte order. - */ -char * -getname6(ap) - const u_char *ap; -{ - struct sockaddr_in6 addr; - static char ntop_buf[NI_MAXHOST]; - - memset(&addr, 0, sizeof(addr)); - addr.sin6_len = sizeof(struct sockaddr_in6); - addr.sin6_family = AF_INET6; - memcpy(&addr.sin6_addr, ap, sizeof(addr.sin6_addr)); - if (getnameinfo((struct sockaddr *)&addr, addr.sin6_len, - ntop_buf, sizeof(ntop_buf), NULL, 0, - NI_NUMERICHOST | niflags)) - strlcpy(ntop_buf, "?", sizeof(ntop_buf)); - - return ntop_buf; -} -#endif /* INET6 */ - -int -safeputchar(c) - int c; -{ - unsigned char ch; - - ch = (unsigned char)(c & 0xff); - if (c < 0x80 && isprint(c)) - return printf("%c", c & 0xff); - else - return printf("\\%03o", c & 0xff); -} - -void -isakmp_printpacket(msg, from, my, decoded) - vchar_t *msg; - struct sockaddr *from; - struct sockaddr *my; - int decoded; -{ -#ifdef YIPS_DEBUG - struct timeval tv; - int s; - char hostbuf[NI_MAXHOST]; - char portbuf[NI_MAXSERV]; - struct isakmp *isakmp; - vchar_t *buf; -#endif - - if (loglevel < LLV_DEBUG) - return; - -#ifdef YIPS_DEBUG - plog(LLV_DEBUG, LOCATION, NULL, "begin.\n"); - - gettimeofday(&tv, NULL); - s = tv.tv_sec % 3600; - printf("%02d:%02d.%06u ", s / 60, s % 60, (u_int32_t)tv.tv_usec); - - if (from) { - if (getnameinfo(from, from->sa_len, hostbuf, sizeof(hostbuf), - portbuf, sizeof(portbuf), - NI_NUMERICHOST | NI_NUMERICSERV | niflags)) { - strlcpy(hostbuf, "?", sizeof(hostbuf)); - strlcpy(portbuf, "?", sizeof(portbuf)); - } - printf("%s:%s", hostbuf, portbuf); - } else - printf("?"); - printf(" -> "); - if (my) { - if (getnameinfo(my, my->sa_len, hostbuf, sizeof(hostbuf), - portbuf, sizeof(portbuf), - NI_NUMERICHOST | NI_NUMERICSERV | niflags)) { - strlcpy(hostbuf, "?", sizeof(hostbuf)); - strlcpy(portbuf, "?", sizeof(portbuf)); - } - printf("%s:%s", hostbuf, portbuf); - } else - printf("?"); - printf(": "); - - buf = vdup(msg); - if (!buf) { - printf("(malloc fail)\n"); - return; - } - if (decoded) { - isakmp = (struct isakmp *)buf->v; - if (isakmp->flags & ISAKMP_FLAG_E) { -#if 0 - int pad; - pad = *(u_char *)(buf->v + buf->l - 1); - if (buf->l < pad && 2 < vflag) - printf("(wrong padding)"); -#endif - isakmp->flags &= ~ISAKMP_FLAG_E; - } - } - - snapend = buf->v + buf->l; - isakmp_print(buf->v, buf->l, NULL); - vfree(buf); - printf("\n"); - fflush(stdout); - - return; -#endif -} -#endif /*HAVE_PRINT_ISAKMP_C*/ - -int -copy_ph1addresses(iph1, rmconf, remote, local) - struct ph1handle *iph1; - struct remoteconf *rmconf; - struct sockaddr *remote, *local; -{ - u_short *port = NULL; - - /* address portion must be grabbed from real remote address "remote" */ - iph1->remote = dupsaddr(remote); - if (iph1->remote == NULL) { - delph1(iph1); - return -1; - } - - /* - * if remote has no port # (in case of initiator - from ACQUIRE msg) - * - if remote.conf specifies port #, use that - * - if remote.conf does not, use 500 - * if remote has port # (in case of responder - from recvfrom(2)) - * respect content of "remote". - */ - switch (iph1->remote->sa_family) { - case AF_INET: - port = &((struct sockaddr_in *)iph1->remote)->sin_port; - if (*port) - break; - *port = ((struct sockaddr_in *)rmconf->remote)->sin_port; - if (*port) - break; - *port = htons(PORT_ISAKMP); - break; -#ifdef INET6 - case AF_INET6: - port = &((struct sockaddr_in6 *)iph1->remote)->sin6_port; - if (*port) - break; - *port = ((struct sockaddr_in6 *)rmconf->remote)->sin6_port; - if (*port) - break; - *port = htons(PORT_ISAKMP); - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", iph1->remote->sa_family); - return -1; - } - - if (local == NULL) - iph1->local = getlocaladdr(iph1->remote); - else - iph1->local = dupsaddr(local); - if (iph1->local == NULL) { - delph1(iph1); - return -1; - } - switch (iph1->local->sa_family) { - case AF_INET: - ((struct sockaddr_in *)iph1->local)->sin_port - = getmyaddrsport(iph1->local); - break; -#ifdef INET6 - case AF_INET6: - ((struct sockaddr_in6 *)iph1->local)->sin6_port - = getmyaddrsport(iph1->local); - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", iph1->remote->sa_family); - delph1(iph1); - return -1; - } - - return 0; -} - -static int -nostate1(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - plog(LLV_ERROR, LOCATION, iph1->remote, "wrong state %u.\n", - iph1->status); - return -1; -} - -static int -nostate2(iph2, msg) - struct ph2handle *iph2; - vchar_t *msg; -{ - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, "wrong state %u.\n", - iph2->status); - return -1; -} - -void -log_ph1established(iph1) - const struct ph1handle *iph1; -{ - char *src, *dst; - - src = strdup(saddr2str(iph1->local)); - dst = strdup(saddr2str(iph1->remote)); - plog(LLV_INFO, LOCATION, NULL, - "ISAKMP-SA established %s-%s spi:%s\n", - src, dst, - isakmp_pindex(&iph1->index, 0)); - racoon_free(src); - racoon_free(dst); - - return; -} - diff --git a/racoon.tproj/isakmp.h b/racoon.tproj/isakmp.h deleted file mode 100644 index 25e4990..0000000 --- a/racoon.tproj/isakmp.h +++ /dev/null @@ -1,378 +0,0 @@ -/* $KAME: isakmp.h,v 1.19 2001/04/11 06:11:55 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ISAKMP_H__ -#define __ISAKMP_H__ - -/* refer to RFC 2408 */ - -/* must include first. */ -/* must include "isakmp_var.h" first. */ - -#define INITIATOR 0 /* synonym sender */ -#define RESPONDER 1 /* synonym receiver */ - -#define GENERATE 1 -#define VALIDATE 0 - -/* 3.1 ISAKMP Header Format - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Initiator ! - ! Cookie ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Responder ! - ! Cookie ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload ! MjVer ! MnVer ! Exchange Type ! Flags ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Message ID ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ -struct isakmp { - cookie_t i_ck; /* Initiator Cookie */ - cookie_t r_ck; /* Responder Cookie */ - u_int8_t np; /* Next Payload Type */ - u_int8_t v; - u_int8_t etype; /* Exchange Type */ - u_int8_t flags; /* Flags */ - u_int32_t msgid; - u_int32_t len; /* Length */ -} __attribute__((__packed__)); - -/* Next Payload Type */ -#define ISAKMP_NPTYPE_NONE 0 /* NONE*/ -#define ISAKMP_NPTYPE_SA 1 /* Security Association */ -#define ISAKMP_NPTYPE_P 2 /* Proposal */ -#define ISAKMP_NPTYPE_T 3 /* Transform */ -#define ISAKMP_NPTYPE_KE 4 /* Key Exchange */ -#define ISAKMP_NPTYPE_ID 5 /* Identification */ -#define ISAKMP_NPTYPE_CERT 6 /* Certificate */ -#define ISAKMP_NPTYPE_CR 7 /* Certificate Request */ -#define ISAKMP_NPTYPE_HASH 8 /* Hash */ -#define ISAKMP_NPTYPE_SIG 9 /* Signature */ -#define ISAKMP_NPTYPE_NONCE 10 /* Nonce */ -#define ISAKMP_NPTYPE_N 11 /* Notification */ -#define ISAKMP_NPTYPE_D 12 /* Delete */ -#define ISAKMP_NPTYPE_VID 13 /* Vendor ID */ - -/* NAT-T up to draft-ietf-ipsec-nat-t-ike-04 */ -#define ISAKMP_NPTYPE_NATD_DRAFT 130 /* NAT Discovery */ -#define ISAKMP_NPTYPE_NATOA_DRAFT 131 /* NAT Original Address */ - - -/* NAT-T draft-ietf-ipsec-nat-t-ike-05 and later */ -/* XXX conflicts with values assigned to RFC 3547 */ -#define ISAKMP_NPTYPE_NATD_BADDRAFT 15 /* NAT Discovery */ -#define ISAKMP_NPTYPE_NATOA_BADDRAFT 16 /* NAT Original Address */ - - -#define ISAKMP_NPTYPE_NATD_RFC 20 /* NAT Discovery */ -#define ISAKMP_NPTYPE_NATOA_RFC 21 /* NAT Original Address */ - - - /* 128 - 255 Private Use */ - -/* - * The following are valid when the Vendor ID is one of the - * following: - * - * MD5("A GSS-API Authentication Method for IKE") - * MD5("GSSAPI") (recognized by Windows 2000) - * MD5("MS NT5 ISAKMPOAKLEY") (sent by Windows 2000) - * - * See draft-ietf-ipsec-isakmp-gss-auth-06.txt. - */ -#define ISAKMP_NPTYPE_GSS 129 /* GSS token */ - -#define ISAKMP_MAJOR_VERSION 1 -#define ISAKMP_MINOR_VERSION 0 -#define ISAKMP_VERSION_NUMBER 0x10 -#define ISAKMP_GETMAJORV(v) (((v) & 0xf0) >> 4) -#define ISAKMP_SETMAJORV(v, m) ((v) = ((v) & 0x0f) | (((m) << 4) & 0xf0)) -#define ISAKMP_GETMINORV(v) ((v) & 0x0f) -#define ISAKMP_SETMINORV(v, m) ((v) = ((v) & 0xf0) | ((m) & 0x0f)) - -/* Exchange Type */ -#define ISAKMP_ETYPE_NONE 0 /* NONE */ -#define ISAKMP_ETYPE_BASE 1 /* Base */ -#define ISAKMP_ETYPE_IDENT 2 /* Identity Proteciton */ -#define ISAKMP_ETYPE_AUTH 3 /* Authentication Only */ -#define ISAKMP_ETYPE_AGG 4 /* Aggressive */ -#define ISAKMP_ETYPE_INFO 5 /* Informational */ -/* Additional Exchange Type */ -#define ISAKMP_ETYPE_QUICK 32 /* Quick Mode */ -#define ISAKMP_ETYPE_NEWGRP 33 /* New group Mode */ -#define ISAKMP_ETYPE_ACKINFO 34 /* Acknowledged Informational */ - -/* Flags */ -#define ISAKMP_FLAG_E 0x01 /* Encryption Bit */ -#define ISAKMP_FLAG_C 0x02 /* Commit Bit */ -#define ISAKMP_FLAG_A 0x04 /* Authentication Only Bit */ - -/* 3.2 Payload Generic Header - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload ! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ -struct isakmp_gen { - u_int8_t np; /* Next Payload */ - u_int8_t reserved; /* RESERVED, unused, must set to 0 */ - u_int16_t len; /* Payload Length */ -} __attribute__((__packed__)); - -/* 3.3 Data Attributes - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - !A! Attribute Type ! AF=0 Attribute Length ! - !F! ! AF=1 Attribute Value ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - . AF=0 Attribute Value . - . AF=1 Not Transmitted . - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ -struct isakmp_data { - u_int16_t type; /* defined by DOI-spec, and Attribute Format */ - u_int16_t lorv; /* if f equal 1, Attribute Length */ - /* if f equal 0, Attribute Value */ - /* if f equal 1, Attribute Value */ -} __attribute__((__packed__)); -#define ISAKMP_GEN_TLV 0x0000 -#define ISAKMP_GEN_TV 0x8000 - /* mask for type of attribute format */ -#define ISAKMP_GEN_MASK 0x8000 - -#if 0 -/* MAY NOT be used, because of being defined in ipsec-doi. */ -/* 3.4 Security Association Payload */ -struct isakmp_pl_sa { - struct isakmp_gen h; - u_int32_t doi; /* Domain of Interpretation */ - u_int32_t sit; /* Situation */ -} __attribute__((__packed__)); -#endif - -/* 3.5 Proposal Payload */ - /* - The value of the next payload field MUST only contain the value "2" - or "0". If there are additional Proposal payloads in the message, - then this field will be 2. If the current Proposal payload is the - last within the security association proposal, then this field will - be 0. - */ -struct isakmp_pl_p { - struct isakmp_gen h; - u_int8_t p_no; /* Proposal # */ - u_int8_t proto_id; /* Protocol */ - u_int8_t spi_size; /* SPI Size */ - u_int8_t num_t; /* Number of Transforms */ - /* SPI */ -} __attribute__((__packed__)); - -/* 3.6 Transform Payload */ - /* - The value of the next payload field MUST only contain the value "3" - or "0". If there are additional Transform payloads in the proposal, - then this field will be 3. If the current Transform payload is the - last within the proposal, then this field will be 0. - */ -struct isakmp_pl_t { - struct isakmp_gen h; - u_int8_t t_no; /* Transform # */ - u_int8_t t_id; /* Transform-Id */ - u_int16_t reserved; /* RESERVED2 */ - /* SA Attributes */ -} __attribute__((__packed__)); - -/* 3.7 Key Exchange Payload */ -struct isakmp_pl_ke { - struct isakmp_gen h; - /* Key Exchange Data */ -} __attribute__((__packed__)); - -#if 0 -/* NOTE: MUST NOT use because of being defined in ipsec-doi instead them. */ -/* 3.8 Identification Payload */ -struct isakmp_pl_id { - struct isakmp_gen h; - union { - u_int8_t id_type; /* ID Type */ - u_int32_t doi_data; /* DOI Specific ID Data */ - } d; - /* Identification Data */ -} __attribute__((__packed__)); -/* A.4 ISAKMP Identification Type Values */ -#define ISAKMP_ID_IPV4_ADDR 0 -#define ISAKMP_ID_IPV4_ADDR_SUBNET 1 -#define ISAKMP_ID_IPV6_ADDR 2 -#define ISAKMP_ID_IPV6_ADDR_SUBNET 3 -#endif - -/* 3.9 Certificate Payload */ -struct isakmp_pl_cert { - struct isakmp_gen h; - /* - * Encoding type of 1 octet follows immediately, - * variable length CERT data follows encoding type. - */ -} __attribute__((__packed__)); - -/* Certificate Type */ -#define ISAKMP_CERT_NONE 0 -#define ISAKMP_CERT_PKCS7 1 -#define ISAKMP_CERT_PGP 2 -#define ISAKMP_CERT_DNS 3 -#define ISAKMP_CERT_X509SIGN 4 -#define ISAKMP_CERT_X509KE 5 -#define ISAKMP_CERT_KERBEROS 6 -#define ISAKMP_CERT_CRL 7 -#define ISAKMP_CERT_ARL 8 -#define ISAKMP_CERT_SPKI 9 -#define ISAKMP_CERT_X509ATTR 10 - -/* the method to get peers certificate */ -#define ISAKMP_GETCERT_PAYLOAD 1 -#define ISAKMP_GETCERT_LOCALFILE 2 -#define ISAKMP_GETCERT_DNS 3 - -/* 3.10 Certificate Request Payload */ -struct isakmp_pl_cr { - struct isakmp_gen h; - u_int8_t num_cert; /* # Cert. Types */ - /* - Certificate Types (variable length) - -- Contains a list of the types of certificates requested, - sorted in order of preference. Each individual certificate - type is 1 octet. This field is NOT required. - */ - /* # Certificate Authorities (1 octet) */ - /* Certificate Authorities (variable length) */ -} __attribute__((__packed__)); - -/* 3.11 Hash Payload */ -struct isakmp_pl_hash { - struct isakmp_gen h; - /* Hash Data */ -} __attribute__((__packed__)); - -/* 3.12 Signature Payload */ -struct isakmp_pl_sig { - struct isakmp_gen h; - /* Signature Data */ -} __attribute__((__packed__)); - -/* 3.13 Nonce Payload */ -struct isakmp_pl_nonce { - struct isakmp_gen h; - /* Nonce Data */ -} __attribute__((__packed__)); - -/* 3.14 Notification Payload */ -struct isakmp_pl_n { - struct isakmp_gen h; - u_int32_t doi; /* Domain of Interpretation */ - u_int8_t proto_id; /* Protocol-ID */ - u_int8_t spi_size; /* SPI Size */ - u_int16_t type; /* Notify Message Type */ - /* SPI */ - /* Notification Data */ -} __attribute__((__packed__)); - -/* 3.14.1 Notify Message Types */ -/* NOTIFY MESSAGES - ERROR TYPES */ -#define ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE 1 -#define ISAKMP_NTYPE_DOI_NOT_SUPPORTED 2 -#define ISAKMP_NTYPE_SITUATION_NOT_SUPPORTED 3 -#define ISAKMP_NTYPE_INVALID_COOKIE 4 -#define ISAKMP_NTYPE_INVALID_MAJOR_VERSION 5 -#define ISAKMP_NTYPE_INVALID_MINOR_VERSION 6 -#define ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE 7 -#define ISAKMP_NTYPE_INVALID_FLAGS 8 -#define ISAKMP_NTYPE_INVALID_MESSAGE_ID 9 -#define ISAKMP_NTYPE_INVALID_PROTOCOL_ID 10 -#define ISAKMP_NTYPE_INVALID_SPI 11 -#define ISAKMP_NTYPE_INVALID_TRANSFORM_ID 12 -#define ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED 13 -#define ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN 14 -#define ISAKMP_NTYPE_BAD_PROPOSAL_SYNTAX 15 -#define ISAKMP_NTYPE_PAYLOAD_MALFORMED 16 -#define ISAKMP_NTYPE_INVALID_KEY_INFORMATION 17 -#define ISAKMP_NTYPE_INVALID_ID_INFORMATION 18 -#define ISAKMP_NTYPE_INVALID_CERT_ENCODING 19 -#define ISAKMP_NTYPE_INVALID_CERTIFICATE 20 -#define ISAKMP_NTYPE_BAD_CERT_REQUEST_SYNTAX 21 -#define ISAKMP_NTYPE_INVALID_CERT_AUTHORITY 22 -#define ISAKMP_NTYPE_INVALID_HASH_INFORMATION 23 -#define ISAKMP_NTYPE_AUTHENTICATION_FAILED 24 -#define ISAKMP_NTYPE_INVALID_SIGNATURE 25 -#define ISAKMP_NTYPE_ADDRESS_NOTIFICATION 26 -#define ISAKMP_NTYPE_NOTIFY_SA_LIFETIME 27 -#define ISAKMP_NTYPE_CERTIFICATE_UNAVAILABLE 28 -#define ISAKMP_NTYPE_UNSUPPORTED_EXCHANGE_TYPE 29 -#define ISAKMP_NTYPE_UNEQUAL_PAYLOAD_LENGTHS 30 -/* NOTIFY MESSAGES - STATUS TYPES */ -#define ISAKMP_NTYPE_CONNECTED 16384 -/* 4.6.3 IPSEC DOI Notify Message Types */ -#define ISAKMP_NTYPE_RESPONDER_LIFETIME 24576 -#define ISAKMP_NTYPE_REPLAY_STATUS 24577 -#define ISAKMP_NTYPE_INITIAL_CONTACT 24578 - -/* using only to log */ -#define ISAKMP_LOG_RETRY_LIMIT_REACHED 65530 - -/* XXX means internal error but it's not reserved by any drafts... */ -#define ISAKMP_INTERNAL_ERROR -1 - -/* 3.15 Delete Payload */ -struct isakmp_pl_d { - struct isakmp_gen h; - u_int32_t doi; /* Domain of Interpretation */ - u_int8_t proto_id; /* Protocol-Id */ - u_int8_t spi_size; /* SPI Size */ - u_int16_t num_spi; /* # of SPIs */ - /* SPI(es) */ -} __attribute__((__packed__)); - -/* natoa payload */ -struct isakmp_pl_natoa { - struct isakmp_gen h; - u_int8_t id_type; /* address type */ - u_int8_t reserved1; /* reserved */ - u_int16_t reserved2; /* reserved */ - /* IP address */ -} __attribute__((__packed__)); - - -#endif /* __ISAKMP_H__ */ - diff --git a/racoon.tproj/isakmp_agg.c b/racoon.tproj/isakmp_agg.c deleted file mode 100644 index 2f1ebc5..0000000 --- a/racoon.tproj/isakmp_agg.c +++ /dev/null @@ -1,1465 +0,0 @@ -/* $KAME: isakmp_agg.c,v 1.55 2001/12/12 15:29:13 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* Aggressive Exchange (Aggressive Mode) */ - -#include -#include - -#include -#include -#include -#include -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "schedule.h" -#include "debug.h" - -#include "localconf.h" -#include "remoteconf.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "oakley.h" -#include "handler.h" -#include "ipsec_doi.h" -#include "crypto_openssl.h" -#include "pfkey.h" -#include "isakmp_agg.h" -#include "isakmp_inf.h" -#include "isakmp_natd.h" -#include "vendorid.h" -#include "strnames.h" - -#ifdef HAVE_GSSAPI -#include "gssapi.h" -#endif - -/* - * begin Aggressive Mode as initiator. - */ -/* - * send to responder - * psk: HDR, SA, KE, Ni, IDi1 - * sig: HDR, SA, KE, Ni, IDi1 [, CR ] - * gssapi: HDR, SA, KE, Ni, IDi1, GSSi - * rsa: HDR, SA, [ HASH(1),] KE, Pubkey_r, Pubkey_r - * rev: HDR, SA, [ HASH(1),] Pubkey_r, Ke_i, - * Ke_i [, Ke_i ] - */ -int -agg_i1send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; /* must be null */ -{ - struct isakmp_gen *gen; - caddr_t p; - int tlen; - int need_cr = 0; - vchar_t *cr = NULL, *gsstoken = NULL; - vchar_t *vid_natt_rfc = NULL; - vchar_t *vid_natt_apple = NULL; - vchar_t *vid_natt_02 = NULL; - vchar_t *vid_natt_02N = NULL; - int error = -1; - int nptype; -#ifdef HAVE_GSSAPI - int len; -#endif - - /* validity check */ - if (msg != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "msg has to be NULL in this function.\n"); - goto end; - } - if (iph1->status != PHASE1ST_START) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* create isakmp index */ - memset(&iph1->index, 0, sizeof(iph1->index)); - isakmp_newcookie((caddr_t)&iph1->index, iph1->remote, iph1->local); - - /* make ID payload into isakmp status */ - if (ipsecdoi_setid1(iph1) < 0) - goto end; - - /* create SA payload for my proposal */ - iph1->sa = ipsecdoi_setph1proposal(iph1->rmconf->proposal); - if (iph1->sa == NULL) - goto end; - - /* consistency check of proposals */ - if (iph1->rmconf->dhgrp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "configuration failure about DH group.\n"); - goto end; - } - - /* generate DH public value */ - if (oakley_dh_generate(iph1->rmconf->dhgrp, - &iph1->dhpub, &iph1->dhpriv) < 0) - goto end; - - /* generate NONCE value */ - iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); - if (iph1->nonce == NULL) - goto end; - -#ifdef IKE_NAT_T - vid_natt_rfc = set_vendorid(VENDORID_NATT_RFC); - vid_natt_apple = set_vendorid(VENDORID_NATT_APPLE); - vid_natt_02 = set_vendorid(VENDORID_NATT_02); - vid_natt_02N = set_vendorid(VENDORID_NATT_02N); - - if (vid_natt_rfc == NULL || - vid_natt_apple == NULL || - vid_natt_02 == NULL || - vid_natt_02N == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get vendor ID buffer.\n"); - goto end; - } - -#endif - -#ifdef HAVE_SIGNING_C - /* create CR if need */ - if (iph1->rmconf->send_cr - && oakley_needcr(iph1->rmconf->proposal->authmethod) - && iph1->rmconf->peerscertfile == NULL) { - need_cr = 1; - cr = oakley_getcr(iph1); - if (cr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get cr buffer.\n"); - goto end; - } - } -#endif - plog(LLV_DEBUG, LOCATION, NULL, "authmethod is %s\n", - s_oakley_attr_method(iph1->rmconf->proposal->authmethod)); - /* create buffer to send isakmp payload */ - tlen = sizeof(struct isakmp) - + sizeof(*gen) + iph1->sa->l - + sizeof(*gen) + iph1->dhpub->l - + sizeof(*gen) + iph1->nonce->l - + sizeof(*gen) + iph1->id->l; - if (need_cr) - tlen += sizeof(*gen) + cr->l; -#ifdef HAVE_GSSAPI - if (iph1->rmconf->proposal->authmethod == - OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) { - gssapi_get_itoken(iph1, &len); - tlen += sizeof (*gen) + len; - } -#endif - if (vid_natt_rfc) { - tlen += sizeof(*gen) + vid_natt_rfc->l; - tlen += sizeof(*gen) + vid_natt_apple->l; - tlen += sizeof(*gen) + vid_natt_02->l; - tlen += sizeof(*gen) + vid_natt_02N->l; - } - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_SA); - if (p == NULL) - goto end; - - /* set SA payload to propose */ - p = set_isakmp_payload(p, iph1->sa, ISAKMP_NPTYPE_KE); - - /* create isakmp KE payload */ - p = set_isakmp_payload(p, iph1->dhpub, ISAKMP_NPTYPE_NONCE); - - /* create isakmp NONCE payload */ - p = set_isakmp_payload(p, iph1->nonce, ISAKMP_NPTYPE_ID); - - /* create isakmp ID payload */ -#ifdef HAVE_GSSAPI - if (iph1->rmconf->proposal->authmethod == - OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) - nptype = ISAKMP_NPTYPE_GSS; - else -#endif - if (need_cr) - nptype = ISAKMP_NPTYPE_CR; - else - nptype = vid_natt_rfc ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE; - - p = set_isakmp_payload(p, iph1->id, nptype); - -#ifdef HAVE_GSSAPI - if (iph1->rmconf->proposal->authmethod == - OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) { - gssapi_get_token_to_send(iph1, &gsstoken); - p = set_isakmp_payload(p, gsstoken, vid_natt_rfc ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); - } else -#endif - if (need_cr) - /* create isakmp CR payload */ - p = set_isakmp_payload(p, cr, vid_natt_rfc ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); - - if (vid_natt_rfc) { - p = set_isakmp_payload(p, vid_natt_rfc, ISAKMP_NPTYPE_VID); - p = set_isakmp_payload(p, vid_natt_apple, ISAKMP_NPTYPE_VID); - p = set_isakmp_payload(p, vid_natt_02, ISAKMP_NPTYPE_VID); - p = set_isakmp_payload(p, vid_natt_02N, ISAKMP_NPTYPE_NONE); - } - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); -#endif - - /* send the packet, add to the schedule to resend */ - iph1->retry_counter = iph1->rmconf->retry_counter; - if (isakmp_ph1resend(iph1) == -1) - goto end; - - iph1->status = PHASE1ST_MSG1SENT; - - error = 0; - -end: - if (cr) - vfree(cr); - if (gsstoken) - vfree(gsstoken); - if (vid_natt_rfc) - vfree(vid_natt_rfc); - if (vid_natt_apple) - vfree(vid_natt_apple); - if (vid_natt_02) - vfree(vid_natt_02); - if (vid_natt_02N) - vfree(vid_natt_02N); - - return error; -} - -/* - * receive from responder - * psk: HDR, SA, KE, Nr, IDr1, HASH_R - * sig: HDR, SA, KE, Nr, IDr1, [ CR, ] [ CERT, ] SIG_R - * gssapi: HDR, SA, KE, Nr, IDr1, GSSr, HASH_R - * rsa: HDR, SA, KE, PubKey_i, PubKey_i, HASH_R - * rev: HDR, SA, PubKey_i, Ke_r, Ke_r, HASH_R - */ -int -agg_i2recv(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - vchar_t *satmp = NULL; - int error = -1; -#ifdef HAVE_GSSAPI - vchar_t *gsstoken = NULL; -#endif - - /* validity check */ - if (iph1->status != PHASE1ST_MSG1SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - pa = (struct isakmp_parse_t *)pbuf->v; - - iph1->pl_hash = NULL; - - /* SA payload is fixed postion */ - if (pa->type != ISAKMP_NPTYPE_SA) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "received invalid next payload type %d, " - "expecting %d.\n", - pa->type, ISAKMP_NPTYPE_SA); - goto end; - } - if (isakmp_p2ph(&satmp, pa->ptr) < 0) - goto end; - pa++; - - for (/*nothing*/; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_KE: - if (isakmp_p2ph(&iph1->dhpub_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_NONCE: - if (isakmp_p2ph(&iph1->nonce_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_ID: - if (isakmp_p2ph(&iph1->id_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_HASH: - iph1->pl_hash = (struct isakmp_pl_hash *)pa->ptr; - break; -#ifdef HAVE_SIGNING_C - case ISAKMP_NPTYPE_CR: - if (oakley_savecr(iph1, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_CERT: - if (oakley_savecert(iph1, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_SIG: - if (isakmp_p2ph(&iph1->sig_p, pa->ptr) < 0) - goto end; - break; -#endif - case ISAKMP_NPTYPE_VID: -#ifdef IKE_NAT_T - { - int vid = check_vendorid(pa->ptr); - - if (vid == VENDORID_NATT_RFC) - iph1->natt_flags |= natt_type_rfc; - else if (vid == VENDORID_NATT_APPLE) - iph1->natt_flags |= natt_type_apple; - else if (vid == VENDORID_NATT_02) - iph1->natt_flags |= natt_type_02; - else if (vid == VENDORID_NATT_02N) - iph1->natt_flags |= natt_type_02N; - } -#endif - break; - case ISAKMP_NPTYPE_N: - isakmp_check_notify(pa->ptr, iph1); - break; -#ifdef HAVE_GSSAPI - case ISAKMP_NPTYPE_GSS: - if (isakmp_p2ph(&gsstoken, pa->ptr) < 0) - goto end; - gssapi_save_received_token(iph1, gsstoken); - break; -#endif - case ISAKMP_NPTYPE_NATD_RFC: - case ISAKMP_NPTYPE_NATD_DRAFT: - case ISAKMP_NPTYPE_NATD_BADDRAFT: - /* - * ignored for now, we need to know the hash - * algorithm before we can evaluate the natd - * payload. - */ - break; - default: - /* don't send information, see isakmp_ident_r1() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* if natt vid(s) received - select type to use */ - natt_select_type(iph1); - - /* payload existency check */ - if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "required payloads missing from isakmp message.\n"); - goto end; - } - - /* verify identifier */ - if (ipsecdoi_checkid1(iph1) != 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "invalid ID payload.\n"); - goto end; - } - - /* check SA payload and set approval SA for use */ - if (ipsecdoi_checkph1proposal(satmp, iph1) < 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "failed to get valid proposal.\n"); - /* XXX send information */ - goto end; - } - if (iph1->sa_ret) { - vfree(iph1->sa_ret); - iph1->sa_ret = NULL; - } - - /* fix isakmp index */ - memcpy(&iph1->index.r_ck, &((struct isakmp *)msg->v)->r_ck, - sizeof(cookie_t)); - - -#ifdef IKE_NAT_T - - /* check natd payloads */ - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) - { - if (pa->type == iph1->natd_payload_type) { - natd_match_t match = natd_matches(iph1, pa->ptr); - iph1->natt_flags |= natt_natd_received; - if ((match & natd_match_local) != 0) - iph1->natt_flags |= natt_no_local_nat; - if ((match & natd_match_remote) != 0) - iph1->natt_flags |= natt_no_remote_nat; - } - } -#endif - - /* compute sharing secret of DH */ - if (oakley_dh_compute(iph1->rmconf->dhgrp, iph1->dhpub, - iph1->dhpriv, iph1->dhpub_p, &iph1->dhgxy) < 0) - goto end; - - /* generate SKEYIDs & IV & final cipher key */ - if (oakley_skeyid(iph1) < 0) - goto end; - if (oakley_skeyid_dae(iph1) < 0) - goto end; - if (oakley_compute_enckey(iph1) < 0) - goto end; - if (oakley_newiv(iph1) < 0) - goto end; - -#ifdef IKE_NAT_T - /* Determine if we need to switch to port 4500 */ - if (natd_hasnat(iph1)) - { - /* There is a NAT between us! Switch to port 4500. */ - if (iph1->remote->sa_family == AF_INET) - { - struct sockaddr_in *sin = (struct sockaddr_in*)iph1->remote; - plog(LLV_INFO, LOCATION, NULL, - "detected NAT, switching to port %d for %s", - PORT_ISAKMP_NATT, saddr2str(iph1->remote)); - sin->sin_port = htons(PORT_ISAKMP_NATT); - sin = (struct sockaddr_in*)iph1->local; - sin->sin_port = htons(PORT_ISAKMP_NATT); - } - } -#endif - - /* validate authentication value */ - { - int type; - type = oakley_validate_auth(iph1); - if (type != 0) { - if (type == -1) { - /* message printed inner oakley_validate_auth() */ - goto end; - } - isakmp_info_send_n1(iph1, type, NULL); - goto end; - } - } - -#ifdef HAVE_SIGNING_C - if (oakley_checkcr(iph1) < 0) { - /* Ignore this error in order to be interoperability. */ - ; - } -#endif - - /* change status of isakmp status entry */ - iph1->status = PHASE1ST_MSG2RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - if (satmp) - vfree(satmp); - if (error) { - VPTRINIT(iph1->dhpub_p); - VPTRINIT(iph1->nonce_p); - VPTRINIT(iph1->id_p); - oakley_delcert(iph1->cert_p); - iph1->cert_p = NULL; - oakley_delcert(iph1->crl_p); - iph1->crl_p = NULL; - VPTRINIT(iph1->sig_p); - oakley_delcert(iph1->cr_p); - iph1->cr_p = NULL; - } - - return error; -} - -/* - * send to responder - * psk: HDR, HASH_I - * gssapi: HDR, HASH_I - * sig: HDR, [ CERT, ] SIG_I - * rsa: HDR, HASH_I - * rev: HDR, HASH_I - */ -int -agg_i2send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - struct isakmp_gen *gen; - char *p = NULL; - int tlen; - int need_cert = 0; - int error = -1; - vchar_t *gsshash = NULL; - int natd_type = 0; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG2RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* generate HASH to send */ - plog(LLV_DEBUG, LOCATION, NULL, "generate HASH_I\n"); - iph1->hash = oakley_ph1hash_common(iph1, GENERATE); - if (iph1->hash == NULL) { -#ifdef HAVE_GSSAPI - if (gssapi_more_tokens(iph1)) - isakmp_info_send_n1(iph1, - ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE, NULL); -#endif - goto end; - } - - tlen = sizeof(struct isakmp); - -#ifdef IKE_NAT_T - if ((iph1->natt_flags & NATT_TYPE_MASK) != 0) { - natd_type = iph1->natd_payload_type; - natd_create(iph1); - if (iph1->local_natd) - tlen += sizeof(*gen) + iph1->local_natd->l; - if (iph1->remote_natd) - tlen += sizeof(*gen) + iph1->remote_natd->l; - } -#endif - - switch (iph1->approval->authmethod) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - tlen += sizeof(*gen) + iph1->hash->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_HASH); - if (p == NULL) - goto end; - - /* set HASH payload */ - p = set_isakmp_payload(p, iph1->hash, - natd_type ? natd_type - : ISAKMP_NPTYPE_NONE); - break; -#ifdef HAVE_SIGNING_C - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - /* XXX if there is CR or not ? */ - - if (oakley_getmycert(iph1) < 0) - goto end; - - if (oakley_getsign(iph1) < 0) - goto end; - - if (iph1->cert != NULL && iph1->rmconf->send_cert) - need_cert = 1; - - tlen += sizeof(*gen) + iph1->sig->l; - if (need_cert) - tlen += sizeof(*gen) + iph1->cert->pl->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, need_cert - ? ISAKMP_NPTYPE_CERT - : ISAKMP_NPTYPE_SIG); - if (p == NULL) - goto end; - - /* add CERT payload if there */ - if (need_cert) - p = set_isakmp_payload(p, iph1->cert->pl, ISAKMP_NPTYPE_SIG); - /* add SIG payload */ - p = set_isakmp_payload(p, iph1->sig, - natd_type ? natd_type - : ISAKMP_NPTYPE_NONE); - break; -#endif - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - tlen += sizeof(*gen) + iph1->hash->l; - break; -#ifdef HAVE_GSSAPI - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: - gsshash = gssapi_wraphash(iph1); - if (gsshash == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to wrap hash\n"); - isakmp_info_send_n1(iph1, - ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE, NULL); - goto end; - } - tlen += sizeof(*gen) + gsshash->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_HASH); - if (p == NULL) - goto end; - p = set_isakmp_payload(p, gsshash, - natd_type ? natd_type - : ISAKMP_NPTYPE_NONE); - break; -#endif - } - -#ifdef IKE_NAT_T - if (natd_type) { - if ((iph1->natt_flags & NATT_TYPE_MASK) == natt_type_apple) { - if (iph1->local_natd) - p = set_isakmp_payload(p, iph1->local_natd, natd_type); - if (iph1->remote_natd) - p = set_isakmp_payload(p, iph1->remote_natd, ISAKMP_NPTYPE_NONE); - } else { - if (iph1->remote_natd) - p = set_isakmp_payload(p, iph1->remote_natd, natd_type); - if (iph1->local_natd) - p = set_isakmp_payload(p, iph1->local_natd, ISAKMP_NPTYPE_NONE); - } - } -#endif - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); -#endif - - /* send to responder */ - if (isakmp_send(iph1, iph1->sendbuf) < 0) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph1->remote, iph1->local, iph1->sendbuf, msg) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - /* set encryption flag */ - iph1->flags |= ISAKMP_FLAG_E; - - iph1->status = PHASE1ST_ESTABLISHED; - - error = 0; - -end: - if (gsshash) - vfree(gsshash); - return error; -} - -/* - * receive from initiator - * psk: HDR, SA, KE, Ni, IDi1 - * sig: HDR, SA, KE, Ni, IDi1 [, CR ] - * gssapi: HDR, SA, KE, Ni, IDi1 , GSSi - * rsa: HDR, SA, [ HASH(1),] KE, Pubkey_r, Pubkey_r - * rev: HDR, SA, [ HASH(1),] Pubkey_r, Ke_i, - * Ke_i [, Ke_i ] - */ -int -agg_r1recv(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - int error = -1; - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; -#ifdef HAVE_GSSAPI - vchar_t *gsstoken = NULL; -#endif - - /* validity check */ - if (iph1->status != PHASE1ST_START) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - pa = (struct isakmp_parse_t *)pbuf->v; - - /* SA payload is fixed postion */ - if (pa->type != ISAKMP_NPTYPE_SA) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "received invalid next payload type %d, " - "expecting %d.\n", - pa->type, ISAKMP_NPTYPE_SA); - goto end; - } - if (isakmp_p2ph(&iph1->sa, pa->ptr) < 0) - goto end; - pa++; - - for (/*nothing*/; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - plog(LLV_DEBUG, LOCATION, NULL, - "received payload of type %s\n", - s_isakmp_nptype(pa->type)); - - switch (pa->type) { - case ISAKMP_NPTYPE_KE: - if (isakmp_p2ph(&iph1->dhpub_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_NONCE: - if (isakmp_p2ph(&iph1->nonce_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_ID: - if (isakmp_p2ph(&iph1->id_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_VID: -#ifdef IKE_NAT_T - { - int vid = check_vendorid(pa->ptr); - - if (vid == VENDORID_NATT_RFC) - iph1->natt_flags |= natt_type_rfc; - else if (vid == VENDORID_NATT_APPLE) - iph1->natt_flags |= natt_type_apple; - else if (vid == VENDORID_NATT_02) - iph1->natt_flags |= natt_type_02; - else if (vid == VENDORID_NATT_02N) - iph1->natt_flags |= natt_type_02N; - } -#endif - break; -#ifdef HAVE_SIGNING_C - case ISAKMP_NPTYPE_CR: - if (oakley_savecr(iph1, pa->ptr) < 0) - goto end; - break; -#endif -#ifdef HAVE_GSSAPI - case ISAKMP_NPTYPE_GSS: - if (isakmp_p2ph(&gsstoken, pa->ptr) < 0) - goto end; - gssapi_save_received_token(iph1, gsstoken); - break; -#endif - default: - /* don't send information, see isakmp_ident_r1() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* payload existency check */ - if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "required payloads missing from isakmp message.\n"); - goto end; - } - - /* verify identifier */ - if (ipsecdoi_checkid1(iph1) != 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "invalid ID payload.\n"); - goto end; - } - - /* check SA payload and set approval SA for use */ - if (ipsecdoi_checkph1proposal(iph1->sa, iph1) < 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "failed to get valid proposal.\n"); - /* XXX send information */ - goto end; - } - -#ifdef IKE_NAT_T - /* if natt vid(s) received - select type to use */ - natt_select_type(iph1); -#endif - -#ifdef HAVE_SIGNING_C - if (oakley_checkcr(iph1) < 0) { - /* Ignore this error in order to be interoperability. */ - ; - } -#endif - - iph1->status = PHASE1ST_MSG1RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - if (error) { - VPTRINIT(iph1->sa); - VPTRINIT(iph1->dhpub_p); - VPTRINIT(iph1->nonce_p); - VPTRINIT(iph1->id_p); - oakley_delcert(iph1->cr_p); - iph1->cr_p = NULL; - } - - return error; -} - -/* - * send to initiator - * psk: HDR, SA, KE, Nr, IDr1, HASH_R - * sig: HDR, SA, KE, Nr, IDr1, [ CR, ] [ CERT, ] SIG_R - * gssapi: HDR, SA, KE, Nr, IDr1, GSSr, HASH_R - * rsa: HDR, SA, KE, PubKey_i, PubKey_i, HASH_R - * rev: HDR, SA, PubKey_i, Ke_r, Ke_r, HASH_R - */ -int -agg_r1send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - struct isakmp_gen *gen; - char *p = NULL; - int tlen; - int need_cr = 0; - int need_cert = 0; - vchar_t *cr = NULL; - vchar_t *vid = NULL; - int error = -1; -#ifdef HAVE_GSSAPI - int gsslen; - vchar_t *gsstoken = NULL, *gsshash = NULL; - vchar_t *gss_sa = NULL; -#endif - vchar_t *nattvid = NULL; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG1RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* set responder's cookie */ - isakmp_newcookie((caddr_t)&iph1->index.r_ck, iph1->remote, iph1->local); - - /* make ID payload into isakmp status */ - if (ipsecdoi_setid1(iph1) < 0) - goto end; - - /* generate DH public value */ - if (oakley_dh_generate(iph1->rmconf->dhgrp, - &iph1->dhpub, &iph1->dhpriv) < 0) - goto end; - - /* generate NONCE value */ - iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); - if (iph1->nonce == NULL) - goto end; - - /* compute sharing secret of DH */ - if (oakley_dh_compute(iph1->approval->dhgrp, iph1->dhpub, - iph1->dhpriv, iph1->dhpub_p, &iph1->dhgxy) < 0) - goto end; - - /* generate SKEYIDs & IV & final cipher key */ - if (oakley_skeyid(iph1) < 0) - goto end; - if (oakley_skeyid_dae(iph1) < 0) - goto end; - if (oakley_compute_enckey(iph1) < 0) - goto end; - if (oakley_newiv(iph1) < 0) - goto end; - -#ifdef HAVE_GSSAPI - if (iph1->rmconf->proposal->authmethod == - OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) - gssapi_get_rtoken(iph1, &gsslen); -#endif - - /* generate HASH to send */ - plog(LLV_DEBUG, LOCATION, NULL, "generate HASH_R\n"); - iph1->hash = oakley_ph1hash_common(iph1, GENERATE); - if (iph1->hash == NULL) { -#ifdef HAVE_GSSAPI - if (gssapi_more_tokens(iph1)) - isakmp_info_send_n1(iph1, - ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE, NULL); -#endif - goto end; - } - -#ifdef HAVE_SIGNING_C - /* create CR if need */ - if (iph1->rmconf->send_cr - && oakley_needcr(iph1->approval->authmethod) - && iph1->rmconf->peerscertfile == NULL) { - need_cr = 1; - cr = oakley_getcr(iph1); - if (cr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get cr buffer.\n"); - goto end; - } - } -#endif - - tlen = sizeof(struct isakmp); - -#ifdef IKE_NAT_T - if ((iph1->natt_flags & NATT_TYPE_MASK) != 0) { - int vid_type; - int natt_type = iph1->natt_flags & NATT_TYPE_MASK; - if (natt_type == natt_type_rfc) - vid_type = VENDORID_NATT_RFC; - else if (natt_type == natt_type_apple) - vid_type = VENDORID_NATT_APPLE; - else if (natt_type == natt_type_02) - vid_type = VENDORID_NATT_02; - else - vid_type = VENDORID_NATT_02N; - nattvid = set_vendorid(vid_type); - natd_create(iph1); - if (nattvid) { - tlen += sizeof(*gen) + nattvid->l; - if (iph1->local_natd) - tlen += sizeof(*gen) + iph1->local_natd->l; - if (iph1->remote_natd) - tlen += sizeof(*gen) + iph1->remote_natd->l; - } - } -#endif - - switch (iph1->approval->authmethod) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - /* create buffer to send isakmp payload */ - tlen += sizeof(*gen) + iph1->sa_ret->l - + sizeof(*gen) + iph1->dhpub->l - + sizeof(*gen) + iph1->nonce->l - + sizeof(*gen) + iph1->id->l - + sizeof(*gen) + iph1->hash->l; - if ((vid = set_vendorid(iph1->approval->vendorid)) != NULL) - tlen += sizeof(*gen) + vid->l; - if (need_cr) - tlen += sizeof(*gen) + cr->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_SA); - if (p == NULL) - goto end; - - /* set SA payload to reply */ - p = set_isakmp_payload(p, iph1->sa_ret, ISAKMP_NPTYPE_KE); - - /* create isakmp KE payload */ - p = set_isakmp_payload(p, iph1->dhpub, ISAKMP_NPTYPE_NONCE); - - /* create isakmp NONCE payload */ - p = set_isakmp_payload(p, iph1->nonce, ISAKMP_NPTYPE_ID); - - /* create isakmp ID payload */ - p = set_isakmp_payload(p, iph1->id, ISAKMP_NPTYPE_HASH); - - /* create isakmp HASH payload */ - p = set_isakmp_payload(p, iph1->hash, - vid ? ISAKMP_NPTYPE_VID - : (need_cr ? ISAKMP_NPTYPE_CR - : (nattvid ? ISAKMP_NPTYPE_VID - : ISAKMP_NPTYPE_NONE))); - - /* append vendor id, if needed */ - if (vid) - p = set_isakmp_payload(p, vid, - need_cr ? ISAKMP_NPTYPE_CR - : (nattvid ? ISAKMP_NPTYPE_VID - : ISAKMP_NPTYPE_NONE)); - - /* create isakmp CR payload if needed */ - if (need_cr) - p = set_isakmp_payload(p, cr, - nattvid ? ISAKMP_NPTYPE_VID - : ISAKMP_NPTYPE_NONE); - break; -#ifdef HAVE_SIGNING_C - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - /* XXX if there is CR or not ? */ - - if (oakley_getmycert(iph1) < 0) - goto end; - - if (oakley_getsign(iph1) < 0) - goto end; - - if (iph1->cert != NULL && iph1->rmconf->send_cert) - need_cert = 1; - - tlen += sizeof(*gen) + iph1->sa_ret->l - + sizeof(*gen) + iph1->dhpub->l - + sizeof(*gen) + iph1->nonce->l - + sizeof(*gen) + iph1->id->l - + sizeof(*gen) + iph1->sig->l; - if (need_cert) - tlen += sizeof(*gen) + iph1->cert->pl->l; - if ((vid = set_vendorid(iph1->approval->vendorid)) != NULL) - tlen += sizeof(*gen) + vid->l; - if (need_cr) - tlen += sizeof(*gen) + cr->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_SA); - if (p == NULL) - goto end; - - /* set SA payload to reply */ - p = set_isakmp_payload(p, iph1->sa_ret, ISAKMP_NPTYPE_KE); - - /* create isakmp KE payload */ - p = set_isakmp_payload(p, iph1->dhpub, ISAKMP_NPTYPE_NONCE); - - /* create isakmp NONCE payload */ - p = set_isakmp_payload(p, iph1->nonce, ISAKMP_NPTYPE_ID); - - /* add ID payload */ - p = set_isakmp_payload(p, iph1->id, need_cert - ? ISAKMP_NPTYPE_CERT - : ISAKMP_NPTYPE_SIG); - - /* add CERT payload if there */ - if (need_cert) - p = set_isakmp_payload(p, iph1->cert->pl, ISAKMP_NPTYPE_SIG); - /* add SIG payload */ - p = set_isakmp_payload(p, iph1->sig, - vid ? ISAKMP_NPTYPE_VID - : (need_cr ? ISAKMP_NPTYPE_CR - : ISAKMP_NPTYPE_NONE)); - - /* append vendor id, if needed */ - if (vid) - p = set_isakmp_payload(p, vid, - need_cr ? ISAKMP_NPTYPE_CR - : (nattvid ? ISAKMP_NPTYPE_VID - : ISAKMP_NPTYPE_NONE)); - - /* create isakmp CR payload if needed */ - if (need_cr) - p = set_isakmp_payload(p, cr, - nattvid ? ISAKMP_NPTYPE_VID - : ISAKMP_NPTYPE_NONE); - -#ifdef IKE_NAT_T - if (nattvid) { - p = set_isakmp_payload(p, nattvid, iph1->natd_payload_type); - if ((iph1->natt_flags & NATT_TYPE_MASK) == natt_type_apple) { - if (iph1->local_natd) - p = set_isakmp_payload(p, iph1->local_natd, iph1->natd_payload_type); - if (iph1->remote_natd) - p = set_isakmp_payload(p, iph1->remote_natd, ISAKMP_NPTYPE_NONE); - } else { - if (iph1->remote_natd) - p = set_isakmp_payload(p, iph1->remote_natd, iph1->natd_payload_type); - if (iph1->local_natd) - p = set_isakmp_payload(p, iph1->local_natd, ISAKMP_NPTYPE_NONE); - } - } -#endif - break; -#endif - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - tlen += sizeof(*gen) + iph1->hash->l; - break; -#ifdef HAVE_GSSAPI - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: - /* create buffer to send isakmp payload */ - gsshash = gssapi_wraphash(iph1); - if (gsshash == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to wrap hash\n"); - /* - * This is probably due to the GSS roundtrips not - * being finished yet. Return this error in - * the hope that a fallback to main mode will - * be done. - */ - isakmp_info_send_n1(iph1, - ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE, NULL); - goto end; - } - if (iph1->approval->gssid != NULL) - gss_sa = ipsecdoi_setph1proposal(iph1->approval); - else - gss_sa = iph1->sa_ret; - - tlen += sizeof(*gen) + gss_sa->l - + sizeof(*gen) + iph1->dhpub->l - + sizeof(*gen) + iph1->nonce->l - + sizeof(*gen) + iph1->id->l - + sizeof(*gen) + gsslen - + sizeof(*gen) + gsshash->l; - if ((vid = set_vendorid(iph1->approval->vendorid)) != NULL) - tlen += sizeof(*gen) + vid->l; - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_SA); - if (p == NULL) - goto end; - - /* set SA payload to reply */ - p = set_isakmp_payload(p, gss_sa, ISAKMP_NPTYPE_KE); - - /* create isakmp KE payload */ - p = set_isakmp_payload(p, iph1->dhpub, ISAKMP_NPTYPE_NONCE); - - /* create isakmp NONCE payload */ - p = set_isakmp_payload(p, iph1->nonce, ISAKMP_NPTYPE_ID); - - /* create isakmp ID payload */ - p = set_isakmp_payload(p, iph1->id, ISAKMP_NPTYPE_GSS); - - /* create GSS payload */ - gssapi_get_token_to_send(iph1, &gsstoken); - p = set_isakmp_payload(p, gsstoken, ISAKMP_NPTYPE_HASH); - - /* create isakmp HASH payload */ - p = set_isakmp_payload(p, gsshash, - vid != NULL || nattvid != NULL ? ISAKMP_NPTYPE_VID - : ISAKMP_NPTYPE_NONE); - - /* append vendor id, if needed */ - if (vid) - p = set_isakmp_payload(p, vid, - nattvid != NULL ? ISAKMP_NPTYPE_VID - : ISAKMP_NPTYPE_NONE); - break; -#endif - } - -#ifdef IKE_NAT_T - if (nattvid) { - p = set_isakmp_payload(p, nattvid, iph1->natd_payload_type); - if ((iph1->natt_flags & NATT_TYPE_MASK) == natt_type_apple) { - if (iph1->local_natd) - p = set_isakmp_payload(p, iph1->local_natd, iph1->natd_payload_type); - if (iph1->remote_natd) - p = set_isakmp_payload(p, iph1->remote_natd, ISAKMP_NPTYPE_NONE); - } else { - if (iph1->remote_natd) - p = set_isakmp_payload(p, iph1->remote_natd, iph1->natd_payload_type); - if (iph1->local_natd) - p = set_isakmp_payload(p, iph1->local_natd, ISAKMP_NPTYPE_NONE); - } - } -#endif - - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 1); -#endif - - /* send the packet, add to the schedule to resend */ - iph1->retry_counter = iph1->rmconf->retry_counter; - if (isakmp_ph1resend(iph1) == -1) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph1->remote, iph1->local, iph1->sendbuf, msg) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - iph1->status = PHASE1ST_MSG1SENT; - - error = 0; - -end: - if (cr) - vfree(cr); - if (vid) - vfree(vid); - if (nattvid) - vfree(nattvid); -#ifdef HAVE_GSSAPI - if (gsstoken) - vfree(gsstoken); - if (gsshash) - vfree(gsshash); - if (gss_sa != iph1->sa_ret) - vfree(gss_sa); -#endif - - return error; -} - -/* - * receive from initiator - * psk: HDR, HASH_I - * gssapi: HDR, HASH_I - * sig: HDR, [ CERT, ] SIG_I - * rsa: HDR, HASH_I - * rev: HDR, HASH_I - */ -int -agg_r2recv(iph1, msg0) - struct ph1handle *iph1; - vchar_t *msg0; -{ - vchar_t *msg = NULL; - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG1SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* decrypting if need. */ - /* XXX configurable ? */ - if (ISSET(((struct isakmp *)msg0->v)->flags, ISAKMP_FLAG_E)) { - msg = oakley_do_decrypt(iph1, msg0, - iph1->ivm->iv, iph1->ivm->ive); - if (msg == NULL) - goto end; - } else - msg = vdup(msg0); - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - - iph1->pl_hash = NULL; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_HASH: - iph1->pl_hash = (struct isakmp_pl_hash *)pa->ptr; - break; - case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); - break; -#ifdef HAVE_SIGNING_C - case ISAKMP_NPTYPE_CERT: - if (oakley_savecert(iph1, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_SIG: - if (isakmp_p2ph(&iph1->sig_p, pa->ptr) < 0) - goto end; - break; -#endif - case ISAKMP_NPTYPE_N: - isakmp_check_notify(pa->ptr, iph1); - break; - case ISAKMP_NPTYPE_NATD_RFC: - case ISAKMP_NPTYPE_NATD_DRAFT: - case ISAKMP_NPTYPE_NATD_BADDRAFT: -#ifdef IKE_NAT_T - if (pa->type == iph1->natd_payload_type) { - natd_match_t match = natd_matches(iph1, pa->ptr); - iph1->natt_flags |= natt_natd_received; - if ((match & natd_match_local) != 0) - iph1->natt_flags |= natt_no_local_nat; - if ((match & natd_match_remote) != 0) - iph1->natt_flags |= natt_no_remote_nat; - } -#endif - break; - default: - /* don't send information, see isakmp_ident_r1() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* validate authentication value */ - { - int type; - type = oakley_validate_auth(iph1); - if (type != 0) { - if (type == -1) { - /* message printed inner oakley_validate_auth() */ - goto end; - } - isakmp_info_send_n1(iph1, type, NULL); - goto end; - } - } - - iph1->status = PHASE1ST_MSG2RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - if (msg) - vfree(msg); - if (error) { - oakley_delcert(iph1->cert_p); - iph1->cert_p = NULL; - oakley_delcert(iph1->crl_p); - iph1->crl_p = NULL; - VPTRINIT(iph1->sig_p); - } - - return error; -} - -/* - * status update and establish isakmp sa. - */ -int -agg_r2send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG2RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* IV synchronized when packet encrypted. */ - /* see handler.h about IV synchronization. */ - if (ISSET(((struct isakmp *)msg->v)->flags, ISAKMP_FLAG_E)) - memcpy(iph1->ivm->iv->v, iph1->ivm->ive->v, iph1->ivm->iv->l); - - /* set encryption flag */ - iph1->flags |= ISAKMP_FLAG_E; - - iph1->status = PHASE1ST_ESTABLISHED; - - error = 0; - -end: - return error; -} diff --git a/racoon.tproj/isakmp_agg.h b/racoon.tproj/isakmp_agg.h deleted file mode 100644 index 65c193f..0000000 --- a/racoon.tproj/isakmp_agg.h +++ /dev/null @@ -1,46 +0,0 @@ -/* $KAME: isakmp_agg.h,v 1.4 2000/10/04 17:41:00 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ISAKMP_AGG_H__ -#define __ISAKMP_AGG_H__ - - -extern int agg_i1send __P((struct ph1handle *, vchar_t *)); -extern int agg_i2recv __P((struct ph1handle *, vchar_t *)); -extern int agg_i2send __P((struct ph1handle *, vchar_t *)); - -extern int agg_r1recv __P((struct ph1handle *, vchar_t *)); -extern int agg_r1send __P((struct ph1handle *, vchar_t *)); -extern int agg_r2recv __P((struct ph1handle *, vchar_t *)); -extern int agg_r2send __P((struct ph1handle *, vchar_t *)); - -#endif /* __ISAKMP_AGG_H__ */ - diff --git a/racoon.tproj/isakmp_base.c b/racoon.tproj/isakmp_base.c deleted file mode 100644 index 673bc02..0000000 --- a/racoon.tproj/isakmp_base.c +++ /dev/null @@ -1,1068 +0,0 @@ -/* $KAME: isakmp_base.c,v 1.48 2001/12/12 15:29:13 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* Base Exchange (Base Mode) */ - -#include -#include - -#include -#include -#include -#include -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "schedule.h" -#include "debug.h" - -#include "localconf.h" -#include "remoteconf.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "oakley.h" -#include "handler.h" -#include "ipsec_doi.h" -#include "crypto_openssl.h" -#include "pfkey.h" -#include "isakmp_base.h" -#include "isakmp_inf.h" -#include "vendorid.h" - -/* %%% - * begin Identity Protection Mode as initiator. - */ -/* - * send to responder - * psk: HDR, SA, Idii, Ni_b - * sig: HDR, SA, Idii, Ni_b - * rsa: HDR, SA, [HASH(1),] Pubkey_r, Pubkey_r - * rev: HDR, SA, [HASH(1),] Pubkey_r, Ke_i - */ -int -base_i1send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; /* must be null */ -{ - struct isakmp_gen *gen; - caddr_t p; - int tlen; - int error = -1; - - /* validity check */ - if (msg != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "msg has to be NULL in this function.\n"); - goto end; - } - if (iph1->status != PHASE1ST_START) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* create isakmp index */ - memset(&iph1->index, 0, sizeof(iph1->index)); - isakmp_newcookie((caddr_t)&iph1->index, iph1->remote, iph1->local); - - /* make ID payload into isakmp status */ - if (ipsecdoi_setid1(iph1) < 0) - goto end; - - /* create SA payload for my proposal */ - iph1->sa = ipsecdoi_setph1proposal(iph1->rmconf->proposal); - if (iph1->sa == NULL) - goto end; - - /* generate NONCE value */ - iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); - if (iph1->nonce == NULL) - goto end; - - /* create buffer to send isakmp payload */ - tlen = sizeof(struct isakmp) - + sizeof(*gen) + iph1->sa->l - + sizeof(*gen) + iph1->id->l - + sizeof(*gen) + iph1->nonce->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_SA); - if (p == NULL) - goto end; - - /* set SA payload to propose */ - p = set_isakmp_payload(p, iph1->sa, ISAKMP_NPTYPE_ID); - - /* create isakmp ID payload */ - p = set_isakmp_payload(p, iph1->id, ISAKMP_NPTYPE_NONCE); - - /* create isakmp NONCE payload */ - p = set_isakmp_payload(p, iph1->nonce, ISAKMP_NPTYPE_NONE); - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); -#endif - - /* send the packet, add to the schedule to resend */ - iph1->retry_counter = iph1->rmconf->retry_counter; - if (isakmp_ph1resend(iph1) == -1) - goto end; - - iph1->status = PHASE1ST_MSG1SENT; - - error = 0; - -end: - - return error; -} - -/* - * receive from responder - * psk: HDR, SA, Idir, Nr_b - * sig: HDR, SA, Idir, Nr_b, [ CR ] - * rsa: HDR, SA, PubKey_i, PubKey_i - * rev: HDR, SA, PubKey_i, Ke_r - */ -int -base_i2recv(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - vchar_t *satmp = NULL; - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG1SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - pa = (struct isakmp_parse_t *)pbuf->v; - - /* SA payload is fixed postion */ - if (pa->type != ISAKMP_NPTYPE_SA) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "received invalid next payload type %d, " - "expecting %d.\n", - pa->type, ISAKMP_NPTYPE_SA); - goto end; - } - if (isakmp_p2ph(&satmp, pa->ptr) < 0) - goto end; - pa++; - - for (/*nothing*/; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_NONCE: - if (isakmp_p2ph(&iph1->nonce_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_ID: - if (isakmp_p2ph(&iph1->id_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - if (iph1->nonce_p == NULL || iph1->id_p == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "few isakmp message received.\n"); - goto end; - } - - /* verify identifier */ - if (ipsecdoi_checkid1(iph1) != 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "invalid ID payload.\n"); - goto end; - } - - /* check SA payload and set approval SA for use */ - if (ipsecdoi_checkph1proposal(satmp, iph1) < 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "failed to get valid proposal.\n"); - /* XXX send information */ - goto end; - } - if (iph1->sa_ret) { - vfree(iph1->sa_ret); - iph1->sa_ret = NULL; - } - - iph1->status = PHASE1ST_MSG2RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - if (satmp) - vfree(satmp); - - if (error) { - VPTRINIT(iph1->nonce_p); - VPTRINIT(iph1->id_p); - } - - return error; -} - -/* - * send to responder - * psk: HDR, KE, HASH_I - * sig: HDR, KE, [ CR, ] [CERT,] SIG_I - * rsa: HDR, KE, HASH_I - * rev: HDR, Ke_i, HASH_I - */ -int -base_i2send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - struct isakmp_gen *gen; - caddr_t p; - vchar_t *vid = NULL; - int tlen; - int need_cert = 0; - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG2RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* fix isakmp index */ - memcpy(&iph1->index.r_ck, &((struct isakmp *)msg->v)->r_ck, - sizeof(cookie_t)); - - /* generate DH public value */ - if (oakley_dh_generate(iph1->approval->dhgrp, - &iph1->dhpub, &iph1->dhpriv) < 0) - goto end; - - /* generate SKEYID to compute hash if not signature mode */ - if (iph1->approval->authmethod != OAKLEY_ATTR_AUTH_METHOD_RSASIG - && iph1->approval->authmethod != OAKLEY_ATTR_AUTH_METHOD_DSSSIG) { - if (oakley_skeyid(iph1) < 0) - goto end; - } - - /* generate HASH to send */ - plog(LLV_DEBUG, LOCATION, NULL, "generate HASH_I\n"); - iph1->hash = oakley_ph1hash_base_i(iph1, GENERATE); - if (iph1->hash == NULL) - goto end; - - /* create buffer to send isakmp payload */ - tlen = sizeof(struct isakmp); - - switch (iph1->approval->authmethod) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - tlen += sizeof(*gen) + iph1->dhpub->l - + sizeof(*gen) + iph1->hash->l; - if ((vid = set_vendorid(iph1->approval->vendorid)) != NULL) - tlen += sizeof(*gen) + vid->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_KE); - if (p == NULL) - goto end; - - /* create isakmp KE payload */ - p = set_isakmp_payload(p, iph1->dhpub, ISAKMP_NPTYPE_HASH); - - /* create isakmp HASH payload */ - p = set_isakmp_payload(p, iph1->hash, - vid ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); - - /* append vendor id, if needed */ - if (vid) - p = set_isakmp_payload(p, vid, ISAKMP_NPTYPE_NONE); - break; -#ifdef HAVE_SIGNING_C - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - /* XXX if there is CR or not ? */ - - if (oakley_getmycert(iph1) < 0) - goto end; - - if (oakley_getsign(iph1) < 0) - goto end; - - if (iph1->cert && iph1->rmconf->send_cert) - need_cert = 1; - - tlen += sizeof(*gen) + iph1->dhpub->l - + sizeof(*gen) + iph1->sig->l; - if (need_cert) - tlen += sizeof(*gen) + iph1->cert->pl->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_KE); - if (p == NULL) - goto end; - - /* create isakmp KE payload */ - p = set_isakmp_payload(p, iph1->dhpub, need_cert - ? ISAKMP_NPTYPE_CERT - : ISAKMP_NPTYPE_SIG); - - /* add CERT payload if there */ - if (need_cert) - p = set_isakmp_payload(p, iph1->cert->pl, ISAKMP_NPTYPE_SIG); - /* add SIG payload */ - p = set_isakmp_payload(p, iph1->sig, ISAKMP_NPTYPE_NONE); - break; -#endif - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: - /* ... */ - break; - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - tlen += sizeof(*gen) + iph1->hash->l; - break; - } - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); -#endif - - /* send the packet, add to the schedule to resend */ - iph1->retry_counter = iph1->rmconf->retry_counter; - if (isakmp_ph1resend(iph1) == -1) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph1->remote, iph1->local, iph1->sendbuf, msg) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - iph1->status = PHASE1ST_MSG2SENT; - - error = 0; - -end: - if (vid) - vfree(vid); - return error; -} - -/* - * receive from responder - * psk: HDR, KE, HASH_R - * sig: HDR, KE, [CERT,] SIG_R - * rsa: HDR, KE, HASH_R - * rev: HDR, _Ke_r, HASH_R - */ -int -base_i3recv(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG2SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_KE: - if (isakmp_p2ph(&iph1->dhpub_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_HASH: - iph1->pl_hash = (struct isakmp_pl_hash *)pa->ptr; - break; -#ifdef HAVE_SIGNING_C - case ISAKMP_NPTYPE_CERT: - if (oakley_savecert(iph1, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_SIG: - if (isakmp_p2ph(&iph1->sig_p, pa->ptr) < 0) - goto end; - break; -#endif - case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* payload existency check */ - /* validate authentication value */ - { - int type; - type = oakley_validate_auth(iph1); - if (type != 0) { - if (type == -1) { - /* message printed inner oakley_validate_auth() */ - goto end; - } - isakmp_info_send_n1(iph1, type, NULL); - goto end; - } - } - - /* compute sharing secret of DH */ - if (oakley_dh_compute(iph1->approval->dhgrp, iph1->dhpub, - iph1->dhpriv, iph1->dhpub_p, &iph1->dhgxy) < 0) - goto end; - - /* generate SKEYID to compute hash if signature mode */ - if (iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_RSASIG - || iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_DSSSIG) { - if (oakley_skeyid(iph1) < 0) - goto end; - } - - /* generate SKEYIDs & IV & final cipher key */ - if (oakley_skeyid_dae(iph1) < 0) - goto end; - if (oakley_compute_enckey(iph1) < 0) - goto end; - if (oakley_newiv(iph1) < 0) - goto end; - - /* see handler.h about IV synchronization. */ - memcpy(iph1->ivm->iv->v, iph1->ivm->ive->v, iph1->ivm->iv->l); - - /* set encryption flag */ - iph1->flags |= ISAKMP_FLAG_E; - - iph1->status = PHASE1ST_MSG3RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - - if (error) { - VPTRINIT(iph1->dhpub_p); - oakley_delcert(iph1->cert_p); - iph1->cert_p = NULL; - oakley_delcert(iph1->crl_p); - iph1->crl_p = NULL; - VPTRINIT(iph1->sig_p); - } - - return error; -} - -/* - * status update and establish isakmp sa. - */ -int -base_i3send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG3RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - iph1->status = PHASE1ST_ESTABLISHED; - - error = 0; - -end: - return error; -} - -/* - * receive from initiator - * psk: HDR, SA, Idii, Ni_b - * sig: HDR, SA, Idii, Ni_b - * rsa: HDR, SA, [HASH(1),] Pubkey_r, Pubkey_r - * rev: HDR, SA, [HASH(1),] Pubkey_r, Ke_i - */ -int -base_r1recv(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_START) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* validate the type of next payload */ - /* - * NOTE: XXX even if multiple VID, we'll silently ignore those. - */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - pa = (struct isakmp_parse_t *)pbuf->v; - - /* check the position of SA payload */ - if (pa->type != ISAKMP_NPTYPE_SA) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "received invalid next payload type %d, " - "expecting %d.\n", - pa->type, ISAKMP_NPTYPE_SA); - goto end; - } - if (isakmp_p2ph(&iph1->sa, pa->ptr) < 0) - goto end; - pa++; - - for (/*nothing*/; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_NONCE: - if (isakmp_p2ph(&iph1->nonce_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_ID: - if (isakmp_p2ph(&iph1->id_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - if (iph1->nonce_p == NULL || iph1->id_p == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "few isakmp message received.\n"); - goto end; - } - - /* verify identifier */ - if (ipsecdoi_checkid1(iph1) != 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "invalid ID payload.\n"); - goto end; - } - - /* check SA payload and set approval SA for use */ - if (ipsecdoi_checkph1proposal(iph1->sa, iph1) < 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "failed to get valid proposal.\n"); - /* XXX send information */ - goto end; - } - - iph1->status = PHASE1ST_MSG1RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - - if (error) { - VPTRINIT(iph1->sa); - VPTRINIT(iph1->nonce_p); - VPTRINIT(iph1->id_p); - } - - return error; -} - -/* - * send to initiator - * psk: HDR, SA, Idir, Nr_b - * sig: HDR, SA, Idir, Nr_b, [ CR ] - * rsa: HDR, SA, PubKey_i, PubKey_i - * rev: HDR, SA, PubKey_i, Ke_r - */ -int -base_r1send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - struct isakmp_gen *gen; - caddr_t p; - int tlen; - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG1RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* set responder's cookie */ - isakmp_newcookie((caddr_t)&iph1->index.r_ck, iph1->remote, iph1->local); - - /* make ID payload into isakmp status */ - if (ipsecdoi_setid1(iph1) < 0) - goto end; - - /* generate NONCE value */ - iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); - if (iph1->nonce == NULL) - goto end; - - /* create buffer to send isakmp payload */ - tlen = sizeof(struct isakmp) - + sizeof(*gen) + iph1->sa_ret->l - + sizeof(*gen) + iph1->id->l - + sizeof(*gen) + iph1->nonce->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_SA); - if (p == NULL) - goto end; - - /* set SA payload to reply */ - p = set_isakmp_payload(p, iph1->sa_ret, ISAKMP_NPTYPE_ID); - - /* create isakmp ID payload */ - p = set_isakmp_payload(p, iph1->id, ISAKMP_NPTYPE_NONCE); - - /* create isakmp NONCE payload */ - p = set_isakmp_payload(p, iph1->nonce, ISAKMP_NPTYPE_NONE); - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); -#endif - - /* send the packet, add to the schedule to resend */ - iph1->retry_counter = iph1->rmconf->retry_counter; - if (isakmp_ph1resend(iph1) == -1) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph1->remote, iph1->local, iph1->sendbuf, msg) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - iph1->status = PHASE1ST_MSG1SENT; - - error = 0; - -end: - if (iph1->sa_ret) { - vfree(iph1->sa_ret); - iph1->sa_ret = NULL; - } - - return error; -} - -/* - * receive from initiator - * psk: HDR, KE, HASH_I - * sig: HDR, KE, [ CR, ] [CERT,] SIG_I - * rsa: HDR, KE, HASH_I - * rev: HDR, Ke_i, HASH_I - */ -int -base_r2recv(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG1SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - - iph1->pl_hash = NULL; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_KE: - if (isakmp_p2ph(&iph1->dhpub_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_HASH: - iph1->pl_hash = (struct isakmp_pl_hash *)pa->ptr; - break; -#ifdef HAVE_SIGNING_C - case ISAKMP_NPTYPE_CERT: - if (oakley_savecert(iph1, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_SIG: - if (isakmp_p2ph(&iph1->sig_p, pa->ptr) < 0) - goto end; - break; -#endif - case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* generate DH public value */ - if (oakley_dh_generate(iph1->approval->dhgrp, - &iph1->dhpub, &iph1->dhpriv) < 0) - goto end; - - /* compute sharing secret of DH */ - if (oakley_dh_compute(iph1->approval->dhgrp, iph1->dhpub, - iph1->dhpriv, iph1->dhpub_p, &iph1->dhgxy) < 0) - goto end; - - /* generate SKEYID */ - if (oakley_skeyid(iph1) < 0) - goto end; - - /* payload existency check */ - /* validate authentication value */ - { - int type; - type = oakley_validate_auth(iph1); - if (type != 0) { - if (type == -1) { - /* message printed inner oakley_validate_auth() */ - goto end; - } - isakmp_info_send_n1(iph1, type, NULL); - goto end; - } - } - - iph1->status = PHASE1ST_MSG2RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - - if (error) { - VPTRINIT(iph1->dhpub_p); - oakley_delcert(iph1->cert_p); - iph1->cert_p = NULL; - oakley_delcert(iph1->crl_p); - iph1->crl_p = NULL; - VPTRINIT(iph1->sig_p); - } - - return error; -} - -/* - * send to initiator - * psk: HDR, KE, HASH_R - * sig: HDR, KE, [CERT,] SIG_R - * rsa: HDR, KE, HASH_R - * rev: HDR, _Ke_r, HASH_R - */ -int -base_r2send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - struct isakmp_gen *gen; - char *p; - vchar_t *vid = NULL; - int tlen; - int need_cert = 0; - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG2RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* generate HASH to send */ - plog(LLV_DEBUG, LOCATION, NULL, "generate HASH_I\n"); - switch (iph1->approval->authmethod) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - iph1->hash = oakley_ph1hash_common(iph1, GENERATE); - break; - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: - iph1->hash = oakley_ph1hash_base_r(iph1, GENERATE); - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid authentication method %d\n", - iph1->approval->authmethod); - goto end; - } - if (iph1->hash == NULL) - goto end; - - /* create HDR;KE;NONCE payload */ - tlen = sizeof(struct isakmp); - - switch (iph1->approval->authmethod) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - tlen += sizeof(*gen) + iph1->dhpub->l - + sizeof(*gen) + iph1->hash->l; - if ((vid = set_vendorid(iph1->approval->vendorid)) != NULL) - tlen += sizeof(*gen) + vid->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get iph1->sendbuf to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_KE); - if (p == NULL) - goto end; - - /* create isakmp KE payload */ - p = set_isakmp_payload(p, iph1->dhpub, ISAKMP_NPTYPE_HASH); - - /* create isakmp HASH payload */ - p = set_isakmp_payload(p, iph1->hash, - vid ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); - - /* append vendor id, if needed */ - if (vid) - p = set_isakmp_payload(p, vid, ISAKMP_NPTYPE_NONE); - break; -#ifdef HAVE_SIGNING_C - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - /* XXX if there is CR or not ? */ - - if (oakley_getmycert(iph1) < 0) - goto end; - - if (oakley_getsign(iph1) < 0) - goto end; - - if (iph1->cert && iph1->rmconf->send_cert) - need_cert = 1; - - tlen += sizeof(*gen) + iph1->dhpub->l - + sizeof(*gen) + iph1->sig->l; - if (need_cert) - tlen += sizeof(*gen) + iph1->cert->pl->l; - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_KE); - if (p == NULL) - goto end; - - /* create isakmp KE payload */ - p = set_isakmp_payload(p, iph1->dhpub, need_cert - ? ISAKMP_NPTYPE_CERT - : ISAKMP_NPTYPE_SIG); - - /* add CERT payload if there */ - if (need_cert) - p = set_isakmp_payload(p, iph1->cert->pl, ISAKMP_NPTYPE_SIG); - /* add SIG payload */ - p = set_isakmp_payload(p, iph1->sig, ISAKMP_NPTYPE_NONE); - break; -#endif - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: - /* ... */ - break; - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - tlen += sizeof(*gen) + iph1->hash->l; - break; - } - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); -#endif - - /* send HDR;KE;NONCE to responder */ - if (isakmp_send(iph1, iph1->sendbuf) < 0) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph1->remote, iph1->local, iph1->sendbuf, msg) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - /* generate SKEYIDs & IV & final cipher key */ - if (oakley_skeyid_dae(iph1) < 0) - goto end; - if (oakley_compute_enckey(iph1) < 0) - goto end; - if (oakley_newiv(iph1) < 0) - goto end; - - /* set encryption flag */ - iph1->flags |= ISAKMP_FLAG_E; - - iph1->status = PHASE1ST_ESTABLISHED; - - error = 0; - -end: - if (vid) - vfree(vid); - return error; -} diff --git a/racoon.tproj/isakmp_base.h b/racoon.tproj/isakmp_base.h deleted file mode 100644 index 38c080d..0000000 --- a/racoon.tproj/isakmp_base.h +++ /dev/null @@ -1,48 +0,0 @@ -/* $KAME: isakmp_base.h,v 1.6 2000/10/04 17:41:00 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ISAKMP_BASE_H__ -#define __ISAKMP_BASE_H__ - -extern int base_i1send __P((struct ph1handle *, vchar_t *)); -extern int base_i2recv __P((struct ph1handle *, vchar_t *)); -extern int base_i2send __P((struct ph1handle *, vchar_t *)); -extern int base_i3recv __P((struct ph1handle *, vchar_t *)); -extern int base_i3send __P((struct ph1handle *, vchar_t *)); - -extern int base_r1recv __P((struct ph1handle *, vchar_t *)); -extern int base_r1send __P((struct ph1handle *, vchar_t *)); -extern int base_r2recv __P((struct ph1handle *, vchar_t *)); -extern int base_r2send __P((struct ph1handle *, vchar_t *)); - - -#endif /* __ISAKMP_BASE_H__ */ - diff --git a/racoon.tproj/isakmp_ident.c b/racoon.tproj/isakmp_ident.c deleted file mode 100644 index e5c46c2..0000000 --- a/racoon.tproj/isakmp_ident.c +++ /dev/null @@ -1,1873 +0,0 @@ -/* $KAME: isakmp_ident.c,v 1.63 2001/12/12 17:57:26 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* Identity Protecion Exchange (Main Mode) */ - -#include -#include - -#include -#include -#include -#include -#include -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "schedule.h" -#include "debug.h" - -#include "localconf.h" -#include "remoteconf.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "oakley.h" -#include "handler.h" -#include "ipsec_doi.h" -#include "crypto_openssl.h" -#include "pfkey.h" -#include "isakmp_ident.h" -#include "isakmp_inf.h" -#include "isakmp_natd.h" -#include "vendorid.h" - -#ifdef HAVE_GSSAPI -#include "gssapi.h" -#endif - -static vchar_t *ident_ir2mx __P((struct ph1handle *)); -static vchar_t *ident_ir3mx __P((struct ph1handle *)); - -/* %%% - * begin Identity Protection Mode as initiator. - */ -/* - * send to responder - * psk: HDR, SA - * sig: HDR, SA - * rsa: HDR, SA - * rev: HDR, SA - */ -int -ident_i1send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; /* must be null */ -{ - struct isakmp_gen *gen; - caddr_t p; - int tlen; - int error = -1; - vchar_t *vid_natt_rfc = NULL; - vchar_t *vid_natt_apple = NULL; - vchar_t *vid_natt_02 = NULL; - vchar_t *vid_natt_02N = NULL; - - /* validity check */ - if (msg != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "msg has to be NULL in this function.\n"); - goto end; - } - if (iph1->status != PHASE1ST_START) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* create isakmp index */ - memset(&iph1->index, 0, sizeof(iph1->index)); - isakmp_newcookie((caddr_t)&iph1->index, iph1->remote, iph1->local); - - /* create SA payload for my proposal */ - iph1->sa = ipsecdoi_setph1proposal(iph1->rmconf->proposal); - if (iph1->sa == NULL) - goto end; - - /* create buffer to send isakmp payload */ - tlen = sizeof(struct isakmp) - + sizeof(*gen) + iph1->sa->l; - -#ifdef IKE_NAT_T - vid_natt_rfc = set_vendorid(VENDORID_NATT_RFC); - vid_natt_apple = set_vendorid(VENDORID_NATT_APPLE); - vid_natt_02 = set_vendorid(VENDORID_NATT_02); - vid_natt_02N = set_vendorid(VENDORID_NATT_02N); - - if (vid_natt_rfc == NULL || - vid_natt_apple == NULL || - vid_natt_02 == NULL || - vid_natt_02N == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get vendor ID buffer.\n"); - goto end; - } - tlen += sizeof(*gen) + vid_natt_rfc->l; - tlen += sizeof(*gen) + vid_natt_apple->l; - tlen += sizeof(*gen) + vid_natt_02->l; - tlen += sizeof(*gen) + vid_natt_02N->l; -#endif - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_SA); - if (p == NULL) - goto end; - - /* set SA payload to propose */ - p = set_isakmp_payload(p, iph1->sa, vid_natt_rfc ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); - - if (vid_natt_rfc) { - p = set_isakmp_payload(p, vid_natt_rfc, ISAKMP_NPTYPE_VID); - p = set_isakmp_payload(p, vid_natt_apple, ISAKMP_NPTYPE_VID); - p = set_isakmp_payload(p, vid_natt_02, ISAKMP_NPTYPE_VID); - p = set_isakmp_payload(p, vid_natt_02N, ISAKMP_NPTYPE_NONE); - } - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); -#endif - - /* send the packet, add to the schedule to resend */ - iph1->retry_counter = iph1->rmconf->retry_counter; - if (isakmp_ph1resend(iph1) == -1) - goto end; - - iph1->status = PHASE1ST_MSG1SENT; - - error = 0; - -end: - if (vid_natt_rfc) - vfree(vid_natt_rfc); - if (vid_natt_apple) - vfree(vid_natt_apple); - if (vid_natt_02) - vfree(vid_natt_02); - if (vid_natt_02N) - vfree(vid_natt_02N); - - return error; -} - -/* - * receive from responder - * psk: HDR, SA - * sig: HDR, SA - * rsa: HDR, SA - * rev: HDR, SA - */ -int -ident_i2recv(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - vchar_t *satmp = NULL; - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG1SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* validate the type of next payload */ - /* - * NOTE: RedCreek(as responder) attaches N[responder-lifetime] here, - * if proposal-lifetime > lifetime-redcreek-wants. - * (see doi-08 4.5.4) - * => According to the seciton 4.6.3 in RFC 2407, This is illegal. - * NOTE: we do not really care about ordering of VID and N. - * does it matters? - * NOTE: even if there's multiple VID/N, we'll ignore them. - */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - pa = (struct isakmp_parse_t *)pbuf->v; - - /* SA payload is fixed postion */ - if (pa->type != ISAKMP_NPTYPE_SA) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "received invalid next payload type %d, " - "expecting %d.\n", - pa->type, ISAKMP_NPTYPE_SA); - goto end; - } - if (isakmp_p2ph(&satmp, pa->ptr) < 0) - goto end; - pa++; - - for (/*nothing*/; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_VID: -#ifdef IKE_NAT_T - { - int vid = check_vendorid(pa->ptr); - if (vid == VENDORID_NATT_RFC) - iph1->natt_flags |= natt_type_rfc; - else if (vid == VENDORID_NATT_APPLE) - iph1->natt_flags |= natt_type_apple; - else if (vid == VENDORID_NATT_02) - iph1->natt_flags |= natt_type_02; - else if (vid == VENDORID_NATT_02N) - iph1->natt_flags |= natt_type_02N; - } -#endif - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* if natt vid(s) received - select type to use */ - natt_select_type(iph1); - - /* check SA payload and set approval SA for use */ - if (ipsecdoi_checkph1proposal(satmp, iph1) < 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "failed to get valid proposal.\n"); - /* XXX send information */ - goto end; - } - if (iph1->sa_ret) { - vfree(iph1->sa_ret); - iph1->sa_ret = NULL; - } - - iph1->status = PHASE1ST_MSG2RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - if (satmp) - vfree(satmp); - return error; -} - -/* - * send to responder - * psk: HDR, KE, Ni - * sig: HDR, KE, Ni - * gssapi: HDR, KE, Ni, GSSi - * rsa: HDR, KE, [ HASH(1), ] PubKey_r, PubKey_r - * rev: HDR, [ HASH(1), ] Pubkey_r, Ke_i, - * Ke_i, [<Ke_i] - */ -int -ident_i2send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG2RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* fix isakmp index */ - memcpy(&iph1->index.r_ck, &((struct isakmp *)msg->v)->r_ck, - sizeof(cookie_t)); - - /* generate DH public value */ - if (oakley_dh_generate(iph1->approval->dhgrp, - &iph1->dhpub, &iph1->dhpriv) < 0) - goto end; - - /* generate NONCE value */ - iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); - if (iph1->nonce == NULL) - goto end; - -#ifdef HAVE_GSSAPI - if (iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB && - gssapi_get_itoken(iph1, NULL) < 0) - goto end; -#endif - - /* create buffer to send isakmp payload */ - iph1->sendbuf = ident_ir2mx(iph1); - if (iph1->sendbuf == NULL) - goto end; - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); -#endif - - /* send the packet, add to the schedule to resend */ - iph1->retry_counter = iph1->rmconf->retry_counter; - if (isakmp_ph1resend(iph1) == -1) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph1->remote, iph1->local, iph1->sendbuf, msg) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - iph1->status = PHASE1ST_MSG2SENT; - - error = 0; - -end: - return error; -} - -/* - * receive from responder - * psk: HDR, KE, Nr - * sig: HDR, KE, Nr [, CR ] - * gssapi: HDR, KE, Nr, GSSr - * rsa: HDR, KE, PubKey_i, PubKey_i - * rev: HDR, PubKey_i, Ke_r, Ke_r, - */ -int -ident_i3recv(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - int error = -1; -#ifdef HAVE_GSSAPI - vchar_t *gsstoken = NULL; -#endif - - /* validity check */ - if (iph1->status != PHASE1ST_MSG2SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_KE: - if (isakmp_p2ph(&iph1->dhpub_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_NONCE: - if (isakmp_p2ph(&iph1->nonce_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); - break; -#ifdef HAVE_SIGNING_C - case ISAKMP_NPTYPE_CR: - if (oakley_savecr(iph1, pa->ptr) < 0) - goto end; - break; -#endif -#ifdef HAVE_GSSAPI - case ISAKMP_NPTYPE_GSS: - if (isakmp_p2ph(&gsstoken, pa->ptr) < 0) - goto end; - gssapi_save_received_token(iph1, gsstoken); - break; -#endif - case ISAKMP_NPTYPE_NATD_RFC: - case ISAKMP_NPTYPE_NATD_DRAFT: - case ISAKMP_NPTYPE_NATD_BADDRAFT: -#ifdef IKE_NAT_T - - if (pa->type == iph1->natd_payload_type) { - natd_match_t match = natd_matches(iph1, pa->ptr); - iph1->natt_flags |= natt_natd_received; - if ((match & natd_match_local) != 0) - iph1->natt_flags |= natt_no_local_nat; - if ((match & natd_match_remote) != 0) - iph1->natt_flags |= natt_no_remote_nat; - } -#endif - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - -#ifdef IKE_NAT_T - /* Determine if we need to switch to port 4500 */ - if (natd_hasnat(iph1)) - { - /* There is a NAT between us! Switch to port 4500. */ - if (iph1->remote->sa_family == AF_INET) - { - struct sockaddr_in *sin = (struct sockaddr_in*)iph1->remote; - plog(LLV_INFO, LOCATION, NULL, - "detected NAT, switching to port %d for %s", - PORT_ISAKMP_NATT, saddr2str(iph1->remote)); - sin->sin_port = htons(PORT_ISAKMP_NATT); - sin = (struct sockaddr_in*)iph1->local; - sin->sin_port = htons(PORT_ISAKMP_NATT); - } - } -#endif - - /* payload existency check */ - if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "few isakmp message received.\n"); - goto end; - } - -#ifdef HAVE_SIGNING_C - if (oakley_checkcr(iph1) < 0) { - /* Ignore this error in order to be interoperability. */ - ; - } -#endif - - iph1->status = PHASE1ST_MSG3RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - if (error) { - VPTRINIT(iph1->dhpub_p); - VPTRINIT(iph1->nonce_p); - VPTRINIT(iph1->id_p); - oakley_delcert(iph1->cr_p); - iph1->cr_p = NULL; - } - - return error; -} - -/* - * send to responder - * psk: HDR*, IDi1, HASH_I - * sig: HDR*, IDi1, [ CR, ] [ CERT, ] SIG_I - * gssapi: HDR*, IDi1, < Gssi(n) | HASH_I > - * rsa: HDR*, HASH_I - * rev: HDR*, HASH_I - */ -int -ident_i3send(iph1, msg0) - struct ph1handle *iph1; - vchar_t *msg0; -{ - int error = -1; - int dohash = 1; -#ifdef HAVE_GSSAPI - int len; -#endif - - /* validity check */ - if (iph1->status != PHASE1ST_MSG3RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* compute sharing secret of DH */ - if (oakley_dh_compute(iph1->approval->dhgrp, iph1->dhpub, - iph1->dhpriv, iph1->dhpub_p, &iph1->dhgxy) < 0) - goto end; - - /* generate SKEYIDs & IV & final cipher key */ - if (oakley_skeyid(iph1) < 0) - goto end; - if (oakley_skeyid_dae(iph1) < 0) - goto end; - if (oakley_compute_enckey(iph1) < 0) - goto end; - if (oakley_newiv(iph1) < 0) - goto end; - - /* make ID payload into isakmp status */ - if (ipsecdoi_setid1(iph1) < 0) - goto end; - -#ifdef HAVE_GSSAPI - if (iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB && - gssapi_more_tokens(iph1)) { - plog(LLV_DEBUG, LOCATION, NULL, "calling get_itoken\n"); - if (gssapi_get_itoken(iph1, &len) < 0) - goto end; - if (len != 0) - dohash = 0; - } -#endif - - /* generate HASH to send */ - if (dohash) { - iph1->hash = oakley_ph1hash_common(iph1, GENERATE); - if (iph1->hash == NULL) - goto end; - } else - iph1->hash = NULL; - - /* set encryption flag */ - iph1->flags |= ISAKMP_FLAG_E; - - /* create HDR;ID;HASH payload */ - iph1->sendbuf = ident_ir3mx(iph1); - if (iph1->sendbuf == NULL) - goto end; - - /* send the packet, add to the schedule to resend */ - iph1->retry_counter = iph1->rmconf->retry_counter; - if (isakmp_ph1resend(iph1) == -1) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph1->remote, iph1->local, iph1->sendbuf, msg0) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - /* see handler.h about IV synchronization. */ - memcpy(iph1->ivm->ive->v, iph1->ivm->iv->v, iph1->ivm->iv->l); - - iph1->status = PHASE1ST_MSG3SENT; - - error = 0; - -end: - return error; -} - -/* - * receive from responder - * psk: HDR*, IDr1, HASH_R - * sig: HDR*, IDr1, [ CERT, ] SIG_R - * gssapi: HDR*, IDr1, < GSSr(n) | HASH_R > - * rsa: HDR*, HASH_R - * rev: HDR*, HASH_R - */ -int -ident_i4recv(iph1, msg0) - struct ph1handle *iph1; - vchar_t *msg0; -{ - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - vchar_t *msg = NULL; - int error = -1; - int type; -#ifdef HAVE_GSSAPI - vchar_t *gsstoken = NULL; -#endif - - /* validity check */ - if (iph1->status != PHASE1ST_MSG3SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* decrypting */ - if (!ISSET(((struct isakmp *)msg0->v)->flags, ISAKMP_FLAG_E)) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "expecting the packet encrypted.\n"); - goto end; - } - msg = oakley_do_decrypt(iph1, msg0, iph1->ivm->iv, iph1->ivm->ive); - if (msg == NULL) - goto end; - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - - iph1->pl_hash = NULL; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_ID: - if (isakmp_p2ph(&iph1->id_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_HASH: - iph1->pl_hash = (struct isakmp_pl_hash *)pa->ptr; - break; -#ifdef HAVE_SIGNING_C - case ISAKMP_NPTYPE_CERT: - if (oakley_savecert(iph1, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_SIG: - if (isakmp_p2ph(&iph1->sig_p, pa->ptr) < 0) - goto end; - break; -#endif -#ifdef HAVE_GSSAPI - case ISAKMP_NPTYPE_GSS: - if (isakmp_p2ph(&gsstoken, pa->ptr) < 0) - goto end; - gssapi_save_received_token(iph1, gsstoken); - break; -#endif - case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); - break; - case ISAKMP_NPTYPE_N: - isakmp_check_notify(pa->ptr, iph1); - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* payload existency check */ - - /* see handler.h about IV synchronization. */ - memcpy(iph1->ivm->iv->v, iph1->ivm->ive->v, iph1->ivm->ive->l); - - /* verify identifier */ - if (ipsecdoi_checkid1(iph1) != 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "invalid ID payload.\n"); - goto end; - } - - /* validate authentication value */ -#ifdef HAVE_GSSAPI - if (gsstoken == NULL) { -#endif - type = oakley_validate_auth(iph1); - if (type != 0) { - if (type == -1) { - /* msg printed inner oakley_validate_auth() */ - goto end; - } - isakmp_info_send_n1(iph1, type, NULL); - goto end; - } -#ifdef HAVE_GSSAPI - } -#endif - - /* - * XXX: Should we do compare two addresses, ph1handle's and ID - * payload's. - */ - - plog(LLV_DEBUG, LOCATION, iph1->remote, "peer's ID:"); - plogdump(LLV_DEBUG, iph1->id_p->v, iph1->id_p->l); - - /* - * If we got a GSS token, we need to this roundtrip again. - */ -#ifdef HAVE_GSSAPI - iph1->status = gsstoken != 0 ? PHASE1ST_MSG3RECEIVED : - PHASE1ST_MSG4RECEIVED; -#else - iph1->status = PHASE1ST_MSG4RECEIVED; -#endif - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - if (msg) - vfree(msg); -#ifdef HAVE_GSSAPI - if (gsstoken) - vfree(gsstoken); -#endif - - if (error) { - VPTRINIT(iph1->id_p); - oakley_delcert(iph1->cert_p); - iph1->cert_p = NULL; - oakley_delcert(iph1->crl_p); - iph1->crl_p = NULL; - VPTRINIT(iph1->sig_p); - } - - return error; -} - -/* - * status update and establish isakmp sa. - */ -int -ident_i4send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG4RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* see handler.h about IV synchronization. */ - memcpy(iph1->ivm->iv->v, iph1->ivm->ive->v, iph1->ivm->iv->l); - - iph1->status = PHASE1ST_ESTABLISHED; - - error = 0; - -end: - return error; -} - -/* - * receive from initiator - * psk: HDR, SA - * sig: HDR, SA - * rsa: HDR, SA - * rev: HDR, SA - */ -int -ident_r1recv(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_START) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* validate the type of next payload */ - /* - * NOTE: XXX even if multiple VID, we'll silently ignore those. - */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - pa = (struct isakmp_parse_t *)pbuf->v; - - /* check the position of SA payload */ - if (pa->type != ISAKMP_NPTYPE_SA) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "received invalid next payload type %d, " - "expecting %d.\n", - pa->type, ISAKMP_NPTYPE_SA); - goto end; - } - if (isakmp_p2ph(&iph1->sa, pa->ptr) < 0) - goto end; - pa++; - - for (/*nothing*/; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_VID: - { - int vid = check_vendorid(pa->ptr); -#if IKE_NAT_T - if (vid == VENDORID_NATT_RFC) - iph1->natt_flags |= natt_type_rfc; - else if (vid == VENDORID_NATT_APPLE) - iph1->natt_flags |= natt_type_apple; - else if (vid == VENDORID_NATT_02) - iph1->natt_flags |= natt_type_02; - else - iph1->natt_flags |= natt_type_02N; -#endif - } - break; - default: - /* - * We don't send information to the peer even - * if we received malformed packet. Because we - * can't distinguish the malformed packet and - * the re-sent packet. And we do same behavior - * when we expect encrypted packet. - */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* if natt vid(s) received - select type to use */ - natt_select_type(iph1); - - /* check SA payload and set approval SA for use */ - if (ipsecdoi_checkph1proposal(iph1->sa, iph1) < 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "failed to get valid proposal.\n"); - /* XXX send information */ - goto end; - } - - iph1->status = PHASE1ST_MSG1RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - if (error) { - VPTRINIT(iph1->sa); - } - - return error; -} - -/* - * send to initiator - * psk: HDR, SA - * sig: HDR, SA - * rsa: HDR, SA - * rev: HDR, SA - */ -int -ident_r1send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - struct isakmp_gen *gen; - caddr_t p; - int tlen; - int error = -1; - vchar_t *gss_sa = NULL; - vchar_t *vid = NULL; -#ifdef IKE_NAT_T - vchar_t *nattvid = NULL; -#endif - - /* validity check */ - if (iph1->status != PHASE1ST_MSG1RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* set responder's cookie */ - isakmp_newcookie((caddr_t)&iph1->index.r_ck, iph1->remote, iph1->local); - -#ifdef HAVE_GSSAPI - if (iph1->approval->gssid != NULL) - gss_sa = ipsecdoi_setph1proposal(iph1->approval); - else -#endif - gss_sa = iph1->sa_ret; - - /* create buffer to send isakmp payload */ - tlen = sizeof(struct isakmp) - + sizeof(*gen) + gss_sa->l; - - if ((vid = set_vendorid(iph1->approval->vendorid)) != NULL) - tlen += sizeof(*gen) + vid->l; - -#ifdef IKE_NAT_T - { - int natt_type = iph1->natt_flags & NATT_TYPE_MASK; - - if (natt_type != 0) { - if (natt_type == natt_type_rfc) - nattvid = set_vendorid(VENDORID_NATT_RFC); - else if (natt_type == natt_type_apple) - nattvid = set_vendorid(VENDORID_NATT_APPLE); - else if (natt_type == natt_type_02) - nattvid = set_vendorid(VENDORID_NATT_02); - else if (natt_type == natt_type_02N) - nattvid = set_vendorid(VENDORID_NATT_02N); - - if (nattvid != NULL) - tlen += sizeof(*gen) + nattvid->l; - } - } -#endif - - iph1->sendbuf = vmalloc(tlen); - if (iph1->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(iph1->sendbuf, iph1, ISAKMP_NPTYPE_SA); - if (p == NULL) - goto end; - - /* set SA payload to reply */ - p = set_isakmp_payload(p, gss_sa, - (vid || nattvid) ? ISAKMP_NPTYPE_VID - : ISAKMP_NPTYPE_NONE); - - /* Set Vendor ID, if necessary. */ - if (vid) - p = set_isakmp_payload(p, vid, nattvid ? ISAKMP_NPTYPE_VID : ISAKMP_NPTYPE_NONE); - - if (nattvid) - p = set_isakmp_payload(p, nattvid, ISAKMP_NPTYPE_NONE); - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); -#endif - - /* send the packet, add to the schedule to resend */ - iph1->retry_counter = iph1->rmconf->retry_counter; - if (isakmp_ph1resend(iph1) == -1) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph1->remote, iph1->local, iph1->sendbuf, msg) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - iph1->status = PHASE1ST_MSG1SENT; - - error = 0; - -end: -#ifdef HAVE_GSSAPI - if (gss_sa != iph1->sa_ret) - vfree(gss_sa); -#endif - if (vid) - vfree(vid); - if (nattvid) - vfree(nattvid); - return error; -} - -/* - * receive from initiator - * psk: HDR, KE, Ni - * sig: HDR, KE, Ni - * gssapi: HDR, KE, Ni, GSSi - * rsa: HDR, KE, [ HASH(1), ] PubKey_r, PubKey_r - * rev: HDR, [ HASH(1), ] Pubkey_r, Ke_i, - * Ke_i, [<Ke_i] - */ -int -ident_r2recv(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - int error = -1; -#ifdef HAVE_GSSAPI - vchar_t *gsstoken = NULL; -#endif - - /* validity check */ - if (iph1->status != PHASE1ST_MSG1SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_KE: - if (isakmp_p2ph(&iph1->dhpub_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_NONCE: - if (isakmp_p2ph(&iph1->nonce_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); - break; - case ISAKMP_NPTYPE_CR: - plog(LLV_WARNING, LOCATION, iph1->remote, - "CR received, ignore it. " - "It should be in other exchange.\n"); - break; -#ifdef HAVE_GSSAPI - case ISAKMP_NPTYPE_GSS: - if (isakmp_p2ph(&gsstoken, pa->ptr) < 0) - goto end; - gssapi_save_received_token(iph1, gsstoken); - break; -#endif - case ISAKMP_NPTYPE_NATD_RFC: - case ISAKMP_NPTYPE_NATD_DRAFT: - case ISAKMP_NPTYPE_NATD_BADDRAFT: -#ifdef IKE_NAT_T - if (pa->type == iph1->natd_payload_type) { - natd_match_t match = natd_matches(iph1, pa->ptr); - iph1->natt_flags |= natt_natd_received; - if ((match & natd_match_local) != 0) - iph1->natt_flags |= natt_no_local_nat; - if ((match & natd_match_remote) != 0) - iph1->natt_flags |= natt_no_remote_nat; - } -#endif - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* payload existency check */ - if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "few isakmp message received.\n"); - goto end; - } - - iph1->status = PHASE1ST_MSG2RECEIVED; - - error = 0; - -end: - if (pbuf) - vfree(pbuf); -#ifdef HAVE_GSSAPI - if (gsstoken) - vfree(gsstoken); -#endif - - if (error) { - VPTRINIT(iph1->dhpub_p); - VPTRINIT(iph1->nonce_p); - VPTRINIT(iph1->id_p); - } - - return error; -} - -/* - * send to initiator - * psk: HDR, KE, Nr - * sig: HDR, KE, Nr [, CR ] - * gssapi: HDR, KE, Nr, GSSr - * rsa: HDR, KE, PubKey_i, PubKey_i - * rev: HDR, PubKey_i, Ke_r, Ke_r, - */ -int -ident_r2send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - int error = -1; - - /* validity check */ - if (iph1->status != PHASE1ST_MSG2RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* generate DH public value */ - if (oakley_dh_generate(iph1->approval->dhgrp, - &iph1->dhpub, &iph1->dhpriv) < 0) - goto end; - - /* generate NONCE value */ - iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); - if (iph1->nonce == NULL) - goto end; - -#ifdef HAVE_GSSAPI - if (iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) - gssapi_get_rtoken(iph1, NULL); -#endif - - /* create HDR;KE;NONCE payload */ - iph1->sendbuf = ident_ir2mx(iph1); - if (iph1->sendbuf == NULL) - goto end; - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph1->sendbuf, iph1->local, iph1->remote, 0); -#endif - - /* send the packet, add to the schedule to resend */ - iph1->retry_counter = iph1->rmconf->retry_counter; - if (isakmp_ph1resend(iph1) == -1) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph1->remote, iph1->local, iph1->sendbuf, msg) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - /* compute sharing secret of DH */ - if (oakley_dh_compute(iph1->approval->dhgrp, iph1->dhpub, - iph1->dhpriv, iph1->dhpub_p, &iph1->dhgxy) < 0) - goto end; - - /* generate SKEYIDs & IV & final cipher key */ - if (oakley_skeyid(iph1) < 0) - goto end; - if (oakley_skeyid_dae(iph1) < 0) - goto end; - if (oakley_compute_enckey(iph1) < 0) - goto end; - if (oakley_newiv(iph1) < 0) - goto end; - - iph1->status = PHASE1ST_MSG2SENT; - - error = 0; - -end: - return error; -} - -/* - * receive from initiator - * psk: HDR*, IDi1, HASH_I - * sig: HDR*, IDi1, [ CR, ] [ CERT, ] SIG_I - * gssapi: HDR*, [ IDi1, ] < GSSi(n) | HASH_I > - * rsa: HDR*, HASH_I - * rev: HDR*, HASH_I - */ -int -ident_r3recv(iph1, msg0) - struct ph1handle *iph1; - vchar_t *msg0; -{ - vchar_t *msg = NULL; - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - int error = -1; - int type; -#ifdef HAVE_GSSAPI - vchar_t *gsstoken = NULL; -#endif - - /* validity check */ - if (iph1->status != PHASE1ST_MSG2SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* decrypting */ - if (!ISSET(((struct isakmp *)msg0->v)->flags, ISAKMP_FLAG_E)) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "reject the packet, " - "expecting the packet encrypted.\n"); - goto end; - } - msg = oakley_do_decrypt(iph1, msg0, iph1->ivm->iv, iph1->ivm->ive); - if (msg == NULL) - goto end; - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - - iph1->pl_hash = NULL; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_ID: - if (isakmp_p2ph(&iph1->id_p, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_HASH: - iph1->pl_hash = (struct isakmp_pl_hash *)pa->ptr; - break; -#ifdef HAVE_SIGNING_C - case ISAKMP_NPTYPE_CR: - if (oakley_savecr(iph1, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_CERT: - if (oakley_savecert(iph1, pa->ptr) < 0) - goto end; - break; - case ISAKMP_NPTYPE_SIG: - if (isakmp_p2ph(&iph1->sig_p, pa->ptr) < 0) - goto end; - break; -#endif -#ifdef HAVE_GSSAPI - case ISAKMP_NPTYPE_GSS: - if (isakmp_p2ph(&gsstoken, pa->ptr) < 0) - goto end; - gssapi_save_received_token(iph1, gsstoken); - break; -#endif - case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); - break; - case ISAKMP_NPTYPE_N: - isakmp_check_notify(pa->ptr, iph1); - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* payload existency check */ - /* XXX same as ident_i4recv(), should be merged. */ - { - int ng = 0; - - switch (iph1->approval->authmethod) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - if (iph1->id_p == NULL || iph1->pl_hash == NULL) - ng++; - break; - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - if (iph1->id_p == NULL || iph1->sig_p == NULL) - ng++; - break; - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - if (iph1->pl_hash == NULL) - ng++; - break; -#ifdef HAVE_GSSAPI - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: - if (gsstoken == NULL && iph1->pl_hash == NULL) - ng++; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, iph1->remote, - "invalid authmethod %d why ?\n", - iph1->approval->authmethod); - goto end; - } - if (ng) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "few isakmp message received.\n"); - goto end; - } - } - - /* see handler.h about IV synchronization. */ - memcpy(iph1->ivm->iv->v, iph1->ivm->ive->v, iph1->ivm->ive->l); - - /* verify identifier */ - if (ipsecdoi_checkid1(iph1) != 0) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "invalid ID payload.\n"); - goto end; - } - - /* validate authentication value */ -#ifdef HAVE_GSSAPI - if (gsstoken == NULL) { -#endif - type = oakley_validate_auth(iph1); - if (type != 0) { - if (type == -1) { - /* msg printed inner oakley_validate_auth() */ - goto end; - } - isakmp_info_send_n1(iph1, type, NULL); - goto end; - } -#ifdef HAVE_GSSAPI - } -#endif - -#ifdef HAVE_SIGNING_C - if (oakley_checkcr(iph1) < 0) { - /* Ignore this error in order to be interoperability. */ - ; - } -#endif - - /* - * XXX: Should we do compare two addresses, ph1handle's and ID - * payload's. - */ - - plog(LLV_DEBUG, LOCATION, iph1->remote, "peer's ID\n"); - plogdump(LLV_DEBUG, iph1->id_p->v, iph1->id_p->l); - -#ifdef HAVE_GSSAPI - iph1->status = gsstoken != NULL ? PHASE1ST_MSG2RECEIVED : - PHASE1ST_MSG3RECEIVED; -#else - iph1->status = PHASE1ST_MSG3RECEIVED; -#endif - - error = 0; - -end: - if (pbuf) - vfree(pbuf); - if (msg) - vfree(msg); -#ifdef HAVE_GSSAPI - if (gsstoken) - vfree(gsstoken); -#endif - - if (error) { - VPTRINIT(iph1->id_p); - oakley_delcert(iph1->cert_p); - iph1->cert_p = NULL; - oakley_delcert(iph1->crl_p); - iph1->crl_p = NULL; - VPTRINIT(iph1->sig_p); - oakley_delcert(iph1->cr_p); - iph1->cr_p = NULL; - } - - return error; -} - -/* - * send to initiator - * psk: HDR*, IDr1, HASH_R - * sig: HDR*, IDr1, [ CERT, ] SIG_R - * gssapi: HDR*, IDr1, < GSSr(n) | HASH_R > - * rsa: HDR*, HASH_R - * rev: HDR*, HASH_R - */ -int -ident_r3send(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - int error = -1; - int dohash = 1; -#ifdef HAVE_GSSAPI - int len; -#endif - - /* validity check */ - if (iph1->status != PHASE1ST_MSG3RECEIVED) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph1->status); - goto end; - } - - /* make ID payload into isakmp status */ - if (ipsecdoi_setid1(iph1) < 0) - goto end; - -#ifdef HAVE_GSSAPI - if (iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB && - gssapi_more_tokens(iph1)) { - gssapi_get_rtoken(iph1, &len); - if (len != 0) - dohash = 0; - } -#endif - - if (dohash) { - /* generate HASH to send */ - plog(LLV_DEBUG, LOCATION, NULL, "generate HASH_R\n"); - iph1->hash = oakley_ph1hash_common(iph1, GENERATE); - if (iph1->hash == NULL) - goto end; - } else - iph1->hash = NULL; - - /* set encryption flag */ - iph1->flags |= ISAKMP_FLAG_E; - - /* create HDR;ID;HASH payload */ - iph1->sendbuf = ident_ir3mx(iph1); - if (iph1->sendbuf == NULL) - goto end; - - /* send HDR;ID;HASH to responder */ - if (isakmp_send(iph1, iph1->sendbuf) < 0) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph1->remote, iph1->local, iph1->sendbuf, msg) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - /* see handler.h about IV synchronization. */ - memcpy(iph1->ivm->ive->v, iph1->ivm->iv->v, iph1->ivm->iv->l); - - iph1->status = PHASE1ST_ESTABLISHED; - - error = 0; - -end: - - return error; -} - -/* - * This is used in main mode for: - * initiator's 3rd exchange send to responder - * psk: HDR, KE, Ni - * sig: HDR, KE, Ni - * rsa: HDR, KE, [ HASH(1), ] PubKey_r, PubKey_r - * rev: HDR, [ HASH(1), ] Pubkey_r, Ke_i, - * Ke_i, [<Ke_i] - * responders 2nd exchnage send to initiator - * psk: HDR, KE, Nr - * sig: HDR, KE, Nr [, CR ] - * rsa: HDR, KE, PubKey_i, PubKey_i - * rev: HDR, PubKey_i, Ke_r, Ke_r, - */ -static vchar_t * -ident_ir2mx(iph1) - struct ph1handle *iph1; -{ - vchar_t *buf = 0; - struct isakmp_gen *gen; - char *p; - int tlen; - int need_cr = 0; - vchar_t *cr = NULL; - vchar_t *vid = NULL; - int error = -1; - int nptype; -#ifdef HAVE_GSSAPI - vchar_t *gsstoken = NULL; -#endif - int natd_type = 0; - -#ifdef HAVE_SIGNING_C - /* create CR if need */ - if (iph1->side == RESPONDER - && iph1->rmconf->send_cr - && oakley_needcr(iph1->approval->authmethod) - && iph1->rmconf->peerscertfile == NULL) { - need_cr = 1; - cr = oakley_getcr(iph1); - if (cr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get cr buffer.\n"); - goto end; - } - } -#endif - -#ifdef HAVE_GSSAPI - if (iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) - gssapi_get_token_to_send(iph1, &gsstoken); -#endif - - /* create buffer */ - tlen = sizeof(struct isakmp) - + sizeof(*gen) + iph1->dhpub->l - + sizeof(*gen) + iph1->nonce->l; - if ((vid = set_vendorid(iph1->approval->vendorid)) != NULL) - tlen += sizeof(*gen) + vid->l; - if (need_cr) - tlen += sizeof(*gen) + cr->l; -#ifdef HAVE_GSSAPI - if (gsstoken) - tlen += sizeof(*gen) + gsstoken->l; -#endif - -#ifdef IKE_NAT_T - if ((iph1->natt_flags & NATT_TYPE_MASK) != 0) { - natd_type = iph1->natd_payload_type; - natd_create(iph1); - if (iph1->local_natd) - tlen += sizeof(*gen) + iph1->local_natd->l; - if (iph1->remote_natd) - tlen += sizeof(*gen) + iph1->remote_natd->l; - } -#endif - - buf = vmalloc(tlen); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(buf, iph1, ISAKMP_NPTYPE_KE); - if (p == NULL) - goto end; - - /* create isakmp KE payload */ - p = set_isakmp_payload(p, iph1->dhpub, ISAKMP_NPTYPE_NONCE); - - /* create isakmp NONCE payload */ -#ifdef HAVE_GSSAPI - if (iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) - nptype = ISAKMP_NPTYPE_GSS; - else -#endif - nptype = vid ? ISAKMP_NPTYPE_VID : - (need_cr ? ISAKMP_NPTYPE_CR : - (natd_type ? natd_type : ISAKMP_NPTYPE_NONE)); - p = set_isakmp_payload(p, iph1->nonce, nptype); - -#ifdef HAVE_GSSAPI - if (iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) { - p = set_isakmp_payload(p, gsstoken, - vid ? ISAKMP_NPTYPE_VID - : (need_cr ? ISAKMP_NPTYPE_CR - : (natd_type ? natd_type : ISAKMP_NPTYPE_NONE))); - } -#endif - - /* append vendor id, if needed */ - if (vid) - p = set_isakmp_payload(p, vid, - need_cr ? ISAKMP_NPTYPE_CR - : (natd_type ? natd_type : ISAKMP_NPTYPE_NONE)); - - /* create isakmp CR payload if needed */ - if (need_cr) - p = set_isakmp_payload(p, cr, natd_type ? natd_type : ISAKMP_NPTYPE_NONE); - -#ifdef IKE_NAT_T - if (natd_type) { - if ((iph1->natt_flags & NATT_TYPE_MASK) == natt_type_apple) { - if (iph1->local_natd) - p = set_isakmp_payload(p, iph1->local_natd, natd_type); - if (iph1->remote_natd) - p = set_isakmp_payload(p, iph1->remote_natd, ISAKMP_NPTYPE_NONE); - } else { - if (iph1->remote_natd) - p = set_isakmp_payload(p, iph1->remote_natd, natd_type); - if (iph1->local_natd) - p = set_isakmp_payload(p, iph1->local_natd, ISAKMP_NPTYPE_NONE); - } - } -#endif - error = 0; - -end: - if (error && buf != NULL) { - vfree(buf); - buf = NULL; - } - if (cr) - vfree(cr); -#ifdef HAVE_GSSAPI - if (gsstoken) - vfree(gsstoken); -#endif - if (vid) - vfree(vid); - - return buf; -} - -/* - * This is used in main mode for: - * initiator's 4th exchange send to responder - * psk: HDR*, IDi1, HASH_I - * sig: HDR*, IDi1, [ CR, ] [ CERT, ] SIG_I - * gssapi: HDR*, [ IDi1, ] < GSSi(n) | HASH_I > - * rsa: HDR*, HASH_I - * rev: HDR*, HASH_I - * responders 3rd exchnage send to initiator - * psk: HDR*, IDr1, HASH_R - * sig: HDR*, IDr1, [ CERT, ] SIG_R - * gssapi: HDR*, [ IDr1, ] < GSSr(n) | HASH_R > - * rsa: HDR*, HASH_R - * rev: HDR*, HASH_R - */ -static vchar_t * -ident_ir3mx(iph1) - struct ph1handle *iph1; -{ - vchar_t *buf = NULL, *new = NULL; - char *p; - int tlen; - struct isakmp_gen *gen; - int need_cr = 0; - int need_cert = 0; - vchar_t *cr = NULL; - int error = -1; -#ifdef HAVE_GSSAPI - int nptype; - vchar_t *gsstoken = NULL; - vchar_t *gsshash = NULL; -#endif - - tlen = sizeof(struct isakmp); - - switch (iph1->approval->authmethod) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - tlen += sizeof(*gen) + iph1->id->l - + sizeof(*gen) + iph1->hash->l; - - buf = vmalloc(tlen); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(buf, iph1, ISAKMP_NPTYPE_ID); - if (p == NULL) - goto end; - - /* create isakmp ID payload */ - p = set_isakmp_payload(p, iph1->id, ISAKMP_NPTYPE_HASH); - - /* create isakmp HASH payload */ - p = set_isakmp_payload(p, iph1->hash, ISAKMP_NPTYPE_NONE); - break; -#ifdef HAVE_SIGNING_C - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - if (oakley_getmycert(iph1) < 0) - goto end; - - if (oakley_getsign(iph1) < 0) - goto end; - - /* create CR if need */ - if (iph1->side == INITIATOR - && iph1->rmconf->send_cr - && oakley_needcr(iph1->approval->authmethod) - && iph1->rmconf->peerscertfile == NULL) { - need_cr = 1; - cr = oakley_getcr(iph1); - if (cr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get cr buffer.\n"); - goto end; - } - } - - if (iph1->cert != NULL && iph1->rmconf->send_cert) - need_cert = 1; - - tlen += sizeof(*gen) + iph1->id->l - + sizeof(*gen) + iph1->sig->l; - if (need_cert) - tlen += sizeof(*gen) + iph1->cert->pl->l; - if (need_cr) - tlen += sizeof(*gen) + cr->l; - - buf = vmalloc(tlen); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - p = set_isakmp_header(buf, iph1, ISAKMP_NPTYPE_ID); - if (p == NULL) - goto end; - - /* add ID payload */ - p = set_isakmp_payload(p, iph1->id, need_cert - ? ISAKMP_NPTYPE_CERT - : ISAKMP_NPTYPE_SIG); - - /* add CERT payload if there */ - if (need_cert) - p = set_isakmp_payload(p, iph1->cert->pl, ISAKMP_NPTYPE_SIG); - /* add SIG payload */ - p = set_isakmp_payload(p, iph1->sig, - need_cr ? ISAKMP_NPTYPE_CR : ISAKMP_NPTYPE_NONE); - - /* create isakmp CR payload */ - if (need_cr) - p = set_isakmp_payload(p, cr, ISAKMP_NPTYPE_NONE); - break; -#endif -#ifdef HAVE_GSSAPI - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: - if (!gssapi_id_sent(iph1)) - tlen += sizeof (*gen) + iph1->id->l; - if (iph1->hash != NULL) { - gsshash = gssapi_wraphash(iph1); - if (gsshash == NULL) - goto end; - tlen += sizeof (*gen) + gsshash->l; - } else { - gssapi_get_token_to_send(iph1, &gsstoken); - tlen += sizeof (*gen) + gsstoken->l; - } - - buf = vmalloc(tlen); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* set isakmp header */ - if (!gssapi_id_sent(iph1)) - nptype = ISAKMP_NPTYPE_ID; - else - nptype = iph1->hash != NULL ? ISAKMP_NPTYPE_HASH : - ISAKMP_NPTYPE_GSS; - p = set_isakmp_header(buf, iph1, nptype); - if (p == NULL) - goto end; - - if (!gssapi_id_sent(iph1)) { - /* create isakmp ID payload */ - nptype = iph1->hash != NULL ? ISAKMP_NPTYPE_HASH : - ISAKMP_NPTYPE_GSS; - p = set_isakmp_payload(p, iph1->id, nptype); - if (p == NULL) - goto end; - gssapi_set_id_sent(iph1); - } - - if (iph1->hash != NULL) - /* create isakmp HASH payload */ - p = set_isakmp_payload(p, gsshash, - ISAKMP_NPTYPE_NONE); - else - p = set_isakmp_payload(p, gsstoken, ISAKMP_NPTYPE_NONE); - break; -#endif - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - plog(LLV_ERROR, LOCATION, NULL, - "not supported authentication type %d\n", - iph1->approval->authmethod); - goto end; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid authentication type %d\n", - iph1->approval->authmethod); - goto end; - } - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(buf, iph1->local, iph1->remote, 1); -#endif - - /* encoding */ - new = oakley_do_encrypt(iph1, buf, iph1->ivm->ive, iph1->ivm->iv); - if (new == NULL) - goto end; - - vfree(buf); - - buf = new; - - error = 0; - -end: - if (cr) - vfree(cr); - if (error && buf != NULL) { - vfree(buf); - buf = NULL; - } - - return buf; -} diff --git a/racoon.tproj/isakmp_ident.h b/racoon.tproj/isakmp_ident.h deleted file mode 100644 index b1f3c35..0000000 --- a/racoon.tproj/isakmp_ident.h +++ /dev/null @@ -1,52 +0,0 @@ -/* $KAME: isakmp_ident.h,v 1.4 2000/10/04 17:41:00 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ISAKMP_IDENT_H__ -#define __ISAKMP_IDENT_H__ - -extern int ident_i1send __P((struct ph1handle *, vchar_t *)); -extern int ident_i2recv __P((struct ph1handle *, vchar_t *)); -extern int ident_i2send __P((struct ph1handle *, vchar_t *)); -extern int ident_i3recv __P((struct ph1handle *, vchar_t *)); -extern int ident_i3send __P((struct ph1handle *, vchar_t *)); -extern int ident_i4recv __P((struct ph1handle *, vchar_t *)); -extern int ident_i4send __P((struct ph1handle *, vchar_t *)); - -extern int ident_r1recv __P((struct ph1handle *, vchar_t *)); -extern int ident_r1send __P((struct ph1handle *, vchar_t *)); -extern int ident_r2recv __P((struct ph1handle *, vchar_t *)); -extern int ident_r2send __P((struct ph1handle *, vchar_t *)); -extern int ident_r3recv __P((struct ph1handle *, vchar_t *)); -extern int ident_r3send __P((struct ph1handle *, vchar_t *)); - - -#endif /* __ISAKMP_IDENT_H__ */ - diff --git a/racoon.tproj/isakmp_inf.c b/racoon.tproj/isakmp_inf.c deleted file mode 100644 index 4174255..0000000 --- a/racoon.tproj/isakmp_inf.c +++ /dev/null @@ -1,1365 +0,0 @@ -/* $KAME: isakmp_inf.c,v 1.81 2002/04/15 01:58:37 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include -#include -#ifdef IPV6_INRIA_VERSION -#include -#include -#else -#include -#endif - -#include -#include -#include -#include -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#include "libpfkey.h" - -#include "var.h" -#include "vmbuf.h" -#include "schedule.h" -#include "str2val.h" -#include "misc.h" -#include "plog.h" -#include "debug.h" - -#include "localconf.h" -#include "remoteconf.h" -#include "sockmisc.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "isakmp_inf.h" -#include "oakley.h" -#include "handler.h" -#include "ipsec_doi.h" -#include "crypto_openssl.h" -#include "pfkey.h" -#include "policy.h" -#include "algorithm.h" -#include "proposal.h" -#include "admin.h" -#include "strnames.h" - -/* information exchange */ -static int isakmp_info_recv_n __P((struct ph1handle *, vchar_t *)); -static int isakmp_info_recv_d __P((struct ph1handle *, vchar_t *)); - -static void purge_isakmp_spi __P((int, isakmp_index *, size_t)); -static void purge_ipsec_spi __P((struct sockaddr *, int, u_int32_t *, size_t)); -static void info_recv_initialcontact __P((struct ph1handle *)); - -/* %%% - * Information Exchange - */ -/* - * receive Information - */ -int -isakmp_info_recv(iph1, msg0) - struct ph1handle *iph1; - vchar_t *msg0; -{ - vchar_t *msg = NULL; - int error = -1; - struct isakmp *isakmp; - struct isakmp_gen *gen; - u_int8_t np; - int encrypted; - - plog(LLV_DEBUG, LOCATION, NULL, "receive Information.\n"); - - encrypted = ISSET(((struct isakmp *)msg0->v)->flags, ISAKMP_FLAG_E); - - /* Use new IV to decrypt Informational message. */ - if (encrypted) { - - struct isakmp_ivm *ivm; - - /* compute IV */ - ivm = oakley_newiv2(iph1, ((struct isakmp *)msg0->v)->msgid); - if (ivm == NULL) - return -1; - - msg = oakley_do_decrypt(iph1, msg0, ivm->iv, ivm->ive); - oakley_delivm(ivm); - if (msg == NULL) - return -1; - - } else - msg = vdup(msg0); - - isakmp = (struct isakmp *)msg->v; - gen = (struct isakmp_gen *)((caddr_t)isakmp + sizeof(struct isakmp)); - - - if (isakmp->np != ISAKMP_NPTYPE_HASH) { - plog(LLV_ERROR, LOCATION, NULL, - "ignore information because the message has no hash payload.\n"); - goto end; - } - - if (iph1->status != PHASE1ST_ESTABLISHED) { - plog(LLV_ERROR, LOCATION, NULL, - "ignore information because ISAKMP-SA has not been established yet.\n"); - goto end; - } - - np = gen->np; - - { - void *p; - vchar_t *hash, *payload; - struct isakmp_gen *nd; - - /* - * XXX: gen->len includes isakmp header length - */ - p = (caddr_t) gen + sizeof(struct isakmp_gen); - nd = (struct isakmp_gen *) ((caddr_t) gen + ntohs(gen->len)); - - /* nd length check */ - if (ntohs(nd->len) > msg->l - (sizeof(struct isakmp) + ntohs(gen->len))) { - plog(LLV_ERROR, LOCATION, NULL, - "too long payload length (broken message?)\n"); - goto end; - } - - payload = vmalloc(ntohs(nd->len)); - if (payload == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "cannot allocate memory\n"); - goto end; - } - - memcpy(payload->v, (caddr_t) nd, ntohs(nd->len)); - - /* compute HASH */ - hash = oakley_compute_hash1(iph1, isakmp->msgid, payload); - if (hash == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "cannot compute hash\n"); - - vfree(payload); - goto end; - } - - if (ntohs(gen->len) - sizeof(struct isakmp_gen) != hash->l) { - plog(LLV_ERROR, LOCATION, NULL, - "ignore information due to hash length mismatch\n"); - - vfree(hash); - vfree(payload); - goto end; - } - - if (memcmp(p, hash->v, hash->l) != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "ignore information due to hash mismatch\n"); - - vfree(hash); - vfree(payload); - goto end; - } - - plog(LLV_DEBUG, LOCATION, NULL, "hash validated.\n"); - - vfree(hash); - vfree(payload); - } - - /* make sure the packet were encrypted. */ - if (!encrypted) { - switch (iph1->etype) { - case ISAKMP_ETYPE_AGG: - case ISAKMP_ETYPE_BASE: - case ISAKMP_ETYPE_IDENT: - if ((iph1->side == INITIATOR && iph1->status < PHASE1ST_MSG3SENT) - || (iph1->side == RESPONDER && iph1->status < PHASE1ST_MSG2SENT)) { - break; - } - /*FALLTHRU*/ - default: - plog(LLV_ERROR, LOCATION, iph1->remote, - "%s message must be encrypted\n", - s_isakmp_nptype(np)); - goto end; - } - } - - switch (np) { - case ISAKMP_NPTYPE_N: - if (isakmp_info_recv_n(iph1, msg) < 0) - goto end; - break; - case ISAKMP_NPTYPE_D: - if (isakmp_info_recv_d(iph1, msg) < 0) - goto end; - break; - case ISAKMP_NPTYPE_NONCE: - /* XXX to be 6.4.2 ike-01.txt */ - /* XXX IV is to be synchronized. */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore Acknowledged Informational\n"); - break; - default: - /* don't send information, see isakmp_ident_r1() */ - error = 0; - plog(LLV_ERROR, LOCATION, iph1->remote, - "reject the packet, " - "received unexpecting payload type %d.\n", - gen->np); - goto end; - } - - end: - if (msg != NULL) - vfree(msg); - - return 0; -} - -/* - * send Delete payload (for ISAKMP SA) in Informational exchange. - */ -int -isakmp_info_send_d1(iph1) - struct ph1handle *iph1; -{ - struct isakmp_pl_d *d; - vchar_t *payload = NULL; - int tlen; - int error = 0; - - if (iph1->status != PHASE2ST_ESTABLISHED) - return 0; - - /* create delete payload */ - - /* send SPIs of inbound SAs. */ - /* XXX should send outbound SAs's ? */ - tlen = sizeof(*d) + sizeof(isakmp_index); - payload = vmalloc(tlen); - if (payload == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer for payload.\n"); - return errno; - } - - d = (struct isakmp_pl_d *)payload->v; - d->h.np = ISAKMP_NPTYPE_NONE; - d->h.len = htons(tlen); - d->doi = htonl(IPSEC_DOI); - d->proto_id = IPSECDOI_PROTO_ISAKMP; - d->spi_size = sizeof(isakmp_index); - d->num_spi = htons(1); - memcpy(d + 1, &iph1->index, sizeof(isakmp_index)); - - error = isakmp_info_send_common(iph1, payload, - ISAKMP_NPTYPE_D, 0); - vfree(payload); - - return error; -} - -/* - * send Delete payload (for IPsec SA) in Informational exchange, based on - * pfkey msg. It sends always single SPI. - */ -int -isakmp_info_send_d2(iph2) - struct ph2handle *iph2; -{ - struct ph1handle *iph1; - struct saproto *pr; - struct isakmp_pl_d *d; - vchar_t *payload = NULL; - int tlen; - int error = 0; - u_int8_t *spi; - - if (iph2->status != PHASE2ST_ESTABLISHED) - return 0; - - /* - * don't send delete information if there is no phase 1 handler. - * It's nonsensical to negotiate phase 1 to send the information. - */ - iph1 = getph1byaddr(iph2->src, iph2->dst); - if (iph1 == NULL) - return 0; - - /* create delete payload */ - for (pr = iph2->approval->head; pr != NULL; pr = pr->next) { - - /* send SPIs of inbound SAs. */ - /* - * XXX should I send outbound SAs's ? - * I send inbound SAs's SPI only at the moment because I can't - * decode any more if peer send encoded packet without aware of - * deletion of SA. Outbound SAs don't come under the situation. - */ - tlen = sizeof(*d) + pr->spisize; - payload = vmalloc(tlen); - if (payload == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer for payload.\n"); - return errno; - } - - d = (struct isakmp_pl_d *)payload->v; - d->h.np = ISAKMP_NPTYPE_NONE; - d->h.len = htons(tlen); - d->doi = htonl(IPSEC_DOI); - d->proto_id = pr->proto_id; - d->spi_size = pr->spisize; - d->num_spi = htons(1); - /* - * XXX SPI bits are left-filled, for use with IPComp. - * we should be switching to variable-length spi field... - */ - spi = (u_int8_t *)&pr->spi; - spi += sizeof(pr->spi); - spi -= pr->spisize; - memcpy(d + 1, spi, pr->spisize); - - error = isakmp_info_send_common(iph1, payload, - ISAKMP_NPTYPE_D, 0); - vfree(payload); - } - - return error; -} - -/* - * send Notification payload (for without ISAKMP SA) in Informational exchange - */ -int -isakmp_info_send_nx(isakmp, remote, local, type, data) - struct isakmp *isakmp; - struct sockaddr *remote, *local; - int type; - vchar_t *data; -{ - struct ph1handle *iph1 = NULL; - struct remoteconf *rmconf; - vchar_t *payload = NULL; - int tlen; - int error = -1; - struct isakmp_pl_n *n; - int spisiz = 0; /* see below */ - - /* search appropreate configuration */ - rmconf = getrmconf(remote); - if (rmconf == NULL) { - plog(LLV_ERROR, LOCATION, remote, - "no configuration found for peer address.\n"); - goto end; - } - - /* add new entry to isakmp status table. */ - iph1 = newph1(); - if (iph1 == NULL) - return -1; - - memcpy(&iph1->index.i_ck, &isakmp->i_ck, sizeof(cookie_t)); - isakmp_newcookie((char *)&iph1->index.r_ck, remote, local); - iph1->status = PHASE1ST_START; - iph1->rmconf = rmconf; - iph1->side = INITIATOR; - iph1->version = isakmp->v; - iph1->flags = 0; - iph1->msgid = 0; /* XXX */ - - /* copy remote address */ - if (copy_ph1addresses(iph1, rmconf, remote, local) < 0) - return -1; - - tlen = sizeof(*n) + spisiz; - if (data) - tlen += data->l; - payload = vmalloc(tlen); - if (payload == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - n = (struct isakmp_pl_n *)payload->v; - n->h.np = ISAKMP_NPTYPE_NONE; - n->h.len = htons(tlen); - n->doi = htonl(IPSEC_DOI); - n->proto_id = IPSECDOI_KEY_IKE; - n->spi_size = spisiz; - n->type = htons(type); - if (spisiz) - memset(n + 1, 0, spisiz); /*XXX*/ - if (data) - memcpy((caddr_t)(n + 1) + spisiz, data->v, data->l); - - error = isakmp_info_send_common(iph1, payload, ISAKMP_NPTYPE_N, 0); - vfree(payload); - - end: - if (iph1 != NULL) - delph1(iph1); - - return error; -} - -/* - * send Notification payload (for ISAKMP SA) in Informational exchange - */ -int -isakmp_info_send_n1(iph1, type, data) - struct ph1handle *iph1; - int type; - vchar_t *data; -{ - vchar_t *payload = NULL; - int tlen; - int error = 0; - struct isakmp_pl_n *n; - int spisiz; - - /* - * note on SPI size: which description is correct? I have chosen - * this to be 0. - * - * RFC2408 3.1, 2nd paragraph says: ISAKMP SA is identified by - * Initiator/Responder cookie and SPI has no meaning, SPI size = 0. - * RFC2408 3.1, first paragraph on page 40: ISAKMP SA is identified - * by cookie and SPI has no meaning, 0 <= SPI size <= 16. - * RFC2407 4.6.3.3, INITIAL-CONTACT is required to set to 16. - */ - if (type == ISAKMP_NTYPE_INITIAL_CONTACT) - spisiz = sizeof(isakmp_index); - else - spisiz = 0; - - tlen = sizeof(*n) + spisiz; - if (data) - tlen += data->l; - payload = vmalloc(tlen); - if (payload == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - return errno; - } - - n = (struct isakmp_pl_n *)payload->v; - n->h.np = ISAKMP_NPTYPE_NONE; - n->h.len = htons(tlen); - n->doi = htonl(iph1->rmconf->doitype); - n->proto_id = IPSECDOI_PROTO_ISAKMP; /* XXX to be configurable ? */ - n->spi_size = spisiz; - n->type = htons(type); - if (spisiz) - memcpy(n + 1, &iph1->index, sizeof(isakmp_index)); - if (data) - memcpy((caddr_t)(n + 1) + spisiz, data->v, data->l); - - error = isakmp_info_send_common(iph1, payload, ISAKMP_NPTYPE_N, iph1->flags); - vfree(payload); - - return error; -} - -/* - * send Notification payload (for IPsec SA) in Informational exchange - */ -int -isakmp_info_send_n2(iph2, type, data) - struct ph2handle *iph2; - int type; - vchar_t *data; -{ - struct ph1handle *iph1 = iph2->ph1; - vchar_t *payload = NULL; - int tlen; - int error = 0; - struct isakmp_pl_n *n; - struct saproto *pr; - - if (!iph2->approval) - return EINVAL; - - pr = iph2->approval->head; - - /* XXX must be get proper spi */ - tlen = sizeof(*n) + pr->spisize; - if (data) - tlen += data->l; - payload = vmalloc(tlen); - if (payload == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - return errno; - } - - n = (struct isakmp_pl_n *)payload->v; - n->h.np = ISAKMP_NPTYPE_NONE; - n->h.len = htons(tlen); - n->doi = htonl(IPSEC_DOI); /* IPSEC DOI (1) */ - n->proto_id = pr->proto_id; /* IPSEC AH/ESP/whatever*/ - n->spi_size = pr->spisize; - n->type = htons(type); - *(u_int32_t *)(n + 1) = pr->spi; - if (data) - memcpy((caddr_t)(n + 1) + pr->spisize, data->v, data->l); - - iph2->flags |= ISAKMP_FLAG_E; /* XXX Should we do FLAG_A ? */ - error = isakmp_info_send_common(iph1, payload, ISAKMP_NPTYPE_N, iph2->flags); - vfree(payload); - - return error; -} - -/* - * send Information - * When ph1->skeyid_a == NULL, send message without encoding. - */ -int -isakmp_info_send_common(iph1, payload, np, flags) - struct ph1handle *iph1; - vchar_t *payload; - u_int32_t np; - int flags; -{ - struct ph2handle *iph2 = NULL; - vchar_t *hash = NULL; - struct isakmp *isakmp; - struct isakmp_gen *gen; - char *p; - int tlen; - int error = -1; - - /* add new entry to isakmp status table */ - iph2 = newph2(); - if (iph2 == NULL) - goto end; - - iph2->dst = dupsaddr(iph1->remote); - iph2->src = dupsaddr(iph1->local); - switch (iph1->remote->sa_family) { - case AF_INET: - ((struct sockaddr_in *)iph2->dst)->sin_port = 0; - ((struct sockaddr_in *)iph2->src)->sin_port = 0; - break; -#ifdef INET6 - case AF_INET6: - ((struct sockaddr_in6 *)iph2->dst)->sin6_port = 0; - ((struct sockaddr_in6 *)iph2->src)->sin6_port = 0; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", iph1->remote->sa_family); - delph2(iph2); - goto end; - } - iph2->ph1 = iph1; - iph2->side = INITIATOR; - iph2->status = PHASE2ST_START; - iph2->msgid = isakmp_newmsgid2(iph1); - - /* get IV and HASH(1) if skeyid_a was generated. */ - if (iph1->skeyid_a != NULL) { - iph2->ivm = oakley_newiv2(iph1, iph2->msgid); - if (iph2->ivm == NULL) { - delph2(iph2); - goto end; - } - - /* generate HASH(1) */ - hash = oakley_compute_hash1(iph2->ph1, iph2->msgid, payload); - if (hash == NULL) { - delph2(iph2); - goto end; - } - - /* initialized total buffer length */ - tlen = hash->l; - tlen += sizeof(*gen); - } else { - /* IKE-SA is not established */ - hash = NULL; - - /* initialized total buffer length */ - tlen = 0; - } - if ((flags & ISAKMP_FLAG_A) == 0) - iph2->flags = (hash == NULL ? 0 : ISAKMP_FLAG_E); - else - iph2->flags = (hash == NULL ? 0 : ISAKMP_FLAG_A); - - insph2(iph2); - bindph12(iph1, iph2); - - tlen += sizeof(*isakmp) + payload->l; - - /* create buffer for isakmp payload */ - iph2->sendbuf = vmalloc(tlen); - if (iph2->sendbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto err; - } - - /* create isakmp header */ - isakmp = (struct isakmp *)iph2->sendbuf->v; - memcpy(&isakmp->i_ck, &iph1->index.i_ck, sizeof(cookie_t)); - memcpy(&isakmp->r_ck, &iph1->index.r_ck, sizeof(cookie_t)); - isakmp->np = hash == NULL ? (np & 0xff) : ISAKMP_NPTYPE_HASH; - isakmp->v = iph1->version; - isakmp->etype = ISAKMP_ETYPE_INFO; - isakmp->flags = iph2->flags; - memcpy(&isakmp->msgid, &iph2->msgid, sizeof(isakmp->msgid)); - isakmp->len = htonl(tlen); - p = (char *)(isakmp + 1); - - /* create HASH payload */ - if (hash != NULL) { - gen = (struct isakmp_gen *)p; - gen->np = np & 0xff; - gen->len = htons(sizeof(*gen) + hash->l); - p += sizeof(*gen); - memcpy(p, hash->v, hash->l); - p += hash->l; - } - - /* add payload */ - memcpy(p, payload->v, payload->l); - p += payload->l; - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(iph2->sendbuf, iph1->local, iph1->remote, 1); -#endif - - /* encoding */ - if (ISSET(isakmp->flags, ISAKMP_FLAG_E)) { - vchar_t *tmp; - - tmp = oakley_do_encrypt(iph2->ph1, iph2->sendbuf, iph2->ivm->ive, - iph2->ivm->iv); - if (tmp == NULL) { - vfree(iph2->sendbuf); - iph2->sendbuf = NULL; - goto err; - } - vfree(iph2->sendbuf); - iph2->sendbuf = tmp; - } - - /* HDR*, HASH(1), N */ - if (isakmp_send(iph2->ph1, iph2->sendbuf) < 0) { - vfree(iph2->sendbuf); - iph2->sendbuf = NULL; - goto err; - } - - plog(LLV_DEBUG, LOCATION, NULL, - "sendto Information %s.\n", s_isakmp_nptype(np)); - - /* - * don't resend notify message because peer can use Acknowledged - * Informational if peer requires the reply of the notify message. - */ - - /* XXX If Acknowledged Informational required, don't delete ph2handle */ - error = 0; - vfree(iph2->sendbuf); - iph2->sendbuf = NULL; - goto err; /* XXX */ - -end: - if (hash) - vfree(hash); - return error; - -err: - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - goto end; -} - -/* - * add a notify payload to buffer by reallocating buffer. - * If buf == NULL, the function only create a notify payload. - * - * XXX Which is SPI to be included, inbound or outbound ? - */ -vchar_t * -isakmp_add_pl_n(buf0, np_p, type, pr, data) - vchar_t *buf0; - u_int8_t **np_p; - int type; - struct saproto *pr; - vchar_t *data; -{ - vchar_t *buf = NULL; - struct isakmp_pl_n *n; - int tlen; - int oldlen = 0; - - if (*np_p) - **np_p = ISAKMP_NPTYPE_N; - - tlen = sizeof(*n) + pr->spisize; - - if (data) - tlen += data->l; - if (buf0) { - oldlen = buf0->l; - buf = vrealloc(buf0, buf0->l + tlen); - } else - buf = vmalloc(tlen); - if (!buf) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get a payload buffer.\n"); - return NULL; - } - - n = (struct isakmp_pl_n *)(buf->v + oldlen); - n->h.np = ISAKMP_NPTYPE_NONE; - n->h.len = htons(tlen); - n->doi = htonl(IPSEC_DOI); /* IPSEC DOI (1) */ - n->proto_id = pr->proto_id; /* IPSEC AH/ESP/whatever*/ - n->spi_size = pr->spisize; - n->type = htons(type); - *(u_int32_t *)(n + 1) = pr->spi; /* XXX */ - if (data) - memcpy((caddr_t)(n + 1) + pr->spisize, data->v, data->l); - - /* save the pointer of next payload type */ - *np_p = &n->h.np; - - return buf; -} - -/* - * handling to receive Notification payload - */ -static int -isakmp_info_recv_n(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - struct isakmp_pl_n *n = NULL; - u_int type; - vchar_t *pbuf; - struct isakmp_parse_t *pa, *pap; - char *spi; - - if (!(pbuf = isakmp_parse(msg))) - return -1; - pa = (struct isakmp_parse_t *)pbuf->v; - for (pap = pa; pap->type; pap++) { - switch (pap->type) { - case ISAKMP_NPTYPE_HASH: - /* do something here */ - break; - case ISAKMP_NPTYPE_NONCE: - /* send to ack */ - break; - case ISAKMP_NPTYPE_N: - n = (struct isakmp_pl_n *)pap->ptr; - break; - default: - vfree(pbuf); - return -1; - } - } - vfree(pbuf); - if (!n) - return -1; - - type = ntohs(n->type); - - switch (type) { - case ISAKMP_NTYPE_CONNECTED: - case ISAKMP_NTYPE_RESPONDER_LIFETIME: - case ISAKMP_NTYPE_REPLAY_STATUS: - /* do something */ - break; - case ISAKMP_NTYPE_INITIAL_CONTACT: - info_recv_initialcontact(iph1); - break; - default: - { - u_int32_t msgid = ((struct isakmp *)msg->v)->msgid; - struct ph2handle *iph2; - - /* XXX there is a potential of dos attack. */ - if (msgid == 0) { - /* delete ph1 */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "delete phase1 handle.\n"); - return -1; - } else { - iph2 = getph2bymsgid(iph1, msgid); - if (iph2 == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "unknown notify message, " - "no phase2 handle found.\n"); - } else { - /* delete ph2 */ - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - } - } - } - break; - } - - /* get spi and allocate */ - if (ntohs(n->h.len) < sizeof(*n) + n->spi_size) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "invalid spi_size in notification payload.\n"); - return -1; - } - spi = val2str((u_char *)(n + 1), n->spi_size); - - plog(LLV_DEBUG, LOCATION, iph1->remote, - "notification message %d:%s, " - "doi=%d proto_id=%d spi=%s(size=%d).\n", - type, s_isakmp_notify_msg(type), - ntohl(n->doi), n->proto_id, spi, n->spi_size); - - racoon_free(spi); - - return(0); -} - -static void -purge_isakmp_spi(proto, spi, n) - int proto; - isakmp_index *spi; /*network byteorder*/ - size_t n; -{ - struct ph1handle *iph1; - size_t i; - - for (i = 0; i < n; i++) { - iph1 = getph1byindex(&spi[i]); - if (!iph1) - continue; - - plog(LLV_INFO, LOCATION, NULL, - "purged ISAKMP-SA proto_id=%s spi=%s.\n", - s_ipsecdoi_proto(proto), - isakmp_pindex(&spi[i], 0)); - - if (iph1->sce) - SCHED_KILL(iph1->sce); - iph1->status = PHASE1ST_EXPIRED; - iph1->sce = sched_new(1, isakmp_ph1delete_stub, iph1); - } -} - -static void -purge_ipsec_spi(dst0, proto, spi, n) - struct sockaddr *dst0; - int proto; - u_int32_t *spi; /*network byteorder*/ - size_t n; -{ - vchar_t *buf = NULL; - struct sadb_msg *msg, *next, *end; - struct sadb_sa *sa; - struct sockaddr *src, *dst; - struct ph2handle *iph2; - size_t i; - caddr_t mhp[SADB_EXT_MAX + 1]; - - buf = pfkey_dump_sadb(ipsecdoi2pfkey_proto(proto)); - if (buf == NULL) { - plog(LLV_DEBUG, LOCATION, NULL, - "pfkey_dump_sadb returned nothing.\n"); - return; - } - - msg = (struct sadb_msg *)buf->v; - end = (struct sadb_msg *)(buf->v + buf->l); - - while (msg < end) { - if ((msg->sadb_msg_len << 3) < sizeof(*msg)) - break; - next = (struct sadb_msg *)((caddr_t)msg + (msg->sadb_msg_len << 3)); - if (msg->sadb_msg_type != SADB_DUMP) { - msg = next; - continue; - } - - if (pfkey_align(msg, mhp) || pfkey_check(mhp)) { - plog(LLV_ERROR, LOCATION, NULL, - "pfkey_check (%s)\n", ipsec_strerror()); - msg = next; - continue; - } - - sa = (struct sadb_sa *)(mhp[SADB_EXT_SA]); - if (!sa - || !mhp[SADB_EXT_ADDRESS_SRC] - || !mhp[SADB_EXT_ADDRESS_DST]) { - msg = next; - continue; - } - src = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_SRC]); - dst = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_DST]); - - if (sa->sadb_sa_state != SADB_SASTATE_MATURE - && sa->sadb_sa_state != SADB_SASTATE_DYING) { - msg = next; - continue; - } - - /* XXX n^2 algorithm, inefficient */ - - /* don't delete inbound SAs at the moment */ - /* XXX should we remove SAs with opposite direction as well? */ - if (cmpsaddrwop(dst0, dst)) { - msg = next; - continue; - } - - for (i = 0; i < n; i++) { - plog(LLV_DEBUG, LOCATION, NULL, - "check spi(packet)=%u spi(db)=%u.\n", - ntohl(spi[i]), ntohl(sa->sadb_sa_spi)); - if (spi[i] != sa->sadb_sa_spi) - continue; - - pfkey_send_delete(lcconf->sock_pfkey, - msg->sadb_msg_satype, - IPSEC_MODE_ANY, - src, dst, sa->sadb_sa_spi); - - /* - * delete a relative phase 2 handler. - * continue to process if no relative phase 2 handler - * exists. - */ - iph2 = getph2bysaidx(src, dst, proto, spi[i]); - if (iph2) { - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - } - - plog(LLV_INFO, LOCATION, NULL, - "purged IPsec-SA proto_id=%s spi=%u.\n", - s_ipsecdoi_proto(proto), - ntohl(spi[i])); - } - - msg = next; - } - - if (buf) - vfree(buf); -} - -/* - * delete all phase2 sa relatived to the destination address. - * Don't delete Phase 1 handlers on INITIAL-CONTACT, and don't ignore - * an INITIAL-CONTACT if we have contacted the peer. This matches the - * Sun IKE behavior, and makes rekeying work much better when the peer - * restarts. - */ -static void -info_recv_initialcontact(iph1) - struct ph1handle *iph1; -{ - vchar_t *buf = NULL; - struct sadb_msg *msg, *next, *end; - struct sadb_sa *sa; - struct sockaddr *src, *dst; - caddr_t mhp[SADB_EXT_MAX + 1]; - int proto_id, i; - struct ph2handle *iph2; -#if 0 - char *loc, *rem; -#endif - - if (f_local) - return; - -#if 0 - loc = strdup(saddrwop2str(iph1->local)); - rem = strdup(saddrwop2str(iph1->remote)); - - /* - * Purge all IPSEC-SAs for the peer. We can do this - * the easy way (using a PF_KEY SADB_DELETE extension) - * or we can do it the hard way. - */ - for (i = 0; i < pfkey_nsatypes; i++) { - proto_id = pfkey2ipsecdoi_proto(pfkey_satypes[i].ps_satype); - - plog(LLV_INFO, LOCATION, NULL, - "purging %s SAs for %s -> %s\n", - pfkey_satypes[i].ps_name, loc, rem); - if (pfkey_send_delete_all(lcconf->sock_pfkey, - pfkey_satypes[i].ps_satype, IPSEC_MODE_ANY, - iph1->local, iph1->remote) == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "delete_all %s -> %s failed for %s (%s)\n", - loc, rem, - pfkey_satypes[i].ps_name, ipsec_strerror()); - goto the_hard_way; - } - - deleteallph2(iph1->local, iph1->remote, proto_id); - - plog(LLV_INFO, LOCATION, NULL, - "purging %s SAs for %s -> %s\n", - pfkey_satypes[i].ps_name, rem, loc); - if (pfkey_send_delete_all(lcconf->sock_pfkey, - pfkey_satypes[i].ps_satype, IPSEC_MODE_ANY, - iph1->remote, iph1->local) == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "delete_all %s -> %s failed for %s (%s)\n", - rem, loc, - pfkey_satypes[i].ps_name, ipsec_strerror()); - goto the_hard_way; - } - - deleteallph2(iph1->remote, iph1->local, proto_id); - } - - racoon_free(loc); - racoon_free(rem); - return; - - the_hard_way: - racoon_free(loc); - racoon_free(rem); -#endif - - buf = pfkey_dump_sadb(SADB_SATYPE_UNSPEC); - if (buf == NULL) { - plog(LLV_DEBUG, LOCATION, NULL, - "pfkey_dump_sadb returned nothing.\n"); - return; - } - - msg = (struct sadb_msg *)buf->v; - end = (struct sadb_msg *)(buf->v + buf->l); - - while (msg < end) { - if ((msg->sadb_msg_len << 3) < sizeof(*msg)) - break; - next = (struct sadb_msg *)((caddr_t)msg + (msg->sadb_msg_len << 3)); - if (msg->sadb_msg_type != SADB_DUMP) { - msg = next; - continue; - } - - if (pfkey_align(msg, mhp) || pfkey_check(mhp)) { - plog(LLV_ERROR, LOCATION, NULL, - "pfkey_check (%s)\n", ipsec_strerror()); - msg = next; - continue; - } - - if (mhp[SADB_EXT_SA] == NULL - || mhp[SADB_EXT_ADDRESS_SRC] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL) { - msg = next; - continue; - } - sa = (struct sadb_sa *)mhp[SADB_EXT_SA]; - src = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_SRC]); - dst = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_DST]); - - if (sa->sadb_sa_state != SADB_SASTATE_MATURE - && sa->sadb_sa_state != SADB_SASTATE_DYING) { - msg = next; - continue; - } - - /* - * RFC2407 4.6.3.3 INITIAL-CONTACT is the message that - * announces the sender of the message was rebooted. - * it is interpreted to delete all SAs which source address - * is the sender of the message. - * racoon only deletes SA which is matched both the - * source address and the destination accress. - */ - if (cmpsaddrwop(iph1->local, src) == 0 && - cmpsaddrwop(iph1->remote, dst) == 0) - ; - else if (cmpsaddrwop(iph1->remote, src) == 0 && - cmpsaddrwop(iph1->local, dst) == 0) - ; - else { - msg = next; - continue; - } - - /* - * Make sure this is an SATYPE that we manage. - * This is gross; too bad we couldn't do it the - * easy way. - */ - for (i = 0; i < pfkey_nsatypes; i++) { - if (pfkey_satypes[i].ps_satype == - msg->sadb_msg_satype) - break; - } - if (i == pfkey_nsatypes) { - msg = next; - continue; - } - - plog(LLV_INFO, LOCATION, NULL, - "purging spi=%u.\n", ntohl(sa->sadb_sa_spi)); - pfkey_send_delete(lcconf->sock_pfkey, - msg->sadb_msg_satype, - IPSEC_MODE_ANY, src, dst, sa->sadb_sa_spi); - - /* - * delete a relative phase 2 handler. - * continue to process if no relative phase 2 handler - * exists. - */ - proto_id = pfkey2ipsecdoi_proto(msg->sadb_msg_satype); - iph2 = getph2bysaidx(src, dst, proto_id, sa->sadb_sa_spi); - if (iph2) { - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - } - - msg = next; - } - - vfree(buf); -} - -/* - * handling to receive Deletion payload - */ -static int -isakmp_info_recv_d(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ - struct isakmp_pl_d *d; - int tlen, num_spi; - vchar_t *pbuf; - struct isakmp_parse_t *pa, *pap; - int protected = 0; - union { - u_int32_t spi32; - u_int16_t spi16[2]; - } spi; - - /* validate the type of next payload */ - if (!(pbuf = isakmp_parse(msg))) - return -1; - pa = (struct isakmp_parse_t *)pbuf->v; - for (pap = pa; pap->type; pap++) { - switch (pap->type) { - case ISAKMP_NPTYPE_D: - break; - case ISAKMP_NPTYPE_HASH: - if (pap == pa) { - protected++; - break; - } - plog(LLV_ERROR, LOCATION, iph1->remote, - "received next payload type %d " - "in wrong place (must be the first payload).\n", - pap->type); - vfree(pbuf); - return -1; - default: - /* don't send information, see isakmp_ident_r1() */ - plog(LLV_ERROR, LOCATION, iph1->remote, - "reject the packet, " - "received unexpecting payload type %d.\n", - pap->type); - vfree(pbuf); - return 0; - } - } - - if (!protected) { - plog(LLV_ERROR, LOCATION, NULL, - "delete payload is not proteted, " - "ignored.\n"); - vfree(pbuf); - return -1; - } - - /* process a delete payload */ - for (pap = pa; pap->type; pap++) { - if (pap->type != ISAKMP_NPTYPE_D) - continue; - - d = (struct isakmp_pl_d *)pap->ptr; - - if (ntohl(d->doi) != IPSEC_DOI) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "delete payload with invalid doi:%d.\n", - ntohl(d->doi)); - continue; - } - - num_spi = ntohs(d->num_spi); - tlen = ntohs(d->h.len) - sizeof(struct isakmp_pl_d); - - if (tlen != num_spi * d->spi_size) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "deletion payload with invalid length.\n"); - vfree(pbuf); - return -1; - } - - switch (d->proto_id) { - case IPSECDOI_PROTO_ISAKMP: - if (d->spi_size != sizeof(isakmp_index)) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "delete payload with strange spi " - "size %d(proto_id:%d)\n", - d->spi_size, d->proto_id); - continue; - } - purge_isakmp_spi(d->proto_id, - (isakmp_index *)(d + 1), num_spi); - break; - - case IPSECDOI_PROTO_IPSEC_AH: - case IPSECDOI_PROTO_IPSEC_ESP: - if (d->spi_size != sizeof(u_int32_t)) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "delete payload with strange spi " - "size %d(proto_id:%d)\n", - d->spi_size, d->proto_id); - continue; - } - purge_ipsec_spi(iph1->remote, d->proto_id, - (u_int32_t *)(d + 1), num_spi); - break; - - case IPSECDOI_PROTO_IPCOMP: - /* need to handle both 16bit/32bit SPI */ - memset(&spi, 0, sizeof(spi)); - if (d->spi_size == sizeof(spi.spi16[1])) { - memcpy(&spi.spi16[1], d + 1, - sizeof(spi.spi16[1])); - } else if (d->spi_size == sizeof(spi.spi32)) - memcpy(&spi.spi32, d + 1, sizeof(spi.spi32)); - else { - plog(LLV_ERROR, LOCATION, iph1->remote, - "delete payload with strange spi " - "size %d(proto_id:%d)\n", - d->spi_size, d->proto_id); - continue; - } - purge_ipsec_spi(iph1->remote, d->proto_id, - &spi.spi32, num_spi); - break; - - default: - plog(LLV_ERROR, LOCATION, iph1->remote, - "deletion message received, " - "invalid proto_id: %d\n", - d->proto_id); - continue; - } - - plog(LLV_DEBUG, LOCATION, NULL, "purged SAs.\n"); - } - - vfree(pbuf); - - return 0; -} - -void -isakmp_check_notify(gen, iph1) - struct isakmp_gen *gen; /* points to Notify payload */ - struct ph1handle *iph1; -{ - struct isakmp_pl_n *notify = (struct isakmp_pl_n *)gen; - - plog(LLV_DEBUG, LOCATION, iph1->remote, - "Notify Message received\n"); - - switch (ntohs(notify->type)) { - case ISAKMP_NTYPE_CONNECTED: - plog(LLV_WARNING, LOCATION, iph1->remote, - "ignore CONNECTED notification.\n"); - break; - case ISAKMP_NTYPE_RESPONDER_LIFETIME: - plog(LLV_WARNING, LOCATION, iph1->remote, - "ignore RESPONDER-LIFETIME notification.\n"); - break; - case ISAKMP_NTYPE_REPLAY_STATUS: - plog(LLV_WARNING, LOCATION, iph1->remote, - "ignore REPLAY-STATUS notification.\n"); - break; - case ISAKMP_NTYPE_INITIAL_CONTACT: - plog(LLV_WARNING, LOCATION, iph1->remote, - "ignore INITIAL-CONTACT notification, " - "because it is only accepted after phase1.\n"); - break; - default: - isakmp_info_send_n1(iph1, ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE, NULL); - plog(LLV_ERROR, LOCATION, iph1->remote, - "received unknown notification type %u.\n", - ntohs(notify->type)); - } - - return; -} - diff --git a/racoon.tproj/isakmp_inf.h b/racoon.tproj/isakmp_inf.h deleted file mode 100644 index 880c800..0000000 --- a/racoon.tproj/isakmp_inf.h +++ /dev/null @@ -1,52 +0,0 @@ -/* $KAME: isakmp_inf.h,v 1.13 2000/10/04 17:41:00 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ISAKMP_INF_H__ -#define __ISAKMP_INF_H__ - -struct saproto; -extern int isakmp_info_recv __P((struct ph1handle *, vchar_t *)); -extern int isakmp_info_send_d1 __P((struct ph1handle *)); -extern int isakmp_info_send_d2 __P((struct ph2handle *)); -extern int isakmp_info_send_nx __P((struct isakmp *, - struct sockaddr *, struct sockaddr *, int, vchar_t *)); -extern int isakmp_info_send_n1 __P((struct ph1handle *, int, vchar_t *)); -extern int isakmp_info_send_n2 __P((struct ph2handle *, int, vchar_t *)); -extern int isakmp_info_send_common __P((struct ph1handle *, - vchar_t *, u_int32_t, int)); - -extern vchar_t * isakmp_add_pl_n __P((vchar_t *, u_int8_t **, int, - struct saproto *, vchar_t *)); - -extern void isakmp_check_notify __P((struct isakmp_gen *, struct ph1handle *)); - -#endif /* __ISAKMP_INF_H__ */ - diff --git a/racoon.tproj/isakmp_natd.c b/racoon.tproj/isakmp_natd.c deleted file mode 100644 index 70a660e..0000000 --- a/racoon.tproj/isakmp_natd.c +++ /dev/null @@ -1,195 +0,0 @@ - -#include -#include -#include -#include -#include - -#include - -#include "vmbuf.h" -#include "plog.h" -#include "misc.h" -#include "isakmp_var.h" -#include "oakley.h" -#include "isakmp.h" - -#include "handler.h" -#include "isakmp_natd.h" - -natd_match_t -natd_matches( - struct ph1handle* iph1, - struct isakmp_gen *natd_record) -{ - natd_match_t matches = 0; -#ifdef IKE_NAT_T - int dataLen = ntohs(natd_record->len) - sizeof(*natd_record); - char* dataPtr = ((char*)natd_record) + sizeof(*natd_record); - - /* Always recreate the natd records in case the ports change */ - natd_create(iph1); - - if (iph1->local_natd != NULL && dataLen == iph1->local_natd->l && - memcmp(dataPtr, iph1->local_natd->v, dataLen) == 0) - { - plog(LLV_DEBUG, LOCATION, iph1->remote, - "natd payload matches local address\n"); - matches |= natd_match_local; - } - - if (iph1->remote_natd != NULL && dataLen == iph1->remote_natd->l && - memcmp(dataPtr, iph1->remote_natd->v, dataLen) == 0) - { - plog(LLV_DEBUG, LOCATION, iph1->remote, - "natd payload matches remote address\n"); - matches |= natd_match_remote; - } -#else - matches = natd_match_local | natd_match_remote; -#endif - - if (matches == 0) - { - plog(LLV_DEBUG, LOCATION, iph1->remote, - "natd payload matches no address\n"); - } - - return matches; -} - -/* - * NAT detection record contains a hash of the initiator cookie, - * responder cookie, address, and port. - */ -typedef struct { - cookie_t initiator_cookie; - cookie_t responder_cookie; - struct in_addr address; - u_short port; -} __attribute__((__packed__)) natd_hash_contents; - -int -natd_create( - struct ph1handle* iph1) -{ -#ifdef IKE_NAT_T - natd_hash_contents hash_this; - vchar_t data_to_hash; - - if (iph1->remote->sa_family != AF_INET || - iph1->local->sa_family != AF_INET) - { - /* - * NAT traversal is intentionally unsupported on IPv6. - */ - return -1; - } - - data_to_hash.l = sizeof(hash_this); - data_to_hash.v = (char*)&hash_this; - - memcpy(hash_this.initiator_cookie, iph1->index.i_ck, - sizeof(hash_this.initiator_cookie)); - memcpy(hash_this.responder_cookie, iph1->index.r_ck, - sizeof(hash_this.responder_cookie)); - - /* Local address */ - if (iph1->local_natd != NULL) - vfree(iph1->local_natd); - iph1->local_natd = NULL; - hash_this.address = ((struct sockaddr_in*)(iph1->local))->sin_addr; - hash_this.port = ((struct sockaddr_in*)(iph1->local))->sin_port; - plog(LLV_DEBUG, LOCATION, iph1->remote, - "creating local %.8X%.8X:%.8X%.8X %s:%d\n", - *(u_long*)&hash_this.initiator_cookie[0], - *(u_long*)&hash_this.initiator_cookie[4], - *(u_long*)&hash_this.responder_cookie[0], - *(u_long*)&hash_this.responder_cookie[4], - inet_ntoa(hash_this.address), hash_this.port); - iph1->local_natd = oakley_hash(&data_to_hash, iph1); - plogdump(LLV_DEBUG, iph1->local_natd->v, iph1->local_natd->l); - - /* Remote address */ - if (iph1->remote_natd != NULL) - vfree(iph1->remote_natd); - iph1->remote_natd = NULL; - hash_this.address = ((struct sockaddr_in*)(iph1->remote))->sin_addr; - hash_this.port = ((struct sockaddr_in*)(iph1->remote))->sin_port; - plog(LLV_DEBUG, LOCATION, iph1->remote, - "creating remote %.8X%.8X:%.8X%.8X %s:%d\n", - *(u_long*)&hash_this.initiator_cookie[0], - *(u_long*)&hash_this.initiator_cookie[4], - *(u_long*)&hash_this.responder_cookie[0], - *(u_long*)&hash_this.responder_cookie[4], - inet_ntoa(hash_this.address), hash_this.port); - iph1->remote_natd = oakley_hash(&data_to_hash, iph1); - plogdump(LLV_DEBUG, iph1->remote_natd->v, iph1->remote_natd->l); - - return (iph1->local_natd != NULL) && (iph1->remote_natd != NULL); -#else - return 0; -#endif -} - -/* returns the natt type - or 0 if no natt */ -int -natd_hasnat( - const struct ph1handle* iph1) -{ -#if IKE_NAT_T - if ((iph1->natt_flags & natt_natd_received) && - ((iph1->natt_flags & (natt_no_remote_nat | natt_no_local_nat)) != - (natt_no_remote_nat | natt_no_local_nat))) - return iph1->natt_flags & NATT_TYPE_MASK; - else -#endif - return 0; - -} - - -void -natt_select_type(struct ph1handle* iph1) -{ -#if IKE_NAT_T - int flags = iph1->natt_flags; - - if ((flags & NATT_TYPE_MASK) == 0) { - iph1->natd_payload_type = 0; - return; - } - - iph1->natt_flags &= ~NATT_TYPE_MASK; // clear natt type flags - - /* set the type we prefer */ - if (flags & natt_type_rfc) { - iph1->natt_flags |= natt_type_rfc; - iph1->natd_payload_type = ISAKMP_NPTYPE_NATD_RFC; - plog(LLV_DEBUG, LOCATION, NULL, - "choosing natt type RFC\n"); - - } else if (flags & natt_type_apple) { - iph1->natt_flags |= natt_type_apple; - iph1->natd_payload_type = ISAKMP_NPTYPE_NATD_BADDRAFT; - plog(LLV_DEBUG, LOCATION, NULL, - "choosing natt type APPLE\n"); - } else { - iph1->natd_payload_type = ISAKMP_NPTYPE_NATD_DRAFT; - if (flags & natt_type_02) { - iph1->natt_flags |= natt_type_02; - plog(LLV_DEBUG, LOCATION, NULL, - "choosing natt type 02\n"); - } else { - iph1->natt_flags |= natt_type_02N; - plog(LLV_DEBUG, LOCATION, NULL, - "choosing natt type 02N\n"); - } - - } - -#endif -} - - - diff --git a/racoon.tproj/isakmp_natd.h b/racoon.tproj/isakmp_natd.h deleted file mode 100644 index c700619..0000000 --- a/racoon.tproj/isakmp_natd.h +++ /dev/null @@ -1,26 +0,0 @@ -// natd_matches checks if the natd_record matches either the -// source address and port or the destination address and port -// if natd_record matches source, returns 1. -// if natd_record matches desination, returns 2. -// if natd_record doesn't match any entries, returns 0. - -#ifndef __ISAKMP_NATD_H__ -#define __ISAKMP_NATD_H__ - -typedef enum -{ - natd_match_none = 0, - natd_match_local = 1, - natd_match_remote = 2 -} natd_match_t; - -natd_match_t natd_matches(struct ph1handle* iph1, struct isakmp_gen *natd_record); -int natd_create(struct ph1handle* iph1); -int natd_hasnat(const struct ph1handle* iph1); -void natt_select_type(struct ph1handle* iph1); - - - - -#endif /* __ISAKMP_NATD_H__ */ - diff --git a/racoon.tproj/isakmp_newg.c b/racoon.tproj/isakmp_newg.c deleted file mode 100644 index 588ffdf..0000000 --- a/racoon.tproj/isakmp_newg.c +++ /dev/null @@ -1,228 +0,0 @@ -/* $KAME: isakmp_newg.c,v 1.10 2002/09/27 05:55:52 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include - -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "debug.h" - -#include "schedule.h" -#include "cfparse.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "isakmp_newg.h" -#include "oakley.h" -#include "ipsec_doi.h" -#include "crypto_openssl.h" -#include "handler.h" -#include "pfkey.h" -#include "admin.h" -#include "str2val.h" -#include "vendorid.h" - -/* - * New group mode as responder - */ -int -isakmp_newgroup_r(iph1, msg) - struct ph1handle *iph1; - vchar_t *msg; -{ -#if 0 - struct isakmp *isakmp = (struct isakmp *)msg->v; - struct isakmp_pl_hash *hash = NULL; - struct isakmp_pl_sa *sa = NULL; - int error = -1; - vchar_t *buf; - struct oakley_sa *osa; - int len; - - /* validate the type of next payload */ - /* - * ISAKMP_ETYPE_NEWGRP, - * ISAKMP_NPTYPE_HASH, (ISAKMP_NPTYPE_VID), ISAKMP_NPTYPE_SA, - * ISAKMP_NPTYPE_NONE - */ - { - vchar_t *pbuf = NULL; - struct isakmp_parse_t *pa; - - if ((pbuf = isakmp_parse(msg)) == NULL) - goto end; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_HASH: - if (hash) { - isakmp_info_send_n1(iph1, ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE, NULL); - plog(LLV_ERROR, LOCATION, iph1->remote, - "received multiple payload type %d.\n", - pa->type); - vfree(pbuf); - goto end; - } - hash = (struct isakmp_pl_hash *)pa->ptr; - break; - case ISAKMP_NPTYPE_SA: - if (sa) { - isakmp_info_send_n1(iph1, ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE, NULL); - plog(LLV_ERROR, LOCATION, iph1->remote, - "received multiple payload type %d.\n", - pa->type); - vfree(pbuf); - goto end; - } - sa = (struct isakmp_pl_sa *)pa->ptr; - break; - case ISAKMP_NPTYPE_VID: - (void)check_vendorid(pa->ptr); - break; - default: - isakmp_info_send_n1(iph1, ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE, NULL); - plog(LLV_ERROR, LOCATION, iph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - vfree(pbuf); - goto end; - } - } - vfree(pbuf); - - if (!hash || !sa) { - isakmp_info_send_n1(iph1, ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE, NULL); - plog(LLV_ERROR, LOCATION, iph1->remote, - "no HASH, or no SA payload.\n"); - goto end; - } - } - - /* validate HASH */ - { - char *r_hash; - vchar_t *my_hash = NULL; - int result; - - plog(LLV_DEBUG, LOCATION, NULL, "validate HASH\n"); - - len = sizeof(isakmp->msgid) + ntohs(sa->h.len); - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - memcpy(buf->v, &isakmp->msgid, sizeof(isakmp->msgid)); - memcpy(buf->v + sizeof(isakmp->msgid), sa, ntohs(sa->h.len)); - - plog(LLV_DEBUG, LOCATION, NULL, "hash source\n"); - plogdump(LLV_DEBUG, buf->v, buf->l); - - my_hash = isakmp_prf(iph1->skeyid_a, buf, iph1); - vfree(buf); - if (my_hash == NULL) - goto end; - - plog(LLV_DEBUG, LOCATION, NULL, "hash result\n"); - plogdump(LLV_DEBUG, my_hash->v, my_hash->l); - - r_hash = (char *)hash + sizeof(*hash); - - plog(LLV_DEBUG, LOCATION, NULL, "original hash\n")); - plogdump(LLV_DEBUG, r_hash, ntohs(hash->h.len) - sizeof(*hash))); - - result = memcmp(my_hash->v, r_hash, my_hash->l); - vfree(my_hash); - - if (result) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "HASH mismatch.\n"); - isakmp_info_send_n1(iph1, ISAKMP_NTYPE_INVALID_HASH_INFORMATION, NULL); - goto end; - } - } - - /* check SA payload and get new one for use */ - buf = ipsecdoi_get_proposal((struct ipsecdoi_sa *)sa, - OAKLEY_NEWGROUP_MODE); - if (buf == NULL) { - isakmp_info_send_n1(iph1, ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED, NULL); - goto end; - } - - /* save sa parameters */ - osa = ipsecdoi_get_oakley(buf); - if (osa == NULL) { - isakmp_info_send_n1(iph1, ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED, NULL); - goto end; - } - vfree(buf); - - switch (osa->dhgrp) { - case OAKLEY_ATTR_GRP_DESC_MODP768: - case OAKLEY_ATTR_GRP_DESC_MODP1024: - case OAKLEY_ATTR_GRP_DESC_MODP1536: - /*XXX*/ - default: - isakmp_info_send_n1(iph1, ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED, NULL); - plog(LLV_ERROR, LOCATION, NULL, - "dh group %d isn't supported.\n", osa->dhgrp); - goto end; - } - - plog(LLV_INFO, LOCATION, iph1->remote, - "got new dh group %s.\n", isakmp_pindex(&iph1->index, 0)); - - error = 0; - -end: - if (error) { - if (iph1 != NULL) - (void)isakmp_free_ph1(iph1); - } - return error; -#endif - return 0; -} - diff --git a/racoon.tproj/isakmp_newg.h b/racoon.tproj/isakmp_newg.h deleted file mode 100644 index 59db2f6..0000000 --- a/racoon.tproj/isakmp_newg.h +++ /dev/null @@ -1,39 +0,0 @@ -/* $KAME: isakmp_newg.h,v 1.4 2000/10/04 17:41:01 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ISAKMP_NEWG_H__ -#define __ISAKMP_NEWG_H__ - - -extern int isakmp_newgroup_r __P((struct ph1handle *, vchar_t *)); - -#endif /* __ISAKMP_NEWG_H__ */ - diff --git a/racoon.tproj/isakmp_quick.c b/racoon.tproj/isakmp_quick.c deleted file mode 100644 index e14f7d0..0000000 --- a/racoon.tproj/isakmp_quick.c +++ /dev/null @@ -1,2298 +0,0 @@ -/* $KAME: isakmp_quick.c,v 1.93 2002/05/07 17:47:55 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#ifdef IPV6_INRIA_VERSION -#include -#else -#include -#endif - -#include "var.h" -#include "vmbuf.h" -#include "schedule.h" -#include "misc.h" -#include "plog.h" -#include "debug.h" - -#include "localconf.h" -#include "remoteconf.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "isakmp_inf.h" -#include "isakmp_quick.h" -#include "isakmp_natd.h" -#include "oakley.h" -#include "handler.h" -#include "ipsec_doi.h" -#include "crypto_openssl.h" -#include "pfkey.h" -#include "policy.h" -#include "algorithm.h" -#include "sockmisc.h" -#include "proposal.h" -#include "sainfo.h" -#include "admin.h" -#include "strnames.h" - - -/* quick mode */ -static vchar_t *quick_ir1mx __P((struct ph2handle *, vchar_t *, vchar_t *)); -static int get_sainfo_r __P((struct ph2handle *)); -static int get_proposal_r __P((struct ph2handle *)); -static u_int32_t setscopeid __P((struct sockaddr *, struct sockaddr *)); -static int create_natoa_payloads(struct ph2handle *iph2, vchar_t **, vchar_t **); - -/* %%% - * Quick Mode - */ -/* - * begin Quick Mode as initiator. send pfkey getspi message to kernel. - */ -int -quick_i1prep(iph2, msg) - struct ph2handle *iph2; - vchar_t *msg; /* must be null pointer */ -{ - int error = ISAKMP_INTERNAL_ERROR; - - /* validity check */ - if (iph2->status != PHASE2ST_STATUS2) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - iph2->msgid = isakmp_newmsgid2(iph2->ph1); - iph2->ivm = oakley_newiv2(iph2->ph1, iph2->msgid); - if (iph2->ivm == NULL) - return 0; - - iph2->status = PHASE2ST_GETSPISENT; - - /* don't anything if local test mode. */ - if (f_local) { - error = 0; - goto end; - } - - /* send getspi message */ - if (pk_sendgetspi(iph2) < 0) - goto end; - - plog(LLV_DEBUG, LOCATION, NULL, "pfkey getspi sent.\n"); - - iph2->sce = sched_new(lcconf->wait_ph2complete, - pfkey_timeover_stub, iph2); - - error = 0; - -end: - return error; -} - -/* - * send to responder - * HDR*, HASH(1), SA, Ni [, KE ] [, IDi2, IDr2 ] - */ -int -quick_i1send(iph2, msg) - struct ph2handle *iph2; - vchar_t *msg; /* must be null pointer */ -{ - vchar_t *body = NULL; - vchar_t *hash = NULL; - vchar_t *natoa_i = NULL; - vchar_t *natoa_r = NULL; - int natoa_type = 0; - struct isakmp_gen *gen; - char *p; - int tlen; - int error = ISAKMP_INTERNAL_ERROR; - int pfsgroup, idci, idcr; - int np; - struct ipsecdoi_id_b *id, *id_p; - - /* validity check */ - if (msg != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "msg has to be NULL in this function.\n"); - goto end; - } - if (iph2->status != PHASE2ST_GETSPIDONE) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - /* create SA payload for my proposal */ - if (ipsecdoi_setph2proposal(iph2) < 0) - goto end; - - /* generate NONCE value */ - iph2->nonce = eay_set_random(iph2->ph1->rmconf->nonce_size); - if (iph2->nonce == NULL) - goto end; - - /* - * DH value calculation is kicked out into cfparse.y. - * because pfs group can not be negotiated, it's only to be checked - * acceptable. - */ - /* generate KE value if need */ - pfsgroup = iph2->proposal->pfs_group; - if (pfsgroup) { - /* DH group settting if PFS is required. */ - if (oakley_setdhgroup(pfsgroup, &iph2->pfsgrp) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to set DH value.\n"); - goto end; - } - if (oakley_dh_generate(iph2->pfsgrp, - &iph2->dhpub, &iph2->dhpriv) < 0) { - goto end; - } - } - - /* generate ID value */ - if (ipsecdoi_setid2(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID.\n"); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "IDci:"); - plogdump(LLV_DEBUG, iph2->id->v, iph2->id->l); - plog(LLV_DEBUG, LOCATION, NULL, "IDcr:"); - plogdump(LLV_DEBUG, iph2->id_p->v, iph2->id_p->l); - - /* - * we do not attach IDci nor IDcr, under the following condition: - * - all proposals are transport mode - * - no MIP6 - * - id payload suggests to encrypt all the traffic (no specific - * protocol type) - */ - id = (struct ipsecdoi_id_b *)iph2->id->v; - id_p = (struct ipsecdoi_id_b *)iph2->id_p->v; - if (id->proto_id == 0 - && id_p->proto_id == 0 - && iph2->ph1->rmconf->support_mip6 == 0 - && ipsecdoi_transportmode(iph2)) { - idci = idcr = 0; - } else - idci = idcr = 1; - - /* create SA;NONCE payload, and KE if need, and IDii, IDir. */ - tlen = + sizeof(*gen) + iph2->sa->l - + sizeof(*gen) + iph2->nonce->l; - if (pfsgroup) - tlen += (sizeof(*gen) + iph2->dhpub->l); - if (idci) - tlen += sizeof(*gen) + iph2->id->l; - if (idcr) - tlen += sizeof(*gen) + iph2->id_p->l; - - /* - * create natoa payloads if needed but only - * if transport mode proposals are present - */ - if (ipsecdoi_tunnelmode(iph2) != 1) { - natoa_type = create_natoa_payloads(iph2, &natoa_i, &natoa_r); - if (natoa_type == -1) - goto end; - else if (natoa_type != 0) { - tlen += sizeof(*gen) + natoa_i->l; - tlen += sizeof(*gen) + natoa_r->l; - } - } - - body = vmalloc(tlen); - if (body == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - p = body->v; - - /* add SA payload */ - p = set_isakmp_payload(p, iph2->sa, ISAKMP_NPTYPE_NONCE); - - /* add NONCE payload */ - if (pfsgroup) - np = ISAKMP_NPTYPE_KE; - else if (idci || idcr) - np = ISAKMP_NPTYPE_ID; - else - np = (natoa_type ? natoa_type : ISAKMP_NPTYPE_NONE); - p = set_isakmp_payload(p, iph2->nonce, np); - - /* add KE payload if need. */ - np = (idci || idcr) ? ISAKMP_NPTYPE_ID : (natoa_type ? natoa_type : ISAKMP_NPTYPE_NONE); - if (pfsgroup) - p = set_isakmp_payload(p, iph2->dhpub, np); - - /* IDci */ - np = (idcr) ? ISAKMP_NPTYPE_ID : (natoa_type ? natoa_type : ISAKMP_NPTYPE_NONE); - if (idci) - p = set_isakmp_payload(p, iph2->id, np); - - /* IDcr */ - if (idcr) - p = set_isakmp_payload(p, iph2->id_p, natoa_type ? natoa_type : ISAKMP_NPTYPE_NONE); - - /* natoa */ - if (natoa_type) { - p = set_isakmp_payload(p, natoa_i, natoa_type); - p = set_isakmp_payload(p, natoa_r, ISAKMP_NPTYPE_NONE); - } - - /* generate HASH(1) */ - hash = oakley_compute_hash1(iph2->ph1, iph2->msgid, body); - if (hash == NULL) - goto end; - - /* send isakmp payload */ - iph2->sendbuf = quick_ir1mx(iph2, body, hash); - if (iph2->sendbuf == NULL) - goto end; - - /* send the packet, add to the schedule to resend */ - iph2->retry_counter = iph2->ph1->rmconf->retry_counter; - if (isakmp_ph2resend(iph2) == -1) - goto end; - - /* change status of isakmp status entry */ - iph2->status = PHASE2ST_MSG1SENT; - - error = 0; - -end: - if (body != NULL) - vfree(body); - if (hash != NULL) - vfree(hash); - if (natoa_i) - vfree(natoa_i); - if (natoa_r) - vfree(natoa_r); - - return error; -} - -/* - * receive from responder - * HDR*, HASH(2), SA, Nr [, KE ] [, IDi2, IDr2 ] - */ -int -quick_i2recv(iph2, msg0) - struct ph2handle *iph2; - vchar_t *msg0; -{ - vchar_t *msg = NULL; - vchar_t *hbuf = NULL; /* for hash computing. */ - vchar_t *pbuf = NULL; /* for payload parsing */ - struct isakmp_parse_t *pa; - struct isakmp *isakmp = (struct isakmp *)msg0->v; - struct isakmp_pl_hash *hash = NULL; - int f_id; - char *p; - int tlen; - int error = ISAKMP_INTERNAL_ERROR; - - /* validity check */ - if (iph2->status != PHASE2ST_MSG1SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - /* decrypt packet */ - if (!ISSET(((struct isakmp *)msg0->v)->flags, ISAKMP_FLAG_E)) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "Packet wasn't encrypted.\n"); - goto end; - } - msg = oakley_do_decrypt(iph2->ph1, msg0, iph2->ivm->iv, iph2->ivm->ive); - if (msg == NULL) - goto end; - - /* create buffer for validating HASH(2) */ - /* - * ordering rule: - * 1. the first one must be HASH - * 2. the second one must be SA (added in isakmp-oakley-05!) - * 3. two IDs must be considered as IDci, then IDcr - */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - pa = (struct isakmp_parse_t *)pbuf->v; - - /* HASH payload is fixed postion */ - if (pa->type != ISAKMP_NPTYPE_HASH) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "received invalid next payload type %d, " - "expecting %d.\n", - pa->type, ISAKMP_NPTYPE_HASH); - goto end; - } - hash = (struct isakmp_pl_hash *)pa->ptr; - pa++; - - /* - * this restriction was introduced in isakmp-oakley-05. - * we do not check this for backward compatibility. - * TODO: command line/config file option to enable/disable this code - */ - /* HASH payload is fixed postion */ - if (pa->type != ISAKMP_NPTYPE_SA) { - plog(LLV_WARNING, LOCATION, iph2->ph1->remote, - "received invalid next payload type %d, " - "expecting %d.\n", - pa->type, ISAKMP_NPTYPE_HASH); - } - - /* allocate buffer for computing HASH(2) */ - tlen = iph2->nonce->l - + ntohl(isakmp->len) - sizeof(*isakmp); - hbuf = vmalloc(tlen); - if (hbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer.\n"); - goto end; - } - p = hbuf->v + iph2->nonce->l; /* retain the space for Ni_b */ - - /* - * parse the payloads. - * copy non-HASH payloads into hbuf, so that we can validate HASH. - */ - iph2->sa_ret = NULL; - f_id = 0; /* flag to use checking ID */ - tlen = 0; /* count payload length except of HASH payload. */ - for (; pa->type; pa++) { - - /* copy to buffer for HASH */ - /* Don't modify the payload */ - memcpy(p, pa->ptr, pa->len); - - switch (pa->type) { - case ISAKMP_NPTYPE_SA: - if (iph2->sa_ret != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "Ignored, multiple SA " - "isn't supported.\n"); - break; - } - if (isakmp_p2ph(&iph2->sa_ret, pa->ptr) < 0) - goto end; - break; - - case ISAKMP_NPTYPE_NONCE: - if (isakmp_p2ph(&iph2->nonce_p, pa->ptr) < 0) - goto end; - break; - - case ISAKMP_NPTYPE_KE: - if (isakmp_p2ph(&iph2->dhpub_p, pa->ptr) < 0) - goto end; - break; - - case ISAKMP_NPTYPE_ID: - { - vchar_t *vp; - - /* check ID value */ - if (f_id == 0) { - /* for IDci */ - f_id = 1; - vp = iph2->id; - } else { - /* for IDcr */ - vp = iph2->id_p; - } - if (!natd_hasnat(iph2->ph1)) { - /* RFC 2407 says that the protocol and port fields should be ignored - * if they are zero, therefore they need to be checked individually. - */ - struct ipsecdoi_id_b *id_ptr = (struct ipsecdoi_id_b *)vp->v; - struct ipsecdoi_pl_id *idp_ptr = (struct ipsecdoi_pl_id *)pa->ptr; - - if (id_ptr->type != idp_ptr->b.type - || (idp_ptr->b.proto_id != 0 && idp_ptr->b.proto_id != id_ptr->proto_id) - || (idp_ptr->b.port != 0 && idp_ptr->b.port != id_ptr->port) - || memcmp(vp->v + sizeof(struct ipsecdoi_id_b), (caddr_t)pa->ptr + sizeof(struct ipsecdoi_pl_id), - vp->l - sizeof(struct ipsecdoi_id_b))) { - plog(LLV_ERROR, LOCATION, NULL, - "mismatched ID was returned.\n"); - error = ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED; - goto end; - } - } - } - break; - -#ifdef IKE_NAT_T - case ISAKMP_NPTYPE_NATOA_RFC: - case ISAKMP_NPTYPE_NATOA_DRAFT: - case ISAKMP_NPTYPE_NATOA_BADDRAFT: - /* Ignore original source/destination messages */ - break; -#endif - - case ISAKMP_NPTYPE_N: - isakmp_check_notify(pa->ptr, iph2->ph1); - break; - - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - - p += pa->len; - - /* compute true length of payload. */ - tlen += pa->len; - } - - /* payload existency check */ - if (hash == NULL || iph2->sa_ret == NULL || iph2->nonce_p == NULL) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "few isakmp message received.\n"); - goto end; - } - - /* Fixed buffer for calculating HASH */ - memcpy(hbuf->v, iph2->nonce->v, iph2->nonce->l); - plog(LLV_DEBUG, LOCATION, NULL, - "HASH allocated:hbuf->l=%d actual:tlen=%d\n", - hbuf->l, tlen + iph2->nonce->l); - /* adjust buffer length for HASH */ - hbuf->l = iph2->nonce->l + tlen; - - /* validate HASH(2) */ - { - char *r_hash; - vchar_t *my_hash = NULL; - int result; - - r_hash = (char *)hash + sizeof(*hash); - - plog(LLV_DEBUG, LOCATION, NULL, "HASH(2) received:"); - plogdump(LLV_DEBUG, r_hash, ntohs(hash->h.len) - sizeof(*hash)); - - my_hash = oakley_compute_hash1(iph2->ph1, iph2->msgid, hbuf); - if (my_hash == NULL) - goto end; - - result = memcmp(my_hash->v, r_hash, my_hash->l); - vfree(my_hash); - - if (result) { - plog(LLV_DEBUG, LOCATION, iph2->ph1->remote, - "HASH(2) mismatch.\n"); - error = ISAKMP_NTYPE_INVALID_HASH_INFORMATION; - goto end; - } - } - - /* validity check SA payload sent from responder */ - if (ipsecdoi_checkph2proposal(iph2) < 0) { - error = ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN; - goto end; - } - - /* change status of isakmp status entry */ - iph2->status = PHASE2ST_STATUS6; - - error = 0; - -end: - if (hbuf) - vfree(hbuf); - if (pbuf) - vfree(pbuf); - if (msg) - vfree(msg); - - if (error) { - VPTRINIT(iph2->sa_ret); - VPTRINIT(iph2->nonce_p); - VPTRINIT(iph2->dhpub_p); - VPTRINIT(iph2->id); - VPTRINIT(iph2->id_p); - } - - return error; -} - -/* - * send to responder - * HDR*, HASH(3) - */ -int -quick_i2send(iph2, msg0) - struct ph2handle *iph2; - vchar_t *msg0; -{ - vchar_t *msg = NULL; - vchar_t *buf = NULL; - vchar_t *hash = NULL; - char *p = NULL; - int tlen; - int error = ISAKMP_INTERNAL_ERROR; - - /* validity check */ - if (iph2->status != PHASE2ST_STATUS6) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - /* generate HASH(3) */ - { - vchar_t *tmp = NULL; - - plog(LLV_DEBUG, LOCATION, NULL, "HASH(3) generate\n"); - - tmp = vmalloc(iph2->nonce->l + iph2->nonce_p->l); - if (tmp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer.\n"); - goto end; - } - memcpy(tmp->v, iph2->nonce->v, iph2->nonce->l); - memcpy(tmp->v + iph2->nonce->l, iph2->nonce_p->v, iph2->nonce_p->l); - - hash = oakley_compute_hash3(iph2->ph1, iph2->msgid, tmp); - vfree(tmp); - - if (hash == NULL) - goto end; - } - - /* create buffer for isakmp payload */ - tlen = sizeof(struct isakmp) - + sizeof(struct isakmp_gen) + hash->l; - buf = vmalloc(tlen); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* create isakmp header */ - p = set_isakmp_header2(buf, iph2, ISAKMP_NPTYPE_HASH); - if (p == NULL) - goto end; - - /* add HASH(3) payload */ - p = set_isakmp_payload(p, hash, ISAKMP_NPTYPE_NONE); - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(buf, iph2->ph1->local, iph2->ph1->remote, 1); -#endif - - /* encoding */ - iph2->sendbuf = oakley_do_encrypt(iph2->ph1, buf, iph2->ivm->ive, iph2->ivm->iv); - if (iph2->sendbuf == NULL) - goto end; - - /* if there is commit bit, need resending */ - if (ISSET(iph2->flags, ISAKMP_FLAG_C)) { - /* send the packet, add to the schedule to resend */ - iph2->retry_counter = iph2->ph1->rmconf->retry_counter; - if (isakmp_ph2resend(iph2) == -1) - goto end; - } else { - /* send the packet */ - if (isakmp_send(iph2->ph1, iph2->sendbuf) < 0) - goto end; - } - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph2->ph1->remote, iph2->ph1->local, - iph2->sendbuf, msg0) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - /* compute both of KEYMATs */ - if (oakley_compute_keymat(iph2, INITIATOR) < 0) - goto end; - - iph2->status = PHASE2ST_ADDSA; - - /* don't anything if local test mode. */ - if (f_local) { - error = 0; - goto end; - } - - /* if there is commit bit don't set up SA now. */ - if (ISSET(iph2->flags, ISAKMP_FLAG_C)) { - iph2->status = PHASE2ST_COMMIT; - error = 0; - goto end; - } - - /* Do UPDATE for initiator */ - plog(LLV_DEBUG, LOCATION, NULL, "call pk_sendupdate\n"); - if (pk_sendupdate(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "pfkey update failed.\n"); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "pfkey update sent.\n"); - - /* Do ADD for responder */ - if (pk_sendadd(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "pfkey add failed.\n"); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "pfkey add sent.\n"); - - error = 0; - -end: - if (buf != NULL) - vfree(buf); - if (msg != NULL) - vfree(msg); - if (hash != NULL) - vfree(hash); - - return error; -} - -/* - * receive from responder - * HDR#*, HASH(4), notify - */ -int -quick_i3recv(iph2, msg0) - struct ph2handle *iph2; - vchar_t *msg0; -{ - vchar_t *msg = NULL; - vchar_t *pbuf = NULL; /* for payload parsing */ - struct isakmp_parse_t *pa; - struct isakmp_pl_hash *hash = NULL; - vchar_t *notify = NULL; - int error = ISAKMP_INTERNAL_ERROR; - - /* validity check */ - if (iph2->status != PHASE2ST_COMMIT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - /* decrypt packet */ - if (!ISSET(((struct isakmp *)msg0->v)->flags, ISAKMP_FLAG_E)) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "Packet wasn't encrypted.\n"); - goto end; - } - msg = oakley_do_decrypt(iph2->ph1, msg0, iph2->ivm->iv, iph2->ivm->ive); - if (msg == NULL) - goto end; - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_HASH: - hash = (struct isakmp_pl_hash *)pa->ptr; - break; - case ISAKMP_NPTYPE_N: - isakmp_check_notify(pa->ptr, iph2->ph1); - notify = vmalloc(pa->len); - if (notify == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get notify buffer.\n"); - goto end; - } - memcpy(notify->v, pa->ptr, notify->l); - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* payload existency check */ - if (hash == NULL) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "few isakmp message received.\n"); - goto end; - } - - /* validate HASH(4) */ - { - char *r_hash; - vchar_t *my_hash = NULL; - vchar_t *tmp = NULL; - int result; - - r_hash = (char *)hash + sizeof(*hash); - - plog(LLV_DEBUG, LOCATION, NULL, "HASH(4) validate:"); - plogdump(LLV_DEBUG, r_hash, ntohs(hash->h.len) - sizeof(*hash)); - - my_hash = oakley_compute_hash1(iph2->ph1, iph2->msgid, notify); - vfree(tmp); - if (my_hash == NULL) - goto end; - - result = memcmp(my_hash->v, r_hash, my_hash->l); - vfree(my_hash); - - if (result) { - plog(LLV_DEBUG, LOCATION, iph2->ph1->remote, - "HASH(4) mismatch.\n"); - error = ISAKMP_NTYPE_INVALID_HASH_INFORMATION; - goto end; - } - } - - iph2->status = PHASE2ST_ADDSA; - iph2->flags ^= ISAKMP_FLAG_C; /* reset bit */ - - /* don't anything if local test mode. */ - if (f_local) { - error = 0; - goto end; - } - - /* Do UPDATE for initiator */ - plog(LLV_DEBUG, LOCATION, NULL, "call pk_sendupdate\n"); - if (pk_sendupdate(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "pfkey update failed.\n"); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "pfkey update sent.\n"); - - /* Do ADD for responder */ - if (pk_sendadd(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "pfkey add failed.\n"); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "pfkey add sent.\n"); - - error = 0; - -end: - if (msg != NULL) - vfree(msg); - if (pbuf != NULL) - vfree(pbuf); - if (notify != NULL) - vfree(notify); - - return error; -} - -/* - * receive from initiator - * HDR*, HASH(1), SA, Ni [, KE ] [, IDi2, IDr2 ] - */ -int -quick_r1recv(iph2, msg0) - struct ph2handle *iph2; - vchar_t *msg0; -{ - vchar_t *msg = NULL; - vchar_t *hbuf = NULL; /* for hash computing. */ - vchar_t *pbuf = NULL; /* for payload parsing */ - struct isakmp_parse_t *pa; - struct isakmp *isakmp = (struct isakmp *)msg0->v; - struct isakmp_pl_hash *hash = NULL; - char *p; - int tlen; - int f_id_order; /* for ID payload detection */ - int error = ISAKMP_INTERNAL_ERROR; - - /* validity check */ - if (iph2->status != PHASE2ST_START) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - /* decrypting */ - if (!ISSET(((struct isakmp *)msg0->v)->flags, ISAKMP_FLAG_E)) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "Packet wasn't encrypted.\n"); - error = ISAKMP_NTYPE_PAYLOAD_MALFORMED; - goto end; - } - /* decrypt packet */ - msg = oakley_do_decrypt(iph2->ph1, msg0, iph2->ivm->iv, iph2->ivm->ive); - if (msg == NULL) - goto end; - - /* create buffer for using to validate HASH(1) */ - /* - * ordering rule: - * 1. the first one must be HASH - * 2. the second one must be SA (added in isakmp-oakley-05!) - * 3. two IDs must be considered as IDci, then IDcr - */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - pa = (struct isakmp_parse_t *)pbuf->v; - - /* HASH payload is fixed postion */ - if (pa->type != ISAKMP_NPTYPE_HASH) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "received invalid next payload type %d, " - "expecting %d.\n", - pa->type, ISAKMP_NPTYPE_HASH); - error = ISAKMP_NTYPE_BAD_PROPOSAL_SYNTAX; - goto end; - } - hash = (struct isakmp_pl_hash *)pa->ptr; - pa++; - - /* - * this restriction was introduced in isakmp-oakley-05. - * we do not check this for backward compatibility. - * TODO: command line/config file option to enable/disable this code - */ - /* HASH payload is fixed postion */ - if (pa->type != ISAKMP_NPTYPE_SA) { - plog(LLV_WARNING, LOCATION, iph2->ph1->remote, - "received invalid next payload type %d, " - "expecting %d.\n", - pa->type, ISAKMP_NPTYPE_HASH); - error = ISAKMP_NTYPE_BAD_PROPOSAL_SYNTAX; - } - - /* allocate buffer for computing HASH(1) */ - tlen = ntohl(isakmp->len) - sizeof(*isakmp); - hbuf = vmalloc(tlen); - if (hbuf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer.\n"); - goto end; - } - p = hbuf->v; - - /* - * parse the payloads. - * copy non-HASH payloads into hbuf, so that we can validate HASH. - */ - iph2->sa = NULL; /* we don't support multi SAs. */ - iph2->nonce_p = NULL; - iph2->dhpub_p = NULL; - iph2->id_p = NULL; - iph2->id = NULL; - tlen = 0; /* count payload length except of HASH payload. */ - - /* - * IDi2 MUST be immediatelly followed by IDr2. We allowed the - * illegal case, but logged. First ID payload is to be IDi2. - * And next ID payload is to be IDr2. - */ - f_id_order = 0; - - for (; pa->type; pa++) { - - /* copy to buffer for HASH */ - /* Don't modify the payload */ - memcpy(p, pa->ptr, pa->len); - - if (pa->type != ISAKMP_NPTYPE_ID) - f_id_order = 0; - - switch (pa->type) { - case ISAKMP_NPTYPE_SA: - if (iph2->sa != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "Multi SAs isn't supported.\n"); - goto end; - } - if (isakmp_p2ph(&iph2->sa, pa->ptr) < 0) - goto end; - break; - - case ISAKMP_NPTYPE_NONCE: - if (isakmp_p2ph(&iph2->nonce_p, pa->ptr) < 0) - goto end; - break; - - case ISAKMP_NPTYPE_KE: - if (isakmp_p2ph(&iph2->dhpub_p, pa->ptr) < 0) - goto end; - break; - - case ISAKMP_NPTYPE_ID: - if (iph2->id_p == NULL) { - /* for IDci */ - f_id_order++; - - if (isakmp_p2ph(&iph2->id_p, pa->ptr) < 0) - goto end; - - } else if (iph2->id == NULL) { - /* for IDcr */ - if (f_id_order == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "IDr2 payload is not " - "immediatelly followed " - "by IDi2. We allowed.\n"); - /* XXX we allowed in this case. */ - } - - if (isakmp_p2ph(&iph2->id, pa->ptr) < 0) - goto end; - } else { - plog(LLV_ERROR, LOCATION, NULL, - "received too many ID payloads.\n"); - plogdump(LLV_ERROR, iph2->id->v, iph2->id->l); - error = ISAKMP_NTYPE_INVALID_ID_INFORMATION; - goto end; - } - break; - - case ISAKMP_NPTYPE_N: - isakmp_check_notify(pa->ptr, iph2->ph1); - break; - -#if IKE_NAT_T - case ISAKMP_NPTYPE_NATOA_RFC: - case ISAKMP_NPTYPE_NATOA_DRAFT: - case ISAKMP_NPTYPE_NATOA_BADDRAFT: - /* Ignore original source/destination messages */ - break; -#endif - - default: - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - error = ISAKMP_NTYPE_PAYLOAD_MALFORMED; - goto end; - } - - p += pa->len; - - /* compute true length of payload. */ - tlen += pa->len; - } - - /* payload existency check */ - if (hash == NULL || iph2->sa == NULL || iph2->nonce_p == NULL) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "few isakmp message received.\n"); - error = ISAKMP_NTYPE_PAYLOAD_MALFORMED; - goto end; - } - - if (iph2->id_p) { - plog(LLV_DEBUG, LOCATION, NULL, "received IDci2:"); - plogdump(LLV_DEBUG, iph2->id_p->v, iph2->id_p->l); - } - if (iph2->id) { - plog(LLV_DEBUG, LOCATION, NULL, "received IDcr2:"); - plogdump(LLV_DEBUG, iph2->id->v, iph2->id->l); - } - - /* adjust buffer length for HASH */ - hbuf->l = tlen; - - /* validate HASH(1) */ - { - char *r_hash; - vchar_t *my_hash = NULL; - int result; - - r_hash = (caddr_t)hash + sizeof(*hash); - - plog(LLV_DEBUG, LOCATION, NULL, "HASH(1) validate:"); - plogdump(LLV_DEBUG, r_hash, ntohs(hash->h.len) - sizeof(*hash)); - - my_hash = oakley_compute_hash1(iph2->ph1, iph2->msgid, hbuf); - if (my_hash == NULL) - goto end; - - result = memcmp(my_hash->v, r_hash, my_hash->l); - vfree(my_hash); - - if (result) { - plog(LLV_DEBUG, LOCATION, iph2->ph1->remote, - "HASH(1) mismatch.\n"); - error = ISAKMP_NTYPE_INVALID_HASH_INFORMATION; - goto end; - } - } - - /* get sainfo */ - error = get_sainfo_r(iph2); - if (error) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get sainfo.\n"); - goto end; - } - - /* check the existence of ID payload and create responder's proposal */ - error = get_proposal_r(iph2); - switch (error) { - case -2: - /* generate a policy template from peer's proposal */ - if (set_proposal_from_proposal(iph2)) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to generate a proposal template " - "from client's proposal.\n"); - return ISAKMP_INTERNAL_ERROR; - } - /*FALLTHROUGH*/ - case 0: - /* select single proposal or reject it. */ - if (ipsecdoi_selectph2proposal(iph2) < 0) { - error = ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN; - goto end; - } - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "failed to get proposal for responder.\n"); - goto end; - } - - /* check KE and attribute of PFS */ - if (iph2->dhpub_p != NULL && iph2->approval->pfs_group == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "no PFS is specified, but peer sends KE.\n"); - error = ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN; - goto end; - } - if (iph2->dhpub_p == NULL && iph2->approval->pfs_group != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "PFS is specified, but peer doesn't sends KE.\n"); - error = ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN; - goto end; - } - - /* - * save the packet from the initiator in order to resend the - * responder's first packet against this packet. - */ - iph2->msg1 = vdup(msg0); - - /* change status of isakmp status entry */ - iph2->status = PHASE2ST_STATUS2; - - error = 0; - -end: - if (hbuf) - vfree(hbuf); - if (msg) - vfree(msg); - if (pbuf) - vfree(pbuf); - - if (error) { - VPTRINIT(iph2->sa); - VPTRINIT(iph2->nonce_p); - VPTRINIT(iph2->dhpub_p); - VPTRINIT(iph2->id); - VPTRINIT(iph2->id_p); - } - - return error; -} - -/* - * call pfkey_getspi. - */ -int -quick_r1prep(iph2, msg) - struct ph2handle *iph2; - vchar_t *msg; -{ - int error = ISAKMP_INTERNAL_ERROR; - - /* validity check */ - if (iph2->status != PHASE2ST_STATUS2) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - iph2->status = PHASE2ST_GETSPISENT; - - /* send getspi message */ - if (pk_sendgetspi(iph2) < 0) - goto end; - - plog(LLV_DEBUG, LOCATION, NULL, "pfkey getspi sent.\n"); - - iph2->sce = sched_new(lcconf->wait_ph2complete, - pfkey_timeover_stub, iph2); - - error = 0; - -end: - return error; -} - -/* - * send to initiator - * HDR*, HASH(2), SA, Nr [, KE ] [, IDi2, IDr2 ] - */ -int -quick_r2send(iph2, msg) - struct ph2handle *iph2; - vchar_t *msg; -{ - vchar_t *body = NULL; - vchar_t *hash = NULL; - vchar_t *natoa_i = NULL; - vchar_t *natoa_r = NULL; - int natoa_type = 0; - int encmode; - struct isakmp_gen *gen; - char *p; - int tlen; - int error = ISAKMP_INTERNAL_ERROR; - int pfsgroup; - u_int8_t *np_p = NULL; - - /* validity check */ - if (msg != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "msg has to be NULL in this function.\n"); - goto end; - } - if (iph2->status != PHASE2ST_GETSPIDONE) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - /* update responders SPI */ - if (ipsecdoi_updatespi(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "failed to update spi.\n"); - goto end; - } - - /* generate NONCE value */ - iph2->nonce = eay_set_random(iph2->ph1->rmconf->nonce_size); - if (iph2->nonce == NULL) - goto end; - - /* generate KE value if need */ - pfsgroup = iph2->approval->pfs_group; - if (iph2->dhpub_p != NULL && pfsgroup != 0) { - /* DH group settting if PFS is required. */ - if (oakley_setdhgroup(pfsgroup, &iph2->pfsgrp) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to set DH value.\n"); - goto end; - } - /* generate DH public value */ - if (oakley_dh_generate(iph2->pfsgrp, - &iph2->dhpub, &iph2->dhpriv) < 0) { - goto end; - } - } - - /* create SA;NONCE payload, and KE and ID if need */ - tlen = sizeof(*gen) + iph2->sa_ret->l - + sizeof(*gen) + iph2->nonce->l; - if (iph2->dhpub_p != NULL && pfsgroup != 0) - tlen += (sizeof(*gen) + iph2->dhpub->l); - if (iph2->id_p != NULL) - tlen += (sizeof(*gen) + iph2->id_p->l - + sizeof(*gen) + iph2->id->l); - - /* create natoa payloads if needed */ - encmode = iph2->approval->head->encmode; - if (encmode == IPSECDOI_ATTR_ENC_MODE_TRNS || - encmode == IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC || - encmode == IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT) { - - natoa_type = create_natoa_payloads(iph2, &natoa_i, &natoa_r); - if (natoa_type == -1) - goto end; - else if (natoa_type != 0) { - tlen += sizeof(*gen) + natoa_i->l; - tlen += sizeof(*gen) + natoa_r->l; - } - } - - body = vmalloc(tlen); - if (body == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - p = body->v; - - /* make SA payload */ - p = set_isakmp_payload(body->v, iph2->sa_ret, ISAKMP_NPTYPE_NONCE); - - /* add NONCE payload */ - np_p = &((struct isakmp_gen *)p)->np; /* XXX */ - p = set_isakmp_payload(p, iph2->nonce, - (iph2->dhpub_p != NULL && pfsgroup != 0) - ? ISAKMP_NPTYPE_KE - : (iph2->id_p != NULL - ? ISAKMP_NPTYPE_ID - : (natoa_type ? natoa_type : ISAKMP_NPTYPE_NONE))); - - /* add KE payload if need. */ - if (iph2->dhpub_p != NULL && pfsgroup != 0) { - np_p = &((struct isakmp_gen *)p)->np; /* XXX */ - p = set_isakmp_payload(p, iph2->dhpub, - (iph2->id_p == NULL) - ? (natoa_type ? natoa_type : ISAKMP_NPTYPE_NONE) - : ISAKMP_NPTYPE_ID); - } - - /* add ID payloads received. */ - if (iph2->id_p != NULL) { - /* IDci */ - p = set_isakmp_payload(p, iph2->id_p, ISAKMP_NPTYPE_ID); - /* IDcr */ - np_p = &((struct isakmp_gen *)p)->np; /* XXX */ - p = set_isakmp_payload(p, iph2->id, (natoa_type ? natoa_type : ISAKMP_NPTYPE_NONE)); - } - - /* add a RESPONDER-LIFETIME notify payload if needed */ - { - vchar_t *data = NULL; - struct saprop *pp = iph2->approval; - struct saproto *pr; - - if (pp->claim & IPSECDOI_ATTR_SA_LD_TYPE_SEC) { - u_int32_t v = htonl((u_int32_t)pp->lifetime); - data = isakmp_add_attr_l(data, IPSECDOI_ATTR_SA_LD_TYPE, - IPSECDOI_ATTR_SA_LD_TYPE_SEC); - if (!data) - goto end; - data = isakmp_add_attr_v(data, IPSECDOI_ATTR_SA_LD, - (caddr_t)&v, sizeof(v)); - if (!data) - goto end; - } - if (pp->claim & IPSECDOI_ATTR_SA_LD_TYPE_KB) { - u_int32_t v = htonl((u_int32_t)pp->lifebyte); - data = isakmp_add_attr_l(data, IPSECDOI_ATTR_SA_LD_TYPE, - IPSECDOI_ATTR_SA_LD_TYPE_KB); - if (!data) - goto end; - data = isakmp_add_attr_v(data, IPSECDOI_ATTR_SA_LD, - (caddr_t)&v, sizeof(v)); - if (!data) - goto end; - } - - /* - * XXX Is there only single RESPONDER-LIFETIME payload in a IKE message - * in the case of SA bundle ? - */ - if (data) { - for (pr = pp->head; pr; pr = pr->next) { - body = isakmp_add_pl_n(body, &np_p, - ISAKMP_NTYPE_RESPONDER_LIFETIME, pr, data); - if (!body) { - vfree(data); - return error; /* XXX */ - } - } - vfree(data); - } - } - - /* natoa */ - if (natoa_type) { - p = set_isakmp_payload(p, natoa_i, natoa_type); - p = set_isakmp_payload(p, natoa_r, ISAKMP_NPTYPE_NONE); - } - - /* generate HASH(2) */ - { - vchar_t *tmp; - - tmp = vmalloc(iph2->nonce_p->l + body->l); - if (tmp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer.\n"); - goto end; - } - memcpy(tmp->v, iph2->nonce_p->v, iph2->nonce_p->l); - memcpy(tmp->v + iph2->nonce_p->l, body->v, body->l); - - hash = oakley_compute_hash1(iph2->ph1, iph2->msgid, tmp); - vfree(tmp); - - if (hash == NULL) - goto end; - } - - /* send isakmp payload */ - iph2->sendbuf = quick_ir1mx(iph2, body, hash); - if (iph2->sendbuf == NULL) - goto end; - - /* send the packet, add to the schedule to resend */ - iph2->retry_counter = iph2->ph1->rmconf->retry_counter; - if (isakmp_ph2resend(iph2) == -1) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph2->ph1->remote, iph2->ph1->local, iph2->sendbuf, iph2->msg1) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - /* change status of isakmp status entry */ - iph2->status = PHASE2ST_MSG1SENT; - - error = 0; - -end: - if (body != NULL) - vfree(body); - if (hash != NULL) - vfree(hash); - if (natoa_i) - vfree(natoa_i); - if (natoa_r) - vfree(natoa_r); - - - return error; -} - -/* - * receive from initiator - * HDR*, HASH(3) - */ -int -quick_r3recv(iph2, msg0) - struct ph2handle *iph2; - vchar_t *msg0; -{ - vchar_t *msg = NULL; - vchar_t *pbuf = NULL; /* for payload parsing */ - struct isakmp_parse_t *pa; - struct isakmp_pl_hash *hash = NULL; - int error = ISAKMP_INTERNAL_ERROR; - - /* validity check */ - if (iph2->status != PHASE2ST_MSG1SENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - /* decrypt packet */ - if (!ISSET(((struct isakmp *)msg0->v)->flags, ISAKMP_FLAG_E)) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "Packet wasn't encrypted.\n"); - goto end; - } - msg = oakley_do_decrypt(iph2->ph1, msg0, iph2->ivm->iv, iph2->ivm->ive); - if (msg == NULL) - goto end; - - /* validate the type of next payload */ - pbuf = isakmp_parse(msg); - if (pbuf == NULL) - goto end; - - for (pa = (struct isakmp_parse_t *)pbuf->v; - pa->type != ISAKMP_NPTYPE_NONE; - pa++) { - - switch (pa->type) { - case ISAKMP_NPTYPE_HASH: - hash = (struct isakmp_pl_hash *)pa->ptr; - break; - case ISAKMP_NPTYPE_N: - isakmp_check_notify(pa->ptr, iph2->ph1); - break; - default: - /* don't send information, see ident_r1recv() */ - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "ignore the packet, " - "received unexpecting payload type %d.\n", - pa->type); - goto end; - } - } - - /* payload existency check */ - if (hash == NULL) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "few isakmp message received.\n"); - goto end; - } - - /* validate HASH(3) */ - /* HASH(3) = prf(SKEYID_a, 0 | M-ID | Ni_b | Nr_b) */ - { - char *r_hash; - vchar_t *my_hash = NULL; - vchar_t *tmp = NULL; - int result; - - r_hash = (char *)hash + sizeof(*hash); - - plog(LLV_DEBUG, LOCATION, NULL, "HASH(3) validate:"); - plogdump(LLV_DEBUG, r_hash, ntohs(hash->h.len) - sizeof(*hash)); - - tmp = vmalloc(iph2->nonce_p->l + iph2->nonce->l); - if (tmp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer.\n"); - goto end; - } - memcpy(tmp->v, iph2->nonce_p->v, iph2->nonce_p->l); - memcpy(tmp->v + iph2->nonce_p->l, iph2->nonce->v, iph2->nonce->l); - - my_hash = oakley_compute_hash3(iph2->ph1, iph2->msgid, tmp); - vfree(tmp); - if (my_hash == NULL) - goto end; - - result = memcmp(my_hash->v, r_hash, my_hash->l); - vfree(my_hash); - - if (result) { - plog(LLV_ERROR, LOCATION, iph2->ph1->remote, - "HASH(3) mismatch.\n"); - error = ISAKMP_NTYPE_INVALID_HASH_INFORMATION; - goto end; - } - } - - /* if there is commit bit, don't set up SA now. */ - if (ISSET(iph2->flags, ISAKMP_FLAG_C)) { - iph2->status = PHASE2ST_COMMIT; - } else - iph2->status = PHASE2ST_STATUS6; - - error = 0; - -end: - if (pbuf != NULL) - vfree(pbuf); - if (msg != NULL) - vfree(msg); - - return error; -} - -/* - * send to initiator - * HDR#*, HASH(4), notify - */ -int -quick_r3send(iph2, msg0) - struct ph2handle *iph2; - vchar_t *msg0; -{ - vchar_t *buf = NULL; - vchar_t *myhash = NULL; - struct isakmp_pl_n *n; - vchar_t *notify = NULL; - char *p; - int tlen; - int error = ISAKMP_INTERNAL_ERROR; - - /* validity check */ - if (iph2->status != PHASE2ST_COMMIT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - /* generate HASH(4) */ - /* XXX What can I do in the case of multiple different SA */ - plog(LLV_DEBUG, LOCATION, NULL, "HASH(4) generate\n"); - - /* XXX What should I do if there are multiple SAs ? */ - tlen = sizeof(struct isakmp_pl_n) + iph2->approval->head->spisize; - notify = vmalloc(tlen); - if (notify == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get notify buffer.\n"); - goto end; - } - n = (struct isakmp_pl_n *)notify->v; - n->h.np = ISAKMP_NPTYPE_NONE; - n->h.len = htons(tlen); - n->doi = IPSEC_DOI; - n->proto_id = iph2->approval->head->proto_id; - n->spi_size = sizeof(iph2->approval->head->spisize); - n->type = htons(ISAKMP_NTYPE_CONNECTED); - memcpy(n + 1, &iph2->approval->head->spi, iph2->approval->head->spisize); - - myhash = oakley_compute_hash1(iph2->ph1, iph2->msgid, notify); - if (myhash == NULL) - goto end; - - /* create buffer for isakmp payload */ - tlen = sizeof(struct isakmp) - + sizeof(struct isakmp_gen) + myhash->l - + notify->l; - buf = vmalloc(tlen); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* create isakmp header */ - p = set_isakmp_header2(buf, iph2, ISAKMP_NPTYPE_HASH); - if (p == NULL) - goto end; - - /* add HASH(4) payload */ - p = set_isakmp_payload(p, myhash, ISAKMP_NPTYPE_N); - - /* add notify payload */ - memcpy(p, notify->v, notify->l); - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(buf, iph2->ph1->local, iph2->ph1->remote, 1); -#endif - - /* encoding */ - iph2->sendbuf = oakley_do_encrypt(iph2->ph1, buf, iph2->ivm->ive, iph2->ivm->iv); - if (iph2->sendbuf == NULL) - goto end; - - /* send the packet */ - if (isakmp_send(iph2->ph1, iph2->sendbuf) < 0) - goto end; - - /* the sending message is added to the received-list. */ - if (add_recvdpkt(iph2->ph1->remote, iph2->ph1->local, iph2->sendbuf, msg0) == -1) { - plog(LLV_ERROR , LOCATION, NULL, - "failed to add a response packet to the tree.\n"); - goto end; - } - - iph2->status = PHASE2ST_COMMIT; - - error = 0; - -end: - if (buf != NULL) - vfree(buf); - if (myhash != NULL) - vfree(myhash); - if (notify != NULL) - vfree(notify); - - return error; -} - -/* - * set SA to kernel. - */ -int -quick_r3prep(iph2, msg0) - struct ph2handle *iph2; - vchar_t *msg0; -{ - vchar_t *msg = NULL; - int error = ISAKMP_INTERNAL_ERROR; - - /* validity check */ - if (iph2->status != PHASE2ST_STATUS6) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatched %d.\n", iph2->status); - goto end; - } - - /* compute both of KEYMATs */ - if (oakley_compute_keymat(iph2, RESPONDER) < 0) - goto end; - - iph2->status = PHASE2ST_ADDSA; - iph2->flags ^= ISAKMP_FLAG_C; /* reset bit */ - - /* don't anything if local test mode. */ - if (f_local) { - error = 0; - goto end; - } - - /* Do UPDATE as responder */ - plog(LLV_DEBUG, LOCATION, NULL, "call pk_sendupdate\n"); - if (pk_sendupdate(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "pfkey update failed.\n"); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "pfkey update sent.\n"); - - /* Do ADD for responder */ - if (pk_sendadd(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "pfkey add failed.\n"); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "pfkey add sent.\n"); - - /* - * set policies into SPD if the policy is generated - * from peer's policy. - */ - if (iph2->spidx_gen) { - - struct policyindex *spidx; - struct sockaddr_storage addr; - u_int8_t pref; - struct sockaddr *src = iph2->src; - struct sockaddr *dst = iph2->dst; - - /* make inbound policy */ - iph2->src = dst; - iph2->dst = src; - if (pk_sendspdupdate2(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "pfkey spdupdate2(inbound) failed.\n"); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, - "pfkey spdupdate2(inbound) sent.\n"); - - /* make outbound policy */ - iph2->src = src; - iph2->dst = dst; - spidx = (struct policyindex *)iph2->spidx_gen; - spidx->dir = IPSEC_DIR_OUTBOUND; - addr = spidx->src; - spidx->src = spidx->dst; - spidx->dst = addr; - pref = spidx->prefs; - spidx->prefs = spidx->prefd; - spidx->prefd = pref; - - if (pk_sendspdupdate2(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "pfkey spdupdate2(outbound) failed.\n"); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, - "pfkey spdupdate2(outbound) sent.\n"); - - /* spidx_gen is unnecessary any more */ - delsp_bothdir((struct policyindex *)iph2->spidx_gen); - racoon_free(iph2->spidx_gen); - iph2->spidx_gen = NULL; - } - - error = 0; - -end: - if (msg != NULL) - vfree(msg); - - return error; -} - -/* - * create HASH, body (SA, NONCE) payload with isakmp header. - */ -static vchar_t * -quick_ir1mx(iph2, body, hash) - struct ph2handle *iph2; - vchar_t *body, *hash; -{ - struct isakmp *isakmp; - vchar_t *buf = NULL, *new = NULL; - char *p; - int tlen; - struct isakmp_gen *gen; - int error = ISAKMP_INTERNAL_ERROR; - - /* create buffer for isakmp payload */ - tlen = sizeof(*isakmp) - + sizeof(*gen) + hash->l - + body->l; - buf = vmalloc(tlen); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send.\n"); - goto end; - } - - /* re-set encryption flag, for serurity. */ - iph2->flags |= ISAKMP_FLAG_E; - - /* set isakmp header */ - p = set_isakmp_header2(buf, iph2, ISAKMP_NPTYPE_HASH); - if (p == NULL) - goto end; - - /* add HASH payload */ - /* XXX is next type always SA ? */ - p = set_isakmp_payload(p, hash, ISAKMP_NPTYPE_SA); - - /* add body payload */ - memcpy(p, body->v, body->l); - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(buf, iph2->ph1->local, iph2->ph1->remote, 1); -#endif - - /* encoding */ - new = oakley_do_encrypt(iph2->ph1, buf, iph2->ivm->ive, iph2->ivm->iv); - if (new == NULL) - goto end; - - vfree(buf); - - buf = new; - - error = 0; - -end: - if (error && buf != NULL) { - vfree(buf); - buf = NULL; - } - - return buf; -} - -/* - * get remote's sainfo. - * NOTE: this function is for responder. - */ -static int -get_sainfo_r(iph2) - struct ph2handle *iph2; -{ - vchar_t *idsrc = NULL, *iddst = NULL; - int prefixlen; - int error = ISAKMP_INTERNAL_ERROR; - - if (iph2->id_p == NULL) { - switch (iph2->src->sa_family) { - case AF_INET: - prefixlen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - prefixlen = sizeof(struct in6_addr) << 3; - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", iph2->src->sa_family); - goto end; - } - idsrc = ipsecdoi_sockaddr2id(iph2->src, prefixlen, - IPSEC_ULPROTO_ANY); - } else { - idsrc = vdup(iph2->id); - } - if (idsrc == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to set ID for source.\n"); - goto end; - } - - if (iph2->id == NULL) { - switch (iph2->dst->sa_family) { - case AF_INET: - prefixlen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - prefixlen = sizeof(struct in6_addr) << 3; - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", iph2->dst->sa_family); - goto end; - } - iddst = ipsecdoi_sockaddr2id(iph2->dst, prefixlen, - IPSEC_ULPROTO_ANY); - } else { - iddst = vdup(iph2->id_p); - } - if (iddst == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to set ID for destination.\n"); - goto end; - } - - iph2->sainfo = getsainfo(idsrc, iddst); - if (iph2->sainfo == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get sainfo.\n"); - goto end; - } - - plog(LLV_DEBUG, LOCATION, NULL, - "get sa info: %s\n", sainfo2str(iph2->sainfo)); - - error = 0; -end: - if (idsrc) - vfree(idsrc); - if (iddst) - vfree(iddst); - - return error; -} - -/* - * Copy both IP addresses in ID payloads into [src,dst]_id if both ID types - * are IP address and same address family. - * Then get remote's policy from SPD copied from kernel. - * If the type of ID payload is address or subnet type, then the index is - * made from the payload. If there is no ID payload, or the type of ID - * payload is NOT address type, then the index is made from the address - * pair of phase 1. - * NOTE: This function is only for responder. - */ -static int -get_proposal_r(iph2) - struct ph2handle *iph2; -{ - struct policyindex spidx; - struct secpolicy *sp_in, *sp_out; - int idi2type = 0; /* switch whether copy IDs into id[src,dst]. */ - int error = ISAKMP_INTERNAL_ERROR; - - /* check the existence of ID payload */ - if ((iph2->id_p != NULL && iph2->id == NULL) - || (iph2->id_p == NULL && iph2->id != NULL)) { - plog(LLV_ERROR, LOCATION, NULL, - "Both IDs wasn't found in payload.\n"); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - - /* make sure if id[src,dst] is null. */ - if (iph2->src_id || iph2->dst_id) { - plog(LLV_ERROR, LOCATION, NULL, - "Why do ID[src,dst] exist already.\n"); - return ISAKMP_INTERNAL_ERROR; - } - - memset(&spidx, 0, sizeof(spidx)); - -#define _XIDT(d) ((struct ipsecdoi_id_b *)(d)->v)->type - - /* make a spidx; a key to search SPD */ - spidx.dir = IPSEC_DIR_INBOUND; - spidx.ul_proto = 0; - - /* - * make destination address in spidx from either ID payload - * or phase 1 address into a address in spidx. - */ - if (iph2->id != NULL - && (_XIDT(iph2->id) == IPSECDOI_ID_IPV4_ADDR - || _XIDT(iph2->id) == IPSECDOI_ID_IPV6_ADDR - || _XIDT(iph2->id) == IPSECDOI_ID_IPV4_ADDR_SUBNET - || _XIDT(iph2->id) == IPSECDOI_ID_IPV6_ADDR_SUBNET)) { - /* get a destination address of a policy */ - error = ipsecdoi_id2sockaddr(iph2->id, - (struct sockaddr *)&spidx.dst, - &spidx.prefd, &spidx.ul_proto); - if (error) - return error; - -#ifdef INET6 - /* - * get scopeid from the SA address. - * note that the phase 1 source address is used as - * a destination address to search for a inbound policy entry - * because rcoon is responder. - */ - if (_XIDT(iph2->id) == IPSECDOI_ID_IPV6_ADDR) { - error = setscopeid((struct sockaddr *)&spidx.dst, - iph2->src); - if (error) - return error; - } -#endif - - if (_XIDT(iph2->id) == IPSECDOI_ID_IPV4_ADDR - || _XIDT(iph2->id) == IPSECDOI_ID_IPV6_ADDR) - idi2type = _XIDT(iph2->id); - - } else { - - plog(LLV_DEBUG, LOCATION, NULL, - "get a destination address of SP index " - "from phase1 address " - "due to no ID payloads found " - "OR because ID type is not address.\n"); - - /* - * copy the SOURCE address of IKE into the DESTINATION address - * of the key to search the SPD because the direction of policy - * is inbound. - */ - memcpy(&spidx.dst, iph2->src, iph2->src->sa_len); - switch (spidx.dst.ss_family) { - case AF_INET: - spidx.prefd = sizeof(struct in_addr) << 3; - break; -#ifdef INET6 - case AF_INET6: - spidx.prefd = sizeof(struct in6_addr) << 3; - break; -#endif - default: - spidx.prefd = 0; - break; - } - } - - /* make source address in spidx */ - if (iph2->id_p != NULL - && (_XIDT(iph2->id_p) == IPSECDOI_ID_IPV4_ADDR - || _XIDT(iph2->id_p) == IPSECDOI_ID_IPV6_ADDR - || _XIDT(iph2->id_p) == IPSECDOI_ID_IPV4_ADDR_SUBNET - || _XIDT(iph2->id_p) == IPSECDOI_ID_IPV6_ADDR_SUBNET)) { - /* get a source address of inbound SA */ - error = ipsecdoi_id2sockaddr(iph2->id_p, - (struct sockaddr *)&spidx.src, - &spidx.prefs, &spidx.ul_proto); - if (error) - return error; - -#ifdef INET6 - /* - * get scopeid from the SA address. - * for more detail, see above of this function. - */ - if (_XIDT(iph2->id_p) == IPSECDOI_ID_IPV6_ADDR) { - error = setscopeid((struct sockaddr *)&spidx.src, - iph2->dst); - if (error) - return error; - } -#endif - - /* make id[src,dst] if both ID types are IP address and same */ - if (_XIDT(iph2->id_p) == idi2type - && spidx.dst.ss_family == spidx.src.ss_family) { - iph2->src_id = dupsaddr((struct sockaddr *)&spidx.dst); - iph2->dst_id = dupsaddr((struct sockaddr *)&spidx.src); - } - - } else { - plog(LLV_DEBUG, LOCATION, NULL, - "get a source address of SP index " - "from phase1 address " - "due to no ID payloads found " - "OR because ID type is not address.\n"); - - /* see above comment. */ - memcpy(&spidx.src, iph2->dst, iph2->dst->sa_len); - switch (spidx.src.ss_family) { - case AF_INET: - spidx.prefs = sizeof(struct in_addr) << 3; - break; -#ifdef INET6 - case AF_INET6: - spidx.prefs = sizeof(struct in6_addr) << 3; - break; -#endif - default: - spidx.prefs = 0; - break; - } - } - -#undef _XIDT - - plog(LLV_DEBUG, LOCATION, NULL, - "get a src address from ID payload " - "%s prefixlen=%u ul_proto=%u\n", - saddr2str((struct sockaddr *)&spidx.src), - spidx.prefs, spidx.ul_proto); - plog(LLV_DEBUG, LOCATION, NULL, - "get dst address from ID payload " - "%s prefixlen=%u ul_proto=%u\n", - saddr2str((struct sockaddr *)&spidx.dst), - spidx.prefd, spidx.ul_proto); - - /* - * convert the ul_proto if it is 0 - * because 0 in ID payload means a wild card. - */ - if (spidx.ul_proto == 0) - spidx.ul_proto = IPSEC_ULPROTO_ANY; - - /* get inbound policy */ - sp_in = getsp_r(&spidx); - if (sp_in == NULL) { - if (iph2->ph1->rmconf->gen_policy) { - plog(LLV_INFO, LOCATION, NULL, - "no policy found, " - "try to generate the policy : %s\n", - spidx2str(&spidx)); - iph2->spidx_gen = racoon_malloc(sizeof(spidx)); - if (!iph2->spidx_gen) { - plog(LLV_ERROR, LOCATION, NULL, - "buffer allocation failed.\n"); - return ISAKMP_INTERNAL_ERROR; - } - memcpy(iph2->spidx_gen, &spidx, sizeof(spidx)); - return -2; /* special value */ - } - plog(LLV_ERROR, LOCATION, NULL, - "no policy found: %s\n", spidx2str(&spidx)); - return ISAKMP_INTERNAL_ERROR; - } - - /* get outbound policy */ - { - struct sockaddr_storage addr; - u_int8_t pref; - - spidx.dir = IPSEC_DIR_OUTBOUND; - addr = spidx.src; - spidx.src = spidx.dst; - spidx.dst = addr; - pref = spidx.prefs; - spidx.prefs = spidx.prefd; - spidx.prefd = pref; - - sp_out = getsp_r(&spidx); - if (!sp_out) { - plog(LLV_WARNING, LOCATION, NULL, - "no outbound policy found: %s\n", - spidx2str(&spidx)); - } - } - - plog(LLV_DEBUG, LOCATION, NULL, - "suitable SP found:%s\n", spidx2str(&spidx)); - - /* - * In the responder side, the inbound policy should be using IPsec. - * outbound policy is not checked currently. - */ - if (sp_in->policy != IPSEC_POLICY_IPSEC) { - plog(LLV_ERROR, LOCATION, NULL, - "policy found, but no IPsec required: %s\n", - spidx2str(&spidx)); - return ISAKMP_INTERNAL_ERROR; - } - - /* set new proposal derived from a policy into the iph2->proposal. */ - if (set_proposal_from_policy(iph2, sp_in, sp_out) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to create saprop.\n"); - return ISAKMP_INTERNAL_ERROR; - } - - return 0; -} - -static int -create_natoa_payloads(struct ph2handle *iph2, vchar_t **natoa_i, vchar_t **natoa_r) -{ - int natoa_type = 0; - int natt_type; - vchar_t *i; - vchar_t *r; - u_int8_t *p; - size_t src_size; - size_t dst_size; - - *natoa_i = *natoa_r = NULL; - - - /* create natoa payloads if natt being used */ - /* don't send if type == apple */ - if ((natt_type = natd_hasnat(iph2->ph1)) != 0) - if (natt_type == natt_type_rfc) - natoa_type = ISAKMP_NPTYPE_NATOA_RFC; - else if (natt_type == natt_type_02 || natt_type == natt_type_02N) - natoa_type = ISAKMP_NPTYPE_NATOA_DRAFT; - - if (natoa_type == 0) - return 0; - - switch (iph2->src->sa_family) { - case AF_INET: - src_size = sizeof(in_addr_t); - break; -#ifdef INET6 - case AF_INET6: - src_size = sizeof(struct in6_addr); - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid address family: %d\n", iph2->src->sa_family); - return -1; - } - - switch (iph2->dst->sa_family) { - case AF_INET: - dst_size = sizeof(in_addr_t); - break; -#ifdef INET6 - case AF_INET6: - dst_size = sizeof(struct in6_addr); - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid address family: %d\n", iph2->dst->sa_family); - return -1; - } - - i = vmalloc(sizeof(struct isakmp_pl_natoa) + src_size - sizeof(struct isakmp_gen)); - r = vmalloc(sizeof(struct isakmp_pl_natoa) + dst_size - sizeof(struct isakmp_gen)); - if (i == NULL || r == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer for natoa payload.\n"); - return -1; - } - - /* copy src address */ - p = i->v; - - switch (iph2->src->sa_family) { - case AF_INET: - *p = IPSECDOI_ID_IPV4_ADDR; - bcopy(&(((struct sockaddr_in *)iph2->src)->sin_addr.s_addr), p + sizeof(u_int32_t), src_size); - break; -#ifdef INET6 - case AF_INET6: - *p = IPSECDOI_ID_IPV6_ADDR; - bcopy(&(((struct sockaddr_in6 *)iph2->src)->sin6_addr), p + sizeof(u_int32_t), src_size); - break; -#endif - } - - /* copy dst address */ - p = r->v; - - switch (iph2->dst->sa_family) { - case AF_INET: - *p = IPSECDOI_ID_IPV4_ADDR; - bcopy(&(((struct sockaddr_in *)iph2->dst)->sin_addr.s_addr), p + sizeof(u_int32_t), dst_size); - break; -#ifdef INET6 - case AF_INET6: - *p = IPSECDOI_ID_IPV6_ADDR; - bcopy(&(((struct sockaddr_in6 *)iph2->dst)->sin6_addr), p + sizeof(u_int32_t), dst_size); - break; -#endif - } - - *natoa_i = i; - *natoa_r = r; - return natoa_type; -} - - - -#ifdef INET6 -static u_int32_t -setscopeid(sp_addr0, sa_addr0) - struct sockaddr *sp_addr0, *sa_addr0; -{ - struct sockaddr_in6 *sp_addr, *sa_addr; - - sp_addr = (struct sockaddr_in6 *)sp_addr0; - sa_addr = (struct sockaddr_in6 *)sa_addr0; - - if (!IN6_IS_ADDR_LINKLOCAL(&sp_addr->sin6_addr) - && !IN6_IS_ADDR_SITELOCAL(&sp_addr->sin6_addr) - && !IN6_IS_ADDR_MULTICAST(&sp_addr->sin6_addr)) - return 0; - - /* this check should not be here ? */ - if (sa_addr->sin6_family != AF_INET6) { - plog(LLV_ERROR, LOCATION, NULL, - "can't get scope ID: family mismatch\n"); - return -1; - } - - if (!IN6_IS_ADDR_LINKLOCAL(&sa_addr->sin6_addr)) { - plog(LLV_ERROR, LOCATION, NULL, - "scope ID is not supported except of lladdr.\n"); - return -1; - } - - sp_addr->sin6_scope_id = sa_addr->sin6_scope_id; - - return 0; -} -#endif diff --git a/racoon.tproj/isakmp_quick.h b/racoon.tproj/isakmp_quick.h deleted file mode 100644 index a6f7d15..0000000 --- a/racoon.tproj/isakmp_quick.h +++ /dev/null @@ -1,50 +0,0 @@ -/* $KAME: isakmp_quick.h,v 1.5 2000/10/04 17:41:01 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ISAKMP_QUICK_H__ -#define __ISAKMP_QUICK_H__ - - -extern int quick_i1prep __P((struct ph2handle *, vchar_t *)); -extern int quick_i1send __P((struct ph2handle *, vchar_t *)); -extern int quick_i2recv __P((struct ph2handle *, vchar_t *)); -extern int quick_i2send __P((struct ph2handle *, vchar_t *)); -extern int quick_i3recv __P((struct ph2handle *, vchar_t *)); - -extern int quick_r1recv __P((struct ph2handle *, vchar_t *)); -extern int quick_r1prep __P((struct ph2handle *, vchar_t *)); -extern int quick_r2send __P((struct ph2handle *, vchar_t *)); -extern int quick_r3recv __P((struct ph2handle *, vchar_t *)); -extern int quick_r3send __P((struct ph2handle *, vchar_t *)); -extern int quick_r3prep __P((struct ph2handle *, vchar_t *)); - -#endif /* __ISAKMP_QUICK_H__ */ - diff --git a/racoon.tproj/isakmp_var.h b/racoon.tproj/isakmp_var.h deleted file mode 100644 index 3c7936b..0000000 --- a/racoon.tproj/isakmp_var.h +++ /dev/null @@ -1,118 +0,0 @@ -/* $KAME: isakmp_var.h,v 1.20 2001/12/12 15:29:14 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __ISAKMP_VAR_H__ -#define __ISAKMP_VAR_H__ - -#define PORT_ISAKMP 500 -#define PORT_ISAKMP_NATT 4500 - -#define DEFAULT_NONCE_SIZE 16 - -typedef u_char cookie_t[8]; -typedef u_char msgid_t[4]; - -typedef struct { /* i_cookie + r_cookie */ - cookie_t i_ck; - cookie_t r_ck; -} isakmp_index; - -struct isakmp_gen; -struct sched; - -struct sockaddr; -struct ph1handle; -struct ph2handle; -struct remoteconf; -struct isakmp_gen; -struct ipsecdoi_pl_id; /* XXX */ -struct isakmp_pl_ke; /* XXX */ -struct isakmp_pl_nonce; /* XXX */ - -extern int isakmp_handler __P((int)); -extern int isakmp_natt_handler __P((int)); -extern int isakmp_ph1begin_i __P((struct remoteconf *, struct sockaddr *)); - -extern vchar_t *isakmp_parsewoh __P((int, struct isakmp_gen *, int)); -extern vchar_t *isakmp_parse __P((vchar_t *)); - -extern int isakmp_init __P((void)); -extern const char *isakmp_pindex __P((const isakmp_index *, const u_int32_t)); -extern int isakmp_open __P((void)); -extern void isakmp_close __P((void)); -extern void isakmp_close_sockets __P((void)); -extern void isakmp_close_unused __P((void)); -extern int isakmp_send __P((struct ph1handle *, vchar_t *)); - -extern void isakmp_ph1resend_stub __P((void *)); -extern int isakmp_ph1resend __P((struct ph1handle *)); -extern void isakmp_ph2resend_stub __P((void *)); -extern int isakmp_ph2resend __P((struct ph2handle *)); -extern void isakmp_ph1expire_stub __P((void *)); -extern void isakmp_ph1expire __P((struct ph1handle *)); -extern void isakmp_ph1delete_stub __P((void *)); -extern void isakmp_ph1delete __P((struct ph1handle *)); -extern void isakmp_ph2expire_stub __P((void *)); -extern void isakmp_ph2expire __P((struct ph2handle *)); -extern void isakmp_ph2delete_stub __P((void *)); -extern void isakmp_ph2delete __P((struct ph2handle *)); - -extern int isakmp_post_acquire __P((struct ph2handle *)); -extern int isakmp_post_getspi __P((struct ph2handle *)); -extern void isakmp_chkph1there_stub __P((void *)); -extern void isakmp_chkph1there __P((struct ph2handle *)); - -extern caddr_t isakmp_set_attr_v __P((caddr_t, int, caddr_t, int)); -extern caddr_t isakmp_set_attr_l __P((caddr_t, int, u_int32_t)); -extern vchar_t *isakmp_add_attr_v __P((vchar_t *, int, caddr_t, int)); -extern vchar_t *isakmp_add_attr_l __P((vchar_t *, int, u_int32_t)); - -extern int isakmp_newcookie __P((caddr_t, struct sockaddr *, struct sockaddr *)); - -extern int isakmp_p2ph __P((vchar_t **, struct isakmp_gen *)); - -extern u_int32_t isakmp_newmsgid2 __P((struct ph1handle *)); -extern caddr_t set_isakmp_header __P((vchar_t *, struct ph1handle *, int)); -extern caddr_t set_isakmp_header2 __P((vchar_t *, struct ph2handle *, int)); -extern caddr_t set_isakmp_payload __P((caddr_t, vchar_t *, int)); - -#ifdef HAVE_PRINT_ISAKMP_C -extern void isakmp_printpacket __P((vchar_t *, struct sockaddr *, - struct sockaddr *, int)); -#endif - -extern int copy_ph1addresses __P(( struct ph1handle *, - struct remoteconf *, struct sockaddr *, struct sockaddr *)); -extern void log_ph1established __P((const struct ph1handle *)); - - -#endif /* __ISAKMP_VAR_H__ */ - diff --git a/racoon.tproj/key_debug.c b/racoon.tproj/key_debug.c deleted file mode 100644 index ebd1f57..0000000 --- a/racoon.tproj/key_debug.c +++ /dev/null @@ -1,750 +0,0 @@ -/* $FreeBSD: src/sys/netkey/key_debug.c,v 1.10.2.2 2001/07/03 11:01:59 ume Exp $ */ -/* $KAME: key_debug.c,v 1.25 2000/07/24 13:23:12 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef _KERNEL -#include "opt_inet.h" -#include "opt_inet6.h" -#include "opt_ipsec.h" -#endif - -#include -#include -#ifdef _KERNEL -#include -#include -#include -#endif -#include - -#include - -#include - -#include -#include - -#ifndef _KERNEL -#include -#include -#include -#endif /* !_KERNEL */ - -#if !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG)) - -static void kdebug_sadb_prop __P((struct sadb_ext *)); -static void kdebug_sadb_identity __P((struct sadb_ext *)); -static void kdebug_sadb_supported __P((struct sadb_ext *)); -static void kdebug_sadb_lifetime __P((struct sadb_ext *)); -static void kdebug_sadb_sa __P((struct sadb_ext *)); -static void kdebug_sadb_address __P((struct sadb_ext *)); -static void kdebug_sadb_key __P((struct sadb_ext *)); -static void kdebug_sadb_x_sa2 __P((struct sadb_ext *)); - -#ifdef _KERNEL -static void kdebug_secreplay __P((struct secreplay *)); -#endif - -#ifndef _KERNEL -#define panic(param) { printf(param); exit(-1); } -#endif - -/* NOTE: host byte order */ - -/* %%%: about struct sadb_msg */ -void -kdebug_sadb(base) - struct sadb_msg *base; -{ - struct sadb_ext *ext; - int tlen, extlen; - - /* sanity check */ - if (base == NULL) - panic("kdebug_sadb: NULL pointer was passed.\n"); - - printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n", - base->sadb_msg_version, base->sadb_msg_type, - base->sadb_msg_errno, base->sadb_msg_satype); - printf(" len=%u reserved=%u seq=%u pid=%u\n", - base->sadb_msg_len, base->sadb_msg_reserved, - base->sadb_msg_seq, base->sadb_msg_pid); - - tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg); - ext = (struct sadb_ext *)((caddr_t)base + sizeof(struct sadb_msg)); - - while (tlen > 0) { - printf("sadb_ext{ len=%u type=%u }\n", - ext->sadb_ext_len, ext->sadb_ext_type); - - if (ext->sadb_ext_len == 0) { - printf("kdebug_sadb: invalid ext_len=0 was passed.\n"); - return; - } - if (ext->sadb_ext_len > tlen) { - printf("kdebug_sadb: ext_len exceeds end of buffer.\n"); - return; - } - - switch (ext->sadb_ext_type) { - case SADB_EXT_SA: - kdebug_sadb_sa(ext); - break; - case SADB_EXT_LIFETIME_CURRENT: - case SADB_EXT_LIFETIME_HARD: - case SADB_EXT_LIFETIME_SOFT: - kdebug_sadb_lifetime(ext); - break; - case SADB_EXT_ADDRESS_SRC: - case SADB_EXT_ADDRESS_DST: - case SADB_EXT_ADDRESS_PROXY: - kdebug_sadb_address(ext); - break; - case SADB_EXT_KEY_AUTH: - case SADB_EXT_KEY_ENCRYPT: - kdebug_sadb_key(ext); - break; - case SADB_EXT_IDENTITY_SRC: - case SADB_EXT_IDENTITY_DST: - kdebug_sadb_identity(ext); - break; - case SADB_EXT_SENSITIVITY: - break; - case SADB_EXT_PROPOSAL: - kdebug_sadb_prop(ext); - break; - case SADB_EXT_SUPPORTED_AUTH: - case SADB_EXT_SUPPORTED_ENCRYPT: - kdebug_sadb_supported(ext); - break; - case SADB_EXT_SPIRANGE: - case SADB_X_EXT_KMPRIVATE: - break; - case SADB_X_EXT_POLICY: - kdebug_sadb_x_policy(ext); - break; - case SADB_X_EXT_SA2: - kdebug_sadb_x_sa2(ext); - break; - default: - printf("kdebug_sadb: invalid ext_type %u was passed.\n", - ext->sadb_ext_type); - return; - } - - extlen = PFKEY_UNUNIT64(ext->sadb_ext_len); - tlen -= extlen; - ext = (struct sadb_ext *)((caddr_t)ext + extlen); - } - - return; -} - -static void -kdebug_sadb_prop(ext) - struct sadb_ext *ext; -{ - struct sadb_prop *prop = (struct sadb_prop *)ext; - struct sadb_comb *comb; - int len; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_prop: NULL pointer was passed.\n"); - - len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop)) - / sizeof(*comb); - comb = (struct sadb_comb *)(prop + 1); - printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay); - - while (len--) { - printf("sadb_comb{ auth=%u encrypt=%u " - "flags=0x%04x reserved=0x%08x\n", - comb->sadb_comb_auth, comb->sadb_comb_encrypt, - comb->sadb_comb_flags, comb->sadb_comb_reserved); - - printf(" auth_minbits=%u auth_maxbits=%u " - "encrypt_minbits=%u encrypt_maxbits=%u\n", - comb->sadb_comb_auth_minbits, - comb->sadb_comb_auth_maxbits, - comb->sadb_comb_encrypt_minbits, - comb->sadb_comb_encrypt_maxbits); - - printf(" soft_alloc=%u hard_alloc=%u " - "soft_bytes=%lu hard_bytes=%lu\n", - comb->sadb_comb_soft_allocations, - comb->sadb_comb_hard_allocations, - (unsigned long)comb->sadb_comb_soft_bytes, - (unsigned long)comb->sadb_comb_hard_bytes); - - printf(" soft_alloc=%lu hard_alloc=%lu " - "soft_bytes=%lu hard_bytes=%lu }\n", - (unsigned long)comb->sadb_comb_soft_addtime, - (unsigned long)comb->sadb_comb_hard_addtime, - (unsigned long)comb->sadb_comb_soft_usetime, - (unsigned long)comb->sadb_comb_hard_usetime); - comb++; - } - printf("}\n"); - - return; -} - -static void -kdebug_sadb_identity(ext) - struct sadb_ext *ext; -{ - struct sadb_ident *id = (struct sadb_ident *)ext; - int len; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_identity: NULL pointer was passed.\n"); - - len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id); - printf("sadb_ident_%s{", - id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst"); - switch (id->sadb_ident_type) { - default: - printf(" type=%d id=%lu", - id->sadb_ident_type, (u_long)id->sadb_ident_id); - if (len) { -#ifdef _KERNEL - ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/ -#else - char *p, *ep; - printf("\n str=\""); - p = (char *)(id + 1); - ep = p + len; - for (/*nothing*/; *p && p < ep; p++) { - if (isprint(*p)) - printf("%c", *p & 0xff); - else - printf("\\%03o", *p & 0xff); - } -#endif - printf("\""); - } - break; - } - - printf(" }\n"); - - return; -} - -static void -kdebug_sadb_supported(ext) - struct sadb_ext *ext; -{ - struct sadb_supported *sup = (struct sadb_supported *)ext; - struct sadb_alg *alg; - int len; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_supported: NULL pointer was passed.\n"); - - len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup)) - / sizeof(*alg); - alg = (struct sadb_alg *)(sup + 1); - printf("sadb_sup{\n"); - while (len--) { - printf(" { id=%d ivlen=%d min=%d max=%d }\n", - alg->sadb_alg_id, alg->sadb_alg_ivlen, - alg->sadb_alg_minbits, alg->sadb_alg_maxbits); - alg++; - } - printf("}\n"); - - return; -} - -static void -kdebug_sadb_lifetime(ext) - struct sadb_ext *ext; -{ - struct sadb_lifetime *lft = (struct sadb_lifetime *)ext; - - /* sanity check */ - if (ext == NULL) - printf("kdebug_sadb_lifetime: NULL pointer was passed.\n"); - - printf("sadb_lifetime{ alloc=%u, bytes=%u\n", - lft->sadb_lifetime_allocations, - (u_int32_t)lft->sadb_lifetime_bytes); - printf(" addtime=%u, usetime=%u }\n", - (u_int32_t)lft->sadb_lifetime_addtime, - (u_int32_t)lft->sadb_lifetime_usetime); - - return; -} - -static void -kdebug_sadb_sa(ext) - struct sadb_ext *ext; -{ - struct sadb_sa *sa = (struct sadb_sa *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_sa: NULL pointer was passed.\n"); - - printf("sadb_sa{ spi=%u replay=%u state=%u\n", - (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay, - sa->sadb_sa_state); - printf(" auth=%u encrypt=%u flags=0x%08x }\n", - sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags); - - return; -} - -static void -kdebug_sadb_address(ext) - struct sadb_ext *ext; -{ - struct sadb_address *addr = (struct sadb_address *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_address: NULL pointer was passed.\n"); - - printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n", - addr->sadb_address_proto, addr->sadb_address_prefixlen, - ((u_char *)&addr->sadb_address_reserved)[0], - ((u_char *)&addr->sadb_address_reserved)[1]); - - kdebug_sockaddr((struct sockaddr *)((caddr_t)ext + sizeof(*addr))); - - return; -} - -static void -kdebug_sadb_key(ext) - struct sadb_ext *ext; -{ - struct sadb_key *key = (struct sadb_key *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_key: NULL pointer was passed.\n"); - - printf("sadb_key{ bits=%u reserved=%u\n", - key->sadb_key_bits, key->sadb_key_reserved); - printf(" key="); - - /* sanity check 2 */ - if ((key->sadb_key_bits >> 3) > - (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) { - printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n", - key->sadb_key_bits >> 3, - (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key)); - } - - ipsec_hexdump((caddr_t)key + sizeof(struct sadb_key), - key->sadb_key_bits >> 3); - printf(" }\n"); - return; -} - -static void -kdebug_sadb_x_sa2(ext) - struct sadb_ext *ext; -{ - struct sadb_x_sa2 *sa2 = (struct sadb_x_sa2 *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n"); - - printf("sadb_x_sa2{ mode=%u reqid=%u\n", - sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid); - printf(" reserved1=%u reserved2=%u reserved3=%u }\n", - sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved1, - sa2->sadb_x_sa2_reserved1); - - return; -} - -void -kdebug_sadb_x_policy(ext) - struct sadb_ext *ext; -{ - struct sadb_x_policy *xpl = (struct sadb_x_policy *)ext; - struct sockaddr *addr; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_x_policy: NULL pointer was passed.\n"); - - printf("sadb_x_policy{ type=%u dir=%u id=%x }\n", - xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir, - xpl->sadb_x_policy_id); - - if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) { - int tlen; - struct sadb_x_ipsecrequest *xisr; - - tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl); - xisr = (struct sadb_x_ipsecrequest *)(xpl + 1); - - while (tlen > 0) { - printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n", - xisr->sadb_x_ipsecrequest_len, - xisr->sadb_x_ipsecrequest_proto, - xisr->sadb_x_ipsecrequest_mode, - xisr->sadb_x_ipsecrequest_level, - xisr->sadb_x_ipsecrequest_reqid); - - if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { - addr = (struct sockaddr *)(xisr + 1); - kdebug_sockaddr(addr); - addr = (struct sockaddr *)((caddr_t)addr - + addr->sa_len); - kdebug_sockaddr(addr); - } - - printf(" }\n"); - - /* prevent infinite loop */ - if (xisr->sadb_x_ipsecrequest_len <= 0) { - printf("kdebug_sadb_x_policy: wrong policy struct.\n"); - return; - } - /* prevent overflow */ - if (xisr->sadb_x_ipsecrequest_len > tlen) { - printf("invalid ipsec policy length\n"); - return; - } - - tlen -= xisr->sadb_x_ipsecrequest_len; - - xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr - + xisr->sadb_x_ipsecrequest_len); - } - - if (tlen != 0) - panic("kdebug_sadb_x_policy: wrong policy struct.\n"); - } - - return; -} - -#ifdef _KERNEL -/* %%%: about SPD and SAD */ -void -kdebug_secpolicy(sp) - struct secpolicy *sp; -{ - /* sanity check */ - if (sp == NULL) - panic("kdebug_secpolicy: NULL pointer was passed.\n"); - - printf("secpolicy{ refcnt=%u state=%u policy=%u\n", - sp->refcnt, sp->state, sp->policy); - - kdebug_secpolicyindex(&sp->spidx); - - switch (sp->policy) { - case IPSEC_POLICY_DISCARD: - printf(" type=discard }\n"); - break; - case IPSEC_POLICY_NONE: - printf(" type=none }\n"); - break; - case IPSEC_POLICY_IPSEC: - { - struct ipsecrequest *isr; - for (isr = sp->req; isr != NULL; isr = isr->next) { - - printf(" level=%u\n", isr->level); - kdebug_secasindex(&isr->saidx); - - if (isr->sav != NULL) - kdebug_secasv(isr->sav); - } - printf(" }\n"); - } - break; - case IPSEC_POLICY_BYPASS: - printf(" type=bypass }\n"); - break; - case IPSEC_POLICY_ENTRUST: - printf(" type=entrust }\n"); - break; - default: - printf("kdebug_secpolicy: Invalid policy found. %d\n", - sp->policy); - break; - } - - return; -} - -void -kdebug_secpolicyindex(spidx) - struct secpolicyindex *spidx; -{ - /* sanity check */ - if (spidx == NULL) - panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); - - printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n", - spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto); - - ipsec_hexdump((caddr_t)&spidx->src, - ((struct sockaddr *)&spidx->src)->sa_len); - printf("\n"); - ipsec_hexdump((caddr_t)&spidx->dst, - ((struct sockaddr *)&spidx->dst)->sa_len); - printf("}\n"); - - return; -} - -void -kdebug_secasindex(saidx) - struct secasindex *saidx; -{ - /* sanity check */ - if (saidx == NULL) - panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); - - printf("secasindex{ mode=%u proto=%u\n", - saidx->mode, saidx->proto); - - ipsec_hexdump((caddr_t)&saidx->src, - ((struct sockaddr *)&saidx->src)->sa_len); - printf("\n"); - ipsec_hexdump((caddr_t)&saidx->dst, - ((struct sockaddr *)&saidx->dst)->sa_len); - printf("\n"); - - return; -} - -void -kdebug_secasv(sav) - struct secasvar *sav; -{ - /* sanity check */ - if (sav == NULL) - panic("kdebug_secasv: NULL pointer was passed.\n"); - - printf("secas{"); - kdebug_secasindex(&sav->sah->saidx); - - printf(" refcnt=%u state=%u auth=%u enc=%u\n", - sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc); - printf(" spi=%u flags=%u\n", - (u_int32_t)ntohl(sav->spi), sav->flags); - - if (sav->key_auth != NULL) - kdebug_sadb_key((struct sadb_ext *)sav->key_auth); - if (sav->key_enc != NULL) - kdebug_sadb_key((struct sadb_ext *)sav->key_enc); - if (sav->iv != NULL) { - printf(" iv="); - ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8); - printf("\n"); - } - - if (sav->replay != NULL) - kdebug_secreplay(sav->replay); - if (sav->lft_c != NULL) - kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c); - if (sav->lft_h != NULL) - kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h); - if (sav->lft_s != NULL) - kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s); - -#if notyet - /* XXX: misc[123] ? */ -#endif - - return; -} - -static void -kdebug_secreplay(rpl) - struct secreplay *rpl; -{ - int len, l; - - /* sanity check */ - if (rpl == NULL) - panic("kdebug_secreplay: NULL pointer was passed.\n"); - - printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u", - rpl->count, rpl->wsize, rpl->seq, rpl->lastseq); - - if (rpl->bitmap == NULL) { - printf(" }\n"); - return; - } - - printf("\n bitmap { "); - - for (len = 0; len < rpl->wsize; len++) { - for (l = 7; l >= 0; l--) - printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0); - } - printf(" }\n"); - - return; -} - -void -kdebug_mbufhdr(m) - struct mbuf *m; -{ - /* sanity check */ - if (m == NULL) - return; - - printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p " - "m_len:%d m_type:0x%02x m_flags:0x%02x }\n", - m, m->m_next, m->m_nextpkt, m->m_data, - m->m_len, m->m_type, m->m_flags); - - if (m->m_flags & M_PKTHDR) { - printf(" m_pkthdr{ len:%d rcvif:%p }\n", - m->m_pkthdr.len, m->m_pkthdr.rcvif); - } - - if (m->m_flags & M_EXT) { - printf(" m_ext{ ext_buf:%p ext_free:%p " - "ext_size:%u ext_ref:%p }\n", - m->m_ext.ext_buf, m->m_ext.ext_free, - m->m_ext.ext_size, m->m_ext.ext_ref); - } - - return; -} - -void -kdebug_mbuf(m0) - struct mbuf *m0; -{ - struct mbuf *m = m0; - int i, j; - - for (j = 0; m; m = m->m_next) { - kdebug_mbufhdr(m); - printf(" m_data:\n"); - for (i = 0; i < m->m_len; i++) { - if (i && i % 32 == 0) - printf("\n"); - if (i % 4 == 0) - printf(" "); - printf("%02x", mtod(m, u_char *)[i]); - j++; - } - printf("\n"); - } - - return; -} -#endif /* _KERNEL */ - -void -kdebug_sockaddr(addr) - struct sockaddr *addr; -{ - struct sockaddr_in *sin; -#ifdef INET6 - struct sockaddr_in6 *sin6; -#endif - - /* sanity check */ - if (addr == NULL) - panic("kdebug_sockaddr: NULL pointer was passed.\n"); - - /* NOTE: We deal with port number as host byte order. */ - printf("sockaddr{ len=%u family=%u", addr->sa_len, addr->sa_family); - - switch (addr->sa_family) { - case AF_INET: - sin = (struct sockaddr_in *)addr; - printf(" port=%u\n", ntohs(sin->sin_port)); - ipsec_hexdump((caddr_t)&sin->sin_addr, sizeof(sin->sin_addr)); - break; -#ifdef INET6 - case AF_INET6: - sin6 = (struct sockaddr_in6 *)addr; - printf(" port=%u\n", ntohs(sin6->sin6_port)); - printf(" flowinfo=0x%08x, scope_id=0x%08x\n", - sin6->sin6_flowinfo, sin6->sin6_scope_id); - ipsec_hexdump((caddr_t)&sin6->sin6_addr, - sizeof(sin6->sin6_addr)); - break; -#endif - } - - printf(" }\n"); - - return; -} - -void -ipsec_bindump(buf, len) - caddr_t buf; - int len; -{ - int i; - - for (i = 0; i < len; i++) - printf("%c", (unsigned char)buf[i]); - - return; -} - - -void -ipsec_hexdump(buf, len) - caddr_t buf; - int len; -{ - int i; - - for (i = 0; i < len; i++) { - if (i != 0 && i % 32 == 0) printf("\n"); - if (i % 4 == 0) printf(" "); - printf("%02x", (unsigned char)buf[i]); - } -#if 0 - if (i % 32 != 0) printf("\n"); -#endif - - return; -} - -#endif /* !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG)) */ diff --git a/racoon.tproj/libpfkey.h b/racoon.tproj/libpfkey.h deleted file mode 100644 index 541700f..0000000 --- a/racoon.tproj/libpfkey.h +++ /dev/null @@ -1,97 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/libpfkey.h,v 1.1.2.2 2001/07/03 11:01:14 ume Exp $ */ -/* $KAME: libpfkey.h,v 1.6 2001/03/05 18:22:17 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __LIBPFKEY_H__ -#define __LIBPFKEY_H__ - -struct sadb_msg; -extern void pfkey_sadump __P((struct sadb_msg *)); -extern void pfkey_spdump __P((struct sadb_msg *)); - -struct sockaddr; -struct sadb_alg; -int ipsec_check_keylen __P((u_int, u_int, u_int)); -int ipsec_check_keylen2 __P((u_int, u_int, u_int)); -int ipsec_get_keylen __P((u_int, u_int, struct sadb_alg *)); -u_int pfkey_set_softrate __P((u_int, u_int)); -u_int pfkey_get_softrate __P((u_int)); -int pfkey_send_getspi __P((int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int32_t, u_int32_t)); -int pfkey_send_update __P((int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int, - caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t, - u_int64_t, u_int64_t, u_int32_t, u_int16_t)); -int pfkey_send_add __P((int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int, - caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t, - u_int64_t, u_int64_t, u_int32_t, u_int16_t)); -int pfkey_send_delete __P((int, u_int, u_int, - struct sockaddr *, struct sockaddr *, u_int32_t)); -int pfkey_send_delete_all __P((int, u_int, u_int, - struct sockaddr *, struct sockaddr *)); -int pfkey_send_get __P((int, u_int, u_int, - struct sockaddr *, struct sockaddr *, u_int32_t)); -int pfkey_send_register __P((int, u_int)); -int pfkey_recv_register __P((int)); -int pfkey_set_supported __P((struct sadb_msg *, int)); -int pfkey_send_flush __P((int, u_int)); -int pfkey_send_dump __P((int, u_int)); -int pfkey_send_promisc_toggle __P((int, int)); -int pfkey_send_spdadd __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spdadd2 __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t, - caddr_t, int, u_int32_t)); -int pfkey_send_spdupdate __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spdupdate2 __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t, - caddr_t, int, u_int32_t)); -int pfkey_send_spddelete __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spddelete2 __P((int, u_int32_t)); -int pfkey_send_spdget __P((int, u_int32_t)); -int pfkey_send_spdsetidx __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spdflush __P((int)); -int pfkey_send_spddump __P((int)); - -int pfkey_open __P((void)); -void pfkey_close __P((int)); -struct sadb_msg *pfkey_recv __P((int)); -int pfkey_send __P((int, struct sadb_msg *, int)); -int pfkey_align __P((struct sadb_msg *, caddr_t *)); -int pfkey_check __P((caddr_t *)); - - -#endif /* __LIBPFKEY_H__ */ - diff --git a/racoon.tproj/localconf.c b/racoon.tproj/localconf.c deleted file mode 100644 index 87ba373..0000000 --- a/racoon.tproj/localconf.c +++ /dev/null @@ -1,399 +0,0 @@ - -/* $KAME: localconf.c,v 1.33 2001/08/09 07:32:19 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "debug.h" - -#include "localconf.h" -#include "algorithm.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "ipsec_doi.h" -#include "grabmyaddr.h" -#include "vendorid.h" -#include "str2val.h" -#include "safefile.h" -#include "admin.h" -#include "gcmalloc.h" - -#include -#include - -struct localconf *lcconf; - -static void setdefault __P((void)); - -void -initlcconf() -{ - lcconf = racoon_calloc(1, sizeof(*lcconf)); - if (lcconf == NULL) - errx(1, "failed to allocate local conf."); - - setdefault(); - - lcconf->racoon_conf = LC_DEFAULT_CF; -} - -void -flushlcconf() -{ - int i; - - setdefault(); - clear_myaddr(&lcconf->myaddrs); - for (i = 0; i < LC_PATHTYPE_MAX; i++) { - if (lcconf->pathinfo[i]) { - racoon_free(lcconf->pathinfo[i]); - lcconf->pathinfo[i] = NULL; - } - } - for (i = 0; i < LC_IDENTTYPE_MAX; i++) { - if (lcconf->ident[i]) - vfree(lcconf->ident[i]); - lcconf->ident[i] = NULL; - } -} - -static void -setdefault() -{ - lcconf->autograbaddr = 1; - lcconf->port_isakmp = PORT_ISAKMP; - lcconf->default_af = AF_INET; - lcconf->pad_random = LC_DEFAULT_PAD_RANDOM; - lcconf->pad_randomlen = LC_DEFAULT_PAD_RANDOMLEN; - lcconf->pad_maxsize = LC_DEFAULT_PAD_MAXSIZE; - lcconf->pad_strict = LC_DEFAULT_PAD_STRICT; - lcconf->pad_excltail = LC_DEFAULT_PAD_EXCLTAIL; - lcconf->retry_counter = LC_DEFAULT_RETRY_COUNTER; - lcconf->retry_interval = LC_DEFAULT_RETRY_INTERVAL; - lcconf->count_persend = LC_DEFAULT_COUNT_PERSEND; - lcconf->secret_size = LC_DEFAULT_SECRETSIZE; - lcconf->retry_checkph1 = LC_DEFAULT_RETRY_CHECKPH1; - lcconf->wait_ph2complete = LC_DEFAULT_WAIT_PH2COMPLETE; - lcconf->strict_address = FALSE; - lcconf->complex_bundle = TRUE; /*XXX FALSE;*/ -} - -/* - * get PSK by string. - */ -vchar_t * -getpskbyname(id0) - vchar_t *id0; -{ - char *id; - vchar_t *key = NULL; - - id = racoon_calloc(1, 1 + id0->l - sizeof(struct ipsecdoi_id_b)); - if (id == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get psk buffer.\n"); - goto end; - } - memcpy(id, id0->v + sizeof(struct ipsecdoi_id_b), - id0->l - sizeof(struct ipsecdoi_id_b)); - id[id0->l - sizeof(struct ipsecdoi_id_b)] = '\0'; - - key = getpsk(id, id0->l - sizeof(struct ipsecdoi_id_b)); - -end: - if (id) - racoon_free(id); - return key; -} - -/* - * get PSK from keyChain. - */ -vchar_t * -getpskfromkeychain(const char *name) -{ - SecKeychainRef keychain = NULL; - vchar_t *key = NULL; - void *cur_password = NULL; - UInt32 cur_password_len = 0; - OSStatus status; - char serviceName[] = "com.apple.net.racoon"; - - status = SecKeychainSetPreferenceDomain(kSecPreferencesDomainSystem); - if (status != noErr) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to set system keychain domain.\n"); - goto end; - } - - status = SecKeychainCopyDomainDefault(kSecPreferencesDomainSystem, - &keychain); - if (status != noErr) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get system keychain domain.\n"); - goto end; - } - - status = SecKeychainFindGenericPassword(keychain, - strlen(serviceName), - serviceName, - strlen(name), - name, - &cur_password_len, - &cur_password, - NULL); - - switch (status) { - - case noErr : - break; - - case errSecItemNotFound : - break; - - default : - plog(LLV_ERROR, LOCATION, NULL, - "failed to get preshared key from system keychain (error %d).\n", status); - } - -end: - - if (cur_password) { - key = vmalloc(cur_password_len + 1); - if (key == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate key buffer.\n"); - } - else { - memcpy(key->v, cur_password, key->l); - key->v[cur_password_len] = 0; - } - free(cur_password); - } - - if (keychain) - CFRelease(keychain); - - return key; -} - -/* - * get PSK by address. - */ -vchar_t * -getpskbyaddr(remote) - struct sockaddr *remote; -{ - vchar_t *key = NULL; - char addr[NI_MAXHOST], port[NI_MAXSERV]; - - GETNAMEINFO(remote, addr, port); - - key = getpsk(addr, strlen(addr)); - - return key; -} - -vchar_t * -getpsk(str, len) - const char *str; - const int len; -{ - FILE *fp; - char buf[1024]; /* XXX how is variable length ? */ - vchar_t *key = NULL; - char *p, *q; - size_t keylen; - char *k = NULL; - - if (safefile(lcconf->pathinfo[LC_PATHTYPE_PSK], 1) == 0) - fp = fopen(lcconf->pathinfo[LC_PATHTYPE_PSK], "r"); - else - fp = NULL; - if (fp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to open pre_share_key file %s\n", - lcconf->pathinfo[LC_PATHTYPE_PSK]); - return NULL; - } - - while (fgets(buf, sizeof(buf), fp) != NULL) { - /* comment line */ - if (buf[0] == '#') - continue; - - /* search the end of 1st string. */ - for (p = buf; *p != '\0' && !isspace(*p); p++) - ; - if (*p == '\0') - continue; /* no 2nd parameter */ - *p = '\0'; - /* search the 1st of 2nd string. */ - while (isspace(*++p)) - ; - if (*p == '\0') - continue; /* no 2nd parameter */ - p--; - - if (strncmp(buf, str, len) == 0 && buf[len] == '\0') { - p++; - keylen = 0; - for (q = p; *q != '\0' && *q != '\n'; q++) - keylen++; - *q = '\0'; - - /* fix key if hex string */ - if (strncmp(p, "0x", 2) == 0) { - k = str2val(p + 2, 16, &keylen); - if (k == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get psk buffer.\n"); - goto end; - } - p = k; - } - - key = vmalloc(keylen); - if (key == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate key buffer.\n"); - goto end; - } - memcpy(key->v, p, key->l); - if (k) - racoon_free(k); - goto end; - } - } - -end: - fclose(fp); - return key; -} - -/* - * get a file name of a type specified. - */ -void -getpathname(path, len, type, name) - char *path; - int len, type; - const char *name; -{ - snprintf(path, len, "%s%s%s", - name[0] == '/' ? "" : lcconf->pathinfo[type], - name[0] == '/' ? "" : "/", - name); - - plog(LLV_DEBUG, LOCATION, NULL, "filename: %s\n", path); -} - -#if 0 /* DELETEIT */ -static int lc_doi2idtype[] = { - -1, - -1, - LC_IDENTTYPE_FQDN, - LC_IDENTTYPE_USERFQDN, - -1, - -1, - -1, - -1, - -1, - LC_IDENTTYPE_CERTNAME, - -1, - LC_IDENTTYPE_KEYID, -}; - -/* - * convert DOI value to idtype - * OUT -1 : NG - * other: converted. - */ -int -doi2idtype(idtype) - int idtype; -{ - if (ARRAYLEN(lc_doi2idtype) > idtype) - return lc_doi2idtype[idtype]; - return -1; -} -#endif - -static int lc_sittype2doi[] = { - IPSECDOI_SIT_IDENTITY_ONLY, - IPSECDOI_SIT_SECRECY, - IPSECDOI_SIT_INTEGRITY, -}; - -/* - * convert sittype to DOI value. - * OUT -1 : NG - * other: converted. - */ -int -sittype2doi(sittype) - int sittype; -{ - if (ARRAYLEN(lc_sittype2doi) > sittype) - return lc_sittype2doi[sittype]; - return -1; -} - -static int lc_doitype2doi[] = { - IPSEC_DOI, -}; - -/* - * convert doitype to DOI value. - * OUT -1 : NG - * other: converted. - */ -int -doitype2doi(doitype) - int doitype; -{ - if (ARRAYLEN(lc_doitype2doi) > doitype) - return lc_doitype2doi[doitype]; - return -1; -} - diff --git a/racoon.tproj/localconf.h b/racoon.tproj/localconf.h deleted file mode 100644 index b5ca916..0000000 --- a/racoon.tproj/localconf.h +++ /dev/null @@ -1,120 +0,0 @@ -/* $KAME: localconf.h,v 1.28 2001/12/11 23:44:08 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __LOCALCONF_H__ -#define __LOCALCONF_H__ - -/* local configuration */ - -#define LC_DEFAULT_CF SYSCONFDIR "/racoon.conf" - -#define LC_PATHTYPE_INCLUDE 0 -#define LC_PATHTYPE_PSK 1 -#define LC_PATHTYPE_CERT 2 -#define LC_PATHTYPE_BACKUPSA 3 -#define LC_PATHTYPE_MAX 4 - -#define LC_DEFAULT_PAD_MAXSIZE 20 -#define LC_DEFAULT_PAD_RANDOM TRUE -#define LC_DEFAULT_PAD_RANDOMLEN FALSE -#define LC_DEFAULT_PAD_STRICT FALSE -#define LC_DEFAULT_PAD_EXCLTAIL TRUE -#define LC_DEFAULT_RETRY_COUNTER 5 -#define LC_DEFAULT_RETRY_INTERVAL 10 -#define LC_DEFAULT_COUNT_PERSEND 1 -#define LC_DEFAULT_RETRY_CHECKPH1 30 -#define LC_DEFAULT_WAIT_PH2COMPLETE 30 - -#define LC_DEFAULT_SECRETSIZE 16 /* 128 bits */ - -#define LC_IDENTTYPE_MAX 5 /* XXX */ - -struct localconf { - char *racoon_conf; /* configuration filename */ - - u_int16_t port_isakmp; /* port for isakmp as default */ - u_int16_t port_admin; /* port for admin */ - int default_af; /* default address family */ - - int sock_admin; - int sock_pfkey; - int rtsock; /* routing socket */ - - int autograbaddr; - struct myaddrs *myaddrs; - - char *pathinfo[LC_PATHTYPE_MAX]; - vchar_t *ident[LC_IDENTTYPE_MAX]; /* base of Identifier payload. */ - - int pad_random; - int pad_randomlen; - int pad_maxsize; - int pad_strict; - int pad_excltail; - - int retry_counter; /* times to retry. */ - int retry_interval; /* interval each retry. */ - int count_persend; /* the number of packets each retry. */ - /* above 3 values are copied into a handler. */ - - int retry_checkph1; - int wait_ph2complete; - - int secret_size; - int strict_address; /* strictly check addresses. */ - - int complex_bundle; - /* - * If we want to make a packet "IP2 AH ESP IP1 ULP", - * the SPD in KAME expresses AH transport + ESP tunnel. - * So racoon sent the proposal contained such the order. - * But lots of implementation interprets AH tunnel + ESP - * tunnel in this case. racoon has changed the format, - * usually uses this format. If the option, 'complex_bundle' - * is enable, racoon uses old format. - */ -}; - -extern struct localconf *lcconf; - -extern void initlcconf __P((void)); -extern void flushlcconf __P((void)); -extern vchar_t *getpskbyname __P((vchar_t *)); -extern vchar_t *getpskbyaddr __P((struct sockaddr *)); -extern vchar_t *getpsk __P((const char *str, const int len)); -extern vchar_t *getpskfromkeychain __P((const char *)); -extern void getpathname __P((char *, int, int, const char *)); -extern int sittype2doi __P((int)); -extern int doitype2doi __P((int)); - - -#endif /* __LOCALCONF_H__ */ - diff --git a/racoon.tproj/logger.c b/racoon.tproj/logger.c deleted file mode 100644 index b42a9d3..0000000 --- a/racoon.tproj/logger.c +++ /dev/null @@ -1,258 +0,0 @@ -/* $KAME: logger.c,v 1.9 2002/09/03 14:37:03 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include - -#include -#include -#include -#include -#ifdef HAVE_STDARG_H -#include -#else -#include -#endif -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#include "logger.h" -#include "var.h" -#include "gcmalloc.h" - -struct log * -log_open(siz, fname) - size_t siz; - char *fname; -{ - struct log *p; - - p = (struct log *)racoon_malloc(sizeof(*p)); - if (p == NULL) - return NULL; - memset(p, 0, sizeof(*p)); - - p->buf = (char **)racoon_malloc(sizeof(char *) * siz); - if (p->buf == NULL) { - racoon_free(p); - return NULL; - } - memset(p->buf, 0, sizeof(char *) * siz); - - p->tbuf = (time_t *)racoon_malloc(sizeof(time_t *) * siz); - if (p->tbuf == NULL) { - racoon_free(p->buf); - racoon_free(p); - return NULL; - } - memset(p->tbuf, 0, sizeof(time_t *) * siz); - - p->siz = siz; - if (fname) - p->fname = strdup(fname); - - return p; -} - -/* - * append string to ring buffer. - * string must be \n-terminated (since we add timestamps). - * even if not, we'll add \n to avoid formatting mistake (see log_close()). - */ -void -log_add(p, str) - struct log *p; - char *str; -{ - /* syslog if p->fname == NULL? */ - if (p->buf[p->head]) - racoon_free(p->buf[p->head]); - p->buf[p->head] = strdup(str); - p->tbuf[p->head] = time(NULL); - p->head++; - p->head %= p->siz; -} - -/* - * write out string to the log file, as is. - * \n-termination is up to the caller. if you don't add \n, the file - * format may be broken. - */ -int -log_print(p, str) - struct log *p; - char *str; -{ - FILE *fp; - - if (p->fname == NULL) - return -1; /*XXX syslog?*/ - fp = fopen(p->fname, "a"); - if (fp == NULL) - return -1; - fprintf(fp, "%s", str); - fclose(fp); - - return 0; -} - -int -log_vprint(struct log *p, const char *fmt, ...) -{ - va_list ap; - - FILE *fp; - - if (p->fname == NULL) - return -1; /*XXX syslog?*/ - fp = fopen(p->fname, "a"); - if (fp == NULL) - return -1; - va_start(ap, fmt); - vfprintf(fp, fmt, ap); - va_end(ap); - - fclose(fp); - - return 0; -} - -int -log_vaprint(struct log *p, const char *fmt, va_list ap) -{ - FILE *fp; - - if (p->fname == NULL) - return -1; /*XXX syslog?*/ - fp = fopen(p->fname, "a"); - if (fp == NULL) - return -1; - vfprintf(fp, fmt, ap); - fclose(fp); - - return 0; -} - -/* - * write out content of ring buffer, and reclaim the log structure - */ -int -log_close(p) - struct log *p; -{ - FILE *fp; - int i, j; - char ts[256]; - struct tm *tm; - - if (p->fname == NULL) - goto nowrite; - fp = fopen(p->fname, "a"); - if (fp == NULL) - goto nowrite; - - for (i = 0; i < p->siz; i++) { - j = (p->head + i) % p->siz; - if (p->buf[j]) { - tm = localtime(&p->tbuf[j]); - strftime(ts, sizeof(ts), "%B %d %T", tm); - fprintf(fp, "%s: %s\n", ts, p->buf[j]); - if (*(p->buf[j] + strlen(p->buf[j]) - 1) != '\n') - fprintf(fp, "\n"); - } - } - fclose(fp); - -nowrite: - log_free(p); - return 0; -} - -void -log_free(p) - struct log *p; -{ - int i; - - for (i = 0; i < p->siz; i++) - racoon_free(p->buf[i]); - racoon_free(p->buf); - racoon_free(p->tbuf); - if (p->fname) - racoon_free(p->fname); - racoon_free(p); -} - -#ifdef TEST -struct log *l; - -void -vatest(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - log_vaprint(l, fmt, ap); - va_end(ap); -} - -int -main(argc, argv) - int argc; - char **argv; -{ - int i; - - l = log_open(30, "/tmp/hoge"); - if (l == NULL) - errx(1, "hoge"); - - for (i = 0; i < 50; i++) { - log_add(l, "foo"); - log_add(l, "baa"); - log_add(l, "baz"); - } - log_print(l, "hoge\n"); - log_vprint(l, "hoge %s\n", "this is test"); - vatest("%s %s\n", "this is", "vprint test"); - abort(); - log_free(l); -} - -#endif - diff --git a/racoon.tproj/logger.h b/racoon.tproj/logger.h deleted file mode 100644 index ebd9f6b..0000000 --- a/racoon.tproj/logger.h +++ /dev/null @@ -1,52 +0,0 @@ -/* $KAME: logger.h,v 1.4 2000/10/04 17:41:01 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __LOGGER_H__ -#define __LOGGER_H__ - -struct log { - int head; - int siz; - char **buf; - time_t *tbuf; - char *fname; -}; - -extern struct log *log_open __P((size_t, char *)); -extern void log_add __P((struct log *, char *)); -extern int log_print __P((struct log *, char *)); -extern int log_vprint __P((struct log *, const char *, ...)); -extern int log_vaprint __P((struct log *, const char *, va_list)); -extern int log_close __P((struct log *)); -extern void log_free __P((struct log *)); - -#endif /* __LOGGER_H__ */ - diff --git a/racoon.tproj/main.c b/racoon.tproj/main.c deleted file mode 100644 index d48dc81..0000000 --- a/racoon.tproj/main.c +++ /dev/null @@ -1,412 +0,0 @@ -/* $KAME: main.c,v 1.48 2002/11/20 02:06:07 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include - -/* - * If we're using a debugging malloc library, this may define our - * wrapper stubs. - */ -#define RACOON_MAIN_PROGRAM -#include "gcmalloc.h" - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "debug.h" - -#include "cfparse.h" -#include "isakmp_var.h" -#include "remoteconf.h" -#include "localconf.h" -#include "session.h" -#include "oakley.h" -#include "pfkey.h" -#include "crypto_openssl.h" -#include "backupsa.h" -#ifndef HAVE_ARC4RANDOM -#include "arc4random.h" -#endif - -int f_foreground = 0; /* force running in foreground. */ -int f_local = 0; /* local test mode. behave like a wall. */ -int vflag = 1; /* for print-isakmp.c */ -static int loading_sa = 0; /* install sa when racoon boots up. */ - -#define RACOON_VERSION "20001216 sakane@kame.net" -#ifdef RACOON_PKG_VERSION -static char version0[] = "@(#)package version " RACOON_PKG_VERSION ; -static char version[] = "@(#)internal version " RACOON_VERSION ; -#else -static char version[] = "@(#)racoon 20001216 " RACOON_VERSION ; -#endif -static pid_t racoon_pid = 0; - -int main __P((int, char **)); -static void usage __P((void)); -static void parse __P((int, char **)); -static void restore_params __P((void)); -static void save_params __P((void)); -static void saverestore_params __P((int)); -static void cleanup_pidfile __P((void)); - -void -usage() -{ - printf("usage: racoon [-BdFv%s] %s[-f (file)] [-l (file)] [-p (port)]\n", -#ifdef INET6 - "46", -#else - "", -#endif -#ifdef ENABLE_ADMINPORT - "[-a (port)] " -#else - "" -#endif - ); - printf(" -B: install SA to the kernel from the file " - "specified by the configuration file.\n"); - printf(" -d: debug level, more -d will generate more debug message.\n"); - printf(" -F: run in foreground, do not become daemon.\n"); - printf(" -v: be more verbose\n"); -#ifdef INET6 - printf(" -4: IPv4 mode.\n"); - printf(" -6: IPv6 mode.\n"); -#endif -#ifdef ENABLE_ADMINPORT - printf(" -a: port number for admin port.\n"); -#endif - printf(" -f: pathname for configuration file.\n"); - printf(" -l: pathname for log file.\n"); - printf(" -p: port number for isakmp (default: %d).\n", PORT_ISAKMP); - exit(1); -} - -extern int cfparse(void); - -int -main(ac, av) - int ac; - char **av; -{ - int error; - - if (geteuid() != 0) { - errx(1, "must be root to invoke this program."); - /* NOTREACHED*/ - } - - /* - * Don't let anyone read files I write. Although some files (such as - * the PID file) can be other readable, we dare to use the global mask, - * because racoon uses fopen(3), which can't specify the permission - * at the creation time. - */ - umask(077); - if (umask(077) != 077) { - errx(1, "could not set umask"); - /* NOTREACHED*/ - } - -#ifdef DEBUG_RECORD_MALLOCATION - DRM_init(); -#endif - - initlcconf(); - initrmconf(); - oakley_dhinit(); - eay_init_error(); - - parse(ac, av); - - ploginit(); - (void)arc4random(); /* XXX test if random number is available */ - -#ifdef RACOON_PKG_VERSION - plog(LLV_INFO, LOCATION, NULL, "%s\n", version0); -#endif - plog(LLV_INFO, LOCATION, NULL, "%s\n", version); - plog(LLV_INFO, LOCATION, NULL, "@(#)" - "This product linked %s (http://www.openssl.org/)" - "\n", eay_version()); - - if (pfkey_init() < 0) { - errx(1, "something error happened " - "while pfkey initializing."); - /* NOTREACHED*/ - } - - /* - * in order to prefer the parameters by command line, - * saving some parameters before parsing configuration file. - */ - save_params(); - error = cfparse(); - if (error != 0) - errx(1, "failed to parse configuration file."); - restore_params(); - -#ifdef IKE_NAT_T - /* Tell the kernel which port to use for UDP encapsulation */ - { - int udp_port = PORT_ISAKMP_NATT; - if (sysctlbyname("net.inet.ipsec.esp_port", NULL, NULL, &udp_port, sizeof(udp_port)) != 0) - errx(1, "couldn't set net.inet.ipsec.esp_port to %d. (%s)", - udp_port, strerror(errno)); - } -#endif - - /* - * install SAs from the specified file. If the file is not specified - * by the configuration file, racoon will exit. - */ - if (loading_sa && !f_local) { - if (backupsa_from_file() != 0) - errx(1, "something error happened " - "SA recovering."); - } - - if (f_foreground) - close(0); - else { - const char *pid_file = _PATH_VARRUN "racoon.pid"; - FILE *fp; - - if (daemon(0, 0) < 0) { - errx(1, "failed to be daemon. (%s)", - strerror(errno)); - } - /* - * In case somebody has started inetd manually, we need to - * clear the logname, so that old servers run as root do not - * get the user's logname.. - */ - if (setlogin("") < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "cannot clear logname: %s\n", strerror(errno)); - /* no big deal if it fails.. */ - } - racoon_pid = getpid(); - fp = fopen(pid_file, "w"); - if (fp) { - if (fchmod(fileno(fp), - S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) == -1) { - syslog(LOG_ERR, "%s", strerror(errno)); - fclose(fp); - exit(1); - } - fprintf(fp, "%ld\n", (long)racoon_pid); - fclose(fp); - } else { - plog(LLV_ERROR, LOCATION, NULL, - "cannot open %s", pid_file); - } - if (!f_local) { - if (atexit(cleanup_pidfile) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "cannot register pidfile cleanup"); - } - } - } - - session(); - - exit(0); -} - -static void -cleanup_pidfile() -{ - pid_t p = getpid(); - - /* if it's not child process, clean everything */ - if (racoon_pid == p) { - const char *pid_file = _PATH_VARRUN "racoon.pid"; - - (void) unlink(pid_file); - } -} - -static void -parse(ac, av) - int ac; - char **av; -{ - extern char *optarg; - extern int optind; - int c; -#ifdef YYDEBUG - extern int yydebug; -#endif - - pname = strrchr(*av, '/'); - if (pname) - pname++; - else - pname = *av; - - while ((c = getopt(ac, av, "dFp:a:f:l:vZB" -#ifdef YYDEBUG - "y" -#endif -#ifdef INET6 - "46" -#endif - )) != -1) { - switch (c) { - case 'd': - loglevel++; - break; - case 'F': - printf("Foreground mode.\n"); - f_foreground = 1; - break; - case 'p': - lcconf->port_isakmp = atoi(optarg); - break; - case 'a': -#ifdef ENABLE_ADMINPORT - lcconf->port_admin = atoi(optarg); - break; -#else - fprintf(stderr, "%s: the option is disabled " - "in the configuration\n", pname); - exit(1); -#endif - case 'f': - lcconf->racoon_conf = optarg; - break; - case 'l': - plogset(optarg); - break; - case 'v': - vflag++; - break; - case 'Z': - /* - * only local test. - * To specify -Z option and to choice a appropriate - * port number for ISAKMP, you can launch some racoons - * on the local host for debug. - * pk_sendadd() on initiator side is always failed - * even if this flag is used. Because there is same - * spi in the SAD which is inserted by pk_sendgetspi() - * on responder side. - */ - printf("Local test mode.\n"); - f_local = 1; - break; -#ifdef YYDEBUG - case 'y': - yydebug = 1; - break; -#endif -#ifdef INET6 - case '4': - lcconf->default_af = AF_INET; - break; - case '6': - lcconf->default_af = AF_INET6; - break; -#endif - case 'B': - loading_sa++; - break; - default: - usage(); - /* NOTREACHED */ - } - } - ac -= optind; - av += optind; - - if (ac != 0) { - usage(); - /* NOTREACHED */ - } - - return; -} - -static void -restore_params() -{ - saverestore_params(1); -} - -static void -save_params() -{ - saverestore_params(0); -} - -static void -saverestore_params(f) - int f; -{ - static u_int16_t s_port_isakmp; -#ifdef ENABLE_ADMINPORT - static u_int16_t s_port_admin; -#endif - - /* 0: save, 1: restore */ - if (f) { - lcconf->port_isakmp = s_port_isakmp; -#ifdef ENABLE_ADMINPORT - lcconf->port_admin = s_port_admin; -#endif - } else { - s_port_isakmp = lcconf->port_isakmp; -#ifdef ENABLE_ADMINPORT - s_port_admin = lcconf->port_admin; -#endif - } -} diff --git a/racoon.tproj/misc.c b/racoon.tproj/misc.c deleted file mode 100644 index 35dfb68..0000000 --- a/racoon.tproj/misc.c +++ /dev/null @@ -1,167 +0,0 @@ -/* $KAME: misc.c,v 1.23 2001/08/16 14:37:29 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "debug.h" - -#if 0 -static int bindump __P((void *, size_t)); - -static int -bindump(buf0, len) - void *buf0; - size_t len; -{ - unsigned char *buf = (unsigned char *)buf0; - size_t i; - - for (i = 0; i < len; i++) { - if ((buf[i] & 0x80) || !isprint(buf[i])) - printf("\\x%x", buf[i]); - else - printf("%c", buf[i]); - } - printf("\n"); - - return 0; -} -#endif - -int -hexdump(buf0, len) - void *buf0; - size_t len; -{ - caddr_t buf = (caddr_t)buf0; - size_t i; - - for (i = 0; i < len; i++) { - if (i != 0 && i % 32 == 0) - printf("\n"); - if (i % 4 == 0) - printf(" "); - printf("%02x", (unsigned char)buf[i]); - } - printf("\n"); - - return 0; -} - -char * -bit2str(n, bl) - int n, bl; -{ -#define MAXBITLEN 128 - static char b[MAXBITLEN + 1]; - int i; - - if (bl > MAXBITLEN) - return "Failed to convert."; /* NG */ - memset(b, '0', bl); - b[bl] = '\0'; - - for (i = 0; i < bl; i++) { - if (n & (1 << i)) - b[bl - 1 - i] = '1'; - } - - return b; -} - -const char * -debug_location(file, line, func) - const char *file; - int line; - const char *func; -{ - static char buf[1024]; - const char *p; - - /* truncate pathname */ - p = strrchr(file, '/'); - if (p) - p++; - else - p = file; - - if (func) - snprintf(buf, sizeof(buf), "%s:%d:%s()", p, line, func); - else - snprintf(buf, sizeof(buf), "%s:%d", p, line); - - return buf; -} - -/* - * get file size. - * -1: error occured. - */ -int -getfsize(path) - char *path; -{ - struct stat st; - - if (stat(path, &st) != 0) - return -1; - else - return st.st_size; -} - -/* - * calculate the difference between two times. - * t1: start - * t2: end - */ -double -timedelta(t1, t2) - struct timeval *t1, *t2; -{ - if (t2->tv_usec >= t1->tv_usec) - return t2->tv_sec - t1->tv_sec + - (double)(t2->tv_usec - t1->tv_usec) / 1000000; - - return t2->tv_sec - t1->tv_sec - 1 + - (double)(1000000 + t2->tv_usec - t1->tv_usec) / 1000000; -} diff --git a/racoon.tproj/misc.h b/racoon.tproj/misc.h deleted file mode 100644 index 0d4fb1a..0000000 --- a/racoon.tproj/misc.h +++ /dev/null @@ -1,54 +0,0 @@ -/* $KAME: misc.h,v 1.13 2002/06/10 19:58:29 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __MISC_H__ -#define __MISC_H__ - - -#define BIT2STR(b) bit2str(b, sizeof(b)<<3) - -#ifdef HAVE_FUNCTION_MACRO -#define LOCATION debug_location(__FILE__, __LINE__, __FUNCTION__) -#else -#define LOCATION debug_location(__FILE__, __LINE__, NULL) -#endif - -extern int hexdump __P((void *, size_t)); -extern char *bit2str __P((int, int)); -extern void *get_newbuf __P((void *, size_t)); -extern const char *debug_location __P((const char *, int, const char *)); -extern int getfsize __P((char *)); -struct timeval; -extern double timedelta __P((struct timeval *, struct timeval *)); - - -#endif /* __MISC_H__ */ - diff --git a/racoon.tproj/netdb_dnssec.h b/racoon.tproj/netdb_dnssec.h deleted file mode 100644 index f7e2c18..0000000 --- a/racoon.tproj/netdb_dnssec.h +++ /dev/null @@ -1,74 +0,0 @@ -/* $KAME: netdb_dnssec.h,v 1.2 2001/04/11 09:52:00 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __NETDB_DNSSEC_H__ -#define __NETDB_DNSSEC_H__ - -#ifndef T_CERT -#define T_CERT 37 /* defined by RFC2538 section 2 */ -#endif - -/* RFC2538 section 2.1 */ -#define DNSSEC_TYPE_PKIX 1 -#define DNSSEC_TYPE_SPKI 2 -#define DNSSEC_TYPE_PGP 3 -#define DNSSEC_TYPE_URI 4 -#define DNSSEC_TYPE_OID 5 - -/* RFC2535 section 3.2 */ -#define DNSSEC_ALG_RSAMD5 1 -#define DNSSEC_ALG_DH 2 -#define DNSSEC_ALG_DSA 3 -#define DNSSEC_ALG_ECC 4 -#define DNSSEC_ALG_PRIVATEDNS 5 -#define DNSSEC_ALG_PRIVATEOID 6 - -/* - * Structures returned by network data base library. All addresses are - * supplied in host order, and returned in network order (suitable for - * use in system calls). - */ -struct certinfo { - int ci_type; /* certificate type */ - int ci_keytag; /* keytag */ - int ci_algorithm; /* algorithm */ - int ci_flags; /* currently, 1:valid or 0:uncertain */ - size_t ci_certlen; /* length of certificate */ - char *ci_cert; /* certificate */ - struct certinfo *ci_next; /* next structure */ -}; - -extern void freecertinfo __P((struct certinfo *)); -extern int getcertsbyname __P((char *, struct certinfo **)); - - -#endif /* __NETDB_DNSSEC_H__ */ - diff --git a/racoon.tproj/oakley.c b/racoon.tproj/oakley.c deleted file mode 100644 index 3c7cb81..0000000 --- a/racoon.tproj/oakley.c +++ /dev/null @@ -1,2953 +0,0 @@ -/* $KAME: oakley.c,v 1.115 2003/01/10 08:38:23 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include /* XXX for subjectaltname */ -#include /* XXX for subjectaltname */ -#include - -#include -#include -#include -#include - -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "str2val.h" -#include "plog.h" -#include "debug.h" - -#include "isakmp_var.h" -#include "isakmp.h" -#include "oakley.h" -#include "localconf.h" -#include "remoteconf.h" -#include "policy.h" -#include "handler.h" -#include "ipsec_doi.h" -#include "algorithm.h" -#include "dhgroup.h" -#include "sainfo.h" -#include "proposal.h" -#include "crypto_openssl.h" -#include "crypto_cssm.h" -#include "open_dir.h" -#include "dnssec.h" -#include "sockmisc.h" -#include "strnames.h" -#include "gcmalloc.h" -#ifndef HAVE_ARC4RANDOM -#include "arc4random.h" -#endif - -#ifdef HAVE_GSSAPI -#include "gssapi.h" -#endif - -#define OUTBOUND_SA 0 -#define INBOUND_SA 1 - -#define INITDHVAL(a, s, d, t) \ -do { \ - vchar_t buf; \ - buf.v = str2val((s), 16, &buf.l); \ - memset(&a, 0, sizeof(struct dhgroup)); \ - a.type = (t); \ - a.prime = vdup(&buf); \ - racoon_free(buf.v); \ - a.gen1 = 2; \ - a.gen2 = 0; \ -} while(0); - -struct dhgroup dh_modp768; -struct dhgroup dh_modp1024; -struct dhgroup dh_modp1536; -struct dhgroup dh_modp2048; -struct dhgroup dh_modp3072; -struct dhgroup dh_modp4096; -struct dhgroup dh_modp6144; -struct dhgroup dh_modp8192; - -static int oakley_compute_keymat_x __P((struct ph2handle *, int, int)); -#ifdef HAVE_SIGNING_C -static int get_cert_fromlocal __P((struct ph1handle *, int)); -static int oakley_check_certid(u_int8_t idtype, int idlen, void* id, cert_t* cert_p); -static int check_typeofcertname __P((int, int)); -static cert_t *save_certbuf __P((struct isakmp_gen *)); -#endif -static int oakley_padlen __P((int, int)); - -int -oakley_get_defaultlifetime() -{ - return OAKLEY_ATTR_SA_LD_SEC_DEFAULT; -} - -int -oakley_dhinit() -{ - /* set DH MODP */ - INITDHVAL(dh_modp768, OAKLEY_PRIME_MODP768, - OAKLEY_ATTR_GRP_DESC_MODP768, OAKLEY_ATTR_GRP_TYPE_MODP); - INITDHVAL(dh_modp1024, OAKLEY_PRIME_MODP1024, - OAKLEY_ATTR_GRP_DESC_MODP1024, OAKLEY_ATTR_GRP_TYPE_MODP); - INITDHVAL(dh_modp1536, OAKLEY_PRIME_MODP1536, - OAKLEY_ATTR_GRP_DESC_MODP1536, OAKLEY_ATTR_GRP_TYPE_MODP); - INITDHVAL(dh_modp2048, OAKLEY_PRIME_MODP2048, - OAKLEY_ATTR_GRP_DESC_MODP2048, OAKLEY_ATTR_GRP_TYPE_MODP); - INITDHVAL(dh_modp3072, OAKLEY_PRIME_MODP3072, - OAKLEY_ATTR_GRP_DESC_MODP3072, OAKLEY_ATTR_GRP_TYPE_MODP); - INITDHVAL(dh_modp4096, OAKLEY_PRIME_MODP4096, - OAKLEY_ATTR_GRP_DESC_MODP4096, OAKLEY_ATTR_GRP_TYPE_MODP); - INITDHVAL(dh_modp6144, OAKLEY_PRIME_MODP6144, - OAKLEY_ATTR_GRP_DESC_MODP6144, OAKLEY_ATTR_GRP_TYPE_MODP); - INITDHVAL(dh_modp8192, OAKLEY_PRIME_MODP8192, - OAKLEY_ATTR_GRP_DESC_MODP8192, OAKLEY_ATTR_GRP_TYPE_MODP); - - return 0; -} - -void -oakley_dhgrp_free(dhgrp) - struct dhgroup *dhgrp; -{ - if (dhgrp->prime) - vfree(dhgrp->prime); - if (dhgrp->curve_a) - vfree(dhgrp->curve_a); - if (dhgrp->curve_b) - vfree(dhgrp->curve_b); - if (dhgrp->order) - vfree(dhgrp->order); - racoon_free(dhgrp); -} - -/* - * compute sharing secret of DH - * IN: *dh, *pub, *priv, *pub_p - * OUT: **gxy - */ -int -oakley_dh_compute(dh, pub, priv, pub_p, gxy) - const struct dhgroup *dh; - vchar_t *pub, *priv, *pub_p, **gxy; -{ -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - if ((*gxy = vmalloc(dh->prime->l)) == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get DH buffer.\n"); - return -1; - } - -#ifdef ENABLE_STATS - gettimeofday(&start, NULL); -#endif - switch (dh->type) { - case OAKLEY_ATTR_GRP_TYPE_MODP: - if (eay_dh_compute(dh->prime, dh->gen1, pub, priv, pub_p, gxy) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to compute dh value.\n"); - return -1; - } - break; - case OAKLEY_ATTR_GRP_TYPE_ECP: - case OAKLEY_ATTR_GRP_TYPE_EC2N: - plog(LLV_ERROR, LOCATION, NULL, - "dh type %d isn't supported.\n", dh->type); - return -1; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid dh type %d.\n", dh->type); - return -1; - } - -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s%d): %8.6f", __func__, - s_attr_isakmp_group(dh->type), dh->prime->l << 3, - timedelta(&start, &end)); -#endif - - plog(LLV_DEBUG, LOCATION, NULL, "compute DH's shared.\n"); - plogdump(LLV_DEBUG, (*gxy)->v, (*gxy)->l); - - return 0; -} - -/* - * generate values of DH - * IN: *dh - * OUT: **pub, **priv - */ -int -oakley_dh_generate(dh, pub, priv) - const struct dhgroup *dh; - vchar_t **pub, **priv; -{ -#ifdef ENABLE_STATS - struct timeval start, end; - gettimeofday(&start, NULL); -#endif - switch (dh->type) { - case OAKLEY_ATTR_GRP_TYPE_MODP: - if (eay_dh_generate(dh->prime, dh->gen1, dh->gen2, pub, priv) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to compute dh value.\n"); - return -1; - } - break; - - case OAKLEY_ATTR_GRP_TYPE_ECP: - case OAKLEY_ATTR_GRP_TYPE_EC2N: - plog(LLV_ERROR, LOCATION, NULL, - "dh type %d isn't supported.\n", dh->type); - return -1; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid dh type %d.\n", dh->type); - return -1; - } - -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s%d): %8.6f", __func__, - s_attr_isakmp_group(dh->type), dh->prime->l << 3, - timedelta(&start, &end)); -#endif - plog(LLV_DEBUG, LOCATION, NULL, "compute DH's private.\n"); - plogdump(LLV_DEBUG, (*priv)->v, (*priv)->l); - plog(LLV_DEBUG, LOCATION, NULL, "compute DH's public.\n"); - plogdump(LLV_DEBUG, (*pub)->v, (*pub)->l); - - return 0; -} - -/* - * copy pre-defined dhgroup values. - */ -int -oakley_setdhgroup(group, dhgrp) - int group; - struct dhgroup **dhgrp; -{ - struct dhgroup *g; - - *dhgrp = NULL; /* just make sure, initialize */ - - g = alg_oakley_dhdef_group(group); - if (g == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid DH parameter grp=%d.\n", group); - return -1; - } - - if (!g->type || !g->prime || !g->gen1) { - /* unsuported */ - plog(LLV_ERROR, LOCATION, NULL, - "unsupported DH parameters grp=%d.\n", group); - return -1; - } - - *dhgrp = racoon_calloc(1, sizeof(struct dhgroup)); - if (*dhgrp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get DH buffer.\n"); - return 0; - } - - /* set defined dh vlaues */ - memcpy(*dhgrp, g, sizeof(*g)); - (*dhgrp)->prime = vdup(g->prime); - - return 0; -} - -/* - * PRF - * - * NOTE: we do not support prf with different input/output bitwidth, - * so we do not implement RFC2409 Appendix B (DOORAK-MAC example) in - * oakley_compute_keymat(). If you add support for such prf function, - * modify oakley_compute_keymat() accordingly. - */ -vchar_t * -oakley_prf(key, buf, iph1) - vchar_t *key, *buf; - struct ph1handle *iph1; -{ - vchar_t *res = NULL; - int type; - - if (iph1->approval == NULL) { - /* - * it's before negotiating hash algorithm. - * We use md5 as default. - */ - type = OAKLEY_ATTR_HASH_ALG_MD5; - } else - type = iph1->approval->hashtype; - - res = alg_oakley_hmacdef_one(type, key, buf); - if (res == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid hmac algorithm %d.\n", type); - return NULL; - } - - return res; -} - -/* - * hash - */ -vchar_t * -oakley_hash(buf, iph1) - vchar_t *buf; - struct ph1handle *iph1; -{ - vchar_t *res = NULL; - int type; - - if (iph1->approval == NULL) { - /* - * it's before negotiating hash algorithm. - * We use md5 as default. - */ - type = OAKLEY_ATTR_HASH_ALG_MD5; - } else - type = iph1->approval->hashtype; - - res = alg_oakley_hashdef_one(type, buf); - if (res == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid hash algorithm %d.\n", type); - return NULL; - } - - return res; -} - -/* - * compute KEYMAT - * see seciton 5.5 Phase 2 - Quick Mode in isakmp-oakley-05. - */ -int -oakley_compute_keymat(iph2, side) - struct ph2handle *iph2; - int side; -{ - int error = -1; - - /* compute sharing secret of DH when PFS */ - if (iph2->approval->pfs_group && iph2->dhpub_p) { - if (oakley_dh_compute(iph2->pfsgrp, iph2->dhpub, - iph2->dhpriv, iph2->dhpub_p, &iph2->dhgxy) < 0) - goto end; - } - - /* compute keymat */ - if (oakley_compute_keymat_x(iph2, side, INBOUND_SA) < 0 - || oakley_compute_keymat_x(iph2, side, OUTBOUND_SA) < 0) - goto end; - - plog(LLV_DEBUG, LOCATION, NULL, "KEYMAT computed.\n"); - - error = 0; - -end: - return error; -} - -/* - * compute KEYMAT. - * KEYMAT = prf(SKEYID_d, protocol | SPI | Ni_b | Nr_b). - * If PFS is desired and KE payloads were exchanged, - * KEYMAT = prf(SKEYID_d, g(qm)^xy | protocol | SPI | Ni_b | Nr_b) - * - * NOTE: we do not support prf with different input/output bitwidth, - * so we do not implement RFC2409 Appendix B (DOORAK-MAC example). - */ -static int -oakley_compute_keymat_x(iph2, side, sa_dir) - struct ph2handle *iph2; - int side; - int sa_dir; -{ - vchar_t *buf = NULL, *res = NULL, *bp; - char *p; - int len; - int error = -1; - int pfs = 0; - int dupkeymat; /* generate K[1-dupkeymat] */ - struct saproto *pr; - struct satrns *tr; - int encklen, authklen, l; - - pfs = ((iph2->approval->pfs_group && iph2->dhgxy) ? 1 : 0); - - len = pfs ? iph2->dhgxy->l : 0; - len += (1 - + sizeof(u_int32_t) /* XXX SPI size */ - + iph2->nonce->l - + iph2->nonce_p->l); - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get keymat buffer.\n"); - goto end; - } - - for (pr = iph2->approval->head; pr != NULL; pr = pr->next) { - p = buf->v; - - /* if PFS */ - if (pfs) { - memcpy(p, iph2->dhgxy->v, iph2->dhgxy->l); - p += iph2->dhgxy->l; - } - - p[0] = pr->proto_id; - p += 1; - - memcpy(p, (sa_dir == INBOUND_SA ? &pr->spi : &pr->spi_p), - sizeof(pr->spi)); - p += sizeof(pr->spi); - - bp = (side == INITIATOR ? iph2->nonce : iph2->nonce_p); - memcpy(p, bp->v, bp->l); - p += bp->l; - - bp = (side == INITIATOR ? iph2->nonce_p : iph2->nonce); - memcpy(p, bp->v, bp->l); - p += bp->l; - - /* compute IV */ - plog(LLV_DEBUG, LOCATION, NULL, "KEYMAT compute with\n"); - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* res = K1 */ - res = oakley_prf(iph2->ph1->skeyid_d, buf, iph2->ph1); - if (res == NULL) - goto end; - - /* compute key length needed */ - encklen = authklen = 0; - switch (pr->proto_id) { - case IPSECDOI_PROTO_IPSEC_ESP: - for (tr = pr->head; tr; tr = tr->next) { - l = alg_ipsec_encdef_keylen(tr->trns_id, - tr->encklen); - if (l > encklen) - encklen = l; - - l = alg_ipsec_hmacdef_hashlen(tr->authtype); - if (l > authklen) - authklen = l; - } - break; - case IPSECDOI_PROTO_IPSEC_AH: - for (tr = pr->head; tr; tr = tr->next) { - l = alg_ipsec_hmacdef_hashlen(tr->trns_id); - if (l > authklen) - authklen = l; - } - break; - default: - break; - } - plog(LLV_DEBUG, LOCATION, NULL, "encklen=%d authklen=%d\n", - encklen, authklen); - - dupkeymat = (encklen + authklen) / 8 / res->l; - dupkeymat += 2; /* safety mergin */ - if (dupkeymat < 3) - dupkeymat = 3; - plog(LLV_DEBUG, LOCATION, NULL, - "generating %d bits of key (dupkeymat=%d)\n", - dupkeymat * 8 * res->l, dupkeymat); - if (0 < --dupkeymat) { - vchar_t *prev = res; /* K(n-1) */ - vchar_t *seed = NULL; /* seed for Kn */ - size_t l; - - /* - * generating long key (isakmp-oakley-08 5.5) - * KEYMAT = K1 | K2 | K3 | ... - * where - * src = [ g(qm)^xy | ] protocol | SPI | Ni_b | Nr_b - * K1 = prf(SKEYID_d, src) - * K2 = prf(SKEYID_d, K1 | src) - * K3 = prf(SKEYID_d, K2 | src) - * Kn = prf(SKEYID_d, K(n-1) | src) - */ - plog(LLV_DEBUG, LOCATION, NULL, - "generating K1...K%d for KEYMAT.\n", - dupkeymat + 1); - - seed = vmalloc(prev->l + buf->l); - if (seed == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get keymat buffer.\n"); - if (prev && prev != res) - vfree(prev); - goto end; - } - - while (dupkeymat--) { - vchar_t *this = NULL; /* Kn */ - - memcpy(seed->v, prev->v, prev->l); - memcpy(seed->v + prev->l, buf->v, buf->l); - this = oakley_prf(iph2->ph1->skeyid_d, seed, - iph2->ph1); - if (!this) { - plog(LLV_ERROR, LOCATION, NULL, - "oakley_prf memory overflow\n"); - if (prev && prev != res) - vfree(prev); - vfree(this); - vfree(seed); - goto end; - } - - l = res->l; - res = vrealloc(res, l + this->l); - if (res == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get keymat buffer.\n"); - if (prev && prev != res) - vfree(prev); - vfree(this); - vfree(seed); - goto end; - } - memcpy(res->v + l, this->v, this->l); - - if (prev && prev != res) - vfree(prev); - prev = this; - this = NULL; - } - - if (prev && prev != res) - vfree(prev); - vfree(seed); - } - - plogdump(LLV_DEBUG, res->v, res->l); - - if (sa_dir == INBOUND_SA) - pr->keymat = res; - else - pr->keymat_p = res; - res = NULL; - } - - error = 0; - -end: - if (error) { - for (pr = iph2->approval->head; pr != NULL; pr = pr->next) { - if (pr->keymat) { - vfree(pr->keymat); - pr->keymat = NULL; - } - if (pr->keymat_p) { - vfree(pr->keymat_p); - pr->keymat_p = NULL; - } - } - } - - if (buf != NULL) - vfree(buf); - if (res) - vfree(res); - - return error; -} - -#if notyet -/* - * NOTE: Must terminate by NULL. - */ -vchar_t * -oakley_compute_hashx(struct ph1handle *iph1, ...) -{ - vchar_t *buf, *res; - vchar_t *s; - caddr_t p; - int len; - - va_list ap; - - /* get buffer length */ - va_start(ap, iph1); - len = 0; - while ((s = va_arg(ap, vchar_t *)) != NULL) { - len += s->l - } - va_end(ap); - - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer\n"); - return NULL; - } - - /* set buffer */ - va_start(ap, iph1); - p = buf->v; - while ((s = va_arg(ap, char *)) != NULL) { - memcpy(p, s->v, s->l); - p += s->l; - } - va_end(ap); - - plog(LLV_DEBUG, LOCATION, NULL, "HASH with: \n"); - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* compute HASH */ - res = oakley_prf(iph1->skeyid_a, buf, iph1); - vfree(buf); - if (res == NULL) - return NULL; - - plog(LLV_DEBUG, LOCATION, NULL, "HASH computed:\n"); - plogdump(LLV_DEBUG, res->v, res->l); - - return res; -} -#endif - -/* - * compute HASH(3) prf(SKEYID_a, 0 | M-ID | Ni_b | Nr_b) - * see seciton 5.5 Phase 2 - Quick Mode in isakmp-oakley-05. - */ -vchar_t * -oakley_compute_hash3(iph1, msgid, body) - struct ph1handle *iph1; - u_int32_t msgid; - vchar_t *body; -{ - vchar_t *buf = 0, *res = 0; - int len; - int error = -1; - - /* create buffer */ - len = 1 + sizeof(u_int32_t) + body->l; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_DEBUG, LOCATION, NULL, - "failed to get hash buffer\n"); - goto end; - } - - buf->v[0] = 0; - - memcpy(buf->v + 1, (char *)&msgid, sizeof(msgid)); - - memcpy(buf->v + 1 + sizeof(u_int32_t), body->v, body->l); - - plog(LLV_DEBUG, LOCATION, NULL, "HASH with: \n"); - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* compute HASH */ - res = oakley_prf(iph1->skeyid_a, buf, iph1); - if (res == NULL) - goto end; - - error = 0; - - plog(LLV_DEBUG, LOCATION, NULL, "HASH computed:\n"); - plogdump(LLV_DEBUG, res->v, res->l); - -end: - if (buf != NULL) - vfree(buf); - return res; -} - -/* - * compute HASH type of prf(SKEYID_a, M-ID | buffer) - * e.g. - * for quick mode HASH(1): - * prf(SKEYID_a, M-ID | SA | Ni [ | KE ] [ | IDci | IDcr ]) - * for quick mode HASH(2): - * prf(SKEYID_a, M-ID | Ni_b | SA | Nr [ | KE ] [ | IDci | IDcr ]) - * for Informational exchange: - * prf(SKEYID_a, M-ID | N/D) - */ -vchar_t * -oakley_compute_hash1(iph1, msgid, body) - struct ph1handle *iph1; - u_int32_t msgid; - vchar_t *body; -{ - vchar_t *buf = NULL, *res = NULL; - char *p; - int len; - int error = -1; - - /* create buffer */ - len = sizeof(u_int32_t) + body->l; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_DEBUG, LOCATION, NULL, - "failed to get hash buffer\n"); - goto end; - } - - p = buf->v; - - memcpy(buf->v, (char *)&msgid, sizeof(msgid)); - p += sizeof(u_int32_t); - - memcpy(p, body->v, body->l); - - plog(LLV_DEBUG, LOCATION, NULL, "HASH with:\n"); - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* compute HASH */ - res = oakley_prf(iph1->skeyid_a, buf, iph1); - if (res == NULL) - goto end; - - error = 0; - - plog(LLV_DEBUG, LOCATION, NULL, "HASH computed:\n"); - plogdump(LLV_DEBUG, res->v, res->l); - -end: - if (buf != NULL) - vfree(buf); - return res; -} - -/* - * compute phase1 HASH - * main/aggressive - * I-digest = prf(SKEYID, g^i | g^r | CKY-I | CKY-R | SAi_b | ID_i1_b) - * R-digest = prf(SKEYID, g^r | g^i | CKY-R | CKY-I | SAi_b | ID_r1_b) - * for gssapi, also include all GSS tokens, and call gss_wrap on the result - */ -vchar_t * -oakley_ph1hash_common(iph1, sw) - struct ph1handle *iph1; - int sw; -{ - vchar_t *buf = NULL, *res = NULL, *bp; - char *p, *bp2; - int len, bl; - int error = -1; -#ifdef HAVE_GSSAPI - vchar_t *gsstokens = NULL; -#endif - - /* create buffer */ - len = iph1->dhpub->l - + iph1->dhpub_p->l - + sizeof(cookie_t) * 2 - + iph1->sa->l - + (sw == GENERATE ? iph1->id->l : iph1->id_p->l); - -#ifdef HAVE_GSSAPI - if (iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) { - if (iph1->gi_i != NULL && iph1->gi_r != NULL) { - bp = (sw == GENERATE ? iph1->gi_i : iph1->gi_r); - len += bp->l; - } - if (sw == GENERATE) - gssapi_get_itokens(iph1, &gsstokens); - else - gssapi_get_rtokens(iph1, &gsstokens); - if (gsstokens == NULL) - return NULL; - len += gsstokens->l; - } -#endif - - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer\n"); - goto end; - } - - p = buf->v; - - bp = (sw == GENERATE ? iph1->dhpub : iph1->dhpub_p); - memcpy(p, bp->v, bp->l); - p += bp->l; - - bp = (sw == GENERATE ? iph1->dhpub_p : iph1->dhpub); - memcpy(p, bp->v, bp->l); - p += bp->l; - - if (iph1->side == INITIATOR) - bp2 = (sw == GENERATE ? - (char *)&iph1->index.i_ck : (char *)&iph1->index.r_ck); - else - bp2 = (sw == GENERATE ? - (char *)&iph1->index.r_ck : (char *)&iph1->index.i_ck); - bl = sizeof(cookie_t); - memcpy(p, bp2, bl); - p += bl; - - if (iph1->side == INITIATOR) - bp2 = (sw == GENERATE ? - (char *)&iph1->index.r_ck : (char *)&iph1->index.i_ck); - else - bp2 = (sw == GENERATE ? - (char *)&iph1->index.i_ck : (char *)&iph1->index.r_ck); - bl = sizeof(cookie_t); - memcpy(p, bp2, bl); - p += bl; - - bp = iph1->sa; - memcpy(p, bp->v, bp->l); - p += bp->l; - - bp = (sw == GENERATE ? iph1->id : iph1->id_p); - memcpy(p, bp->v, bp->l); - p += bp->l; - -#ifdef HAVE_GSSAPI - if (iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) { - if (iph1->gi_i != NULL && iph1->gi_r != NULL) { - bp = (sw == GENERATE ? iph1->gi_i : iph1->gi_r); - memcpy(p, bp->v, bp->l); - p += bp->l; - } - memcpy(p, gsstokens->v, gsstokens->l); - p += gsstokens->l; - } -#endif - - plog(LLV_DEBUG, LOCATION, NULL, "HASH with:\n"); - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* compute HASH */ - res = oakley_prf(iph1->skeyid, buf, iph1); - if (res == NULL) - goto end; - - error = 0; - - plog(LLV_DEBUG, LOCATION, NULL, "HASH computed:\n"); - plogdump(LLV_DEBUG, res->v, res->l); - -end: - if (buf != NULL) - vfree(buf); -#ifdef HAVE_GSSAPI - if (gsstokens != NULL) - vfree(gsstokens); -#endif - return res; -} - -/* - * compute HASH_I on base mode. - * base:psk,rsa - * HASH_I = prf(SKEYID, g^xi | CKY-I | CKY-R | SAi_b | IDii_b) - * base:sig - * HASH_I = prf(hash(Ni_b | Nr_b), g^xi | CKY-I | CKY-R | SAi_b | IDii_b) - */ -vchar_t * -oakley_ph1hash_base_i(iph1, sw) - struct ph1handle *iph1; - int sw; -{ - vchar_t *buf = NULL, *res = NULL, *bp; - vchar_t *hashkey = NULL; - vchar_t *hash = NULL; /* for signature mode */ - char *p; - int len; - int error = -1; - - /* sanity check */ - if (iph1->etype != ISAKMP_ETYPE_BASE) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid etype for this hash function\n"); - return NULL; - } - - switch (iph1->approval->authmethod) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - if (iph1->skeyid == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "no SKEYID found.\n"); - return NULL; - } - hashkey = iph1->skeyid; - break; - - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: - /* make hash for seed */ - len = iph1->nonce->l + iph1->nonce_p->l; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer\n"); - goto end; - } - p = buf->v; - - bp = (sw == GENERATE ? iph1->nonce_p : iph1->nonce); - memcpy(p, bp->v, bp->l); - p += bp->l; - - bp = (sw == GENERATE ? iph1->nonce : iph1->nonce_p); - memcpy(p, bp->v, bp->l); - p += bp->l; - - hash = oakley_hash(buf, iph1); - if (hash == NULL) - goto end; - vfree(buf); - buf = NULL; - - hashkey = hash; - break; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "not supported authentication method %d\n", - iph1->approval->authmethod); - return NULL; - - } - - len = (sw == GENERATE ? iph1->dhpub->l : iph1->dhpub_p->l) - + sizeof(cookie_t) * 2 - + iph1->sa->l - + (sw == GENERATE ? iph1->id->l : iph1->id_p->l); - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer\n"); - goto end; - } - p = buf->v; - - bp = (sw == GENERATE ? iph1->dhpub : iph1->dhpub_p); - memcpy(p, bp->v, bp->l); - p += bp->l; - - memcpy(p, &iph1->index.i_ck, sizeof(cookie_t)); - p += sizeof(cookie_t); - memcpy(p, &iph1->index.r_ck, sizeof(cookie_t)); - p += sizeof(cookie_t); - - memcpy(p, iph1->sa->v, iph1->sa->l); - p += iph1->sa->l; - - bp = (sw == GENERATE ? iph1->id : iph1->id_p); - memcpy(p, bp->v, bp->l); - p += bp->l; - - plog(LLV_DEBUG, LOCATION, NULL, "HASH_I with:\n"); - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* compute HASH */ - res = oakley_prf(hashkey, buf, iph1); - if (res == NULL) - goto end; - - error = 0; - - plog(LLV_DEBUG, LOCATION, NULL, "HASH_I computed:\n"); - plogdump(LLV_DEBUG, res->v, res->l); - -end: - if (hash != NULL) - vfree(hash); - if (buf != NULL) - vfree(buf); - return res; -} - -/* - * compute HASH_R on base mode for signature method. - * base: - * HASH_R = prf(hash(Ni_b | Nr_b), g^xi | g^xr | CKY-I | CKY-R | SAi_b | IDii_b) - */ -vchar_t * -oakley_ph1hash_base_r(iph1, sw) - struct ph1handle *iph1; - int sw; -{ - vchar_t *buf = NULL, *res = NULL, *bp; - vchar_t *hash = NULL; - char *p; - int len; - int error = -1; - - /* sanity check */ - if (iph1->etype != ISAKMP_ETYPE_BASE) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid etype for this hash function\n"); - return NULL; - } - if (iph1->approval->authmethod != OAKLEY_ATTR_AUTH_METHOD_DSSSIG - && iph1->approval->authmethod != OAKLEY_ATTR_AUTH_METHOD_RSASIG) { - plog(LLV_ERROR, LOCATION, NULL, - "not supported authentication method %d\n", - iph1->approval->authmethod); - return NULL; - } - - /* make hash for seed */ - len = iph1->nonce->l + iph1->nonce_p->l; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer\n"); - goto end; - } - p = buf->v; - - bp = (sw == GENERATE ? iph1->nonce_p : iph1->nonce); - memcpy(p, bp->v, bp->l); - p += bp->l; - - bp = (sw == GENERATE ? iph1->nonce : iph1->nonce_p); - memcpy(p, bp->v, bp->l); - p += bp->l; - - hash = oakley_hash(buf, iph1); - if (hash == NULL) - goto end; - vfree(buf); - buf = NULL; - - /* make really hash */ - len = (sw == GENERATE ? iph1->dhpub_p->l : iph1->dhpub->l) - + (sw == GENERATE ? iph1->dhpub->l : iph1->dhpub_p->l) - + sizeof(cookie_t) * 2 - + iph1->sa->l - + (sw == GENERATE ? iph1->id_p->l : iph1->id->l); - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get hash buffer\n"); - goto end; - } - p = buf->v; - - - bp = (sw == GENERATE ? iph1->dhpub_p : iph1->dhpub); - memcpy(p, bp->v, bp->l); - p += bp->l; - - bp = (sw == GENERATE ? iph1->dhpub : iph1->dhpub_p); - memcpy(p, bp->v, bp->l); - p += bp->l; - - memcpy(p, &iph1->index.i_ck, sizeof(cookie_t)); - p += sizeof(cookie_t); - memcpy(p, &iph1->index.r_ck, sizeof(cookie_t)); - p += sizeof(cookie_t); - - memcpy(p, iph1->sa->v, iph1->sa->l); - p += iph1->sa->l; - - bp = (sw == GENERATE ? iph1->id_p : iph1->id); - memcpy(p, bp->v, bp->l); - p += bp->l; - - plog(LLV_DEBUG, LOCATION, NULL, "HASH with:\n"); - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* compute HASH */ - res = oakley_prf(hash, buf, iph1); - if (res == NULL) - goto end; - - error = 0; - - plog(LLV_DEBUG, LOCATION, NULL, "HASH computed:\n"); - plogdump(LLV_DEBUG, res->v, res->l); - -end: - if (buf != NULL) - vfree(buf); - if (hash) - vfree(hash); - return res; -} - -/* - * compute each authentication method in phase 1. - * OUT: - * 0: OK - * -1: error - * other: error to be reply with notification. - * the value is notification type. - */ -int -oakley_validate_auth(iph1) - struct ph1handle *iph1; -{ - vchar_t *my_hash = NULL; - int result; -#ifdef HAVE_GSSAPI - vchar_t *gsshash = NULL; -#endif -#ifdef ENABLE_STATS - struct timeval start, end; -#endif - -#ifdef ENABLE_STATS - gettimeofday(&start, NULL); -#endif - switch (iph1->approval->authmethod) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - /* validate HASH */ - { - char *r_hash; - - if (iph1->id_p == NULL || iph1->pl_hash == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "few isakmp message received.\n"); - return ISAKMP_NTYPE_PAYLOAD_MALFORMED; - } - - r_hash = (caddr_t)(iph1->pl_hash + 1); - - plog(LLV_DEBUG, LOCATION, NULL, "HASH received:"); - plogdump(LLV_DEBUG, r_hash, - ntohs(iph1->pl_hash->h.len) - sizeof(*iph1->pl_hash)); - - switch (iph1->etype) { - case ISAKMP_ETYPE_IDENT: - case ISAKMP_ETYPE_AGG: - my_hash = oakley_ph1hash_common(iph1, VALIDATE); - break; - case ISAKMP_ETYPE_BASE: - if (iph1->side == INITIATOR) - my_hash = oakley_ph1hash_common(iph1, VALIDATE); - else - my_hash = oakley_ph1hash_base_i(iph1, VALIDATE); - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid etype %d\n", iph1->etype); - return ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE; - } - if (my_hash == NULL) - return ISAKMP_INTERNAL_ERROR; - - result = memcmp(my_hash->v, r_hash, my_hash->l); - vfree(my_hash); - - if (result) { - plog(LLV_ERROR, LOCATION, NULL, "HASH mismatched\n"); - return ISAKMP_NTYPE_INVALID_HASH_INFORMATION; - } - - plog(LLV_DEBUG, LOCATION, NULL, "HASH for PSK validated.\n"); - } - break; -#ifdef HAVE_SIGNING_C - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - { - int error = 0; - - /* validation */ - if (iph1->id_p == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "no ID payload was passed.\n"); - return ISAKMP_NTYPE_PAYLOAD_MALFORMED; - } - if (iph1->sig_p == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "no SIG payload was passed.\n"); - return ISAKMP_NTYPE_PAYLOAD_MALFORMED; - } - - plog(LLV_DEBUG, LOCATION, NULL, "SIGN passed:\n"); - plogdump(LLV_DEBUG, iph1->sig_p->v, iph1->sig_p->l); - - /* get peer's cert */ - switch (iph1->rmconf->getcert_method) { - case ISAKMP_GETCERT_PAYLOAD: - if (iph1->cert_p == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no peer's CERT payload found.\n"); - return ISAKMP_INTERNAL_ERROR; - } - break; - case ISAKMP_GETCERT_LOCALFILE: - if (iph1->rmconf->peerscertfile == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no peer's CERT file found.\n"); - return ISAKMP_INTERNAL_ERROR; - } - - /* don't use cached cert */ - if (iph1->cert_p != NULL) { - oakley_delcert(iph1->cert_p); - iph1->cert_p = NULL; - } - - error = get_cert_fromlocal(iph1, 0); - if (error) - return ISAKMP_INTERNAL_ERROR; - break; - case ISAKMP_GETCERT_DNS: - if (iph1->rmconf->peerscertfile != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "why peer's CERT file is defined " - "though getcert method is dns ?\n"); - return ISAKMP_INTERNAL_ERROR; - } - - /* don't use cached cert */ - if (iph1->cert_p != NULL) { - oakley_delcert(iph1->cert_p); - iph1->cert_p = NULL; - } - - iph1->cert_p = dnssec_getcert(iph1->id_p); - if (iph1->cert_p == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no CERT RR found.\n"); - return ISAKMP_INTERNAL_ERROR; - } - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid getcert_mothod: %d\n", - iph1->rmconf->getcert_method); - return ISAKMP_INTERNAL_ERROR; - } - - /* check cert ID */ - if (iph1->rmconf->verify_cert) { - - struct ipsecdoi_id_b *id_b; - int idlen; - - if (iph1->id_p == NULL || iph1->cert_p == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "no ID or CERT found.\n"); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - - id_b = (struct ipsecdoi_id_b *)iph1->id_p->v; - idlen = iph1->id_p->l - sizeof(*id_b); - - if ((error = oakley_check_certid(id_b->type, idlen, id_b + 1, iph1->cert_p)) != 0) - return error; - } - - /* verify certificate */ - if (iph1->rmconf->verify_cert - && iph1->rmconf->getcert_method == ISAKMP_GETCERT_PAYLOAD) { - switch (iph1->rmconf->certtype) { - case ISAKMP_CERT_X509SIGN: - if (iph1->rmconf->cert_verification == VERIFICATION_MODULE_SEC_FRAMEWORK) - error = crypto_cssm_check_x509cert(&iph1->cert_p->cert); - else - error = eay_check_x509cert(&iph1->cert_p->cert, - lcconf->pathinfo[LC_PATHTYPE_CERT], 0); - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "no supported certtype %d\n", - iph1->rmconf->certtype); - return ISAKMP_INTERNAL_ERROR; - } - if (error != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "the peer's certificate is not verified.\n"); - return ISAKMP_NTYPE_INVALID_CERT_AUTHORITY; - } - - } - - /* check configured peers identifier against cert IDs */ - /* allows checking of specified ID against multiple ids in the cert */ - /* such as multiple domain names */ - if (iph1->rmconf->cert_verification_option == VERIFICATION_OPTION_PEERS_IDENTIFIER) { - u_int8_t doi_type = 255; - void *peers_id = NULL; - int peers_id_len = 0; - - if (iph1->rmconf->idvtype_p == IDTYPE_ADDRESS) { - switch (((struct sockaddr *)(iph1->rmconf->idv_p->v))->sa_family) { - case AF_INET: - doi_type = IPSECDOI_ID_IPV4_ADDR; - peers_id_len = sizeof(struct in_addr); - peers_id = &(((struct sockaddr_in *)(iph1->rmconf->idv_p->v))->sin_addr.s_addr); - break; -#ifdef INET6 - case AF_INET6: - doi_type = IPSECDOI_ID_IPV6_ADDR; - peers_id_len = sizeof(struct in6_addr); - peers_id = &(((struct sockaddr_in6 *)(iph1->rmconf->idv_p->v))->sin6_addr.s6_addr); - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "unknown address type for peers identifier.\n"); - return ISAKMP_NTYPE_AUTHENTICATION_FAILED; - break; - } - - } else { - doi_type = idtype2doi(iph1->rmconf->idvtype_p); - peers_id = iph1->rmconf->idv_p->v; - peers_id_len = iph1->rmconf->idv_p->l; - } - - if ((error = oakley_check_certid(doi_type, peers_id_len, - peers_id, iph1->cert_p)) != 0) - return error; - } - - if (iph1->rmconf->cert_verification_option == VERIFICATION_OPTION_OPEN_DIR) { - - vchar_t *user_id = NULL; - - user_id = eay_get_x509_common_name(&iph1->cert_p->cert); - - // the following functions will check if user_id == 0 - if (open_dir_authorize_id(user_id, iph1->rmconf->open_dir_auth_group) == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "the peer is not authorized for access.\n"); - return ISAKMP_NTYPE_AUTHENTICATION_FAILED; - } - vfree(user_id); - } - - plog(LLV_DEBUG, LOCATION, NULL, "CERT validated\n"); - - - /* compute hash */ - switch (iph1->etype) { - case ISAKMP_ETYPE_IDENT: - case ISAKMP_ETYPE_AGG: - my_hash = oakley_ph1hash_common(iph1, VALIDATE); - break; - case ISAKMP_ETYPE_BASE: - if (iph1->side == INITIATOR) - my_hash = oakley_ph1hash_base_r(iph1, VALIDATE); - else - my_hash = oakley_ph1hash_base_i(iph1, VALIDATE); - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid etype %d\n", iph1->etype); - return ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE; - } - if (my_hash == NULL) - return ISAKMP_INTERNAL_ERROR; - - /* check signature */ - switch (iph1->rmconf->certtype) { - case ISAKMP_CERT_X509SIGN: - case ISAKMP_CERT_DNS: - error = eay_check_x509sign(my_hash, - iph1->sig_p, - &iph1->cert_p->cert); - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "no supported certtype %d\n", - iph1->rmconf->certtype); - vfree(my_hash); - return ISAKMP_INTERNAL_ERROR; - } - - vfree(my_hash); - if (error != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "Invalid SIG.\n"); - return ISAKMP_NTYPE_INVALID_SIGNATURE; - } - plog(LLV_DEBUG, LOCATION, NULL, "SIG authenticated\n"); - } - break; -#endif -#ifdef HAVE_GSSAPI - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: - switch (iph1->etype) { - case ISAKMP_ETYPE_IDENT: - case ISAKMP_ETYPE_AGG: - my_hash = oakley_ph1hash_common(iph1, VALIDATE); - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid etype %d\n", iph1->etype); - return ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE; - } - - if (my_hash == NULL) { - if (gssapi_more_tokens(iph1)) - return ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE; - else - return ISAKMP_NTYPE_INVALID_HASH_INFORMATION; - } - - gsshash = gssapi_unwraphash(iph1); - if (gsshash == NULL) { - vfree(my_hash); - return ISAKMP_NTYPE_INVALID_HASH_INFORMATION; - } - - result = memcmp(my_hash->v, gsshash->v, my_hash->l); - vfree(my_hash); - vfree(gsshash); - - if (result) { - plog(LLV_ERROR, LOCATION, NULL, "HASH mismatched\n"); - return ISAKMP_NTYPE_INVALID_HASH_INFORMATION; - } - plog(LLV_DEBUG, LOCATION, NULL, "hash compared OK\n"); - break; -#endif - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - if (iph1->id_p == NULL || iph1->pl_hash == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "few isakmp message received.\n"); - return ISAKMP_NTYPE_PAYLOAD_MALFORMED; - } - plog(LLV_ERROR, LOCATION, iph1->remote, - "not supported authmethod type %s\n", - s_oakley_attr_method(iph1->approval->authmethod)); - return ISAKMP_INTERNAL_ERROR; - default: - plog(LLV_ERROR, LOCATION, iph1->remote, - "invalid authmethod %d why ?\n", - iph1->approval->authmethod); - return ISAKMP_INTERNAL_ERROR; - } -#ifdef ENABLE_STATS - gettimeofday(&end, NULL); - syslog(LOG_NOTICE, "%s(%s): %8.6f", __func__, - s_oakley_attr_method(iph1->approval->authmethod), - timedelta(&start, &end)); -#endif - - return 0; -} - -#ifdef HAVE_SIGNING_C -/* get my certificate - * NOTE: include certificate type. - */ -int -oakley_getmycert(iph1) - struct ph1handle *iph1; -{ - if (iph1->cert) - return 0; /* There is CERT. */ - - return get_cert_fromlocal(iph1, 1); -} - -/* - * get a CERT from local file. - * IN: - * my != 0 my cert. - * my == 0 peer's cert. - */ -static int -get_cert_fromlocal(iph1, my) - struct ph1handle *iph1; - int my; -{ - char path[MAXPATHLEN]; - vchar_t *cert = NULL; - cert_t **certpl; - char *certfile; - int error = -1; - - if (my) { - certfile = iph1->rmconf->mycertfile; - certpl = &iph1->cert; - } else { - certfile = iph1->rmconf->peerscertfile; - certpl = &iph1->cert_p; - } - if (!certfile && iph1->rmconf->identity_in_keychain == 0) { - plog(LLV_ERROR, LOCATION, NULL, "no CERT defined.\n"); - return 0; - } - - switch (iph1->rmconf->certtype) { - case ISAKMP_CERT_X509SIGN: - if (iph1->rmconf->identity_in_keychain) { - cert = crypto_cssm_get_x509cert(iph1->rmconf->keychainCertRef); - break; - } // else fall thru - case ISAKMP_CERT_DNS: - /* make public file name */ - getpathname(path, sizeof(path), LC_PATHTYPE_CERT, certfile); - cert = eay_get_x509cert(path); - break; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "not supported certtype %d\n", - iph1->rmconf->certtype); - goto end; - } - - if (cert) { - char *p = NULL; - p = eay_get_x509text(cert); - plog(LLV_DEBUG, LOCATION, NULL, "%s", p ? p : "\n"); - racoon_free(p); - } else { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get %s CERT.\n", - my ? "my" : "peers"); - goto end; - } - - *certpl = oakley_newcert(); - if (!*certpl) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get cert buffer.\n"); - goto end; - } - (*certpl)->pl = vmalloc(cert->l + 1); - if ((*certpl)->pl == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get cert buffer\n"); - oakley_delcert(*certpl); - *certpl = NULL; - goto end; - } - memcpy((*certpl)->pl->v + 1, cert->v, cert->l); - (*certpl)->pl->v[0] = iph1->rmconf->certtype; - (*certpl)->type = iph1->rmconf->certtype; - (*certpl)->cert.v = (*certpl)->pl->v + 1; - (*certpl)->cert.l = (*certpl)->pl->l - 1; - - plog(LLV_DEBUG, LOCATION, NULL, "created CERT payload:\n"); - plogdump(LLV_DEBUG, (*certpl)->pl->v, (*certpl)->pl->l); - - error = 0; - -end: - if (cert != NULL) - vfree(cert); - - return error; -} - -/* get signature */ -int -oakley_getsign(iph1) - struct ph1handle *iph1; -{ - char path[MAXPATHLEN]; - vchar_t *privkey = NULL; - int error = -1; - - switch (iph1->rmconf->certtype) { - case ISAKMP_CERT_X509SIGN: - // cert in keychain - use cssm to sign - if (iph1->rmconf->identity_in_keychain) { - iph1->sig = crypto_cssm_getsign(iph1->rmconf->keychainCertRef, iph1->hash); - break; - } // else fall thru - case ISAKMP_CERT_DNS: - if (iph1->rmconf->myprivfile == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "no cert defined.\n"); - goto end; - } - - /* make private file name */ - getpathname(path, sizeof(path), - LC_PATHTYPE_CERT, - iph1->rmconf->myprivfile); - privkey = eay_get_pkcs1privkey(path); - if (privkey == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get private key.\n"); - goto end; - } - plog(LLV_DEBUG2, LOCATION, NULL, "private key:\n"); - plogdump(LLV_DEBUG2, privkey->v, privkey->l); - - iph1->sig = eay_get_x509sign(iph1->hash, - privkey, &iph1->cert->cert); - - break; - default: - goto end; - } - - if (iph1->sig == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "failed to sign.\n"); - goto end; - } - - plog(LLV_DEBUG, LOCATION, NULL, "SIGN computed:\n"); - plogdump(LLV_DEBUG, iph1->sig->v, iph1->sig->l); - - error = 0; - -end: - if (privkey != NULL) - vfree(privkey); - - return error; -} - -/* - * compare certificate name and ID value. - */ -static int -oakley_check_certid(u_int8_t idtype, int idlen, void* id, cert_t* cert_p) -{ - vchar_t *name = NULL; - char *altname = NULL; - int type, len; - int error; - - switch (idtype) { - case IPSECDOI_ID_DER_ASN1_DN: - name = eay_get_x509asn1subjectname(&cert_p->cert); - if (!name) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get subjectName\n"); - return ISAKMP_NTYPE_INVALID_CERTIFICATE; - } - if (idlen != name->l) { - plog(LLV_ERROR, LOCATION, NULL, - "Invalid ID length in phase 1.\n"); - vfree(name); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - error = memcmp(id, name->v, idlen); - vfree(name); - if (error != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "ID mismatched with subjectAltName.\n"); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - return 0; - case IPSECDOI_ID_IPV4_ADDR: - case IPSECDOI_ID_IPV6_ADDR: - { - - /* - * Openssl returns the IPAddress as an ASN1 octet string (binary format) - * followed by a trailing NULL. 5 bytes for IPv4 and 17 bytes for IPv6 - */ - #define SUBJ_ALT_NAME_IPV4_ADDRESS_LEN 5 - #define SUBJ_ALT_NAME_IPV6_ADDRESS_LEN 17 - - int pos; - - if (idtype == IPSECDOI_ID_IPV4_ADDR && idlen != sizeof(struct in_addr) - || idtype == IPSECDOI_ID_IPV6_ADDR && idlen != sizeof(struct in6_addr)) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid address length passed.\n"); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - - for (pos = 1; ; pos++) { - if (eay_get_x509subjectaltname(&cert_p->cert, &altname, &type, pos, &len) !=0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get subjectAltName\n"); - return ISAKMP_NTYPE_INVALID_CERTIFICATE; - } - - /* it's the end condition of the loop. */ - if (!altname) { - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - - if (check_typeofcertname(idtype, type) != 0) { - /* wrong type - skip this one */ - racoon_free(altname); - altname = NULL; - continue; - } - - if (len == SUBJ_ALT_NAME_IPV4_ADDRESS_LEN) { /* IPv4 */ - if (idtype != IPSECDOI_ID_IPV4_ADDR) { - /* wrong IP address type - skip this one */ - racoon_free(altname); - altname = NULL; - continue; - } - } -#ifdef INET6 - else if (len == SUBJ_ALT_NAME_IPV6_ADDRESS_LEN) { /* IPv6 */ - if (idtype != IPSECDOI_ID_IPV6_ADDR) { - /* wrong IP address type - skip this one */ - racoon_free(altname); - altname = NULL; - continue; - } - } -#endif - else { - /* invalid IP address length in certificate - bad or bogus certificate */ - plog(LLV_ERROR, LOCATION, NULL, - "invalid IP address in certificate.\n"); - racoon_free(altname); - altname = NULL; - return ISAKMP_NTYPE_INVALID_CERTIFICATE; - } - - /* compare the addresses */ - error = memcmp(id, altname, idlen); - racoon_free(altname); - if (error != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "ID mismatched with subjectAltName.\n"); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - return 0; - } - } - case IPSECDOI_ID_FQDN: - case IPSECDOI_ID_USER_FQDN: - { - int pos; - - for (pos = 1; ; pos++) { - if (eay_get_x509subjectaltname(&cert_p->cert, &altname, &type, pos, &len) != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get subjectAltName\n"); - return ISAKMP_NTYPE_INVALID_CERTIFICATE; - } - - /* it's the end condition of the loop. */ - if (!altname) { - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - - if (check_typeofcertname(idtype, type) != 0) { - /* wrong general type - skip this one */ - racoon_free(altname); - altname = NULL; - continue; - } - - if (idlen != strlen(altname)) { - /* wrong length - skip this one */ - racoon_free(altname); - altname = NULL; - continue; - } - error = memcmp(id, altname, idlen); - racoon_free(altname); - if (error) { - plog(LLV_ERROR, LOCATION, NULL, "ID mismatched.\n"); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - return 0; - } - } - default: - plog(LLV_ERROR, LOCATION, NULL, - "Inpropper ID type passed: %s.\n", - s_ipsecdoi_ident(idtype)); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } - /*NOTREACHED*/ -} - -static int -check_typeofcertname(doi, genid) - int doi, genid; -{ - switch (doi) { - case IPSECDOI_ID_IPV4_ADDR: - case IPSECDOI_ID_IPV4_ADDR_SUBNET: - case IPSECDOI_ID_IPV6_ADDR: - case IPSECDOI_ID_IPV6_ADDR_SUBNET: - case IPSECDOI_ID_IPV4_ADDR_RANGE: - case IPSECDOI_ID_IPV6_ADDR_RANGE: - if (genid != GENT_IPADD) - return -1; - return 0; - case IPSECDOI_ID_FQDN: - if (genid != GENT_DNS) - return -1; - return 0; - case IPSECDOI_ID_USER_FQDN: - if (genid != GENT_EMAIL) - return -1; - return 0; - case IPSECDOI_ID_DER_ASN1_DN: /* should not be passed to this function*/ - case IPSECDOI_ID_DER_ASN1_GN: - case IPSECDOI_ID_KEY_ID: - default: - return -1; - } - /*NOTREACHED*/ -} - -/* - * save certificate including certificate type. - */ -int -oakley_savecert(iph1, gen) - struct ph1handle *iph1; - struct isakmp_gen *gen; -{ - cert_t **c; - u_int8_t type; - - type = *(u_int8_t *)(gen + 1) & 0xff; - - switch (type) { - case ISAKMP_CERT_DNS: - plog(LLV_WARNING, LOCATION, NULL, - "CERT payload is unnecessary in DNSSEC. " - "ignore this CERT payload.\n"); - return 0; - case ISAKMP_CERT_PKCS7: - case ISAKMP_CERT_PGP: - case ISAKMP_CERT_X509SIGN: - case ISAKMP_CERT_KERBEROS: - case ISAKMP_CERT_SPKI: - c = &iph1->cert_p; - break; - case ISAKMP_CERT_CRL: - c = &iph1->crl_p; - break; - case ISAKMP_CERT_X509KE: - case ISAKMP_CERT_X509ATTR: - case ISAKMP_CERT_ARL: - plog(LLV_ERROR, LOCATION, NULL, - "No supported such CERT type %d\n", type); - return -1; - default: - plog(LLV_ERROR, LOCATION, NULL, - "Invalid CERT type %d\n", type); - return -1; - } - - /* XXX choice the 1th cert, ignore after the cert. */ - /* XXX should be processed. */ - if (*c) { - plog(LLV_WARNING, LOCATION, NULL, - "ignore 2nd CERT payload.\n"); - return 0; - } - - *c = save_certbuf(gen); - if (!*c) { - plog(LLV_ERROR, LOCATION, NULL, - "Failed to get CERT buffer.\n"); - return -1; - } - - switch ((*c)->type) { - case ISAKMP_CERT_DNS: - plog(LLV_WARNING, LOCATION, NULL, - "CERT payload is unnecessary in DNSSEC. " - "ignore it.\n"); - return 0; - case ISAKMP_CERT_PKCS7: - case ISAKMP_CERT_PGP: - case ISAKMP_CERT_X509SIGN: - case ISAKMP_CERT_KERBEROS: - case ISAKMP_CERT_SPKI: - plog(LLV_DEBUG, LOCATION, NULL, "CERT saved:\n"); - plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l); - { - char *p = eay_get_x509text(&(*c)->cert); - plog(LLV_DEBUG, LOCATION, NULL, "%s", p ? p : "\n"); - racoon_free(p); - } - break; - case ISAKMP_CERT_CRL: - plog(LLV_DEBUG, LOCATION, NULL, "CRL saved:\n"); - plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l); - break; - case ISAKMP_CERT_X509KE: - case ISAKMP_CERT_X509ATTR: - case ISAKMP_CERT_ARL: - default: - /* XXX */ - oakley_delcert((*c)); - *c = NULL; - return 0; - } - - return 0; -} - -/* - * save certificate including certificate type. - */ -int -oakley_savecr(iph1, gen) - struct ph1handle *iph1; - struct isakmp_gen *gen; -{ - cert_t **c; - u_int8_t type; - - type = *(u_int8_t *)(gen + 1) & 0xff; - - switch (type) { - case ISAKMP_CERT_DNS: - plog(LLV_WARNING, LOCATION, NULL, - "CERT payload is unnecessary in DNSSEC\n"); - /*FALLTHRU*/ - case ISAKMP_CERT_PKCS7: - case ISAKMP_CERT_PGP: - case ISAKMP_CERT_X509SIGN: - case ISAKMP_CERT_KERBEROS: - case ISAKMP_CERT_SPKI: - c = &iph1->cr_p; - break; - case ISAKMP_CERT_X509KE: - case ISAKMP_CERT_X509ATTR: - case ISAKMP_CERT_ARL: - plog(LLV_ERROR, LOCATION, NULL, - "No supported such CR type %d\n", type); - return -1; - case ISAKMP_CERT_CRL: - default: - plog(LLV_ERROR, LOCATION, NULL, - "Invalid CR type %d\n", type); - return -1; - } - - *c = save_certbuf(gen); - if (!*c) { - plog(LLV_ERROR, LOCATION, NULL, - "Failed to get CR buffer.\n"); - return -1; - } - - plog(LLV_DEBUG, LOCATION, NULL, "CR saved:\n"); - plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l); - - return 0; -} - -static cert_t * -save_certbuf(gen) - struct isakmp_gen *gen; -{ - cert_t *new; - - new = oakley_newcert(); - if (!new) { - plog(LLV_ERROR, LOCATION, NULL, - "Failed to get CERT buffer.\n"); - return NULL; - } - - new->pl = vmalloc(ntohs(gen->len) - sizeof(*gen)); - if (new->pl == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "Failed to copy CERT from packet.\n"); - oakley_delcert(new); - new = NULL; - return NULL; - } - memcpy(new->pl->v, gen + 1, new->pl->l); - new->type = new->pl->v[0] & 0xff; - new->cert.v = new->pl->v + 1; - new->cert.l = new->pl->l - 1; - - return new; -} - -/* - * get my CR. - * NOTE: No Certificate Authority field is included to CR payload at the - * moment. Becuase any certificate authority are accepted without any check. - * The section 3.10 in RFC2408 says that this field SHOULD not be included, - * if there is no specific certificate authority requested. - */ -vchar_t * -oakley_getcr(iph1) - struct ph1handle *iph1; -{ - vchar_t *buf; - - buf = vmalloc(1); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get cr buffer\n"); - return NULL; - } - buf->v[0] = iph1->rmconf->certtype; - - plog(LLV_DEBUG, LOCATION, NULL, "create my CR: %s\n", - s_isakmp_certtype(iph1->rmconf->certtype)); - if (buf->l > 1) - plogdump(LLV_DEBUG, buf->v, buf->l); - - return buf; -} - -/* - * check peer's CR. - */ -int -oakley_checkcr(iph1) - struct ph1handle *iph1; -{ - if (iph1->cr_p == NULL) - return 0; - - plog(LLV_DEBUG, LOCATION, iph1->remote, - "peer transmitted CR: %s\n", - s_isakmp_certtype(iph1->cr_p->type)); - - if (iph1->cr_p->type != iph1->rmconf->certtype) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "such a cert type isn't supported: %d\n", - (char)iph1->cr_p->type); - return -1; - } - - return 0; -} - -/* - * check to need CR payload. - */ -int -oakley_needcr(type) - int type; -{ - switch (type) { - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: - return 1; - default: - return 0; - } - /*NOTREACHED*/ -} -#endif /*HAVE_SIGNING_C*/ - -/* - * compute SKEYID - * see seciton 5. Exchanges in RFC 2409 - * psk: SKEYID = prf(pre-shared-key, Ni_b | Nr_b) - * sig: SKEYID = prf(Ni_b | Nr_b, g^ir) - * enc: SKEYID = prf(H(Ni_b | Nr_b), CKY-I | CKY-R) - */ -int -oakley_skeyid(iph1) - struct ph1handle *iph1; -{ - vchar_t *buf = NULL, *bp; - char *p; - int len; - int error = -1; - - /* SKEYID */ - switch(iph1->approval->authmethod) { - case OAKLEY_ATTR_AUTH_METHOD_PSKEY: - if (iph1->nonce_p == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no nonce payload received from peer.\n"); - goto end; - } - /* if we have a preshared key defined, just use it */ - if (iph1->rmconf->shared_secret) { - - switch (iph1->rmconf->secrettype) { - case SECRETTYPE_KEY: - iph1->authstr = getpsk(iph1->rmconf->shared_secret->v, iph1->rmconf->shared_secret->l-1); - break; - case SECRETTYPE_KEYCHAIN: - iph1->authstr = getpskfromkeychain(iph1->rmconf->shared_secret->v); - break; - case SECRETTYPE_USE: - default: - iph1->authstr = vdup(iph1->rmconf->shared_secret); - } - - } - else if (iph1->etype != ISAKMP_ETYPE_IDENT) { - iph1->authstr = getpskbyname(iph1->id_p); - if (iph1->authstr == NULL) { - if (iph1->rmconf->verify_identifier) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "couldn't find the pskey.\n"); - goto end; - } - plog(LLV_NOTIFY, LOCATION, iph1->remote, - "couldn't find the proper pskey, " - "try to get one by the peer's address.\n"); - } - } - if (iph1->authstr == NULL) { - /* - * If the exchange type is the main mode or if it's - * failed to get the psk by ID, racoon try to get - * the psk by remote IP address. - * It may be nonsense. - */ - iph1->authstr = getpskbyaddr(iph1->remote); - if (iph1->authstr == NULL) { - plog(LLV_ERROR, LOCATION, iph1->remote, - "couldn't find the pskey for %s.\n", - saddrwop2str(iph1->remote)); - goto end; - } - } - plog(LLV_DEBUG, LOCATION, NULL, "the psk found.\n"); - /* should be secret PSK */ - plog(LLV_DEBUG2, LOCATION, NULL, "psk: "); - plogdump(LLV_DEBUG2, iph1->authstr->v, iph1->authstr->l); - - len = iph1->nonce->l + iph1->nonce_p->l; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get skeyid buffer\n"); - goto end; - } - p = buf->v; - - bp = (iph1->side == INITIATOR ? iph1->nonce : iph1->nonce_p); - plog(LLV_DEBUG, LOCATION, NULL, "nonce 1: "); - plogdump(LLV_DEBUG, bp->v, bp->l); - memcpy(p, bp->v, bp->l); - p += bp->l; - - bp = (iph1->side == INITIATOR ? iph1->nonce_p : iph1->nonce); - plog(LLV_DEBUG, LOCATION, NULL, "nonce 2: "); - plogdump(LLV_DEBUG, bp->v, bp->l); - memcpy(p, bp->v, bp->l); - p += bp->l; - - iph1->skeyid = oakley_prf(iph1->authstr, buf, iph1); - if (iph1->skeyid == NULL) - goto end; - break; - - case OAKLEY_ATTR_AUTH_METHOD_DSSSIG: - case OAKLEY_ATTR_AUTH_METHOD_RSASIG: -#ifdef HAVE_GSSAPI - case OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB: -#endif - if (iph1->nonce_p == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no nonce payload received from peer.\n"); - goto end; - } - len = iph1->nonce->l + iph1->nonce_p->l; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get nonce buffer\n"); - goto end; - } - p = buf->v; - - bp = (iph1->side == INITIATOR ? iph1->nonce : iph1->nonce_p); - plog(LLV_DEBUG, LOCATION, NULL, "nonce1: "); - plogdump(LLV_DEBUG, bp->v, bp->l); - memcpy(p, bp->v, bp->l); - p += bp->l; - - bp = (iph1->side == INITIATOR ? iph1->nonce_p : iph1->nonce); - plog(LLV_DEBUG, LOCATION, NULL, "nonce2: "); - plogdump(LLV_DEBUG, bp->v, bp->l); - memcpy(p, bp->v, bp->l); - p += bp->l; - - iph1->skeyid = oakley_prf(buf, iph1->dhgxy, iph1); - if (iph1->skeyid == NULL) - goto end; - break; - case OAKLEY_ATTR_AUTH_METHOD_RSAENC: - case OAKLEY_ATTR_AUTH_METHOD_RSAREV: - plog(LLV_WARNING, LOCATION, NULL, - "not supported authentication method %s\n", - s_oakley_attr_method(iph1->approval->authmethod)); - goto end; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid authentication method %d\n", - iph1->approval->authmethod); - goto end; - } - - plog(LLV_DEBUG, LOCATION, NULL, "SKEYID computed:\n"); - plogdump(LLV_DEBUG, iph1->skeyid->v, iph1->skeyid->l); - - error = 0; - -end: - if (buf != NULL) - vfree(buf); - return error; -} - -/* - * compute SKEYID_[dae] - * see seciton 5. Exchanges in RFC 2409 - * SKEYID_d = prf(SKEYID, g^ir | CKY-I | CKY-R | 0) - * SKEYID_a = prf(SKEYID, SKEYID_d | g^ir | CKY-I | CKY-R | 1) - * SKEYID_e = prf(SKEYID, SKEYID_a | g^ir | CKY-I | CKY-R | 2) - */ -int -oakley_skeyid_dae(iph1) - struct ph1handle *iph1; -{ - vchar_t *buf = NULL; - char *p; - int len; - int error = -1; - - if (iph1->skeyid == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "no SKEYID found.\n"); - goto end; - } - - /* SKEYID D */ - /* SKEYID_d = prf(SKEYID, g^xy | CKY-I | CKY-R | 0) */ - len = iph1->dhgxy->l + sizeof(cookie_t) * 2 + 1; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get skeyid buffer\n"); - goto end; - } - p = buf->v; - - memcpy(p, iph1->dhgxy->v, iph1->dhgxy->l); - p += iph1->dhgxy->l; - memcpy(p, (caddr_t)&iph1->index.i_ck, sizeof(cookie_t)); - p += sizeof(cookie_t); - memcpy(p, (caddr_t)&iph1->index.r_ck, sizeof(cookie_t)); - p += sizeof(cookie_t); - *p = 0; - iph1->skeyid_d = oakley_prf(iph1->skeyid, buf, iph1); - if (iph1->skeyid_d == NULL) - goto end; - - vfree(buf); - buf = NULL; - - plog(LLV_DEBUG, LOCATION, NULL, "SKEYID_d computed:\n"); - plogdump(LLV_DEBUG, iph1->skeyid_d->v, iph1->skeyid->l); - - /* SKEYID A */ - /* SKEYID_a = prf(SKEYID, SKEYID_d | g^xy | CKY-I | CKY-R | 1) */ - len = iph1->skeyid_d->l + iph1->dhgxy->l + sizeof(cookie_t) * 2 + 1; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get skeyid buffer\n"); - goto end; - } - p = buf->v; - memcpy(p, iph1->skeyid_d->v, iph1->skeyid_d->l); - p += iph1->skeyid_d->l; - memcpy(p, iph1->dhgxy->v, iph1->dhgxy->l); - p += iph1->dhgxy->l; - memcpy(p, (caddr_t)&iph1->index.i_ck, sizeof(cookie_t)); - p += sizeof(cookie_t); - memcpy(p, (caddr_t)&iph1->index.r_ck, sizeof(cookie_t)); - p += sizeof(cookie_t); - *p = 1; - iph1->skeyid_a = oakley_prf(iph1->skeyid, buf, iph1); - if (iph1->skeyid_a == NULL) - goto end; - - vfree(buf); - buf = NULL; - - plog(LLV_DEBUG, LOCATION, NULL, "SKEYID_a computed:\n"); - plogdump(LLV_DEBUG, iph1->skeyid_a->v, iph1->skeyid_a->l); - - /* SKEYID E */ - /* SKEYID_e = prf(SKEYID, SKEYID_a | g^xy | CKY-I | CKY-R | 2) */ - len = iph1->skeyid_a->l + iph1->dhgxy->l + sizeof(cookie_t) * 2 + 1; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get skeyid buffer\n"); - goto end; - } - p = buf->v; - memcpy(p, iph1->skeyid_a->v, iph1->skeyid_a->l); - p += iph1->skeyid_a->l; - memcpy(p, iph1->dhgxy->v, iph1->dhgxy->l); - p += iph1->dhgxy->l; - memcpy(p, (caddr_t)&iph1->index.i_ck, sizeof(cookie_t)); - p += sizeof(cookie_t); - memcpy(p, (caddr_t)&iph1->index.r_ck, sizeof(cookie_t)); - p += sizeof(cookie_t); - *p = 2; - iph1->skeyid_e = oakley_prf(iph1->skeyid, buf, iph1); - if (iph1->skeyid_e == NULL) - goto end; - - vfree(buf); - buf = NULL; - - plog(LLV_DEBUG, LOCATION, NULL, "SKEYID_e computed:\n"); - plogdump(LLV_DEBUG, iph1->skeyid_e->v, iph1->skeyid_e->l); - - error = 0; - -end: - if (buf != NULL) - vfree(buf); - return error; -} - -/* - * compute final encryption key. - * see Appendix B. - */ -int -oakley_compute_enckey(iph1) - struct ph1handle *iph1; -{ - u_int keylen, prflen; - int error = -1; - - /* RFC2409 p39 */ - keylen = alg_oakley_encdef_keylen(iph1->approval->enctype, - iph1->approval->encklen); - if (keylen == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encryption algoritym %d, " - "or invalid key length %d.\n", - iph1->approval->enctype, - iph1->approval->encklen); - goto end; - } - iph1->key = vmalloc(keylen >> 3); - if (iph1->key == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get key buffer\n"); - goto end; - } - - /* set prf length */ - prflen = alg_oakley_hashdef_hashlen(iph1->approval->hashtype); - if (prflen == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid hash type %d.\n", iph1->approval->hashtype); - goto end; - } - - /* see isakmp-oakley-08 5.3. */ - if (iph1->key->l <= iph1->skeyid_e->l) { - /* - * if length(Ka) <= length(SKEYID_e) - * Ka = first length(K) bit of SKEYID_e - */ - memcpy(iph1->key->v, iph1->skeyid_e->v, iph1->key->l); - } else { - vchar_t *buf = NULL, *res = NULL; - u_char *p, *ep; - int cplen; - int subkey; - - /* - * otherwise, - * Ka = K1 | K2 | K3 - * where - * K1 = prf(SKEYID_e, 0) - * K2 = prf(SKEYID_e, K1) - * K3 = prf(SKEYID_e, K2) - */ - plog(LLV_DEBUG, LOCATION, NULL, - "len(SKEYID_e) < len(Ka) (%d < %d), " - "generating long key (Ka = K1 | K2 | ...)\n", - iph1->skeyid_e->l, iph1->key->l); - - if ((buf = vmalloc(prflen >> 3)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get key buffer\n"); - goto end; - } - p = (u_char *)iph1->key->v; - ep = p + iph1->key->l; - - subkey = 1; - while (p < ep) { - if (p == (u_char *)iph1->key->v) { - /* just for computing K1 */ - buf->v[0] = 0; - buf->l = 1; - } - res = oakley_prf(iph1->skeyid_e, buf, iph1); - if (res == NULL) { - vfree(buf); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, - "compute intermediate encryption key K%d\n", - subkey); - plogdump(LLV_DEBUG, buf->v, buf->l); - plogdump(LLV_DEBUG, res->v, res->l); - - cplen = (res->l < ep - p) ? res->l : ep - p; - memcpy(p, res->v, cplen); - p += cplen; - - buf->l = prflen >> 3; /* to cancel K1 speciality */ - if (res->l != buf->l) { - plog(LLV_ERROR, LOCATION, NULL, - "internal error: res->l=%d buf->l=%d\n", - res->l, buf->l); - vfree(res); - vfree(buf); - goto end; - } - memcpy(buf->v, res->v, res->l); - vfree(res); - subkey++; - } - - vfree(buf); - } - - /* - * don't check any weak key or not. - * draft-ietf-ipsec-ike-01.txt Appendix B. - * draft-ietf-ipsec-ciph-aes-cbc-00.txt Section 2.3. - */ -#if 0 - /* weakkey check */ - if (iph1->approval->enctype > ARRAYLEN(oakley_encdef) - || oakley_encdef[iph1->approval->enctype].weakkey == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "encryption algoritym %d isn't supported.\n", - iph1->approval->enctype); - goto end; - } - if ((oakley_encdef[iph1->approval->enctype].weakkey)(iph1->key)) { - plog(LLV_ERROR, LOCATION, NULL, - "weakkey was generated.\n"); - goto end; - } -#endif - - plog(LLV_DEBUG, LOCATION, NULL, "final encryption key computed:\n"); - plogdump(LLV_DEBUG, iph1->key->v, iph1->key->l); - - error = 0; - -end: - return error; -} - -/* allocated new buffer for CERT */ -cert_t * -oakley_newcert() -{ - cert_t *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get cert's buffer\n"); - return NULL; - } - - new->pl = NULL; - - return new; -} - -/* delete buffer for CERT */ -void -oakley_delcert(cert) - cert_t *cert; -{ - if (!cert) - return; - if (cert->pl) - VPTRINIT(cert->pl); - racoon_free(cert); -} - -/* - * compute IV and set to ph1handle - * IV = hash(g^xi | g^xr) - * see 4.1 Phase 1 state in draft-ietf-ipsec-ike. - */ -int -oakley_newiv(iph1) - struct ph1handle *iph1; -{ - struct isakmp_ivm *newivm = NULL; - vchar_t *buf = NULL, *bp; - char *p; - int len; - - /* create buffer */ - len = iph1->dhpub->l + iph1->dhpub_p->l; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get iv buffer\n"); - return -1; - } - - p = buf->v; - - bp = (iph1->side == INITIATOR ? iph1->dhpub : iph1->dhpub_p); - memcpy(p, bp->v, bp->l); - p += bp->l; - - bp = (iph1->side == INITIATOR ? iph1->dhpub_p : iph1->dhpub); - memcpy(p, bp->v, bp->l); - p += bp->l; - - /* allocate IVm */ - newivm = racoon_calloc(1, sizeof(struct isakmp_ivm)); - if (newivm == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get iv buffer\n"); - vfree(buf); - return -1; - } - - /* compute IV */ - newivm->iv = oakley_hash(buf, iph1); - if (newivm->iv == NULL) { - vfree(buf); - oakley_delivm(newivm); - return -1; - } - - /* adjust length of iv */ - newivm->iv->l = alg_oakley_encdef_blocklen(iph1->approval->enctype); - if (newivm->iv->l == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encryption algoriym %d.\n", - iph1->approval->enctype); - vfree(buf); - oakley_delivm(newivm); - return -1; - } - - /* create buffer to save iv */ - if ((newivm->ive = vdup(newivm->iv)) == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "vdup (%s)\n", strerror(errno)); - vfree(buf); - oakley_delivm(newivm); - return -1; - } - - vfree(buf); - - plog(LLV_DEBUG, LOCATION, NULL, "IV computed:\n"); - plogdump(LLV_DEBUG, newivm->iv->v, newivm->iv->l); - - iph1->ivm = newivm; - - return 0; -} - -/* - * compute IV for the payload after phase 1. - * It's not limited for phase 2. - * if pahse 1 was encrypted. - * IV = hash(last CBC block of Phase 1 | M-ID) - * if phase 1 was not encrypted. - * IV = hash(phase 1 IV | M-ID) - * see 4.2 Phase 2 state in draft-ietf-ipsec-ike. - */ -struct isakmp_ivm * -oakley_newiv2(iph1, msgid) - struct ph1handle *iph1; - u_int32_t msgid; -{ - struct isakmp_ivm *newivm = NULL; - vchar_t *buf = NULL; - char *p; - int len; - int error = -1; - - /* create buffer */ - len = iph1->ivm->iv->l + sizeof(msgid_t); - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get iv buffer\n"); - goto end; - } - - p = buf->v; - - memcpy(p, iph1->ivm->iv->v, iph1->ivm->iv->l); - p += iph1->ivm->iv->l; - - memcpy(p, &msgid, sizeof(msgid)); - - plog(LLV_DEBUG, LOCATION, NULL, "compute IV for phase2\n"); - plog(LLV_DEBUG, LOCATION, NULL, "phase1 last IV:\n"); - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* allocate IVm */ - newivm = racoon_calloc(1, sizeof(struct isakmp_ivm)); - if (newivm == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get iv buffer\n"); - goto end; - } - - /* compute IV */ - if ((newivm->iv = oakley_hash(buf, iph1)) == NULL) - goto end; - - /* adjust length of iv */ - newivm->iv->l = alg_oakley_encdef_blocklen(iph1->approval->enctype); - if (newivm->iv->l == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encryption algoriym %d.\n", - iph1->approval->enctype); - goto end; - } - - /* create buffer to save new iv */ - if ((newivm->ive = vdup(newivm->iv)) == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "vdup (%s)\n", strerror(errno)); - goto end; - } - - error = 0; - - plog(LLV_DEBUG, LOCATION, NULL, "phase2 IV computed:\n"); - plogdump(LLV_DEBUG, newivm->iv->v, newivm->iv->l); - -end: - if (error && newivm != NULL) - oakley_delivm(newivm); - if (buf != NULL) - vfree(buf); - return newivm; -} - -void -oakley_delivm(ivm) - struct isakmp_ivm *ivm; -{ - if (ivm == NULL) - return; - - if (ivm->iv != NULL) - vfree(ivm->iv); - if (ivm->ive != NULL) - vfree(ivm->ive); - racoon_free(ivm); - - return; -} - -/* - * decrypt packet. - * save new iv and old iv. - */ -vchar_t * -oakley_do_decrypt(iph1, msg, ivdp, ivep) - struct ph1handle *iph1; - vchar_t *msg, *ivdp, *ivep; -{ - vchar_t *buf = NULL, *new = NULL; - char *pl; - int len; - u_int8_t padlen; - int blen; - int error = -1; - - plog(LLV_DEBUG, LOCATION, NULL, "begin decryption.\n"); - - blen = alg_oakley_encdef_blocklen(iph1->approval->enctype); - if (blen == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encryption algoriym %d.\n", - iph1->approval->enctype); - goto end; - } - - /* save IV for next, but not sync. */ - memset(ivep->v, 0, ivep->l); - memcpy(ivep->v, (caddr_t)&msg->v[msg->l - blen], blen); - - plog(LLV_DEBUG, LOCATION, NULL, - "IV was saved for next processing:\n"); - plogdump(LLV_DEBUG, ivep->v, ivep->l); - - pl = msg->v + sizeof(struct isakmp); - - len = msg->l - sizeof(struct isakmp); - - /* create buffer */ - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to decrypt.\n"); - goto end; - } - memcpy(buf->v, pl, len); - - /* do decrypt */ - new = alg_oakley_encdef_decrypt(iph1->approval->enctype, - buf, iph1->key, ivdp); - if (new == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "decryption %d failed.\n", iph1->approval->enctype); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "with key:\n"); - plogdump(LLV_DEBUG, iph1->key->v, iph1->key->l); - - vfree(buf); - buf = NULL; - if (new == NULL) - goto end; - - plog(LLV_DEBUG, LOCATION, NULL, "decrypted payload by IV:\n"); - plogdump(LLV_DEBUG, ivdp->v, ivdp->l); - - plog(LLV_DEBUG, LOCATION, NULL, - "decrypted payload, but not trimed.\n"); - plogdump(LLV_DEBUG, new->v, new->l); - - /* get padding length */ - if (lcconf->pad_excltail) - padlen = new->v[new->l - 1] + 1; - else - padlen = new->v[new->l - 1]; - plog(LLV_DEBUG, LOCATION, NULL, "padding len=%u\n", padlen); - - /* trim padding */ - if (lcconf->pad_strict) { - if (padlen > new->l) { - plog(LLV_ERROR, LOCATION, NULL, - "invalied padding len=%u, buflen=%u.\n", - padlen, new->l); - plogdump(LLV_ERROR, new->v, new->l); - goto end; - } - new->l -= padlen; - plog(LLV_DEBUG, LOCATION, NULL, "trimmed padding\n"); - } else { - plog(LLV_DEBUG, LOCATION, NULL, "skip to trim padding.\n"); - } - - /* create new buffer */ - len = sizeof(struct isakmp) + new->l; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to decrypt.\n"); - goto end; - } - memcpy(buf->v, msg->v, sizeof(struct isakmp)); - memcpy(buf->v + sizeof(struct isakmp), new->v, new->l); - ((struct isakmp *)buf->v)->len = htonl(buf->l); - - plog(LLV_DEBUG, LOCATION, NULL, "decrypted.\n"); - plogdump(LLV_DEBUG, buf->v, buf->l); - -#ifdef HAVE_PRINT_ISAKMP_C - isakmp_printpacket(buf, iph1->remote, iph1->local, 1); -#endif - - error = 0; - -end: - if (error && buf != NULL) { - vfree(buf); - buf = NULL; - } - if (new != NULL) - vfree(new); - - return buf; -} - -/* - * encrypt packet. - */ -vchar_t * -oakley_do_encrypt(iph1, msg, ivep, ivp) - struct ph1handle *iph1; - vchar_t *msg, *ivep, *ivp; -{ - vchar_t *buf = 0, *new = 0; - char *pl; - int len; - u_int padlen; - int blen; - int error = -1; - - plog(LLV_DEBUG, LOCATION, NULL, "begin encryption.\n"); - - /* set cbc block length */ - blen = alg_oakley_encdef_blocklen(iph1->approval->enctype); - if (blen == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encryption algoriym %d.\n", - iph1->approval->enctype); - goto end; - } - - pl = msg->v + sizeof(struct isakmp); - len = msg->l - sizeof(struct isakmp); - - /* add padding */ - padlen = oakley_padlen(len, blen); - plog(LLV_DEBUG, LOCATION, NULL, "pad length = %u\n", padlen); - - /* create buffer */ - buf = vmalloc(len + padlen); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to encrypt.\n"); - goto end; - } - if (padlen) { - int i; - char *p = &buf->v[len]; - if (lcconf->pad_random) { - for (i = 0; i < padlen; i++) - *p++ = arc4random() & 0xff; - } - } - memcpy(buf->v, pl, len); - - /* make pad into tail */ - if (lcconf->pad_excltail) - buf->v[len + padlen - 1] = padlen - 1; - else - buf->v[len + padlen - 1] = padlen; - - plogdump(LLV_DEBUG, buf->v, buf->l); - - /* do encrypt */ - new = alg_oakley_encdef_encrypt(iph1->approval->enctype, - buf, iph1->key, ivep); - if (new == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "encryption %d failed.\n", iph1->approval->enctype); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "with key:\n"); - plogdump(LLV_DEBUG, iph1->key->v, iph1->key->l); - - vfree(buf); - buf = NULL; - if (new == NULL) - goto end; - - plog(LLV_DEBUG, LOCATION, NULL, "encrypted payload by IV:\n"); - plogdump(LLV_DEBUG, ivep->v, ivep->l); - - /* save IV for next */ - memset(ivp->v, 0, ivp->l); - memcpy(ivp->v, (caddr_t)&new->v[new->l - blen], blen); - - plog(LLV_DEBUG, LOCATION, NULL, "save IV for next:\n"); - plogdump(LLV_DEBUG, ivp->v, ivp->l); - - /* create new buffer */ - len = sizeof(struct isakmp) + new->l; - buf = vmalloc(len); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to encrypt.\n"); - goto end; - } - memcpy(buf->v, msg->v, sizeof(struct isakmp)); - memcpy(buf->v + sizeof(struct isakmp), new->v, new->l); - ((struct isakmp *)buf->v)->len = htonl(buf->l); - - error = 0; - - plog(LLV_DEBUG, LOCATION, NULL, "encrypted.\n"); - -end: - if (error && buf != NULL) { - vfree(buf); - buf = NULL; - } - if (new != NULL) - vfree(new); - - return buf; -} - -/* culculate padding length */ -static int -oakley_padlen(len, base) - int len, base; -{ - int padlen; - - padlen = base - len % base; - - if (lcconf->pad_randomlen) - padlen += ((arc4random() % (lcconf->pad_maxsize + 1) + 1) * - base); - - return padlen; -} - diff --git a/racoon.tproj/oakley.h b/racoon.tproj/oakley.h deleted file mode 100644 index 3b1bc29..0000000 --- a/racoon.tproj/oakley.h +++ /dev/null @@ -1,198 +0,0 @@ -/* $KAME: oakley.h,v 1.28 2001/12/12 18:23:42 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __OAKLEY_H__ -#define __OAKLEY_H__ - - -/* refer to RFC 2409 */ - -/* Attribute Classes */ -#define OAKLEY_ATTR_ENC_ALG 1 /* B */ -#define OAKLEY_ATTR_ENC_ALG_DES 1 -#define OAKLEY_ATTR_ENC_ALG_IDEA 2 -#define OAKLEY_ATTR_ENC_ALG_BLOWFISH 3 -#define OAKLEY_ATTR_ENC_ALG_RC5 4 -#define OAKLEY_ATTR_ENC_ALG_3DES 5 -#define OAKLEY_ATTR_ENC_ALG_CAST 6 -#define OAKLEY_ATTR_ENC_ALG_RIJNDAEL 7 -#define OAKLEY_ATTR_ENC_ALG_AES 7 - /* 65001 - 65535 Private Use */ -#define OAKLEY_ATTR_HASH_ALG 2 /* B */ -#define OAKLEY_ATTR_HASH_ALG_MD5 1 -#define OAKLEY_ATTR_HASH_ALG_SHA 2 -#define OAKLEY_ATTR_HASH_ALG_TIGER 3 -#define OAKLEY_ATTR_HASH_ALG_SHA2_256 4 -#define OAKLEY_ATTR_HASH_ALG_SHA2_384 5 -#define OAKLEY_ATTR_HASH_ALG_SHA2_512 6 - /* 65001 - 65535 Private Use */ -#define OAKLEY_ATTR_AUTH_METHOD 3 /* B */ -#define OAKLEY_ATTR_AUTH_METHOD_PSKEY 1 -#define OAKLEY_ATTR_AUTH_METHOD_DSSSIG 2 -#define OAKLEY_ATTR_AUTH_METHOD_RSASIG 3 -#define OAKLEY_ATTR_AUTH_METHOD_RSAENC 4 -#define OAKLEY_ATTR_AUTH_METHOD_RSAREV 5 -#define OAKLEY_ATTR_AUTH_METHOD_EGENC 6 -#define OAKLEY_ATTR_AUTH_METHOD_EGREV 7 - /* 65001 - 65535 Private Use */ - /* - * The following are valid when the Vendor ID is one of - * the following: - * - * MD5("A GSS-API Authentication Method for IKE") - * MD5("GSSAPI") (recognized by Windows 2000) - * MD5("MS NT5 ISAKMPOAKLEY") (sent by Windows 2000) - */ -#define OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB 65001 -#define OAKLEY_ATTR_GRP_DESC 4 /* B */ -#define OAKLEY_ATTR_GRP_DESC_MODP768 1 -#define OAKLEY_ATTR_GRP_DESC_MODP1024 2 -#define OAKLEY_ATTR_GRP_DESC_EC2N155 3 -#define OAKLEY_ATTR_GRP_DESC_EC2N185 4 -#define OAKLEY_ATTR_GRP_DESC_MODP1536 5 -#define OAKLEY_ATTR_GRP_DESC_MODP2048 42048 /* these value are */ -#define OAKLEY_ATTR_GRP_DESC_MODP3072 43072 /* make consensus */ -#define OAKLEY_ATTR_GRP_DESC_MODP4096 44096 /* at the bake off */ -#define OAKLEY_ATTR_GRP_DESC_MODP8192 48192 /* in helsinki */ -#define OAKLEY_ATTR_GRP_DESC_MODP6144 46144 /* XXX */ - /* 32768 - 65535 Private Use */ -#define OAKLEY_ATTR_GRP_TYPE 5 /* B */ -#define OAKLEY_ATTR_GRP_TYPE_MODP 1 -#define OAKLEY_ATTR_GRP_TYPE_ECP 2 -#define OAKLEY_ATTR_GRP_TYPE_EC2N 3 - /* 65001 - 65535 Private Use */ -#define OAKLEY_ATTR_GRP_PI 6 /* V */ -#define OAKLEY_ATTR_GRP_GEN_ONE 7 /* V */ -#define OAKLEY_ATTR_GRP_GEN_TWO 8 /* V */ -#define OAKLEY_ATTR_GRP_CURVE_A 9 /* V */ -#define OAKLEY_ATTR_GRP_CURVE_B 10 /* V */ -#define OAKLEY_ATTR_SA_LD_TYPE 11 /* B */ -#define OAKLEY_ATTR_SA_LD_TYPE_DEFAULT 1 -#define OAKLEY_ATTR_SA_LD_TYPE_SEC 1 -#define OAKLEY_ATTR_SA_LD_TYPE_KB 2 -#define OAKLEY_ATTR_SA_LD_TYPE_MAX 3 - /* 65001 - 65535 Private Use */ -#define OAKLEY_ATTR_SA_LD 12 /* V */ -#define OAKLEY_ATTR_SA_LD_SEC_DEFAULT 28800 /* 8 hours */ -#define OAKLEY_ATTR_PRF 13 /* B */ -#define OAKLEY_ATTR_KEY_LEN 14 /* B */ -#define OAKLEY_ATTR_FIELD_SIZE 15 /* B */ -#define OAKLEY_ATTR_GRP_ORDER 16 /* V */ -#define OAKLEY_ATTR_BLOCK_SIZE 17 /* B */ - /* 16384 - 32767 Private Use */ - - /* - * The following are valid when the Vendor ID is one of - * the following: - * - * MD5("A GSS-API Authentication Method for IKE") - * MD5("GSSAPI") (recognized by Windows 2000) - * MD5("MS NT5 ISAKMPOAKLEY") (sent by Windows 2000) - */ -#define OAKLEY_ATTR_GSS_ID 16384 - -#define MAXPADLWORD 20 - -struct dhgroup { - int type; - vchar_t *prime; - int gen1; - int gen2; - vchar_t *curve_a; - vchar_t *curve_b; - vchar_t *order; -}; - -/* certificate holder */ -typedef struct cert_t_tag { - u_int8_t type; /* type of CERT, must be same to pl->v[0]*/ - vchar_t cert; /* pointer to the CERT */ - vchar_t *pl; /* CERT payload minus isakmp general header */ -} cert_t; - -struct ph1handle; -struct ph2handle; -struct isakmp_ivm; - -extern int oakley_get_defaultlifetime __P((void)); - -extern int oakley_dhinit __P((void)); -extern void oakley_dhgrp_free __P((struct dhgroup *)); -extern int oakley_dh_compute __P((const struct dhgroup *, - vchar_t *, vchar_t *, vchar_t *, vchar_t **)); -extern int oakley_dh_generate __P((const struct dhgroup *, - vchar_t **, vchar_t **)); -extern int oakley_setdhgroup __P((int, struct dhgroup **)); - -extern vchar_t *oakley_prf __P((vchar_t *, vchar_t *, struct ph1handle *)); -extern vchar_t *oakley_hash __P((vchar_t *, struct ph1handle *)); - -extern int oakley_compute_keymat __P((struct ph2handle *, int)); - -#if notyet -extern vchar_t *oakley_compute_hashx __P((void)); -#endif -extern vchar_t *oakley_compute_hash3 __P((struct ph1handle *, - u_int32_t, vchar_t *)); -extern vchar_t *oakley_compute_hash1 __P((struct ph1handle *, - u_int32_t, vchar_t *)); -extern vchar_t *oakley_ph1hash_common __P((struct ph1handle *, int)); -extern vchar_t *oakley_ph1hash_base_i __P((struct ph1handle *, int)); -extern vchar_t *oakley_ph1hash_base_r __P((struct ph1handle *, int)); - -extern int oakley_validate_auth __P((struct ph1handle *)); -#ifdef HAVE_SIGNING_C -extern int oakley_getmycert __P((struct ph1handle *)); -extern int oakley_getsign __P((struct ph1handle *)); -extern vchar_t *oakley_getcr __P((struct ph1handle *)); -extern int oakley_checkcr __P((struct ph1handle *)); -#endif -extern int oakley_needcr __P((int)); -struct isakmp_gen; -extern int oakley_savecert __P((struct ph1handle *, struct isakmp_gen *)); -extern int oakley_savecr __P((struct ph1handle *, struct isakmp_gen *)); - -extern int oakley_skeyid __P((struct ph1handle *)); -extern int oakley_skeyid_dae __P((struct ph1handle *)); - -extern int oakley_compute_enckey __P((struct ph1handle *)); -extern cert_t *oakley_newcert __P((void)); -extern void oakley_delcert __P((cert_t *)); -extern int oakley_newiv __P((struct ph1handle *)); -extern struct isakmp_ivm *oakley_newiv2 __P((struct ph1handle *, u_int32_t)); -extern void oakley_delivm __P((struct isakmp_ivm *)); -extern vchar_t *oakley_do_decrypt __P((struct ph1handle *, - vchar_t *, vchar_t *, vchar_t *)); -extern vchar_t *oakley_do_encrypt __P((struct ph1handle *, - vchar_t *, vchar_t *, vchar_t *)); - -#endif /* __OAKLEY_H__ */ - diff --git a/racoon.tproj/open_dir.c b/racoon.tproj/open_dir.c deleted file mode 100644 index 952d0ce..0000000 --- a/racoon.tproj/open_dir.c +++ /dev/null @@ -1,426 +0,0 @@ -/* - * Copyright (c) 2001-2004 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. - * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - - -#include - -#include -#include -#include -#include -#include - -#include "vmbuf.h" -#include "remoteconf.h" -#include "plog.h" -#include "misc.h" -#include "gcmalloc.h" -#include "open_dir.h" - -#define BUF_LEN 1024 - - -static tDirStatus open_dir_get_search_node_ref(tDirReference dirRef, unsigned long index, - tDirNodeReference *searchNodeRef, unsigned long *count); -static tDirStatus open_dir_get_user_attr(tDirReference dirRef, tDirNodeReference searchNodeRef, char *user_name, - char *attr, tAttributeValueEntryPtr *attr_value); -static tDirStatus open_dir_check_group_membership(tDirReference dirRef, tDirNodeReference searchNodeRef, - char *group_name, char *user_name, char *userGID, int *authorized); - - -//---------------------------------------------------------------------- -// open_dir_authorize_id -//---------------------------------------------------------------------- -int open_dir_authorize_id(vchar_t *id, vchar_t *group) -{ - - tDirReference dirRef; - tDirStatus dsResult = eDSNoErr; - int authorized = 0; - tDirNodeReference searchNodeRef; - tAttributeValueEntryPtr groupID = NULL; - tAttributeValueEntryPtr recordName = NULL; - unsigned long searchNodeCount; - char* user_name = NULL; - char* group_name = NULL; - - if (id == 0 || id->l < 1) { - plog(LLV_ERROR, LOCATION, NULL, "invalid user name.\n"); - goto end; - } - user_name = racoon_malloc(id->l + 1); - if (user_name == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "out of memory - unable to allocate space for user name.\n"); - goto end; - } - bcopy(id->v, user_name, id->l); - *(user_name + id->l) = 0; - - if (group && group->l > 0) { - group_name = racoon_malloc(group->l + 1); - if (group_name == NULL) { - plog(LLV_NOTIFY, LOCATION, NULL, "out of memeory - unable to allocate space for group name.\n"); - goto end; - } - bcopy(group->v, group_name, group->l); - *(group_name + group->l) = 0; - } - - if ((dsResult = dsOpenDirService(&dirRef)) == eDSNoErr) { - // get the search node ref - if ((dsResult = open_dir_get_search_node_ref(dirRef, 1, &searchNodeRef, &searchNodeCount)) == eDSNoErr) { - // get the user's primary group ID - if (dsResult = open_dir_get_user_attr(dirRef, searchNodeRef, user_name, kDSNAttrRecordName, &recordName) == eDSNoErr) { - if (recordName != 0) { - if (group_name != 0) { - if ((dsResult = open_dir_get_user_attr(dirRef, searchNodeRef, user_name, kDS1AttrPrimaryGroupID, &groupID)) == eDSNoErr) { - // check if user is member of the group - dsResult = open_dir_check_group_membership(dirRef, searchNodeRef, group_name, - recordName->fAttributeValueData.fBufferData, groupID->fAttributeValueData.fBufferData, &authorized); - } - } else - authorized = 1; // no group required - user record found - } - } - if (groupID) - dsDeallocAttributeValueEntry(dirRef, groupID); - if (recordName) - dsDeallocAttributeValueEntry(dirRef, recordName); - dsCloseDirNode(searchNodeRef); // close the search node - } - dsCloseDirService(dirRef); - } - -end: - if (authorized) - plog(LLV_NOTIFY, LOCATION, NULL, "User '%s' authorized for access\n", user_name); - else - plog(LLV_NOTIFY, LOCATION, NULL, "User '%s' not authorized for access\n", user_name); - if (user_name) - free(user_name); - if (group_name) - free(group_name); - return authorized; -} - - -//---------------------------------------------------------------------- -// open_dir_get_search_node_ref -//---------------------------------------------------------------------- -static tDirStatus open_dir_get_search_node_ref(tDirReference dirRef, unsigned long index, - tDirNodeReference *searchNodeRef, unsigned long *count) -{ - tDirStatus dsResult = -1; - tDataBufferPtr searchNodeDataBufferPtr = 0; - tDataListPtr searchNodeNameDataListPtr = 0; - - unsigned long outNodeCount; - tContextData continueData = 0; - - *searchNodeRef = 0; - *count = 0; - - // allocate required buffers and data lists - if ((searchNodeDataBufferPtr = dsDataBufferAllocate(dirRef, BUF_LEN)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataBuffer\n"); - goto cleanup; - } - if ((searchNodeNameDataListPtr = dsDataListAllocate(dirRef)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataList\n"); - goto cleanup; - } - - // find authentication search node(s) - if ((dsResult = dsFindDirNodes(dirRef, searchNodeDataBufferPtr, 0, eDSAuthenticationSearchNodeName, - &outNodeCount, &continueData)) == eDSNoErr) { - if (outNodeCount != 0) { - - // get the seach node name and open the node - if ((dsResult = dsGetDirNodeName(dirRef, searchNodeDataBufferPtr, index, - &searchNodeNameDataListPtr)) == eDSNoErr) { - if ((dsResult = dsOpenDirNode(dirRef, searchNodeNameDataListPtr, searchNodeRef)) == eDSNoErr) { - *count = outNodeCount; - } - } - } - if (continueData) - dsReleaseContinueData(dirRef, continueData); - } - -cleanup: - if (searchNodeDataBufferPtr) - dsDataBufferDeAllocate(dirRef, searchNodeDataBufferPtr); - if (searchNodeNameDataListPtr) - dsDataListDeallocate(dirRef, searchNodeNameDataListPtr); - - return dsResult; -} - -//---------------------------------------------------------------------- -// open_dir_get_user_attr -//---------------------------------------------------------------------- -static tDirStatus open_dir_get_user_attr(tDirReference dirRef, tDirNodeReference searchNodeRef, char *user_name, - char *attr, tAttributeValueEntryPtr *attr_value) -{ - - tDirStatus dsResult = -1; - - tDataBufferPtr userRcdDataBufferPtr = 0; - tDataListPtr recordNameDataListPtr = 0; - tDataListPtr recordTypeDataListPtr = 0; - tDataListPtr attrTypeDataListPtr = 0; - tContextData continueData = 0; - - unsigned long outRecordCount; - int userRcdFound = 0; - u_int32_t userRecordIndex, attrIndex; - - *attr_value = 0; - - if ((userRcdDataBufferPtr = dsDataBufferAllocate(dirRef, BUF_LEN)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataBuffer\n"); - goto cleanup; - } - if ((recordNameDataListPtr = dsBuildListFromStrings(dirRef, user_name, 0)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataList\n"); - goto cleanup; - } - if ((recordTypeDataListPtr = dsBuildListFromStrings(dirRef, kDSStdRecordTypeUsers, 0)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataList\n"); - goto cleanup; - } - if ((attrTypeDataListPtr = dsBuildListFromStrings(dirRef, kDSNAttrRecordName, kDS1AttrDistinguishedName, attr, 0)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataList\n"); - goto cleanup; - } - - // find the user record(s), extracting the user name and requested attribute - do { - dsResult = dsGetRecordList(searchNodeRef, userRcdDataBufferPtr, recordNameDataListPtr, eDSExact, - recordTypeDataListPtr, attrTypeDataListPtr, 0, &outRecordCount, &continueData); - - // if buffer too small - allocate a larger one - if (dsResult == eDSBufferTooSmall) { - u_int32_t size = userRcdDataBufferPtr->fBufferSize * 2; - - dsDataBufferDeAllocate(dirRef, userRcdDataBufferPtr); - if ((userRcdDataBufferPtr = dsDataBufferAllocate(dirRef, size)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataBuffer\n"); - dsResult = -1; - goto cleanup; - } - } - } while (dsResult == eDSBufferTooSmall); - - if (dsResult == eDSNoErr) { - // for each user record - for (userRecordIndex = 1; (userRecordIndex <= outRecordCount) && (dsResult == eDSNoErr) - && (userRcdFound == 0); userRecordIndex++) { - - tAttributeListRef attrListRef; - tRecordEntryPtr userRcdEntryPtr; - - // get the user record entry from the data buffer - if ((dsResult = dsGetRecordEntry(searchNodeRef, userRcdDataBufferPtr, userRecordIndex, - &attrListRef, &userRcdEntryPtr)) == eDSNoErr) { - // for each attribute - for (attrIndex = 1; (attrIndex <= userRcdEntryPtr->fRecordAttributeCount) - && (dsResult == eDSNoErr); attrIndex++) { - - tAttributeValueListRef attrValueListRef; - tAttributeEntryPtr attrInfoPtr; - tAttributeValueEntryPtr attrValuePtr; - - if ((dsResult = dsGetAttributeEntry(searchNodeRef, userRcdDataBufferPtr, - attrListRef, attrIndex, &attrValueListRef, &attrInfoPtr)) == eDSNoErr) { - if ((dsResult = dsGetAttributeValue(searchNodeRef, userRcdDataBufferPtr, 1, - attrValueListRef, &attrValuePtr)) == eDSNoErr) { - - // check for user record name or attribute searching for - if (!strcmp(attrInfoPtr->fAttributeSignature.fBufferData, kDSNAttrRecordName)) { - if (!strcmp(attrValuePtr->fAttributeValueData.fBufferData, user_name)) - userRcdFound = 1; - } - if (!strcmp(attrInfoPtr->fAttributeSignature.fBufferData, kDS1AttrDistinguishedName)) { - if (!strcmp(attrValuePtr->fAttributeValueData.fBufferData, user_name)) - userRcdFound = 1; - } - if (!strcmp(attrInfoPtr->fAttributeSignature.fBufferData, attr)) { - *attr_value = attrValuePtr; // return the attribute value - attrValuePtr = 0; // set to zero so we don't deallocate it - } - if (attrValuePtr) - dsDeallocAttributeValueEntry(dirRef, attrValuePtr); - } - dsCloseAttributeValueList(attrValueListRef); - dsDeallocAttributeEntry(dirRef, attrInfoPtr); - } - } - // make sure we've processed both attributes and we have a match on user name - if(userRcdFound == 0 || *attr_value == 0) { - userRcdFound = 0; - if (*attr_value) - dsDeallocAttributeValueEntry(dirRef, *attr_value); - *attr_value = 0; - } - dsCloseAttributeList(attrListRef); - dsDeallocRecordEntry(dirRef, userRcdEntryPtr); - } - } - } - -cleanup: - if (continueData) - dsReleaseContinueData(searchNodeRef, continueData); - if (userRcdDataBufferPtr) - dsDataBufferDeAllocate(dirRef, userRcdDataBufferPtr); - if (recordNameDataListPtr) - dsDataListDeallocate(dirRef, recordNameDataListPtr); - if (recordTypeDataListPtr) - dsDataListDeallocate(dirRef, recordTypeDataListPtr); - if (attrTypeDataListPtr) - dsDataListDeallocate(dirRef, attrTypeDataListPtr); - - return dsResult; - -} - - -//---------------------------------------------------------------------- -// open_dir_check_group_membership -//---------------------------------------------------------------------- -static tDirStatus open_dir_check_group_membership(tDirReference dirRef, tDirNodeReference searchNodeRef, - char *group_name, char *user_name, char *userGID, int *authorized) -{ - tDirStatus dsResult = -1; - - tDataBufferPtr groupRcdDataBufferPtr = 0; - tDataListPtr recordNameDataListPtr = 0; - tDataListPtr recordTypeDataListPtr = 0; - tDataListPtr attrTypeDataListPtr = 0; - tContextData continueData = 0; - - unsigned long outRecordCount; - u_int32_t attrIndex, valueIndex; - - *authorized = 0; - - if ((groupRcdDataBufferPtr = dsDataBufferAllocate(dirRef, BUF_LEN)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataBuffer\n"); - goto cleanup; - } - if ((recordNameDataListPtr = dsBuildListFromStrings(dirRef, group_name, 0)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataList\n"); - goto cleanup; - } - if ((recordTypeDataListPtr = dsBuildListFromStrings(dirRef, kDSStdRecordTypeGroups, 0)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataList\n"); - goto cleanup; - } - if ((attrTypeDataListPtr = dsBuildListFromStrings(dirRef, kDS1AttrPrimaryGroupID, kDSNAttrGroupMembership, 0)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataList\n"); - goto cleanup; - } - - // find the group record, extracting the group ID and group membership attribute - do { - dsResult = dsGetRecordList(searchNodeRef, groupRcdDataBufferPtr, recordNameDataListPtr, eDSExact, - recordTypeDataListPtr, attrTypeDataListPtr, 0, &outRecordCount, &continueData); - // if buffer too small - allocate a larger one - if (dsResult == eDSBufferTooSmall) { - u_int32_t size = groupRcdDataBufferPtr->fBufferSize * 2; - - dsDataBufferDeAllocate(dirRef, groupRcdDataBufferPtr); - if ((groupRcdDataBufferPtr = dsDataBufferAllocate(dirRef, size)) == 0) { - plog(LLV_ERROR, LOCATION, NULL, "Could not allocate tDataBuffer\n"); - dsResult = -1; - goto cleanup; - } - } - } while (dsResult == eDSBufferTooSmall); - - if (dsResult == eDSNoErr) { - - tAttributeListRef attrListRef; - tRecordEntryPtr groupRcdEntryPtr; - - // get the group record entry - if ((dsResult = dsGetRecordEntry(searchNodeRef, groupRcdDataBufferPtr, 1, &attrListRef, &groupRcdEntryPtr)) == eDSNoErr) { - - // for each attribute - for (attrIndex = 1; (attrIndex <= groupRcdEntryPtr->fRecordAttributeCount) && (dsResult == eDSNoErr) - && (*authorized == 0); attrIndex++) { - - tAttributeValueListRef attrValueListRef; - tAttributeEntryPtr attrInfoPtr; - tAttributeValueEntryPtr attrValuePtr; - - if ((dsResult = dsGetAttributeEntry(searchNodeRef, groupRcdDataBufferPtr, attrListRef, - attrIndex, &attrValueListRef, &attrInfoPtr)) == eDSNoErr) { - - // group ID attribute ? - if (!strcmp(attrInfoPtr->fAttributeSignature.fBufferData, kDS1AttrPrimaryGroupID)) { - if ((dsResult = dsGetAttributeValue(searchNodeRef, groupRcdDataBufferPtr, 1, - attrValueListRef, &attrValuePtr)) == eDSNoErr) { - - // check for match on primary group ID - if (!strcmp(attrValuePtr->fAttributeValueData.fBufferData, userGID)) - *authorized = 1; - dsDeallocAttributeValueEntry(dirRef, attrValuePtr); - } - } else if (!strcmp(attrInfoPtr->fAttributeSignature.fBufferData, kDSNAttrGroupMembership)) { - // for each value check for user's name in the group - for (valueIndex = 1; (valueIndex <= attrInfoPtr->fAttributeValueCount) - && (dsResult == eDSNoErr) && (*authorized == 0); valueIndex++) { - - if ((dsResult = dsGetAttributeValue(searchNodeRef, groupRcdDataBufferPtr, - valueIndex, attrValueListRef, &attrValuePtr)) == eDSNoErr) { - if (!strcmp(attrValuePtr->fAttributeValueData.fBufferData, user_name)) - *authorized = 1; - dsDeallocAttributeValueEntry(dirRef, attrValuePtr); - } - } - } - dsCloseAttributeValueList(attrValueListRef); - dsDeallocAttributeEntry(dirRef, attrInfoPtr); - } - } - dsCloseAttributeList(attrListRef); - dsDeallocRecordEntry(dirRef, groupRcdEntryPtr); - } - } - -cleanup: - if (continueData) - dsReleaseContinueData(searchNodeRef, continueData); - if (groupRcdDataBufferPtr) - dsDataBufferDeAllocate(dirRef, groupRcdDataBufferPtr); - if (recordNameDataListPtr) - dsDataListDeallocate(dirRef, recordNameDataListPtr); - if (recordTypeDataListPtr) - dsDataListDeallocate(dirRef, recordTypeDataListPtr); - if (attrTypeDataListPtr) - dsDataListDeallocate(dirRef, attrTypeDataListPtr); - - return dsResult; -} - diff --git a/racoon.tproj/open_dir.h b/racoon.tproj/open_dir.h deleted file mode 100644 index 89f1f2c..0000000 --- a/racoon.tproj/open_dir.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (c) 2001-2004 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. - * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - -#ifndef __OPEN_DIR_H__ -#define __OPEN_DIR_H__ - -extern int open_dir_authorize_id(vchar_t *id, vchar_t *group); - - -#endif /* __OPEN_DIR_H__ */ - diff --git a/racoon.tproj/pfkey.c b/racoon.tproj/pfkey.c deleted file mode 100644 index a1e3523..0000000 --- a/racoon.tproj/pfkey.c +++ /dev/null @@ -1,2598 +0,0 @@ -/* $KAME: pfkey.c,v 1.134 2002/06/04 05:20:27 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define _PFKEY_C_ - -#include -#include -#include -#include - -#include -#include - -#include -#ifdef IPV6_INRIA_VERSION -#include -#else -#include -#endif - -#include -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#include - -#include "libpfkey.h" - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "debug.h" - -#include "schedule.h" -#include "localconf.h" -#include "remoteconf.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "isakmp_inf.h" -#include "isakmp_natd.h" -#include "ipsec_doi.h" -#include "oakley.h" -#include "pfkey.h" -#include "handler.h" -#include "policy.h" -#include "algorithm.h" -#include "sainfo.h" -#include "proposal.h" -#include "admin.h" -#include "strnames.h" -#include "backupsa.h" -#include "gcmalloc.h" -#ifndef HAVE_ARC4RANDOM -#include "arc4random.h" -#endif - -/* prototype */ -static u_int ipsecdoi2pfkey_aalg __P((u_int)); -static u_int ipsecdoi2pfkey_ealg __P((u_int)); -static u_int ipsecdoi2pfkey_calg __P((u_int)); -static u_int ipsecdoi2pfkey_alg __P((u_int, u_int)); -static u_int keylen_aalg __P((u_int)); -static u_int keylen_ealg __P((u_int, int)); - -static int pk_recvgetspi __P((caddr_t *)); -static int pk_recvupdate __P((caddr_t *)); -static int pk_recvadd __P((caddr_t *)); -static int pk_recvdelete __P((caddr_t *)); -static int pk_recvacquire __P((caddr_t *)); -static int pk_recvexpire __P((caddr_t *)); -static int pk_recvflush __P((caddr_t *)); -static int getsadbpolicy __P((caddr_t *, int *, int, struct ph2handle *)); -static int pk_recvspdupdate __P((caddr_t *)); -static int pk_recvspdadd __P((caddr_t *)); -static int pk_recvspddelete __P((caddr_t *)); -static int pk_recvspdexpire __P((caddr_t *)); -static int pk_recvspdget __P((caddr_t *)); -static int pk_recvspddump __P((caddr_t *)); -static int pk_recvspdflush __P((caddr_t *)); -static struct sadb_msg *pk_recv __P((int, int *)); - -static int (*pkrecvf[]) __P((caddr_t *)) = { -NULL, -pk_recvgetspi, -pk_recvupdate, -pk_recvadd, -pk_recvdelete, -NULL, /* SADB_GET */ -pk_recvacquire, -NULL, /* SABD_REGISTER */ -pk_recvexpire, -pk_recvflush, -NULL, /* SADB_DUMP */ -NULL, /* SADB_X_PROMISC */ -NULL, /* SADB_X_PCHANGE */ -pk_recvspdupdate, -pk_recvspdadd, -pk_recvspddelete, -pk_recvspdget, -NULL, /* SADB_X_SPDACQUIRE */ -pk_recvspddump, -pk_recvspdflush, -NULL, /* SADB_X_SPDSETIDX */ -pk_recvspdexpire, -NULL, /* SADB_X_SPDDELETE2 */ -}; - -static int addnewsp __P((caddr_t *)); - -/* cope with old kame headers - ugly */ -#ifndef SADB_X_AALG_MD5 -#define SADB_X_AALG_MD5 SADB_AALG_MD5 -#endif -#ifndef SADB_X_AALG_SHA -#define SADB_X_AALG_SHA SADB_AALG_SHA -#endif -#ifndef SADB_X_AALG_NULL -#define SADB_X_AALG_NULL SADB_AALG_NULL -#endif - -#ifndef SADB_X_EALG_BLOWFISHCBC -#define SADB_X_EALG_BLOWFISHCBC SADB_EALG_BLOWFISHCBC -#endif -#ifndef SADB_X_EALG_CAST128CBC -#define SADB_X_EALG_CAST128CBC SADB_EALG_CAST128CBC -#endif -#ifndef SADB_X_EALG_RC5CBC -#ifdef SADB_EALG_RC5CBC -#define SADB_X_EALG_RC5CBC SADB_EALG_RC5CBC -#endif -#endif - -/* - * PF_KEY packet handler - * 0: success - * -1: fail - */ -int -pfkey_handler() -{ - struct sadb_msg *msg; - int len; - caddr_t mhp[SADB_EXT_MAX + 1]; - int error = -1; - - /* receive pfkey message. */ - len = 0; - msg = (struct sadb_msg *)pk_recv(lcconf->sock_pfkey, &len); - if (msg == NULL) { - if (len < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to recv from pfkey (%s)\n", - strerror(errno)); - goto end; - } else { - /* short message - msg not ready */ - return 0; - } - } - - plog(LLV_DEBUG, LOCATION, NULL, "get pfkey %s message\n", - s_pfkey_type(msg->sadb_msg_type)); - plogdump(LLV_DEBUG2, msg, msg->sadb_msg_len << 3); - - /* validity check */ - if (msg->sadb_msg_errno) { - int pri; - - /* when SPD is empty, treat the state as no error. */ - if (msg->sadb_msg_type == SADB_X_SPDDUMP && - msg->sadb_msg_errno == ENOENT) - pri = LLV_DEBUG; - else - pri = LLV_ERROR; - - plog(pri, LOCATION, NULL, - "pfkey %s failed: %s\n", - s_pfkey_type(msg->sadb_msg_type), - strerror(msg->sadb_msg_errno)); - - goto end; - } - - /* check pfkey message. */ - if (pfkey_align(msg, mhp)) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed pfkey align (%s)\n", - ipsec_strerror()); - goto end; - } - if (pfkey_check(mhp)) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed pfkey check (%s)\n", - ipsec_strerror()); - goto end; - } - msg = (struct sadb_msg *)mhp[0]; - - if (pkrecvf[msg->sadb_msg_type] == NULL) { - plog(LLV_DEBUG, LOCATION, NULL, - "not supported command %s\n", - s_pfkey_type(msg->sadb_msg_type)); - goto end; - } - - if ((pkrecvf[msg->sadb_msg_type])(mhp) < 0) - goto end; - - error = 0; -end: - if (msg) - racoon_free(msg); - return(error); -} - -/* - * dump SADB - */ -vchar_t * -pfkey_dump_sadb(satype) - int satype; -{ - int s = -1; - vchar_t *buf = NULL; - pid_t pid = getpid(); - struct sadb_msg *msg = NULL; - size_t bl, ml; - int len; - - if ((s = pfkey_open()) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed pfkey open: %s\n", - ipsec_strerror()); - return NULL; - } - - plog(LLV_DEBUG, LOCATION, NULL, "call pfkey_send_dump\n"); - if (pfkey_send_dump(s, satype) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed dump: %s\n", ipsec_strerror()); - goto fail; - } - - while (1) { - if (msg) - racoon_free(msg); - msg = pk_recv(s, &len); - if (msg == NULL) { - if (len < 0) - goto done; - else - continue; - } - - if (msg->sadb_msg_type != SADB_DUMP || msg->sadb_msg_pid != pid) - continue; - - ml = msg->sadb_msg_len << 3; - bl = buf ? buf->l : 0; - buf = vrealloc(buf, bl + ml); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to reallocate buffer to dump.\n"); - goto fail; - } - memcpy(buf->v + bl, msg, ml); - - if (msg->sadb_msg_seq == 0) - break; - } - goto done; - -fail: - if (buf) - vfree(buf); - buf = NULL; -done: - if (msg) - racoon_free(msg); - if (s >= 0) - close(s); - return buf; -} - -/* - * flush SADB - */ -void -pfkey_flush_sadb(proto) - u_int proto; -{ - int satype; - - /* convert to SADB_SATYPE */ - if ((satype = admin2pfkey_proto(proto)) < 0) - return; - - plog(LLV_DEBUG, LOCATION, NULL, "call pfkey_send_flush\n"); - if (pfkey_send_flush(lcconf->sock_pfkey, satype) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed send flush (%s)\n", ipsec_strerror()); - return; - } - - return; -} - -/* - * These are the SATYPEs that we manage. We register to get - * PF_KEY messages related to these SATYPEs, and we also use - * this list to determine which SATYPEs to delete SAs for when - * we receive an INITIAL-CONTACT. - */ -const struct pfkey_satype pfkey_satypes[] = { - { SADB_SATYPE_AH, "AH" }, - { SADB_SATYPE_ESP, "ESP" }, - { SADB_X_SATYPE_IPCOMP, "IPCOMP" }, -}; -const int pfkey_nsatypes = - sizeof(pfkey_satypes) / sizeof(pfkey_satypes[0]); - -/* - * PF_KEY initialization - */ -int -pfkey_init() -{ - int i, reg_fail; - - if ((lcconf->sock_pfkey = pfkey_open()) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed pfkey open (%s)", ipsec_strerror()); - return -1; - } - - for (i = 0, reg_fail = 0; i < pfkey_nsatypes; i++) { - plog(LLV_DEBUG, LOCATION, NULL, - "call pfkey_send_register for %s\n", - pfkey_satypes[i].ps_name); - if (pfkey_send_register(lcconf->sock_pfkey, - pfkey_satypes[i].ps_satype) < 0 || - pfkey_recv_register(lcconf->sock_pfkey) < 0) { - plog(LLV_WARNING, LOCATION, NULL, - "failed to register %s (%s)", - pfkey_satypes[i].ps_name, - ipsec_strerror()); - reg_fail++; - } - } - - if (reg_fail == pfkey_nsatypes) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to regist any protocol."); - pfkey_close(lcconf->sock_pfkey); - return -1; - } - - initsp(); - - if (pfkey_send_spddump(lcconf->sock_pfkey) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec sending spddump failed: %s", - ipsec_strerror()); - pfkey_close(lcconf->sock_pfkey); - return -1; - } -#if 0 - if (pfkey_promisc_toggle(1) < 0) { - pfkey_close(lcconf->sock_pfkey); - return -1; - } -#endif - return 0; -} - -/* %%% for conversion */ -/* IPSECDOI_ATTR_AUTH -> SADB_AALG */ -static u_int -ipsecdoi2pfkey_aalg(hashtype) - u_int hashtype; -{ - switch (hashtype) { - case IPSECDOI_ATTR_AUTH_HMAC_MD5: - return SADB_AALG_MD5HMAC; - case IPSECDOI_ATTR_AUTH_HMAC_SHA1: - return SADB_AALG_SHA1HMAC; - case IPSECDOI_ATTR_AUTH_KPDK: /* need special care */ - return SADB_AALG_NONE; - - /* not supported */ - case IPSECDOI_ATTR_AUTH_DES_MAC: - plog(LLV_ERROR, LOCATION, NULL, - "Not supported hash type: %u\n", hashtype); - return ~0; - - case 0: /* reserved */ - default: - return SADB_AALG_NONE; - - plog(LLV_ERROR, LOCATION, NULL, - "Invalid hash type: %u\n", hashtype); - return ~0; - } - /*NOTREACHED*/ -} - -/* IPSECDOI_ESP -> SADB_EALG */ -static u_int -ipsecdoi2pfkey_ealg(t_id) - u_int t_id; -{ - switch (t_id) { - case IPSECDOI_ESP_DES_IV64: /* sa_flags |= SADB_X_EXT_OLD */ - return SADB_EALG_DESCBC; - case IPSECDOI_ESP_DES: - return SADB_EALG_DESCBC; - case IPSECDOI_ESP_3DES: - return SADB_EALG_3DESCBC; -#ifdef SADB_X_EALG_RC5CBC - case IPSECDOI_ESP_RC5: - return SADB_X_EALG_RC5CBC; -#endif - case IPSECDOI_ESP_CAST: - return SADB_X_EALG_CAST128CBC; - case IPSECDOI_ESP_BLOWFISH: - return SADB_X_EALG_BLOWFISHCBC; - case IPSECDOI_ESP_DES_IV32: /* flags |= (SADB_X_EXT_OLD| - SADB_X_EXT_IV4B)*/ - return SADB_EALG_DESCBC; - case IPSECDOI_ESP_NULL: - return SADB_EALG_NULL; -#ifdef SADB_X_EALG_RIJNDAELCBC - case IPSECDOI_ESP_RIJNDAEL: - return SADB_X_EALG_RIJNDAELCBC; -#endif -#ifdef SADB_X_EALG_TWOFISHCBC - case IPSECDOI_ESP_TWOFISH: - return SADB_X_EALG_TWOFISHCBC; -#endif - - /* not supported */ - case IPSECDOI_ESP_3IDEA: - case IPSECDOI_ESP_IDEA: - case IPSECDOI_ESP_RC4: - plog(LLV_ERROR, LOCATION, NULL, - "Not supported transform: %u\n", t_id); - return ~0; - - case 0: /* reserved */ - default: - plog(LLV_ERROR, LOCATION, NULL, - "Invalid transform id: %u\n", t_id); - return ~0; - } - /*NOTREACHED*/ -} - -/* IPCOMP -> SADB_CALG */ -static u_int -ipsecdoi2pfkey_calg(t_id) - u_int t_id; -{ - switch (t_id) { - case IPSECDOI_IPCOMP_OUI: - return SADB_X_CALG_OUI; - case IPSECDOI_IPCOMP_DEFLATE: - return SADB_X_CALG_DEFLATE; - case IPSECDOI_IPCOMP_LZS: - return SADB_X_CALG_LZS; - - case 0: /* reserved */ - default: - plog(LLV_ERROR, LOCATION, NULL, - "Invalid transform id: %u\n", t_id); - return ~0; - } - /*NOTREACHED*/ -} - -/* IPSECDOI_PROTO -> SADB_SATYPE */ -u_int -ipsecdoi2pfkey_proto(proto) - u_int proto; -{ - switch (proto) { - case IPSECDOI_PROTO_IPSEC_AH: - return SADB_SATYPE_AH; - case IPSECDOI_PROTO_IPSEC_ESP: - return SADB_SATYPE_ESP; - case IPSECDOI_PROTO_IPCOMP: - return SADB_X_SATYPE_IPCOMP; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "Invalid ipsec_doi proto: %u\n", proto); - return ~0; - } - /*NOTREACHED*/ -} - -static u_int -ipsecdoi2pfkey_alg(algclass, type) - u_int algclass, type; -{ - switch (algclass) { - case IPSECDOI_ATTR_AUTH: - return ipsecdoi2pfkey_aalg(type); - case IPSECDOI_PROTO_IPSEC_ESP: - return ipsecdoi2pfkey_ealg(type); - case IPSECDOI_PROTO_IPCOMP: - return ipsecdoi2pfkey_calg(type); - default: - plog(LLV_ERROR, LOCATION, NULL, - "Invalid ipsec_doi algclass: %u\n", algclass); - return ~0; - } - /*NOTREACHED*/ -} - -/* SADB_SATYPE -> IPSECDOI_PROTO */ -u_int -pfkey2ipsecdoi_proto(satype) - u_int satype; -{ - switch (satype) { - case SADB_SATYPE_AH: - return IPSECDOI_PROTO_IPSEC_AH; - case SADB_SATYPE_ESP: - return IPSECDOI_PROTO_IPSEC_ESP; - case SADB_X_SATYPE_IPCOMP: - return IPSECDOI_PROTO_IPCOMP; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "Invalid pfkey proto: %u\n", satype); - return ~0; - } - /*NOTREACHED*/ -} - -/* IPSECDOI_ATTR_ENC_MODE -> IPSEC_MODE */ -u_int -ipsecdoi2pfkey_mode(mode) - u_int mode; -{ - switch (mode) { - case IPSECDOI_ATTR_ENC_MODE_TUNNEL: - case IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC: - case IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT: - return IPSEC_MODE_TUNNEL; - case IPSECDOI_ATTR_ENC_MODE_TRNS: - case IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC: - case IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT: - return IPSEC_MODE_TRANSPORT; - default: - plog(LLV_ERROR, LOCATION, NULL, "Invalid mode type: %u\n", mode); - return ~0; - } - /*NOTREACHED*/ -} - -/* IPSECDOI_ATTR_ENC_MODE -> IPSEC_MODE */ -u_int -pfkey2ipsecdoi_mode(mode, nattype) - u_int mode; - int nattype; -{ - switch (mode) { - case IPSEC_MODE_TUNNEL: - if (nattype == 0) - return IPSECDOI_ATTR_ENC_MODE_TUNNEL; - else if (nattype == natt_type_rfc || nattype == natt_type_apple) - return IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC; - else - return IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT; - case IPSEC_MODE_TRANSPORT: - if (nattype == 0) - return IPSECDOI_ATTR_ENC_MODE_TRNS; - else if (nattype == natt_type_rfc || nattype == natt_type_apple) - return IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC; - else - return IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT; - case IPSEC_MODE_ANY: - return IPSECDOI_ATTR_ENC_MODE_ANY; - default: - plog(LLV_ERROR, LOCATION, NULL, "Invalid mode type: %u\n", mode); - return ~0; - } - /*NOTREACHED*/ -} - -/* default key length for encryption algorithm */ -static u_int -keylen_aalg(hashtype) - u_int hashtype; -{ - int res; - - if (hashtype == 0) - return SADB_AALG_NONE; - - res = alg_ipsec_hmacdef_hashlen(hashtype); - if (res == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid hmac algorithm %u.\n", hashtype); - return ~0; - } - return res; -} - -/* default key length for encryption algorithm */ -static u_int -keylen_ealg(enctype, encklen) - u_int enctype; - int encklen; -{ - int res; - - res = alg_ipsec_encdef_keylen(enctype, encklen); - if (res == -1) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encryption algorithm %u.\n", enctype); - return ~0; - } - return res; -} - -int -pfkey_convertfromipsecdoi(proto_id, t_id, hashtype, - e_type, e_keylen, a_type, a_keylen, flags) - u_int proto_id; - u_int t_id; - u_int hashtype; - u_int *e_type; - u_int *e_keylen; - u_int *a_type; - u_int *a_keylen; - u_int *flags; -{ - *flags = 0; - switch (proto_id) { - case IPSECDOI_PROTO_IPSEC_ESP: - if ((*e_type = ipsecdoi2pfkey_ealg(t_id)) == ~0) - goto bad; - if ((*e_keylen = keylen_ealg(t_id, *e_keylen)) == ~0) - goto bad; - *e_keylen >>= 3; - - if ((*a_type = ipsecdoi2pfkey_aalg(hashtype)) == ~0) - goto bad; - if ((*a_keylen = keylen_aalg(hashtype)) == ~0) - goto bad; - *a_keylen >>= 3; - - if (*e_type == SADB_EALG_NONE) { - plog(LLV_ERROR, LOCATION, NULL, "no ESP algorithm.\n"); - goto bad; - } - break; - - case IPSECDOI_PROTO_IPSEC_AH: - if ((*a_type = ipsecdoi2pfkey_aalg(hashtype)) == ~0) - goto bad; - if ((*a_keylen = keylen_aalg(hashtype)) == ~0) - goto bad; - *a_keylen >>= 3; - - if (t_id == IPSECDOI_ATTR_AUTH_HMAC_MD5 - && hashtype == IPSECDOI_ATTR_AUTH_KPDK) { - /* AH_MD5 + Auth(KPDK) = RFC1826 keyed-MD5 */ - *a_type = SADB_X_AALG_MD5; - *flags |= SADB_X_EXT_OLD; - } - *e_type = SADB_EALG_NONE; - *e_keylen = 0; - if (*a_type == SADB_AALG_NONE) { - plog(LLV_ERROR, LOCATION, NULL, "no AH algorithm.\n"); - goto bad; - } - break; - - case IPSECDOI_PROTO_IPCOMP: - if ((*e_type = ipsecdoi2pfkey_calg(t_id)) == ~0) - goto bad; - *e_keylen = 0; - - *flags = SADB_X_EXT_RAWCPI; - - *a_type = SADB_AALG_NONE; - *a_keylen = 0; - if (*e_type == SADB_X_CALG_NONE) { - plog(LLV_ERROR, LOCATION, NULL, "no IPCOMP algorithm.\n"); - goto bad; - } - break; - - default: - plog(LLV_ERROR, LOCATION, NULL, "unknown IPsec protocol.\n"); - goto bad; - } - - return 0; - - bad: - errno = EINVAL; - return -1; -} - -/* called from scheduler */ -void -pfkey_timeover_stub(p) - void *p; -{ - - pfkey_timeover((struct ph2handle *)p); -} - -void -pfkey_timeover(iph2) - struct ph2handle *iph2; -{ - plog(LLV_ERROR, LOCATION, NULL, - "%s give up to get IPsec-SA due to time up to wait.\n", - saddrwop2str(iph2->dst)); - SCHED_KILL(iph2->sce); - - /* If initiator side, send error to kernel by SADB_ACQUIRE. */ - if (iph2->side == INITIATOR) - pk_sendeacquire(iph2); - - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - - return; -} - -/*%%%*/ -/* send getspi message per ipsec protocol per remote address */ -/* - * the local address and remote address in ph1handle are dealed - * with destination address and source address respectively. - * Because SPI is decided by responder. - */ -int -pk_sendgetspi(iph2) - struct ph2handle *iph2; -{ - u_int satype, mode; - struct saprop *pp; - struct saproto *pr; - - pp = iph2->side == INITIATOR - ? iph2->proposal - : iph2->approval; - - for (pr = pp->head; pr != NULL; pr = pr->next) { - - /* validity check */ - satype = ipsecdoi2pfkey_proto(pr->proto_id); - if (satype == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid proto_id %d\n", pr->proto_id); - return -1; - } - mode = ipsecdoi2pfkey_mode(pr->encmode); - if (mode == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encmode %d\n", pr->encmode); - return -1; - } - - plog(LLV_DEBUG, LOCATION, NULL, "call pfkey_send_getspi\n"); - if (pfkey_send_getspi( - lcconf->sock_pfkey, - satype, - mode, - iph2->dst, /* src of SA */ - iph2->src, /* dst of SA */ - 0, 0, pr->reqid_in, iph2->seq) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "ipseclib failed send getspi (%s)\n", - ipsec_strerror()); - return -1; - } - plog(LLV_DEBUG, LOCATION, NULL, - "pfkey GETSPI sent: %s\n", - sadbsecas2str(iph2->dst, iph2->src, satype, 0, mode)); - } - - return 0; -} - -/* - * receive GETSPI from kernel. - */ -static int -pk_recvgetspi(mhp) - caddr_t *mhp; -{ - struct sadb_msg *msg; - struct sadb_sa *sa; - struct ph2handle *iph2; - struct sockaddr *dst; - int proto_id; - int allspiok, notfound; - struct saprop *pp; - struct saproto *pr; - - /* validity check */ - if (mhp[SADB_EXT_SA] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb getspi message passed.\n"); - return -1; - } - msg = (struct sadb_msg *)mhp[0]; - sa = (struct sadb_sa *)mhp[SADB_EXT_SA]; - dst = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_SRC]); /* note SA dir */ - - /* the message has to be processed or not ? */ - if (msg->sadb_msg_pid != getpid()) { - plog(LLV_DEBUG, LOCATION, NULL, - "%s message is not interesting " - "because pid %d is not mine.\n", - s_pfkey_type(msg->sadb_msg_type), - msg->sadb_msg_pid); - return -1; - } - - iph2 = getph2byseq(msg->sadb_msg_seq); - if (iph2 == NULL) { - plog(LLV_DEBUG, LOCATION, NULL, - "seq %d of %s message not interesting.\n", - msg->sadb_msg_seq, - s_pfkey_type(msg->sadb_msg_type)); - return -1; - } - - if (iph2->status != PHASE2ST_GETSPISENT) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatch (db:%d msg:%d)\n", - iph2->status, PHASE2ST_GETSPISENT); - return -1; - } - - /* set SPI, and check to get all spi whether or not */ - allspiok = 1; - notfound = 1; - proto_id = pfkey2ipsecdoi_proto(msg->sadb_msg_satype); - pp = iph2->side == INITIATOR ? iph2->proposal : iph2->approval; - - for (pr = pp->head; pr != NULL; pr = pr->next) { - if (pr->proto_id == proto_id && pr->spi == 0) { - pr->spi = sa->sadb_sa_spi; - notfound = 0; - plog(LLV_DEBUG, LOCATION, NULL, - "pfkey GETSPI succeeded: %s\n", - sadbsecas2str(iph2->dst, iph2->src, - msg->sadb_msg_satype, - sa->sadb_sa_spi, - ipsecdoi2pfkey_mode(pr->encmode))); - } - if (pr->spi == 0) - allspiok = 0; /* not get all spi */ - } - - if (notfound) { - plog(LLV_ERROR, LOCATION, NULL, - "get spi for unknown address %s\n", - saddrwop2str(iph2->dst)); - return -1; - } - - if (allspiok) { - /* update status */ - iph2->status = PHASE2ST_GETSPIDONE; - if (isakmp_post_getspi(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to start post getspi.\n"); - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - iph2 = NULL; - return -1; - } - } - - return 0; -} - -/* - * set inbound SA - */ -int -pk_sendupdate(iph2) - struct ph2handle *iph2; -{ - struct saproto *pr; - struct sockaddr *src = NULL, *dst = NULL; - int e_type, e_keylen, a_type, a_keylen, flags; - u_int satype, mode; - u_int64_t lifebyte = 0; - u_short port = 0; - - /* sanity check */ - if (iph2->approval == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no approvaled SAs found.\n"); - } - - /* for mobile IPv6 */ - if (iph2->ph1->rmconf->support_mip6 && iph2->src_id && iph2->dst_id) { - src = iph2->src_id; - dst = iph2->dst_id; - } else { - src = iph2->src; - dst = iph2->dst; - } - - for (pr = iph2->approval->head; pr != NULL; pr = pr->next) { - /* validity check */ - satype = ipsecdoi2pfkey_proto(pr->proto_id); - if (satype == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid proto_id %d\n", pr->proto_id); - return -1; - } -#ifdef ENABLE_SAMODE_UNSPECIFIED - mode = IPSEC_MODE_ANY; -#else - mode = ipsecdoi2pfkey_mode(pr->encmode); - if (mode == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encmode %d\n", pr->encmode); - return -1; - } -#endif - - /* set algorithm type and key length */ - e_keylen = pr->head->encklen; - if (pfkey_convertfromipsecdoi( - pr->proto_id, - pr->head->trns_id, - pr->head->authtype, - &e_type, &e_keylen, - &a_type, &a_keylen, &flags) < 0) - return -1; - -#ifdef IKE_NAT_T - if ((pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC || - pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC || - pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT || - pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT) && - iph2->ph1->remote->sa_family == AF_INET) - { - flags |= SADB_X_EXT_NATT; - port = ntohs(((struct sockaddr_in*)iph2->ph1->remote)->sin_port); - } -#endif - -#if 0 - lifebyte = iph2->approval->lifebyte * 1024, -#else - lifebyte = 0; -#endif - - plog(LLV_DEBUG, LOCATION, NULL, "call pfkey_send_update\n"); - - if (pfkey_send_update( - lcconf->sock_pfkey, - satype, - mode, - iph2->dst, - iph2->src, - pr->spi, - pr->reqid_in, - 4, /* XXX static size of window */ - pr->keymat->v, - e_type, e_keylen, a_type, a_keylen, flags, - 0, lifebyte, iph2->approval->lifetime, 0, - iph2->seq, port) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed send update (%s)\n", - ipsec_strerror()); - return -1; - } - - if (!lcconf->pathinfo[LC_PATHTYPE_BACKUPSA]) - continue; - - /* - * It maybe good idea to call backupsa_to_file() after - * racoon will receive the sadb_update messages. - * But it is impossible because there is not key in the - * information from the kernel. - */ - if (backupsa_to_file(satype, mode, iph2->dst, iph2->src, - pr->spi, pr->reqid_in, 4, - pr->keymat->v, - e_type, e_keylen, a_type, a_keylen, flags, - 0, iph2->approval->lifebyte * 1024, - iph2->approval->lifetime, 0, - iph2->seq) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "backuped SA failed: %s\n", - sadbsecas2str(iph2->dst, iph2->src, - satype, pr->spi, mode)); - } - plog(LLV_DEBUG, LOCATION, NULL, - "backuped SA: %s\n", - sadbsecas2str(iph2->dst, iph2->src, - satype, pr->spi, mode)); - } - - return 0; -} - -static int -pk_recvupdate(mhp) - caddr_t *mhp; -{ - struct sadb_msg *msg; - struct sadb_sa *sa; - struct sockaddr *src, *dst; - struct ph2handle *iph2; - u_int proto_id, encmode, sa_mode; - int incomplete = 0; - struct saproto *pr; - - /* ignore this message because of local test mode. */ - if (f_local) - return 0; - - /* sanity check */ - if (mhp[0] == NULL - || mhp[SADB_EXT_SA] == NULL - || mhp[SADB_EXT_ADDRESS_SRC] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb update message passed.\n"); - return -1; - } - msg = (struct sadb_msg *)mhp[0]; - src = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_SRC]); - dst = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_DST]); - sa = (struct sadb_sa *)mhp[SADB_EXT_SA]; - - sa_mode = mhp[SADB_X_EXT_SA2] == NULL - ? IPSEC_MODE_ANY - : ((struct sadb_x_sa2 *)mhp[SADB_X_EXT_SA2])->sadb_x_sa2_mode; - - /* the message has to be processed or not ? */ - if (msg->sadb_msg_pid != getpid()) { - plog(LLV_DEBUG, LOCATION, NULL, - "%s message is not interesting " - "because pid %d is not mine.\n", - s_pfkey_type(msg->sadb_msg_type), - msg->sadb_msg_pid); - return -1; - } - - iph2 = getph2byseq(msg->sadb_msg_seq); - if (iph2 == NULL) { - plog(LLV_DEBUG, LOCATION, NULL, - "seq %d of %s message not interesting.\n", - msg->sadb_msg_seq, - s_pfkey_type(msg->sadb_msg_type)); - return -1; - } - - if (iph2->status != PHASE2ST_ADDSA) { - plog(LLV_ERROR, LOCATION, NULL, - "status mismatch (db:%d msg:%d)\n", - iph2->status, PHASE2ST_ADDSA); - return -1; - } - - /* check to complete all keys ? */ - for (pr = iph2->approval->head; pr != NULL; pr = pr->next) { - proto_id = pfkey2ipsecdoi_proto(msg->sadb_msg_satype); - if (proto_id == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid proto_id %d\n", msg->sadb_msg_satype); - return -1; - } - encmode = pfkey2ipsecdoi_mode(sa_mode, iph2->ph1 ? natd_hasnat(iph2->ph1) : 0); - if (encmode == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encmode %d\n", sa_mode); - return -1; - } - - if (pr->proto_id == proto_id - && pr->spi == sa->sadb_sa_spi) { - pr->ok = 1; - plog(LLV_DEBUG, LOCATION, NULL, - "pfkey UPDATE succeeded: %s\n", - sadbsecas2str(iph2->dst, iph2->src, - msg->sadb_msg_satype, - sa->sadb_sa_spi, - sa_mode)); - - plog(LLV_INFO, LOCATION, NULL, - "IPsec-SA established: %s\n", - sadbsecas2str(iph2->dst, iph2->src, - msg->sadb_msg_satype, sa->sadb_sa_spi, - sa_mode)); - } - - if (pr->ok == 0) - incomplete = 1; - } - - if (incomplete) - return 0; - - /* turn off the timer for calling pfkey_timeover() */ - SCHED_KILL(iph2->sce); - - /* update status */ - iph2->status = PHASE2ST_ESTABLISHED; - -#ifdef ENABLE_STATS - gettimeofday(&iph2->end, NULL); - syslog(LOG_NOTICE, "%s(%s): %8.6f", - "phase2", "quick", timedelta(&iph2->start, &iph2->end)); -#endif - - /* count up */ - iph2->ph1->ph2cnt++; - - /* - * since we are going to reuse the phase2 handler, we need to - * remain it and refresh all the references between ph1 and ph2 to use. - */ - unbindph12(iph2); - - iph2->sce = sched_new(iph2->approval->lifetime, - isakmp_ph2expire_stub, iph2); - - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - return 0; -} - -/* - * set outbound SA - */ -int -pk_sendadd(iph2) - struct ph2handle *iph2; -{ - struct saproto *pr; - struct sockaddr *src = NULL, *dst = NULL; - int e_type, e_keylen, a_type, a_keylen, flags; - u_int satype, mode; - u_int64_t lifebyte = 0; - u_short port = 0; - - /* sanity check */ - if (iph2->approval == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no approvaled SAs found.\n"); - } - - /* for mobile IPv6 */ - if (iph2->ph1->rmconf->support_mip6 && iph2->src_id && iph2->dst_id) { - src = iph2->src_id; - dst = iph2->dst_id; - } else { - src = iph2->src; - dst = iph2->dst; - } - - for (pr = iph2->approval->head; pr != NULL; pr = pr->next) { - /* validity check */ - satype = ipsecdoi2pfkey_proto(pr->proto_id); - if (satype == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid proto_id %d\n", pr->proto_id); - return -1; - } -#ifdef ENABLE_SAMODE_UNSPECIFIED - mode = IPSEC_MODE_ANY; -#else - mode = ipsecdoi2pfkey_mode(pr->encmode); - if (mode == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encmode %d\n", pr->encmode); - return -1; - } -#endif - - /* set algorithm type and key length */ - e_keylen = pr->head->encklen; - if (pfkey_convertfromipsecdoi( - pr->proto_id, - pr->head->trns_id, - pr->head->authtype, - &e_type, &e_keylen, - &a_type, &a_keylen, &flags) < 0) - return -1; - -#ifdef IKE_NAT_T - if ((pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC || - pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC || - pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT || - pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT) && - iph2->ph1->remote->sa_family == AF_INET) - { - flags |= SADB_X_EXT_NATT; - port = ntohs(((struct sockaddr_in*)iph2->ph1->remote)->sin_port); - - /* If we're the side behind the NAT, send keepalives */ - if ((iph2->ph1->natt_flags & natt_no_local_nat) == 0) - flags |= SADB_X_EXT_NATT_KEEPALIVE; - } -#endif - -#if 0 - lifebyte = iph2->approval->lifebyte * 1024, -#else - lifebyte = 0; -#endif - - plog(LLV_DEBUG, LOCATION, NULL, "call pfkey_send_add\n"); - - if (pfkey_send_add( - lcconf->sock_pfkey, - satype, - mode, - iph2->src, - iph2->dst, - pr->spi_p, - pr->reqid_out, - 4, /* XXX static size of window */ - pr->keymat_p->v, - e_type, e_keylen, a_type, a_keylen, flags, - 0, lifebyte, iph2->approval->lifetime, 0, - iph2->seq, port) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed send add (%s)\n", - ipsec_strerror()); - return -1; - } - - if (!lcconf->pathinfo[LC_PATHTYPE_BACKUPSA]) - continue; - - /* - * It maybe good idea to call backupsa_to_file() after - * racoon will receive the sadb_update messages. - * But it is impossible because there is not key in the - * information from the kernel. - */ - if (backupsa_to_file(satype, mode, iph2->src, iph2->dst, - pr->spi_p, pr->reqid_out, 4, - pr->keymat_p->v, - e_type, e_keylen, a_type, a_keylen, flags, - 0, iph2->approval->lifebyte * 1024, - iph2->approval->lifetime, 0, - iph2->seq) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "backuped SA failed: %s\n", - sadbsecas2str(iph2->src, iph2->dst, - satype, pr->spi_p, mode)); - } - plog(LLV_DEBUG, LOCATION, NULL, - "backuped SA: %s\n", - sadbsecas2str(iph2->src, iph2->dst, - satype, pr->spi_p, mode)); - } - - return 0; -} - -static int -pk_recvadd(mhp) - caddr_t *mhp; -{ - struct sadb_msg *msg; - struct sadb_sa *sa; - struct sockaddr *src, *dst; - struct ph2handle *iph2; - u_int sa_mode; - - /* ignore this message because of local test mode. */ - if (f_local) - return 0; - - /* sanity check */ - if (mhp[0] == NULL - || mhp[SADB_EXT_SA] == NULL - || mhp[SADB_EXT_ADDRESS_SRC] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb add message passed.\n"); - return -1; - } - msg = (struct sadb_msg *)mhp[0]; - src = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_SRC]); - dst = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_DST]); - sa = (struct sadb_sa *)mhp[SADB_EXT_SA]; - - sa_mode = mhp[SADB_X_EXT_SA2] == NULL - ? IPSEC_MODE_ANY - : ((struct sadb_x_sa2 *)mhp[SADB_X_EXT_SA2])->sadb_x_sa2_mode; - - /* the message has to be processed or not ? */ - if (msg->sadb_msg_pid != getpid()) { - plog(LLV_DEBUG, LOCATION, NULL, - "%s message is not interesting " - "because pid %d is not mine.\n", - s_pfkey_type(msg->sadb_msg_type), - msg->sadb_msg_pid); - return -1; - } - - iph2 = getph2byseq(msg->sadb_msg_seq); - if (iph2 == NULL) { - plog(LLV_DEBUG, LOCATION, NULL, - "seq %d of %s message not interesting.\n", - msg->sadb_msg_seq, - s_pfkey_type(msg->sadb_msg_type)); - return -1; - } - - /* - * NOTE don't update any status of phase2 handle - * because they must be updated by SADB_UPDATE message - */ - - plog(LLV_INFO, LOCATION, NULL, - "IPsec-SA established: %s\n", - sadbsecas2str(iph2->src, iph2->dst, - msg->sadb_msg_satype, sa->sadb_sa_spi, sa_mode)); - - plog(LLV_DEBUG, LOCATION, NULL, "===\n"); - return 0; -} - -static int -pk_recvexpire(mhp) - caddr_t *mhp; -{ - struct sadb_msg *msg; - struct sadb_sa *sa; - struct sockaddr *src, *dst; - struct ph2handle *iph2; - u_int proto_id, sa_mode; - - /* sanity check */ - if (mhp[0] == NULL - || mhp[SADB_EXT_SA] == NULL - || mhp[SADB_EXT_ADDRESS_SRC] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL - || (mhp[SADB_EXT_LIFETIME_HARD] != NULL - && mhp[SADB_EXT_LIFETIME_SOFT] != NULL)) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb expire message passed.\n"); - return -1; - } - msg = (struct sadb_msg *)mhp[0]; - sa = (struct sadb_sa *)mhp[SADB_EXT_SA]; - src = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_SRC]); - dst = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_DST]); - - sa_mode = mhp[SADB_X_EXT_SA2] == NULL - ? IPSEC_MODE_ANY - : ((struct sadb_x_sa2 *)mhp[SADB_X_EXT_SA2])->sadb_x_sa2_mode; - - proto_id = pfkey2ipsecdoi_proto(msg->sadb_msg_satype); - if (proto_id == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid proto_id %d\n", msg->sadb_msg_satype); - return -1; - } - - plog(LLV_INFO, LOCATION, NULL, - "IPsec-SA expired: %s\n", - sadbsecas2str(src, dst, - msg->sadb_msg_satype, sa->sadb_sa_spi, sa_mode)); - - iph2 = getph2bysaidx(src, dst, proto_id, sa->sadb_sa_spi); - if (iph2 == NULL) { - /* - * Ignore it because two expire messages are come up. - * phase2 handler has been deleted already when 2nd message - * is received. - */ - plog(LLV_DEBUG, LOCATION, NULL, - "no such a SA found: %s\n", - sadbsecas2str(src, dst, - msg->sadb_msg_satype, sa->sadb_sa_spi, - sa_mode)); - return 0; - } - if (iph2->status != PHASE2ST_ESTABLISHED) { - /* - * If the status is not equal to PHASE2ST_ESTABLISHED, - * racoon ignores this expire message. There are two reason. - * One is that the phase 2 probably starts because there is - * a potential that racoon receives the acquire message - * without receiving a expire message. Another is that racoon - * may receive the multiple expire messages from the kernel. - */ - plog(LLV_WARNING, LOCATION, NULL, - "the expire message is received " - "but the handler has not been established.\n"); - return 0; - } - - /* turn off the timer for calling isakmp_ph2expire() */ - SCHED_KILL(iph2->sce); - - iph2->status = PHASE2ST_EXPIRED; - - /* INITIATOR, begin phase 2 exchange. */ - /* allocate buffer for status management of pfkey message */ - if (iph2->side == INITIATOR) { - - initph2(iph2); - - /* update status for re-use */ - iph2->status = PHASE2ST_STATUS2; - - /* start isakmp initiation by using ident exchange */ - if (isakmp_post_acquire(iph2) < 0) { - plog(LLV_ERROR, LOCATION, iph2->dst, - "failed to begin ipsec sa " - "re-negotication.\n"); - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - return -1; - } - - return 0; - /*NOTREACHED*/ - } - - /* If not received SADB_EXPIRE, INITIATOR delete ph2handle. */ - /* RESPONDER always delete ph2handle, keep silent. RESPONDER doesn't - * manage IPsec SA, so delete the list */ - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - - return 0; -} - -static int -pk_recvacquire(mhp) - caddr_t *mhp; -{ - struct sadb_msg *msg; - struct sadb_x_policy *xpl; - struct secpolicy *sp_out = NULL, *sp_in = NULL; -#define MAXNESTEDSA 5 /* XXX */ - struct ph2handle *iph2[MAXNESTEDSA]; - int n; /* # of phase 2 handler */ - - /* ignore this message because of local test mode. */ - if (f_local) - return 0; - - /* sanity check */ - if (mhp[0] == NULL - || mhp[SADB_EXT_ADDRESS_SRC] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL - || mhp[SADB_X_EXT_POLICY] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb acquire message passed.\n"); - return -1; - } - msg = (struct sadb_msg *)mhp[0]; - xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY]; - - /* ignore if type is not IPSEC_POLICY_IPSEC */ - if (xpl->sadb_x_policy_type != IPSEC_POLICY_IPSEC) { - plog(LLV_DEBUG, LOCATION, NULL, - "ignore SPDGET message. type is not IPsec.\n"); - return 0; - } - - /* ignore it if src is multicast address */ - { - struct sockaddr *sa = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_DST]); - - if ((sa->sa_family == AF_INET - && IN_MULTICAST(ntohl(((struct sockaddr_in *)sa)->sin_addr.s_addr))) -#ifdef INET6 - || (sa->sa_family == AF_INET6 - && IN6_IS_ADDR_MULTICAST(&((struct sockaddr_in6 *)sa)->sin6_addr)) -#endif - ) { - plog(LLV_DEBUG, LOCATION, NULL, - "ignore due to multicast address: %s.\n", - saddrwop2str(sa)); - return 0; - } - } - - /* - * If there is a phase 2 handler against the policy identifier in - * the acquire message, and if - * 1. its state is less than PHASE2ST_ESTABLISHED, then racoon - * should ignore such a acquire message because the phase 2 - * is just negotiating. - * 2. its state is equal to PHASE2ST_ESTABLISHED, then racoon - * has to prcesss such a acquire message because racoon may - * lost the expire message. - */ - iph2[0] = getph2byspid(xpl->sadb_x_policy_id); - if (iph2[0] != NULL) { - if (iph2[0]->status < PHASE2ST_ESTABLISHED) { - plog(LLV_DEBUG, LOCATION, NULL, - "ignore the acquire because ph2 found\n"); - return -1; - } - if (iph2[0]->status == PHASE2ST_EXPIRED) - iph2[0] = NULL; - /*FALLTHROUGH*/ - } - - /* search for proper policyindex */ - sp_out = getspbyspid(xpl->sadb_x_policy_id); - if (sp_out == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "no policy found: id:%d.\n", - xpl->sadb_x_policy_id); - return -1; - } - plog(LLV_DEBUG, LOCATION, NULL, - "suitable outbound SP found: %s.\n", spidx2str(&sp_out->spidx)); - - /* get inbound policy */ - { - struct policyindex spidx; - - spidx.dir = IPSEC_DIR_INBOUND; - memcpy(&spidx.src, &sp_out->spidx.dst, sizeof(spidx.src)); - memcpy(&spidx.dst, &sp_out->spidx.src, sizeof(spidx.dst)); - spidx.prefs = sp_out->spidx.prefd; - spidx.prefd = sp_out->spidx.prefs; - spidx.ul_proto = sp_out->spidx.ul_proto; - - sp_in = getsp(&spidx); - if (sp_in) { - plog(LLV_DEBUG, LOCATION, NULL, - "suitable inbound SP found: %s.\n", - spidx2str(&sp_in->spidx)); - } else { - plog(LLV_NOTIFY, LOCATION, NULL, - "no in-bound policy found: %s\n", - spidx2str(&spidx)); - } - } - - memset(iph2, 0, MAXNESTEDSA); - - n = 0; - - /* allocate a phase 2 */ - iph2[n] = newph2(); - if (iph2[n] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate phase2 entry.\n"); - return -1; - } - iph2[n]->side = INITIATOR; - iph2[n]->spid = xpl->sadb_x_policy_id; - iph2[n]->satype = msg->sadb_msg_satype; - iph2[n]->seq = msg->sadb_msg_seq; - iph2[n]->status = PHASE2ST_STATUS2; - - /* set end addresses of SA */ - iph2[n]->dst = dupsaddr(PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_DST])); - if (iph2[n]->dst == NULL) { - delph2(iph2[n]); - return -1; - } - iph2[n]->src = dupsaddr(PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_SRC])); - if (iph2[n]->src == NULL) { - delph2(iph2[n]); - return -1; - } - - plog(LLV_DEBUG, LOCATION, NULL, - "new acquire %s\n", spidx2str(&sp_out->spidx)); - - /* get sainfo */ - { - vchar_t *idsrc, *iddst; - - idsrc = ipsecdoi_sockaddr2id((struct sockaddr *)&sp_out->spidx.src, - sp_out->spidx.prefs, sp_out->spidx.ul_proto); - if (idsrc == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID for %s\n", - spidx2str(&sp_out->spidx)); - delph2(iph2[n]); - return -1; - } - iddst = ipsecdoi_sockaddr2id((struct sockaddr *)&sp_out->spidx.dst, - sp_out->spidx.prefd, sp_out->spidx.ul_proto); - if (iddst == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get ID for %s\n", - spidx2str(&sp_out->spidx)); - vfree(idsrc); - delph2(iph2[n]); - return -1; - } - iph2[n]->sainfo = getsainfo(idsrc, iddst); - vfree(idsrc); - vfree(iddst); - if (iph2[n]->sainfo == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get sainfo.\n"); - delph2(iph2[n]); - return -1; - /* XXX should use the algorithm list from register message */ - } - } - - if (set_proposal_from_policy(iph2[n], sp_out, sp_in) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to create saprop.\n"); - delph2(iph2[n]); - return -1; - } - insph2(iph2[n]); - - /* start isakmp initiation by using ident exchange */ - /* XXX should be looped if there are multiple phase 2 handler. */ - if (isakmp_post_acquire(iph2[n]) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to begin ipsec sa negotication.\n"); - goto err; - } - - return 0; - -err: - while (n >= 0) { - unbindph12(iph2[n]); - remph2(iph2[n]); - delph2(iph2[n]); - iph2[n] = NULL; - n--; - } - return -1; -} - -static int -pk_recvdelete(mhp) - caddr_t *mhp; -{ - struct sadb_msg *msg; - struct sadb_sa *sa; - struct sockaddr *src, *dst; - struct ph2handle *iph2 = NULL; - u_int proto_id; - - /* ignore this message because of local test mode. */ - if (f_local) - return 0; - - /* sanity check */ - if (mhp[0] == NULL - || mhp[SADB_EXT_SA] == NULL - || mhp[SADB_EXT_ADDRESS_SRC] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb delete message passed.\n"); - return -1; - } - msg = (struct sadb_msg *)mhp[0]; - sa = (struct sadb_sa *)mhp[SADB_EXT_SA]; - src = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_SRC]); - dst = PFKEY_ADDR_SADDR(mhp[SADB_EXT_ADDRESS_DST]); - - /* the message has to be processed or not ? */ - if (msg->sadb_msg_pid == getpid()) { - plog(LLV_DEBUG, LOCATION, NULL, - "%s message is not interesting " - "because the message was originated by me.\n", - s_pfkey_type(msg->sadb_msg_type), - msg->sadb_msg_pid); - return -1; - } - - proto_id = pfkey2ipsecdoi_proto(msg->sadb_msg_satype); - if (proto_id == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid proto_id %d\n", msg->sadb_msg_satype); - return -1; - } - - iph2 = getph2bysaidx(src, dst, proto_id, sa->sadb_sa_spi); - if (iph2 == NULL) { - /* ignore */ - plog(LLV_ERROR, LOCATION, NULL, - "no iph2 found: %s\n", - sadbsecas2str(src, dst, msg->sadb_msg_satype, - sa->sadb_sa_spi, IPSEC_MODE_ANY)); - return 0; - } - - plog(LLV_ERROR, LOCATION, NULL, - "pfkey DELETE received: %s\n", - sadbsecas2str(iph2->src, iph2->dst, - msg->sadb_msg_satype, sa->sadb_sa_spi, IPSEC_MODE_ANY)); - - /* send delete information */ - if (iph2->status == PHASE2ST_ESTABLISHED) - isakmp_info_send_d2(iph2); - - unbindph12(iph2); - remph2(iph2); - delph2(iph2); - - return 0; -} - -static int -pk_recvflush(mhp) - caddr_t *mhp; -{ - /* ignore this message because of local test mode. */ - if (f_local) - return 0; - - /* sanity check */ - if (mhp[0] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb flush message passed.\n"); - return -1; - } - - flushph2(); - - return 0; -} - -static int -getsadbpolicy(policy0, policylen0, type, iph2) - caddr_t *policy0; - int *policylen0, type; - struct ph2handle *iph2; -{ - struct policyindex *spidx = (struct policyindex *)iph2->spidx_gen; - struct sadb_x_policy *xpl; - struct sadb_x_ipsecrequest *xisr; - struct saproto *pr; - caddr_t policy, p; - int policylen; - int xisrlen; - u_int satype, mode; - - /* get policy buffer size */ - policylen = sizeof(struct sadb_x_policy); - if (type != SADB_X_SPDDELETE) { - for (pr = iph2->approval->head; pr; pr = pr->next) { - xisrlen = sizeof(*xisr); - if (pr->encmode == IPSECDOI_ATTR_ENC_MODE_TUNNEL || - pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC || - pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT) { - xisrlen += (iph2->src->sa_len - + iph2->dst->sa_len); - } - - policylen += PFKEY_ALIGN8(xisrlen); - } - } - - /* make policy structure */ - policy = racoon_malloc(policylen); - if (!policy) { - plog(LLV_ERROR, LOCATION, NULL, - "buffer allocation failed.\n"); - return -1; - } - - xpl = (struct sadb_x_policy *)policy; - xpl->sadb_x_policy_len = PFKEY_UNIT64(policylen); - xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY; - xpl->sadb_x_policy_type = IPSEC_POLICY_IPSEC; - xpl->sadb_x_policy_dir = spidx->dir; - xpl->sadb_x_policy_id = 0; - - /* no need to append policy information any more if type is SPDDELETE */ - if (type == SADB_X_SPDDELETE) - goto end; - - xisr = (struct sadb_x_ipsecrequest *)(xpl + 1); - - for (pr = iph2->approval->head; pr; pr = pr->next) { - - satype = doi2ipproto(pr->proto_id); - if (satype == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid proto_id %d\n", pr->proto_id); - goto err; - } - mode = ipsecdoi2pfkey_mode(pr->encmode); - if (mode == ~0) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid encmode %d\n", pr->encmode); - goto err; - } - - /* - * the policy level cannot be unique because the policy - * is defined later than SA, so req_id cannot be bound to SA. - */ - xisr->sadb_x_ipsecrequest_proto = satype; - xisr->sadb_x_ipsecrequest_mode = mode; - xisr->sadb_x_ipsecrequest_level = IPSEC_LEVEL_REQUIRE; - xisr->sadb_x_ipsecrequest_reqid = 0; - p = (caddr_t)(xisr + 1); - - xisrlen = sizeof(*xisr); - - if (pr->encmode == IPSECDOI_ATTR_ENC_MODE_TUNNEL || - pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC || - pr->encmode == IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT) { - xisrlen += (iph2->src->sa_len + iph2->dst->sa_len); - - memcpy(p, iph2->src, iph2->src->sa_len); - p += iph2->src->sa_len; - - memcpy(p, iph2->dst, iph2->dst->sa_len); - p += iph2->dst->sa_len; - } - - xisr->sadb_x_ipsecrequest_len = PFKEY_ALIGN8(xisrlen); - } - -end: - *policy0 = policy; - *policylen0 = policylen; - - return 0; - -err: - if (policy) - racoon_free(policy); - - return -1; -} - -int -pk_sendspdupdate2(iph2) - struct ph2handle *iph2; -{ - struct policyindex *spidx = (struct policyindex *)iph2->spidx_gen; - caddr_t policy = NULL; - int policylen = 0; - u_int64_t ltime, vtime; - - ltime = iph2->approval->lifetime; - vtime = 0; - - if (getsadbpolicy(&policy, &policylen, SADB_X_SPDUPDATE, iph2)) { - plog(LLV_ERROR, LOCATION, NULL, - "getting sadb policy failed.\n"); - return -1; - } - - if (pfkey_send_spdupdate2( - lcconf->sock_pfkey, - (struct sockaddr *)&spidx->src, - spidx->prefs, - (struct sockaddr *)&spidx->dst, - spidx->prefd, - spidx->ul_proto, - ltime, vtime, - policy, policylen, 0) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed send spdupdate2 (%s)\n", - ipsec_strerror()); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "call pfkey_send_spdupdate2\n"); - -end: - if (policy) - racoon_free(policy); - - return 0; -} - -static int -pk_recvspdupdate(mhp) - caddr_t *mhp; -{ - /* sanity check */ - if (mhp[0] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb spdupdate message passed.\n"); - return -1; - } - - return 0; -} - -/* - * this function has to be used by responder side. - */ -int -pk_sendspdadd2(iph2) - struct ph2handle *iph2; -{ - struct policyindex *spidx = (struct policyindex *)iph2->spidx_gen; - caddr_t policy = NULL; - int policylen = 0; - u_int64_t ltime, vtime; - - ltime = iph2->approval->lifetime; - vtime = 0; - - if (getsadbpolicy(&policy, &policylen, SADB_X_SPDADD, iph2)) { - plog(LLV_ERROR, LOCATION, NULL, - "getting sadb policy failed.\n"); - return -1; - } - - if (pfkey_send_spdadd2( - lcconf->sock_pfkey, - (struct sockaddr *)&spidx->src, - spidx->prefs, - (struct sockaddr *)&spidx->dst, - spidx->prefd, - spidx->ul_proto, - ltime, vtime, - policy, policylen, 0) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed send spdadd2 (%s)\n", - ipsec_strerror()); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "call pfkey_send_spdadd2\n"); - -end: - if (policy) - racoon_free(policy); - - return 0; -} - -static int -pk_recvspdadd(mhp) - caddr_t *mhp; -{ - struct sadb_address *saddr, *daddr; - struct sadb_x_policy *xpl; - struct policyindex spidx; - struct secpolicy *sp; - - /* sanity check */ - if (mhp[0] == NULL - || mhp[SADB_EXT_ADDRESS_SRC] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL - || mhp[SADB_X_EXT_POLICY] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb spdadd message passed.\n"); - return -1; - } - saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY]; - - KEY_SETSECSPIDX(xpl->sadb_x_policy_dir, - saddr + 1, - daddr + 1, - saddr->sadb_address_prefixlen, - daddr->sadb_address_prefixlen, - saddr->sadb_address_proto, - &spidx); - - sp = getsp(&spidx); - if (sp != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "such policy already exists. " - "anyway replace it: %s\n", - spidx2str(&spidx)); - remsp(sp); - delsp(sp); - } - - if (addnewsp(mhp) < 0) - return -1; - - return 0; -} - -/* - * this function has to be used by responder side. - */ -int -pk_sendspddelete(iph2) - struct ph2handle *iph2; -{ - struct policyindex *spidx = (struct policyindex *)iph2->spidx_gen; - caddr_t policy = NULL; - int policylen; - - if (getsadbpolicy(&policy, &policylen, SADB_X_SPDDELETE, iph2)) { - plog(LLV_ERROR, LOCATION, NULL, - "getting sadb policy failed.\n"); - return -1; - } - - if (pfkey_send_spddelete( - lcconf->sock_pfkey, - (struct sockaddr *)&spidx->src, - spidx->prefs, - (struct sockaddr *)&spidx->dst, - spidx->prefd, - spidx->ul_proto, - policy, policylen, 0) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec failed send spddelete (%s)\n", - ipsec_strerror()); - goto end; - } - plog(LLV_DEBUG, LOCATION, NULL, "call pfkey_send_spddelete\n"); - -end: - if (policy) - racoon_free(policy); - - return 0; -} - -static int -pk_recvspddelete(mhp) - caddr_t *mhp; -{ - struct sadb_address *saddr, *daddr; - struct sadb_x_policy *xpl; - struct policyindex spidx; - struct secpolicy *sp; - - /* sanity check */ - if (mhp[0] == NULL - || mhp[SADB_EXT_ADDRESS_SRC] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL - || mhp[SADB_X_EXT_POLICY] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb spddelete message passed.\n"); - return -1; - } - saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY]; - - KEY_SETSECSPIDX(xpl->sadb_x_policy_dir, - saddr + 1, - daddr + 1, - saddr->sadb_address_prefixlen, - daddr->sadb_address_prefixlen, - saddr->sadb_address_proto, - &spidx); - - sp = getsp(&spidx); - if (sp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no policy found: %s\n", - spidx2str(&spidx)); - return -1; - } - - remsp(sp); - delsp(sp); - - return 0; -} - -static int -pk_recvspdexpire(mhp) - caddr_t *mhp; -{ - struct sadb_address *saddr, *daddr; - struct sadb_x_policy *xpl; - struct policyindex spidx; - struct secpolicy *sp; - - /* sanity check */ - if (mhp[0] == NULL - || mhp[SADB_EXT_ADDRESS_SRC] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL - || mhp[SADB_X_EXT_POLICY] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb spdexpire message passed.\n"); - return -1; - } - saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY]; - - KEY_SETSECSPIDX(xpl->sadb_x_policy_dir, - saddr + 1, - daddr + 1, - saddr->sadb_address_prefixlen, - daddr->sadb_address_prefixlen, - saddr->sadb_address_proto, - &spidx); - - sp = getsp(&spidx); - if (sp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no policy found: %s\n", - spidx2str(&spidx)); - return -1; - } - - remsp(sp); - delsp(sp); - - return 0; -} - -static int -pk_recvspdget(mhp) - caddr_t *mhp; -{ - /* sanity check */ - if (mhp[0] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb spdget message passed.\n"); - return -1; - } - - return 0; -} - -static int -pk_recvspddump(mhp) - caddr_t *mhp; -{ - struct sadb_msg *msg; - struct sadb_address *saddr, *daddr; - struct sadb_x_policy *xpl; - struct policyindex spidx; - struct secpolicy *sp; - - /* sanity check */ - if (mhp[0] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb spddump message passed.\n"); - return -1; - } - msg = (struct sadb_msg *)mhp[0]; - - saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY]; - - KEY_SETSECSPIDX(xpl->sadb_x_policy_dir, - saddr + 1, - daddr + 1, - saddr->sadb_address_prefixlen, - daddr->sadb_address_prefixlen, - saddr->sadb_address_proto, - &spidx); - - sp = getsp(&spidx); - if (sp != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "such policy already exists. " - "anyway replace it: %s\n", - spidx2str(&spidx)); - remsp(sp); - delsp(sp); - } - - if (addnewsp(mhp) < 0) - return -1; - - return 0; -} - -static int -pk_recvspdflush(mhp) - caddr_t *mhp; -{ - /* sanity check */ - if (mhp[0] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb spdflush message passed.\n"); - return -1; - } - - flushsp(); - - return 0; -} - -/* - * send error against acquire message to kenrel. - */ -int -pk_sendeacquire(iph2) - struct ph2handle *iph2; -{ - struct sadb_msg *newmsg; - int len; - - len = sizeof(struct sadb_msg); - newmsg = racoon_calloc(1, len); - if (newmsg == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get buffer to send acquire.\n"); - return -1; - } - - memset(newmsg, 0, len); - newmsg->sadb_msg_version = PF_KEY_V2; - newmsg->sadb_msg_type = SADB_ACQUIRE; - newmsg->sadb_msg_errno = ENOENT; /* XXX */ - newmsg->sadb_msg_satype = iph2->satype; - newmsg->sadb_msg_len = PFKEY_UNIT64(len); - newmsg->sadb_msg_reserved = 0; - newmsg->sadb_msg_seq = iph2->seq; - newmsg->sadb_msg_pid = (u_int32_t)getpid(); - - /* send message */ - len = pfkey_send(lcconf->sock_pfkey, newmsg, len); - - racoon_free(newmsg); - - return 0; -} - -/* - * check if the algorithm is supported or not. - * OUT 0: ok - * -1: ng - */ -int -pk_checkalg(class, calg, keylen) - int class, calg, keylen; -{ - int sup, error; - u_int alg; - struct sadb_alg alg0; - - switch (algclass2doi(class)) { - case IPSECDOI_PROTO_IPSEC_ESP: - sup = SADB_EXT_SUPPORTED_ENCRYPT; - break; - case IPSECDOI_ATTR_AUTH: - sup = SADB_EXT_SUPPORTED_AUTH; - break; - case IPSECDOI_PROTO_IPCOMP: - plog(LLV_DEBUG, LOCATION, NULL, - "compression algorithm can not be checked " - "because sadb message doesn't support it.\n"); - return 0; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid algorithm class.\n"); - return -1; - } - alg = ipsecdoi2pfkey_alg(algclass2doi(class), algtype2doi(class, calg)); - if (alg == ~0) - return -1; - - if (keylen == 0) { - if (ipsec_get_keylen(sup, alg, &alg0)) { - plog(LLV_ERROR, LOCATION, NULL, - "%s.\n", ipsec_strerror()); - return -1; - } - keylen = alg0.sadb_alg_minbits; - } - - error = ipsec_check_keylen(sup, alg, keylen); - if (error) - plog(LLV_ERROR, LOCATION, NULL, - "%s.\n", ipsec_strerror()); - - return error; -} - -/* - * differences with pfkey_recv() in libipsec/pfkey.c: - * - never performs busy wait loop. - * - returns NULL and set *lenp to negative on fatal failures - * - returns NULL and set *lenp to non-negative on non-fatal failures - * - returns non-NULL on success - */ -static struct sadb_msg * -pk_recv(so, lenp) - int so; - int *lenp; -{ - struct sadb_msg buf, *newmsg; - int reallen; - - *lenp = recv(so, (caddr_t)&buf, sizeof(buf), MSG_PEEK); - if (*lenp < 0) - return NULL; /*fatal*/ - else if (*lenp < sizeof(buf)) - return NULL; - - reallen = PFKEY_UNUNIT64(buf.sadb_msg_len); - if ((newmsg = racoon_calloc(1, reallen)) == NULL) - return NULL; - - *lenp = recv(so, (caddr_t)newmsg, reallen, MSG_PEEK); - if (*lenp < 0) { - racoon_free(newmsg); - return NULL; /*fatal*/ - } else if (*lenp != reallen) { - racoon_free(newmsg); - return NULL; - } - - *lenp = recv(so, (caddr_t)newmsg, reallen, 0); - if (*lenp < 0) { - racoon_free(newmsg); - return NULL; /*fatal*/ - } else if (*lenp != reallen) { - racoon_free(newmsg); - return NULL; - } - - return newmsg; -} - -/* see handler.h */ -u_int32_t -pk_getseq() -{ - return arc4random(); -} - -static int -addnewsp(mhp) - caddr_t *mhp; -{ - struct secpolicy *new; - struct sadb_address *saddr, *daddr; - struct sadb_x_policy *xpl; - - /* sanity check */ - if (mhp[SADB_EXT_ADDRESS_SRC] == NULL - || mhp[SADB_EXT_ADDRESS_DST] == NULL - || mhp[SADB_X_EXT_POLICY] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "inappropriate sadb spd management message passed.\n"); - return -1; - } - - saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY]; - - new = newsp(); - if (new == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate buffer\n"); - return -1; - } - - new->spidx.dir = xpl->sadb_x_policy_dir; - new->id = xpl->sadb_x_policy_id; - new->policy = xpl->sadb_x_policy_type; - new->req = NULL; - - /* check policy */ - switch (xpl->sadb_x_policy_type) { - case IPSEC_POLICY_DISCARD: - case IPSEC_POLICY_NONE: - case IPSEC_POLICY_ENTRUST: - case IPSEC_POLICY_BYPASS: - break; - - case IPSEC_POLICY_IPSEC: - { - int tlen; - struct sadb_x_ipsecrequest *xisr; - struct ipsecrequest **p_isr = &new->req; - - /* validity check */ - if (PFKEY_EXTLEN(xpl) < sizeof(*xpl)) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid msg length.\n"); - return -1; - } - - tlen = PFKEY_EXTLEN(xpl) - sizeof(*xpl); - xisr = (struct sadb_x_ipsecrequest *)(xpl + 1); - - while (tlen > 0) { - - /* length check */ - if (xisr->sadb_x_ipsecrequest_len < sizeof(*xisr)) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid msg length.\n"); - return -1; - } - - /* allocate request buffer */ - *p_isr = newipsecreq(); - if (*p_isr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get new ipsecreq.\n"); - return -1; - } - - /* set values */ - (*p_isr)->next = NULL; - - switch (xisr->sadb_x_ipsecrequest_proto) { - case IPPROTO_ESP: - case IPPROTO_AH: - case IPPROTO_IPCOMP: - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid proto type: %u\n", - xisr->sadb_x_ipsecrequest_proto); - return -1; - } - (*p_isr)->saidx.proto = xisr->sadb_x_ipsecrequest_proto; - - switch (xisr->sadb_x_ipsecrequest_mode) { - case IPSEC_MODE_TRANSPORT: - case IPSEC_MODE_TUNNEL: - break; - case IPSEC_MODE_ANY: - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid mode: %u\n", - xisr->sadb_x_ipsecrequest_mode); - return -1; - } - (*p_isr)->saidx.mode = xisr->sadb_x_ipsecrequest_mode; - - switch (xisr->sadb_x_ipsecrequest_level) { - case IPSEC_LEVEL_DEFAULT: - case IPSEC_LEVEL_USE: - case IPSEC_LEVEL_REQUIRE: - break; - case IPSEC_LEVEL_UNIQUE: - (*p_isr)->saidx.reqid = - xisr->sadb_x_ipsecrequest_reqid; - break; - - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid level: %u\n", - xisr->sadb_x_ipsecrequest_level); - return -1; - } - (*p_isr)->level = xisr->sadb_x_ipsecrequest_level; - - /* set IP addresses if there */ - if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { - struct sockaddr *paddr; - - paddr = (struct sockaddr *)(xisr + 1); - bcopy(paddr, &(*p_isr)->saidx.src, - paddr->sa_len); - - paddr = (struct sockaddr *)((caddr_t)paddr - + paddr->sa_len); - bcopy(paddr, &(*p_isr)->saidx.dst, - paddr->sa_len); - } - - (*p_isr)->sp = new; - - /* initialization for the next. */ - p_isr = &(*p_isr)->next; - tlen -= xisr->sadb_x_ipsecrequest_len; - - /* validity check */ - if (tlen < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "becoming tlen < 0\n"); - } - - xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr - + xisr->sadb_x_ipsecrequest_len); - } - } - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid policy type.\n"); - return -1; - } - - KEY_SETSECSPIDX(xpl->sadb_x_policy_dir, - saddr + 1, - daddr + 1, - saddr->sadb_address_prefixlen, - daddr->sadb_address_prefixlen, - saddr->sadb_address_proto, - &new->spidx); - - inssp(new); - - return 0; -} - -/* proto/mode/src->dst spi */ -const char * -sadbsecas2str(src, dst, proto, spi, mode) - struct sockaddr *src, *dst; - int proto; - u_int32_t spi; - int mode; -{ - static char buf[256]; - u_int doi_proto, doi_mode = 0; - char *p; - int blen, i; - - doi_proto = pfkey2ipsecdoi_proto(proto); - if (doi_proto == ~0) - return NULL; - if (mode) { - doi_mode = pfkey2ipsecdoi_mode(mode, 0); - if (doi_mode == ~0) - return NULL; - } - - blen = sizeof(buf) - 1; - p = buf; - - i = snprintf(p, blen, "%s%s%s ", - s_ipsecdoi_proto(doi_proto), - mode ? "/" : "", - mode ? s_ipsecdoi_encmode(doi_mode) : ""); - if (i < 0 || i >= blen) - return NULL; - p += i; - blen -= i; - - i = snprintf(p, blen, "%s->", saddrwop2str(src)); - if (i < 0 || i >= blen) - return NULL; - p += i; - blen -= i; - - i = snprintf(p, blen, "%s ", saddrwop2str(dst)); - if (i < 0 || i >= blen) - return NULL; - p += i; - blen -= i; - - if (spi) { - snprintf(p, blen, "spi=%lu(0x%lx)", (unsigned long)ntohl(spi), - (unsigned long)ntohl(spi)); - } - - return buf; -} diff --git a/racoon.tproj/pfkey.h b/racoon.tproj/pfkey.h deleted file mode 100644 index 306ac88..0000000 --- a/racoon.tproj/pfkey.h +++ /dev/null @@ -1,78 +0,0 @@ -/* $KAME: pfkey.h,v 1.20 2001/06/28 06:21:04 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __PFKEY_H__ -#define __PFKEY_H__ - - -struct pfkey_satype { - u_int8_t ps_satype; - const char *ps_name; -}; - -extern const struct pfkey_satype pfkey_satypes[]; -extern const int pfkey_nsatypes; - -extern int pfkey_handler __P((void)); -extern vchar_t *pfkey_dump_sadb __P((int)); -extern void pfkey_flush_sadb __P((u_int)); -extern int pfkey_init __P((void)); - -extern struct pfkey_st *pfkey_getpst __P((caddr_t *, int, int)); - -extern int pk_checkalg __P((int, int, int)); - -struct ph2handle; -extern int pk_sendgetspi __P((struct ph2handle *)); -extern int pk_sendupdate __P((struct ph2handle *)); -extern int pk_sendadd __P((struct ph2handle *)); -extern int pk_sendeacquire __P((struct ph2handle *)); -extern int pk_sendspdupdate2 __P((struct ph2handle *)); -extern int pk_sendspdadd2 __P((struct ph2handle *)); -extern int pk_sendspddelete __P((struct ph2handle *)); - -extern void pfkey_timeover_stub __P((void *)); -extern void pfkey_timeover __P((struct ph2handle *)); - -extern u_int pfkey2ipsecdoi_proto __P((u_int)); -extern u_int ipsecdoi2pfkey_proto __P((u_int)); -extern u_int pfkey2ipsecdoi_mode __P((u_int, int)); -extern u_int ipsecdoi2pfkey_mode __P((u_int)); - -extern int pfkey_convertfromipsecdoi __P(( u_int, u_int, u_int, - u_int *, u_int *, u_int *, u_int *, u_int *)); -extern u_int32_t pk_getseq __P((void)); -extern const char *sadbsecas2str - __P((struct sockaddr *, struct sockaddr *, int, u_int32_t, int)); - - -#endif /* __PFKEY_H__ */ - diff --git a/racoon.tproj/pfkey2.c b/racoon.tproj/pfkey2.c deleted file mode 100644 index ad8cc73..0000000 --- a/racoon.tproj/pfkey2.c +++ /dev/null @@ -1,2140 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/pfkey.c,v 1.1.2.2 2001/07/03 11:01:14 ume Exp $ */ -/* $KAME: pfkey.c,v 1.39 2001/03/05 18:22:17 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "ipsec_strerror.h" -#include "libpfkey.h" -#include "misc.h" -#include "plog.h" - -#define CALLOC(size, cast) (cast)calloc(1, (size)) - -static int findsupportedmap __P((int)); -static int setsupportedmap __P((struct sadb_supported *)); -static struct sadb_alg *findsupportedalg __P((u_int, u_int)); -static int pfkey_send_x1 __P((int, u_int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int, caddr_t, - u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int32_t, - u_int32_t, u_int32_t, u_int32_t, u_int16_t)); -static int pfkey_send_x2 __P((int, u_int, u_int, u_int, - struct sockaddr *, struct sockaddr *, u_int32_t)); -static int pfkey_send_x3 __P((int, u_int, u_int)); -static int pfkey_send_x4 __P((int, u_int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t, - char *, int, u_int32_t)); -static int pfkey_send_x5 __P((int, u_int, u_int32_t)); - -static caddr_t pfkey_setsadbmsg __P((caddr_t, caddr_t, u_int, u_int, - u_int, u_int32_t, pid_t)); -static caddr_t pfkey_setsadbsa2 __P((caddr_t, caddr_t, u_int32_t, u_int, - u_int, u_int, u_int32_t, u_int16_t)); -static caddr_t pfkey_setsadbaddr __P((caddr_t, caddr_t, u_int, - struct sockaddr *, u_int, u_int)); -static caddr_t pfkey_setsadbkey __P((caddr_t, caddr_t, u_int, caddr_t, u_int)); -static caddr_t pfkey_setsadblifetime __P((caddr_t, caddr_t, u_int, u_int32_t, - u_int32_t, u_int32_t, u_int32_t)); -static caddr_t pfkey_setsadbxsa2 __P((caddr_t, caddr_t, u_int32_t, u_int32_t)); - -/* - * make and search supported algorithm structure. - */ -static struct sadb_supported *ipsec_supported[] = { NULL, NULL, NULL, }; - -static int supported_map[] = { - SADB_SATYPE_AH, - SADB_SATYPE_ESP, - SADB_X_SATYPE_IPCOMP, -}; - -static int -findsupportedmap(satype) - int satype; -{ - int i; - - for (i = 0; i < sizeof(supported_map)/sizeof(supported_map[0]); i++) - if (supported_map[i] == satype) - return i; - return -1; -} - -static struct sadb_alg * -findsupportedalg(satype, alg_id) - u_int satype, alg_id; -{ - int algno; - int tlen; - caddr_t p; - - /* validity check */ - algno = findsupportedmap(satype); - if (algno == -1) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return NULL; - } - if (ipsec_supported[algno] == NULL) { - __ipsec_errcode = EIPSEC_DO_GET_SUPP_LIST; - return NULL; - } - - tlen = ipsec_supported[algno]->sadb_supported_len - - sizeof(struct sadb_supported); - p = (caddr_t)(ipsec_supported[algno] + 1); - while (tlen > 0) { - if (tlen < sizeof(struct sadb_alg)) { - /* invalid format */ - break; - } - if (((struct sadb_alg *)p)->sadb_alg_id == alg_id) - return (struct sadb_alg *)p; - - tlen -= sizeof(struct sadb_alg); - p += sizeof(struct sadb_alg); - } - - __ipsec_errcode = EIPSEC_NOT_SUPPORTED; - return NULL; -} - -static int -setsupportedmap(sup) - struct sadb_supported *sup; -{ - struct sadb_supported **ipsup; - - switch (sup->sadb_supported_exttype) { - case SADB_EXT_SUPPORTED_AUTH: - ipsup = &ipsec_supported[findsupportedmap(SADB_SATYPE_AH)]; - break; - case SADB_EXT_SUPPORTED_ENCRYPT: - ipsup = &ipsec_supported[findsupportedmap(SADB_SATYPE_ESP)]; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - if (*ipsup) - free(*ipsup); - - *ipsup = malloc(sup->sadb_supported_len); - if (!*ipsup) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - memcpy(*ipsup, sup, sup->sadb_supported_len); - - return 0; -} - -/* - * check key length against algorithm specified. - * This function is called with SADB_EXT_SUPPORTED_{AUTH,ENCRYPT} as the - * augument, and only calls to ipsec_check_keylen2(); - * keylen is the unit of bit. - * OUT: - * -1: invalid. - * 0: valid. - */ -int -ipsec_check_keylen(supported, alg_id, keylen) - u_int supported; - u_int alg_id; - u_int keylen; -{ - int satype; - - /* validity check */ - switch (supported) { - case SADB_EXT_SUPPORTED_AUTH: - satype = SADB_SATYPE_AH; - break; - case SADB_EXT_SUPPORTED_ENCRYPT: - satype = SADB_SATYPE_ESP; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - return ipsec_check_keylen2(satype, alg_id, keylen); -} - -/* - * check key length against algorithm specified. - * satype is one of satype defined at pfkeyv2.h. - * keylen is the unit of bit. - * OUT: - * -1: invalid. - * 0: valid. - */ -int -ipsec_check_keylen2(satype, alg_id, keylen) - u_int satype; - u_int alg_id; - u_int keylen; -{ - struct sadb_alg *alg; - - alg = findsupportedalg(satype, alg_id); - if (!alg) - return -1; - - if (keylen < alg->sadb_alg_minbits || keylen > alg->sadb_alg_maxbits) { - __ipsec_errcode = EIPSEC_INVAL_KEYLEN; - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * get max/min key length against algorithm specified. - * satype is one of satype defined at pfkeyv2.h. - * keylen is the unit of bit. - * OUT: - * -1: invalid. - * 0: valid. - */ -int -ipsec_get_keylen(supported, alg_id, alg0) - u_int supported, alg_id; - struct sadb_alg *alg0; -{ - struct sadb_alg *alg; - u_int satype; - - /* validity check */ - if (!alg0) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - switch (supported) { - case SADB_EXT_SUPPORTED_AUTH: - satype = SADB_SATYPE_AH; - break; - case SADB_EXT_SUPPORTED_ENCRYPT: - satype = SADB_SATYPE_ESP; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - alg = findsupportedalg(satype, alg_id); - if (!alg) - return -1; - - memcpy(alg0, alg, sizeof(*alg0)); - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * set the rate for SOFT lifetime against HARD one. - * If rate is more than 100 or equal to zero, then set to 100. - */ -static u_int soft_lifetime_allocations_rate = PFKEY_SOFT_LIFETIME_RATE; -static u_int soft_lifetime_bytes_rate = PFKEY_SOFT_LIFETIME_RATE; -static u_int soft_lifetime_addtime_rate = PFKEY_SOFT_LIFETIME_RATE; -static u_int soft_lifetime_usetime_rate = PFKEY_SOFT_LIFETIME_RATE; - -u_int -pfkey_set_softrate(type, rate) - u_int type, rate; -{ - __ipsec_errcode = EIPSEC_NO_ERROR; - - if (rate > 100 || rate == 0) - rate = 100; - - switch (type) { - case SADB_X_LIFETIME_ALLOCATIONS: - soft_lifetime_allocations_rate = rate; - return 0; - case SADB_X_LIFETIME_BYTES: - soft_lifetime_bytes_rate = rate; - return 0; - case SADB_X_LIFETIME_ADDTIME: - soft_lifetime_addtime_rate = rate; - return 0; - case SADB_X_LIFETIME_USETIME: - soft_lifetime_usetime_rate = rate; - return 0; - } - - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return 1; -} - -/* - * get current rate for SOFT lifetime against HARD one. - * ATTENTION: ~0 is returned if invalid type was passed. - */ -u_int -pfkey_get_softrate(type) - u_int type; -{ - switch (type) { - case SADB_X_LIFETIME_ALLOCATIONS: - return soft_lifetime_allocations_rate; - case SADB_X_LIFETIME_BYTES: - return soft_lifetime_bytes_rate; - case SADB_X_LIFETIME_ADDTIME: - return soft_lifetime_addtime_rate; - case SADB_X_LIFETIME_USETIME: - return soft_lifetime_usetime_rate; - } - - return ~0; -} - -/* - * sending SADB_GETSPI message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_getspi(so, satype, mode, src, dst, min, max, reqid, seq) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t min, max, reqid, seq; -{ - struct sadb_msg *newmsg; - caddr_t ep; - int len; - int need_spirange = 0; - caddr_t p; - int plen; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - if (min > max || (min > 0 && min <= 255)) { - __ipsec_errcode = EIPSEC_INVAL_SPI; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* create new sadb_msg to send. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_x_sa2) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len); - - if (min > 255 && max < ~0) { - need_spirange++; - len += sizeof(struct sadb_spirange); - } - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, SADB_GETSPI, - len, satype, seq, getpid()); - if (!p) { - free(newmsg); - return -1; - } - - p = pfkey_setsadbxsa2(p, ep, mode, reqid); - if (!p) { - free(newmsg); - return -1; - } - - /* set sadb_address for source */ - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - - /* set sadb_address for destination */ - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - - /* proccessing spi range */ - if (need_spirange) { - struct sadb_spirange spirange; - - if (p + sizeof(spirange) > ep) { - free(newmsg); - return -1; - } - - memset(&spirange, 0, sizeof(spirange)); - spirange.sadb_spirange_len = PFKEY_UNIT64(sizeof(spirange)); - spirange.sadb_spirange_exttype = SADB_EXT_SPIRANGE; - spirange.sadb_spirange_min = min; - spirange.sadb_spirange_max = max; - - memcpy(p, &spirange, sizeof(spirange)); - - p += sizeof(spirange); - } - if (p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * sending SADB_UPDATE message to the kernel. - * The length of key material is a_keylen + e_keylen. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_update(so, satype, mode, src, dst, spi, reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq, port) - int so; - u_int satype, mode, wsize; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - caddr_t keymat; - u_int e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc; - u_int64_t l_bytes, l_addtime, l_usetime; - u_int32_t seq; - u_int16_t port; -{ - int len; - if ((len = pfkey_send_x1(so, SADB_UPDATE, satype, mode, src, dst, spi, - reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq, port)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_ADD message to the kernel. - * The length of key material is a_keylen + e_keylen. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_add(so, satype, mode, src, dst, spi, reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq, port) - int so; - u_int satype, mode, wsize; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - caddr_t keymat; - u_int e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc; - u_int64_t l_bytes, l_addtime, l_usetime; - u_int32_t seq; - u_int16_t port; -{ - int len; - if ((len = pfkey_send_x1(so, SADB_ADD, satype, mode, src, dst, spi, - reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq, port)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_DELETE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_delete(so, satype, mode, src, dst, spi) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; -{ - int len; - if ((len = pfkey_send_x2(so, SADB_DELETE, satype, mode, src, dst, spi)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_DELETE without spi to the kernel. This is - * the "delete all" request (an extension also present in - * Solaris). - * - * OUT: - * positive: success and return length sent - * -1 : error occured, and set errno - */ -int -pfkey_send_delete_all(so, satype, mode, src, dst) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, SADB_DELETE, len, satype, 0, - getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * sending SADB_GET message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_get(so, satype, mode, src, dst, spi) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; -{ - int len; - if ((len = pfkey_send_x2(so, SADB_GET, satype, mode, src, dst, spi)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_REGISTER message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_register(so, satype) - int so; - u_int satype; -{ - int len, algno; - - if (satype == PF_UNSPEC) { - for (algno = 0; - algno < sizeof(supported_map)/sizeof(supported_map[0]); - algno++) { - if (ipsec_supported[algno]) { - free(ipsec_supported[algno]); - ipsec_supported[algno] = NULL; - } - } - } else { - algno = findsupportedmap(satype); - if (algno == -1) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - if (ipsec_supported[algno]) { - free(ipsec_supported[algno]); - ipsec_supported[algno] = NULL; - } - } - - if ((len = pfkey_send_x3(so, SADB_REGISTER, satype)) < 0) - return -1; - - return len; -} - -/* - * receiving SADB_REGISTER message from the kernel, and copy buffer for - * sadb_supported returned into ipsec_supported. - * OUT: - * 0: success and return length sent. - * -1: error occured, and set errno. - */ -int -pfkey_recv_register(so) - int so; -{ - pid_t pid = getpid(); - struct sadb_msg *newmsg; - int error = -1; - - /* receive message */ - do { - if ((newmsg = pfkey_recv(so)) == NULL) - return -1; - } while (newmsg->sadb_msg_type != SADB_REGISTER - || newmsg->sadb_msg_pid != pid); - - /* check and fix */ - newmsg->sadb_msg_len = PFKEY_UNUNIT64(newmsg->sadb_msg_len); - - error = pfkey_set_supported(newmsg, newmsg->sadb_msg_len); - free(newmsg); - - if (error == 0) - __ipsec_errcode = EIPSEC_NO_ERROR; - - return error; -} - -/* - * receiving SADB_REGISTER message from the kernel, and copy buffer for - * sadb_supported returned into ipsec_supported. - * NOTE: sadb_msg_len must be host order. - * IN: - * tlen: msg length, it's to makeing sure. - * OUT: - * 0: success and return length sent. - * -1: error occured, and set errno. - */ -int -pfkey_set_supported(msg, tlen) - struct sadb_msg *msg; - int tlen; -{ - struct sadb_supported *sup; - caddr_t p; - caddr_t ep; - - /* validity */ - if (msg->sadb_msg_len != tlen) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - p = (caddr_t)msg; - ep = p + tlen; - - p += sizeof(struct sadb_msg); - - while (p < ep) { - sup = (struct sadb_supported *)p; - if (ep < p + sizeof(*sup) || - PFKEY_EXTLEN(sup) < sizeof(*sup) || - ep < p + sup->sadb_supported_len) { - /* invalid format */ - break; - } - - switch (sup->sadb_supported_exttype) { - case SADB_EXT_SUPPORTED_AUTH: - case SADB_EXT_SUPPORTED_ENCRYPT: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - /* fixed length */ - sup->sadb_supported_len = PFKEY_EXTLEN(sup); - - /* set supported map */ - if (setsupportedmap(sup) != 0) - return -1; - - p += sup->sadb_supported_len; - } - - if (p != ep) { - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - - return 0; -} - -/* - * sending SADB_FLUSH message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_flush(so, satype) - int so; - u_int satype; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_FLUSH, satype)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_DUMP message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_dump(so, satype) - int so; - u_int satype; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_DUMP, satype)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_PROMISC message to the kernel. - * NOTE that this function handles promisc mode toggle only. - * IN: - * flag: set promisc off if zero, set promisc on if non-zero. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - * 0 : error occured, and set errno. - * others: a pointer to new allocated buffer in which supported - * algorithms is. - */ -int -pfkey_send_promisc_toggle(so, flag) - int so; - int flag; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_X_PROMISC, (flag ? 1 : 0))) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDADD message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdadd(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDADD, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDADD message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdadd2(so, src, prefs, dst, prefd, proto, ltime, vtime, - policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - u_int64_t ltime, vtime; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDADD, - src, prefs, dst, prefd, proto, - ltime, vtime, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDUPDATE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdupdate(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDUPDATE, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDUPDATE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdupdate2(so, src, prefs, dst, prefd, proto, ltime, vtime, - policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - u_int64_t ltime, vtime; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDUPDATE, - src, prefs, dst, prefd, proto, - ltime, vtime, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDDELETE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spddelete(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if (policylen != sizeof(struct sadb_x_policy)) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - if ((len = pfkey_send_x4(so, SADB_X_SPDDELETE, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDDELETE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spddelete2(so, spid) - int so; - u_int32_t spid; -{ - int len; - - if ((len = pfkey_send_x5(so, SADB_X_SPDDELETE2, spid)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDGET message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdget(so, spid) - int so; - u_int32_t spid; -{ - int len; - - if ((len = pfkey_send_x5(so, SADB_X_SPDGET, spid)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDSETIDX message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdsetidx(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if (policylen != sizeof(struct sadb_x_policy)) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - if ((len = pfkey_send_x4(so, SADB_X_SPDSETIDX, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_SPDFLUSH message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdflush(so) - int so; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_X_SPDFLUSH, SADB_SATYPE_UNSPEC)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_SPDDUMP message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spddump(so) - int so; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_X_SPDDUMP, SADB_SATYPE_UNSPEC)) < 0) - return -1; - - return len; -} - -/* sending SADB_ADD or SADB_UPDATE message to the kernel */ -static int -pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq, port) - int so; - u_int type, satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - u_int wsize; - caddr_t keymat; - u_int e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc, l_bytes, l_addtime, l_usetime, seq; - u_int16_t port; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - switch (satype) { - case SADB_SATYPE_ESP: - if (e_type == SADB_EALG_NONE) { - __ipsec_errcode = EIPSEC_NO_ALGS; - return -1; - } - break; - case SADB_SATYPE_AH: - if (e_type != SADB_EALG_NONE) { - __ipsec_errcode = EIPSEC_INVAL_ALGS; - return -1; - } - if (a_type == SADB_AALG_NONE) { - __ipsec_errcode = EIPSEC_NO_ALGS; - return -1; - } - break; - case SADB_X_SATYPE_IPCOMP: - if (e_type == SADB_X_CALG_NONE) { - __ipsec_errcode = EIPSEC_INVAL_ALGS; - return -1; - } - if (a_type != SADB_AALG_NONE) { - __ipsec_errcode = EIPSEC_NO_ALGS; - return -1; - } - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_sa_2) - + sizeof(struct sadb_x_sa2) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len) - + sizeof(struct sadb_lifetime) - + sizeof(struct sadb_lifetime); - - if (e_type != SADB_EALG_NONE) - len += (sizeof(struct sadb_key) + PFKEY_ALIGN8(e_keylen)); - if (a_type != SADB_AALG_NONE) - len += (sizeof(struct sadb_key) + PFKEY_ALIGN8(a_keylen)); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, - satype, seq, getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbsa2(p, ep, spi, wsize, a_type, e_type, flags, port); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbxsa2(p, ep, mode, reqid); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - - if (e_type != SADB_EALG_NONE) { - p = pfkey_setsadbkey(p, ep, SADB_EXT_KEY_ENCRYPT, - keymat, e_keylen); - if (!p) { - free(newmsg); - return -1; - } - } - if (a_type != SADB_AALG_NONE) { - p = pfkey_setsadbkey(p, ep, SADB_EXT_KEY_AUTH, - keymat + e_keylen, a_keylen); - if (!p) { - free(newmsg); - return -1; - } - } - - /* set sadb_lifetime for destination */ - p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_HARD, - l_alloc, l_bytes, l_addtime, l_usetime); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_SOFT, - l_alloc, l_bytes, l_addtime, l_usetime); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* sending SADB_DELETE or SADB_GET message to the kernel */ -static int -pfkey_send_x2(so, type, satype, mode, src, dst, spi) - int so; - u_int type, satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_sa_2) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, satype, 0, - getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbsa2(p, ep, spi, 0, 0, 0, 0, 0); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * sending SADB_REGISTER, SADB_FLUSH, SADB_DUMP or SADB_X_PROMISC message - * to the kernel - */ -static int -pfkey_send_x3(so, type, satype) - int so; - u_int type, satype; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - caddr_t ep; - - /* validity check */ - switch (type) { - case SADB_X_PROMISC: - if (satype != 0 && satype != 1) { - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - break; - default: - switch (satype) { - case SADB_SATYPE_UNSPEC: - case SADB_SATYPE_AH: - case SADB_SATYPE_ESP: - case SADB_X_SATYPE_IPCOMP: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - } - - /* create new sadb_msg to send. */ - len = sizeof(struct sadb_msg); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, satype, 0, - getpid()); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* sending SADB_X_SPDADD message to the kernel */ -static int -pfkey_send_x4(so, type, src, prefs, dst, prefd, proto, - ltime, vtime, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int type, prefs, prefd, proto; - u_int64_t ltime, vtime; - char *policy; - int policylen; - u_int32_t seq; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - if (prefs > plen || prefd > plen) { - __ipsec_errcode = EIPSEC_INVAL_PREFIXLEN; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_lifetime) - + policylen; - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, - SADB_SATYPE_UNSPEC, seq, getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, prefs, proto); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, prefd, proto); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_HARD, - 0, 0, ltime, vtime); - if (!p || p + policylen != ep) { - free(newmsg); - return -1; - } - memcpy(p, policy, policylen); - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* sending SADB_X_SPDGET or SADB_X_SPDDELETE message to the kernel */ -static int -pfkey_send_x5(so, type, spid) - int so; - u_int type; - u_int32_t spid; -{ - struct sadb_msg *newmsg; - struct sadb_x_policy xpl; - int len; - caddr_t p; - caddr_t ep; - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(xpl); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, - SADB_SATYPE_UNSPEC, 0, getpid()); - if (!p) { - free(newmsg); - return -1; - } - - if (p + sizeof(xpl) != ep) { - free(newmsg); - return -1; - } - memset(&xpl, 0, sizeof(xpl)); - xpl.sadb_x_policy_len = PFKEY_UNUNIT64(sizeof(xpl)); - xpl.sadb_x_policy_exttype = SADB_X_EXT_POLICY; - xpl.sadb_x_policy_id = spid; - memcpy(p, &xpl, sizeof(xpl)); - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * open a socket. - * OUT: - * -1: fail. - * others : success and return value of socket. - */ -int -pfkey_open() -{ - int so; - int bufsiz = 0; /* Max allowed by default */ - const unsigned long newbufk = 512; - unsigned long oldmax; - size_t oldmaxsize = sizeof(oldmax); - unsigned long newmax = newbufk * (1024 + 128); - - if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - - /* - * This is a temporary workaround for KAME PR 154. - * Don't really care even if it fails. - */ - if (sysctlbyname("kern.ipc.maxsockbuf", &oldmax, &oldmaxsize, &newmax, sizeof(newmax)) != 0) { - plog(LLV_WARNING, LOCATION, NULL, - "sysctlbyname kern.ipc.maxsockbuf failed: %s\n", strerror(errno)); - bufsiz = 233016; /* Max allowed by default */ - } - else - { - bufsiz = newbufk * 1024; - } - if (setsockopt(so, SOL_SOCKET, SO_SNDBUF, &bufsiz, sizeof(bufsiz)) != 0) - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt SOL_SOCKET SO_SNDBUF failed: %s\n", strerror(errno)); - if (setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)) != 0) - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt SOL_SOCKET SO_RCVBUF failed: %s\n", strerror(errno)); - - if (bufsiz == newbufk * 1024) - if (sysctlbyname("kern.ipc.maxsockbuf", NULL, NULL, &oldmax, oldmaxsize) != 0) - plog(LLV_WARNING, LOCATION, NULL, - "sysctlbyname kern.ipc.maxsockbuf (restore) failed: %s\n", strerror(errno)); - - __ipsec_errcode = EIPSEC_NO_ERROR; - return so; -} - -/* - * close a socket. - * OUT: - * 0: success. - * -1: fail. - */ -void -pfkey_close(so) - int so; -{ - (void)close(so); - - __ipsec_errcode = EIPSEC_NO_ERROR; - return; -} - -/* - * receive sadb_msg data, and return pointer to new buffer allocated. - * Must free this buffer later. - * OUT: - * NULL : error occured. - * others : a pointer to sadb_msg structure. - * - * XXX should be rewritten to pass length explicitly - */ -struct sadb_msg * -pfkey_recv(so) - int so; -{ - struct sadb_msg buf, *newmsg; - int len, reallen; - - while ((len = recv(so, (caddr_t)&buf, sizeof(buf), MSG_PEEK)) < 0) { - if (errno == EINTR) - continue; - __ipsec_set_strerror(strerror(errno)); - return NULL; - } - - if (len < sizeof(buf)) { - recv(so, (caddr_t)&buf, sizeof(buf), 0); - __ipsec_errcode = EIPSEC_MAX; - return NULL; - } - - /* read real message */ - reallen = PFKEY_UNUNIT64(buf.sadb_msg_len); - if ((newmsg = CALLOC(reallen, struct sadb_msg *)) == 0) { - __ipsec_set_strerror(strerror(errno)); - return NULL; - } - - while ((len = recv(so, (caddr_t)newmsg, reallen, 0)) < 0) { - if (errno == EINTR) - continue; - __ipsec_set_strerror(strerror(errno)); - free(newmsg); - return NULL; - } - - if (len != reallen) { - __ipsec_errcode = EIPSEC_SYSTEM_ERROR; - free(newmsg); - return NULL; - } - - /* don't trust what the kernel says, validate! */ - if (PFKEY_UNUNIT64(newmsg->sadb_msg_len) != len) { - __ipsec_errcode = EIPSEC_SYSTEM_ERROR; - free(newmsg); - return NULL; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return newmsg; -} - -/* - * send message to a socket. - * OUT: - * others: success and return length sent. - * -1 : fail. - */ -int -pfkey_send(so, msg, len) - int so; - struct sadb_msg *msg; - int len; -{ - if ((len = send(so, (caddr_t)msg, len, 0)) < 0) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * %%% Utilities - * NOTE: These functions are derived from netkey/key.c in KAME. - */ -/* - * set the pointer to each header in this message buffer. - * IN: msg: pointer to message buffer. - * mhp: pointer to the buffer initialized like below: - * caddr_t mhp[SADB_EXT_MAX + 1]; - * OUT: -1: invalid. - * 0: valid. - * - * XXX should be rewritten to obtain length explicitly - */ -int -pfkey_align(msg, mhp) - struct sadb_msg *msg; - caddr_t *mhp; -{ - struct sadb_ext *ext; - int i; - caddr_t p; - caddr_t ep; /* XXX should be passed from upper layer */ - - /* validity check */ - if (msg == NULL || mhp == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - /* initialize */ - for (i = 0; i < SADB_EXT_MAX + 1; i++) - mhp[i] = NULL; - - mhp[0] = (caddr_t)msg; - - /* initialize */ - p = (caddr_t) msg; - ep = p + PFKEY_UNUNIT64(msg->sadb_msg_len); - - /* skip base header */ - p += sizeof(struct sadb_msg); - - while (p < ep) { - ext = (struct sadb_ext *)p; - if (ep < p + sizeof(*ext) || PFKEY_EXTLEN(ext) < sizeof(*ext) || - ep < p + PFKEY_EXTLEN(ext)) { - /* invalid format */ - break; - } - - /* duplicate check */ - /* XXX Are there duplication either KEY_AUTH or KEY_ENCRYPT ?*/ - if (mhp[ext->sadb_ext_type] != NULL) { - __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; - return -1; - } - - /* set pointer */ - switch (ext->sadb_ext_type) { - case SADB_EXT_SA: - case SADB_EXT_LIFETIME_CURRENT: - case SADB_EXT_LIFETIME_HARD: - case SADB_EXT_LIFETIME_SOFT: - case SADB_EXT_ADDRESS_SRC: - case SADB_EXT_ADDRESS_DST: - case SADB_EXT_ADDRESS_PROXY: - case SADB_EXT_KEY_AUTH: - /* XXX should to be check weak keys. */ - case SADB_EXT_KEY_ENCRYPT: - /* XXX should to be check weak keys. */ - case SADB_EXT_IDENTITY_SRC: - case SADB_EXT_IDENTITY_DST: - case SADB_EXT_SENSITIVITY: - case SADB_EXT_PROPOSAL: - case SADB_EXT_SUPPORTED_AUTH: - case SADB_EXT_SUPPORTED_ENCRYPT: - case SADB_EXT_SPIRANGE: - case SADB_X_EXT_POLICY: - case SADB_X_EXT_SA2: - mhp[ext->sadb_ext_type] = (caddr_t)ext; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; - return -1; - } - - p += PFKEY_EXTLEN(ext); - } - - if (p != ep) { - __ipsec_errcode = EIPSEC_INVAL_SADBMSG; - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * check basic usage for sadb_msg, - * NOTE: This routine is derived from netkey/key.c in KAME. - * IN: msg: pointer to message buffer. - * mhp: pointer to the buffer initialized like below: - * - * caddr_t mhp[SADB_EXT_MAX + 1]; - * - * OUT: -1: invalid. - * 0: valid. - */ -int -pfkey_check(mhp) - caddr_t *mhp; -{ - struct sadb_msg *msg; - - /* validity check */ - if (mhp == NULL || mhp[0] == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - msg = (struct sadb_msg *)mhp[0]; - - /* check version */ - if (msg->sadb_msg_version != PF_KEY_V2) { - __ipsec_errcode = EIPSEC_INVAL_VERSION; - return -1; - } - - /* check type */ - if (msg->sadb_msg_type > SADB_MAX) { - __ipsec_errcode = EIPSEC_INVAL_MSGTYPE; - return -1; - } - - /* check SA type */ - switch (msg->sadb_msg_satype) { - case SADB_SATYPE_UNSPEC: - switch (msg->sadb_msg_type) { - case SADB_GETSPI: - case SADB_UPDATE: - case SADB_ADD: - case SADB_DELETE: - case SADB_GET: - case SADB_ACQUIRE: - case SADB_EXPIRE: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - break; - case SADB_SATYPE_ESP: - case SADB_SATYPE_AH: - case SADB_X_SATYPE_IPCOMP: - switch (msg->sadb_msg_type) { - case SADB_X_SPDADD: - case SADB_X_SPDDELETE: - case SADB_X_SPDGET: - case SADB_X_SPDDUMP: - case SADB_X_SPDFLUSH: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - break; - case SADB_SATYPE_RSVP: - case SADB_SATYPE_OSPFV2: - case SADB_SATYPE_RIPV2: - case SADB_SATYPE_MIP: - __ipsec_errcode = EIPSEC_NOT_SUPPORTED; - return -1; - case 1: /* XXX: What does it do ? */ - if (msg->sadb_msg_type == SADB_X_PROMISC) - break; - /*FALLTHROUGH*/ - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - /* check field of upper layer protocol and address family */ - if (mhp[SADB_EXT_ADDRESS_SRC] != NULL - && mhp[SADB_EXT_ADDRESS_DST] != NULL) { - struct sadb_address *src0, *dst0; - - src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]); - dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]); - - if (src0->sadb_address_proto != dst0->sadb_address_proto) { - __ipsec_errcode = EIPSEC_PROTO_MISMATCH; - return -1; - } - - if (PFKEY_ADDR_SADDR(src0)->sa_family - != PFKEY_ADDR_SADDR(dst0)->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - - switch (PFKEY_ADDR_SADDR(src0)->sa_family) { - case AF_INET: - case AF_INET6: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* - * prefixlen == 0 is valid because there must be the case - * all addresses are matched. - */ - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * set data into sadb_msg. - * `buf' must has been allocated sufficiently. - */ -static caddr_t -pfkey_setsadbmsg(buf, lim, type, tlen, satype, seq, pid) - caddr_t buf; - caddr_t lim; - u_int type, satype; - u_int tlen; - u_int32_t seq; - pid_t pid; -{ - struct sadb_msg *p; - u_int len; - - p = (struct sadb_msg *)buf; - len = sizeof(struct sadb_msg); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_msg_version = PF_KEY_V2; - p->sadb_msg_type = type; - p->sadb_msg_errno = 0; - p->sadb_msg_satype = satype; - p->sadb_msg_len = PFKEY_UNIT64(tlen); - p->sadb_msg_reserved = 0; - p->sadb_msg_seq = seq; - p->sadb_msg_pid = (u_int32_t)pid; - - return(buf + len); -} - -/* - * copy secasvar data into sadb_address. - * `buf' must has been allocated sufficiently. - */ -static caddr_t -pfkey_setsadbsa2(buf, lim, spi, wsize, auth, enc, flags, port) - caddr_t buf; - caddr_t lim; - u_int32_t spi, flags; - u_int wsize, auth, enc; - u_int16_t port; -{ - struct sadb_sa_2 *p; - u_int len; - - p = (struct sadb_sa_2 *)buf; - len = sizeof(struct sadb_sa_2); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sa.sadb_sa_len = PFKEY_UNIT64(len); - p->sa.sadb_sa_exttype = SADB_EXT_SA; - p->sa.sadb_sa_spi = spi; - p->sa.sadb_sa_replay = wsize; - p->sa.sadb_sa_state = SADB_SASTATE_LARVAL; - p->sa.sadb_sa_auth = auth; - p->sa.sadb_sa_encrypt = enc; - p->sa.sadb_sa_flags = flags; - p->sadb_sa_natt_port = port; - - printf("pfkey_setsadbsa2: flags = 0x%X, port = %u.\n", flags, ntohs(port)); - - return(buf + len); -} - -/* - * set data into sadb_address. - * `buf' must has been allocated sufficiently. - * prefixlen is in bits. - */ -static caddr_t -pfkey_setsadbaddr(buf, lim, exttype, saddr, prefixlen, ul_proto) - caddr_t buf; - caddr_t lim; - u_int exttype; - struct sockaddr *saddr; - u_int prefixlen; - u_int ul_proto; -{ - struct sadb_address *p; - u_int len; - - p = (struct sadb_address *)buf; - len = sizeof(struct sadb_address) + PFKEY_ALIGN8(saddr->sa_len); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_address_len = PFKEY_UNIT64(len); - p->sadb_address_exttype = exttype & 0xffff; - p->sadb_address_proto = ul_proto & 0xff; - p->sadb_address_prefixlen = prefixlen; - p->sadb_address_reserved = 0; - - memcpy(p + 1, saddr, saddr->sa_len); - - return(buf + len); -} - -/* - * set sadb_key structure after clearing buffer with zero. - * OUT: the pointer of buf + len. - */ -static caddr_t -pfkey_setsadbkey(buf, lim, type, key, keylen) - caddr_t buf; - caddr_t lim; - caddr_t key; - u_int type, keylen; -{ - struct sadb_key *p; - u_int len; - - p = (struct sadb_key *)buf; - len = sizeof(struct sadb_key) + PFKEY_ALIGN8(keylen); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_key_len = PFKEY_UNIT64(len); - p->sadb_key_exttype = type; - p->sadb_key_bits = keylen << 3; - p->sadb_key_reserved = 0; - - memcpy(p + 1, key, keylen); - - return buf + len; -} - -/* - * set sadb_lifetime structure after clearing buffer with zero. - * OUT: the pointer of buf + len. - */ -static caddr_t -pfkey_setsadblifetime(buf, lim, type, l_alloc, l_bytes, l_addtime, l_usetime) - caddr_t buf; - caddr_t lim; - u_int type; - u_int32_t l_alloc, l_bytes, l_addtime, l_usetime; -{ - struct sadb_lifetime *p; - u_int len; - - p = (struct sadb_lifetime *)buf; - len = sizeof(struct sadb_lifetime); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_lifetime_len = PFKEY_UNIT64(len); - p->sadb_lifetime_exttype = type; - - switch (type) { - case SADB_EXT_LIFETIME_SOFT: - p->sadb_lifetime_allocations - = (l_alloc * soft_lifetime_allocations_rate) /100; - p->sadb_lifetime_bytes - = (l_bytes * soft_lifetime_bytes_rate) /100; - p->sadb_lifetime_addtime - = (l_addtime * soft_lifetime_addtime_rate) /100; - p->sadb_lifetime_usetime - = (l_usetime * soft_lifetime_usetime_rate) /100; - break; - case SADB_EXT_LIFETIME_HARD: - p->sadb_lifetime_allocations = l_alloc; - p->sadb_lifetime_bytes = l_bytes; - p->sadb_lifetime_addtime = l_addtime; - p->sadb_lifetime_usetime = l_usetime; - break; - } - - return buf + len; -} - -/* - * copy secasvar data into sadb_address. - * `buf' must has been allocated sufficiently. - */ -static caddr_t -pfkey_setsadbxsa2(buf, lim, mode0, reqid) - caddr_t buf; - caddr_t lim; - u_int32_t mode0; - u_int32_t reqid; -{ - struct sadb_x_sa2 *p; - u_int8_t mode = mode0 & 0xff; - u_int len; - - p = (struct sadb_x_sa2 *)buf; - len = sizeof(struct sadb_x_sa2); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_x_sa2_len = PFKEY_UNIT64(len); - p->sadb_x_sa2_exttype = SADB_X_EXT_SA2; - p->sadb_x_sa2_mode = mode; - p->sadb_x_sa2_reqid = reqid; - - return(buf + len); -} diff --git a/racoon.tproj/pfkey_dump.c b/racoon.tproj/pfkey_dump.c deleted file mode 100644 index 7f73140..0000000 --- a/racoon.tproj/pfkey_dump.c +++ /dev/null @@ -1,595 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/pfkey_dump.c,v 1.1.2.2 2001/07/03 11:01:15 ume Exp $ */ -/* $KAME: pfkey_dump.c,v 1.27 2001/03/12 09:03:38 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "ipsec_strerror.h" -#include "libpfkey.h" - -/* cope with old kame headers - ugly */ -#ifndef SADB_X_AALG_MD5 -#define SADB_X_AALG_MD5 SADB_AALG_MD5 -#endif -#ifndef SADB_X_AALG_SHA -#define SADB_X_AALG_SHA SADB_AALG_SHA -#endif -#ifndef SADB_X_AALG_NULL -#define SADB_X_AALG_NULL SADB_AALG_NULL -#endif - -#ifndef SADB_X_EALG_BLOWFISHCBC -#define SADB_X_EALG_BLOWFISHCBC SADB_EALG_BLOWFISHCBC -#endif -#ifndef SADB_X_EALG_CAST128CBC -#define SADB_X_EALG_CAST128CBC SADB_EALG_CAST128CBC -#endif -#ifndef SADB_X_EALG_RC5CBC -#ifdef SADB_EALG_RC5CBC -#define SADB_X_EALG_RC5CBC SADB_EALG_RC5CBC -#endif -#endif - -#define GETMSGSTR(str, num) \ -do { \ - if (sizeof((str)[0]) == 0 \ - || num >= sizeof(str)/sizeof((str)[0])) \ - printf("%d ", (num)); \ - else if (strlen((str)[(num)]) == 0) \ - printf("%d ", (num)); \ - else \ - printf("%s ", (str)[(num)]); \ -} while (0) - -#define GETMSGV2S(v2s, num) \ -do { \ - struct val2str *p; \ - for (p = (v2s); p && p->str; p++) { \ - if (p->val == (num)) \ - break; \ - } \ - if (p && p->str) \ - printf("%s ", p->str); \ - else \ - printf("%d ", (num)); \ -} while (0) - -static char *str_ipaddr __P((struct sockaddr *)); -static char *str_prefport __P((u_int, u_int, u_int)); -static char *str_time __P((time_t)); -static void str_lifetime_byte __P((struct sadb_lifetime *, char *)); - -struct val2str { - int val; - const char *str; -}; - -/* - * Must to be re-written about following strings. - */ -static char *str_satype[] = { - "unspec", - "unknown", - "ah", - "esp", - "unknown", - "rsvp", - "ospfv2", - "ripv2", - "mip", - "ipcomp", -}; - -static char *str_mode[] = { - "any", - "transport", - "tunnel", -}; - -static char *str_upper[] = { -/*0*/ "ip", "icmp", "igmp", "ggp", "ip4", - "", "tcp", "", "egp", "", -/*10*/ "", "", "", "", "", - "", "", "udp", "", "", -/*20*/ "", "", "idp", "", "", - "", "", "", "", "tp", -/*30*/ "", "", "", "", "", - "", "", "", "", "", -/*40*/ "", "ip6", "", "rt6", "frag6", - "", "rsvp", "gre", "", "", -/*50*/ "esp", "ah", "", "", "", - "", "", "", "icmp6", "none", -/*60*/ "dst6", -}; - -static char *str_state[] = { - "larval", - "mature", - "dying", - "dead", -}; - -static struct val2str str_alg_auth[] = { - { SADB_AALG_NONE, "none", }, - { SADB_AALG_MD5HMAC, "hmac-md5", }, - { SADB_AALG_SHA1HMAC, "hmac-sha1", }, - { SADB_X_AALG_MD5, "md5", }, - { SADB_X_AALG_SHA, "sha", }, - { SADB_X_AALG_NULL, "null", }, -#ifdef SADB_X_AALG_SHA2_256 - { SADB_X_AALG_SHA2_256, "hmac-sha2-256", }, -#endif -#ifdef SADB_X_AALG_SHA2_384 - { SADB_X_AALG_SHA2_384, "hmac-sha2-384", }, -#endif -#ifdef SADB_X_AALG_SHA2_512 - { SADB_X_AALG_SHA2_512, "hmac-sha2-512", }, -#endif - { -1, NULL, }, -}; - -static struct val2str str_alg_enc[] = { - { SADB_EALG_NONE, "none", }, - { SADB_EALG_DESCBC, "des-cbc", }, - { SADB_EALG_3DESCBC, "3des-cbc", }, - { SADB_EALG_NULL, "null", }, -#ifdef SADB_X_EALG_RC5CBC - { SADB_X_EALG_RC5CBC, "rc5-cbc", }, -#endif - { SADB_X_EALG_CAST128CBC, "cast128-cbc", }, - { SADB_X_EALG_BLOWFISHCBC, "blowfish-cbc", }, -#ifdef SADB_X_EALG_RIJNDAELCBC - { SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", }, -#endif -#ifdef SADB_X_EALG_TWOFISHCBC - { SADB_X_EALG_TWOFISHCBC, "twofish-cbc", }, -#endif - { -1, NULL, }, -}; - -static struct val2str str_alg_comp[] = { - { SADB_X_CALG_NONE, "none", }, - { SADB_X_CALG_OUI, "oui", }, - { SADB_X_CALG_DEFLATE, "deflate", }, - { SADB_X_CALG_LZS, "lzs", }, - { -1, NULL, }, -}; - -/* - * dump SADB_MSG formated. For debugging, you should use kdebug_sadb(). - */ -void -pfkey_sadump(m) - struct sadb_msg *m; -{ - caddr_t mhp[SADB_EXT_MAX + 1]; - struct sadb_sa *m_sa; - struct sadb_x_sa2 *m_sa2; - struct sadb_lifetime *m_lftc, *m_lfth, *m_lfts; - struct sadb_address *m_saddr, *m_daddr, *m_paddr; - struct sadb_key *m_auth, *m_enc; - struct sadb_ident *m_sid, *m_did; - struct sadb_sens *m_sens; - - /* check pfkey message. */ - if (pfkey_align(m, mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - if (pfkey_check(mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - - m_sa = (struct sadb_sa *)mhp[SADB_EXT_SA]; - m_sa2 = (struct sadb_x_sa2 *)mhp[SADB_X_EXT_SA2]; - m_lftc = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT]; - m_lfth = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD]; - m_lfts = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_SOFT]; - m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - m_paddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_PROXY]; - m_auth = (struct sadb_key *)mhp[SADB_EXT_KEY_AUTH]; - m_enc = (struct sadb_key *)mhp[SADB_EXT_KEY_ENCRYPT]; - m_sid = (struct sadb_ident *)mhp[SADB_EXT_IDENTITY_SRC]; - m_did = (struct sadb_ident *)mhp[SADB_EXT_IDENTITY_DST]; - m_sens = (struct sadb_sens *)mhp[SADB_EXT_SENSITIVITY]; - - /* source address */ - if (m_saddr == NULL) { - printf("no ADDRESS_SRC extension.\n"); - return; - } - printf("%s ", str_ipaddr((struct sockaddr *)(m_saddr + 1))); - - /* destination address */ - if (m_daddr == NULL) { - printf("no ADDRESS_DST extension.\n"); - return; - } - printf("%s ", str_ipaddr((struct sockaddr *)(m_daddr + 1))); - - /* SA type */ - if (m_sa == NULL) { - printf("no SA extension.\n"); - return; - } - if (m_sa2 == NULL) { - printf("no SA2 extension.\n"); - return; - } - printf("\n\t"); - - GETMSGSTR(str_satype, m->sadb_msg_satype); - - printf("mode="); - GETMSGSTR(str_mode, m_sa2->sadb_x_sa2_mode); - - printf("spi=%u(0x%08x) reqid=%u(0x%08x)\n", - (u_int32_t)ntohl(m_sa->sadb_sa_spi), - (u_int32_t)ntohl(m_sa->sadb_sa_spi), - (u_int32_t)m_sa2->sadb_x_sa2_reqid, - (u_int32_t)m_sa2->sadb_x_sa2_reqid); - - /* encryption key */ - if (m->sadb_msg_satype == SADB_X_SATYPE_IPCOMP) { - printf("\tC: "); - GETMSGV2S(str_alg_comp, m_sa->sadb_sa_encrypt); - } else if (m->sadb_msg_satype == SADB_SATYPE_ESP) { - if (m_enc != NULL) { - printf("\tE: "); - GETMSGV2S(str_alg_enc, m_sa->sadb_sa_encrypt); - ipsec_hexdump((caddr_t)m_enc + sizeof(*m_enc), - m_enc->sadb_key_bits / 8); - printf("\n"); - } - } - - /* authentication key */ - if (m_auth != NULL) { - printf("\tA: "); - GETMSGV2S(str_alg_auth, m_sa->sadb_sa_auth); - ipsec_hexdump((caddr_t)m_auth + sizeof(*m_auth), - m_auth->sadb_key_bits / 8); - printf("\n"); - } - - /* replay windoe size & flags */ - printf("\treplay=%u flags=0x%08x ", - m_sa->sadb_sa_replay, - m_sa->sadb_sa_flags); - - /* state */ - printf("state="); - GETMSGSTR(str_state, m_sa->sadb_sa_state); - - printf("seq=%lu pid=%lu\n", - (u_long)m->sadb_msg_seq, - (u_long)m->sadb_msg_pid); - - /* lifetime */ - if (m_lftc != NULL) { - time_t tmp_time = time(0); - - printf("\tcreated: %s", - str_time(m_lftc->sadb_lifetime_addtime)); - printf("\tcurrent: %s\n", str_time(tmp_time)); - printf("\tdiff: %lu(s)", - (u_long)(m_lftc->sadb_lifetime_addtime == 0 ? - 0 : (tmp_time - m_lftc->sadb_lifetime_addtime))); - - printf("\thard: %lu(s)", - (u_long)(m_lfth == NULL ? - 0 : m_lfth->sadb_lifetime_addtime)); - printf("\tsoft: %lu(s)\n", - (u_long)(m_lfts == NULL ? - 0 : m_lfts->sadb_lifetime_addtime)); - - printf("\tlast: %s", - str_time(m_lftc->sadb_lifetime_usetime)); - printf("\thard: %lu(s)", - (u_long)(m_lfth == NULL ? - 0 : m_lfth->sadb_lifetime_usetime)); - printf("\tsoft: %lu(s)\n", - (u_long)(m_lfts == NULL ? - 0 : m_lfts->sadb_lifetime_usetime)); - - str_lifetime_byte(m_lftc, "current"); - str_lifetime_byte(m_lfth, "hard"); - str_lifetime_byte(m_lfts, "soft"); - printf("\n"); - - printf("\tallocated: %lu", - (unsigned long)m_lftc->sadb_lifetime_allocations); - printf("\thard: %lu", - (u_long)(m_lfth == NULL ? - 0 : m_lfth->sadb_lifetime_allocations)); - printf("\tsoft: %lu\n", - (u_long)(m_lfts == NULL ? - 0 : m_lfts->sadb_lifetime_allocations)); - } - - /* XXX DEBUG */ - printf("\trefcnt=%u\n", m->sadb_msg_reserved); - - return; -} - -void -pfkey_spdump(m) - struct sadb_msg *m; -{ - char pbuf[NI_MAXSERV]; - caddr_t mhp[SADB_EXT_MAX + 1]; - struct sadb_address *m_saddr, *m_daddr; - struct sadb_x_policy *m_xpl; - struct sadb_lifetime *m_lft = NULL; - struct sockaddr *sa; - u_int16_t port; - - /* check pfkey message. */ - if (pfkey_align(m, mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - if (pfkey_check(mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - - m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - m_xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY]; - m_lft = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD]; - - /* source address */ - if (m_saddr == NULL) { - printf("no ADDRESS_SRC extension.\n"); - return; - } - sa = (struct sockaddr *)(m_saddr + 1); - switch (sa->sa_family) { - case AF_INET: - case AF_INET6: - if (getnameinfo(sa, sa->sa_len, NULL, 0, pbuf, sizeof(pbuf), - NI_NUMERICSERV) != 0) - port = 0; /*XXX*/ - else - port = atoi(pbuf); - printf("%s%s ", str_ipaddr(sa), - str_prefport(sa->sa_family, - m_saddr->sadb_address_prefixlen, port)); - break; - default: - printf("unknown-af "); - break; - } - - /* destination address */ - if (m_daddr == NULL) { - printf("no ADDRESS_DST extension.\n"); - return; - } - sa = (struct sockaddr *)(m_daddr + 1); - switch (sa->sa_family) { - case AF_INET: - case AF_INET6: - if (getnameinfo(sa, sa->sa_len, NULL, 0, pbuf, sizeof(pbuf), - NI_NUMERICSERV) != 0) - port = 0; /*XXX*/ - else - port = atoi(pbuf); - printf("%s%s ", str_ipaddr(sa), - str_prefport(sa->sa_family, - m_daddr->sadb_address_prefixlen, port)); - break; - default: - printf("unknown-af "); - break; - } - - /* upper layer protocol */ - if (m_saddr->sadb_address_proto != m_daddr->sadb_address_proto) { - printf("upper layer protocol mismatched.\n"); - return; - } - if (m_saddr->sadb_address_proto == IPSEC_ULPROTO_ANY) - printf("any"); - else - GETMSGSTR(str_upper, m_saddr->sadb_address_proto); - - /* policy */ - { - char *d_xpl; - - if (m_xpl == NULL) { - printf("no X_POLICY extension.\n"); - return; - } - d_xpl = ipsec_dump_policy((char *)m_xpl, "\n\t"); - - /* dump SPD */ - printf("\n\t%s\n", d_xpl); - free(d_xpl); - } - - /* lifetime */ - if (m_lft) { - printf("\tlifetime:%lu validtime:%lu\n", - (u_long)m_lft->sadb_lifetime_addtime, - (u_long)m_lft->sadb_lifetime_usetime); - } - - printf("\tspid=%ld seq=%ld pid=%ld\n", - (u_long)m_xpl->sadb_x_policy_id, - (u_long)m->sadb_msg_seq, - (u_long)m->sadb_msg_pid); - - /* XXX TEST */ - printf("\trefcnt=%u\n", m->sadb_msg_reserved); - - return; -} - -/* - * set "ipaddress" to buffer. - */ -static char * -str_ipaddr(sa) - struct sockaddr *sa; -{ - static char buf[NI_MAXHOST]; -#ifdef NI_WITHSCOPEID - const int niflag = NI_NUMERICHOST | NI_WITHSCOPEID; -#else - const int niflag = NI_NUMERICHOST; -#endif - - if (sa == NULL) - return ""; - - if (getnameinfo(sa, sa->sa_len, buf, sizeof(buf), NULL, 0, niflag) == 0) - return buf; - return NULL; -} - -/* - * set "/prefix[port number]" to buffer. - */ -static char * -str_prefport(family, pref, port) - u_int family, pref, port; -{ - static char buf[128]; - char prefbuf[20]; - char portbuf[20]; - int plen; - - switch (family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - return "?"; - } - - if (pref == plen) - prefbuf[0] = '\0'; - else - snprintf(prefbuf, sizeof(prefbuf), "/%u", pref); - - if (port == IPSEC_PORT_ANY) - snprintf(portbuf, sizeof(portbuf), "[%s]", "any"); - else - snprintf(portbuf, sizeof(portbuf), "[%u]", port); - - snprintf(buf, sizeof(buf), "%s%s", prefbuf, portbuf); - - return buf; -} - -/* - * set "Mon Day Time Year" to buffer - */ -static char * -str_time(t) - time_t t; -{ - static char buf[128]; - - if (t == 0) { - int i = 0; - for (;i < 20;) buf[i++] = ' '; - } else { - char *t0; - t0 = ctime(&t); - memcpy(buf, t0 + 4, 20); - } - - buf[20] = '\0'; - - return(buf); -} - -static void -str_lifetime_byte(x, str) - struct sadb_lifetime *x; - char *str; -{ - double y; - char *unit; - int w; - - if (x == NULL) { - printf("\t%s: 0(bytes)", str); - return; - } - -#if 0 - if ((x->sadb_lifetime_bytes) / 1024 / 1024) { - y = (x->sadb_lifetime_bytes) * 1.0 / 1024 / 1024; - unit = "M"; - w = 1; - } else if ((x->sadb_lifetime_bytes) / 1024) { - y = (x->sadb_lifetime_bytes) * 1.0 / 1024; - unit = "K"; - w = 1; - } else { - y = (x->sadb_lifetime_bytes) * 1.0; - unit = ""; - w = 0; - } -#else - y = (x->sadb_lifetime_bytes) * 1.0; - unit = ""; - w = 0; -#endif - printf("\t%s: %.*f(%sbytes)", str, w, y, unit); -} diff --git a/racoon.tproj/plog.c b/racoon.tproj/plog.c deleted file mode 100644 index b7141e3..0000000 --- a/racoon.tproj/plog.c +++ /dev/null @@ -1,225 +0,0 @@ -/* $KAME: plog.c,v 1.23 2002/05/07 08:56:19 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include - -#include -#include -#include -#include -#ifdef HAVE_STDARG_H -#include -#else -#include -#endif -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif -#include -#include - -#include "var.h" -#include "misc.h" -#include "plog.h" -#include "logger.h" -#include "debug.h" -#include "gcmalloc.h" - -char *pname = NULL; -u_int32_t loglevel = LLV_BASE; - -static struct log *logp = NULL; -static char *logfile = NULL; - -static char *plog_common __P((int, const char *, const char *)); - -static struct plogtags { - char *name; - int priority; -} ptab[] = { - { "(not defined)", 0, }, - { "INFO", LOG_INFO, }, - { "NOTIFY", LOG_INFO, }, - { "WARNING", LOG_INFO, }, - { "ERROR", LOG_INFO, }, - { "DEBUG", LOG_DEBUG, }, - { "DEBUG2", LOG_DEBUG, }, -}; - -static char * -plog_common(pri, fmt, func) - int pri; - const char *fmt, *func; -{ - static char buf[800]; /* XXX shoule be allocated every time ? */ - char *p; - int reslen, len; - - p = buf; - reslen = sizeof(buf); - - if (logfile || f_foreground) { - time_t t; - struct tm *tm; - - t = time(0); - tm = localtime(&t); - len = strftime(p, reslen, "%Y-%m-%d %T: ", tm); - p += len; - reslen -= len; - } - - if (pri < ARRAYLEN(ptab)) { - len = snprintf(p, reslen, "%s: ", ptab[pri].name); - if (len >= 0 && len < reslen) { - p += len; - reslen -= len; - } else - *p = '\0'; - } - - snprintf(p, reslen, "%s: %s", func, fmt); - - return buf; -} - -void -plog(int pri, const char *func, struct sockaddr *sa, const char *fmt, ...) -{ - va_list ap; - - va_start(ap, fmt); - plogv(pri, func, sa, fmt, ap); - va_end(ap); -} - -void -plogv(int pri, const char *func, struct sockaddr *sa, - const char *fmt, va_list ap) -{ - char *newfmt; - - if (pri > loglevel) - return; - - newfmt = plog_common(pri, fmt, func); - - if (f_foreground) - vprintf(newfmt, ap); - - /* - * If we're not running in the foreground and the loglevel is - * set to the default, don't dump LLV_INFO message to the log. - */ - if (!f_foreground && pri == LLV_INFO && loglevel == LLV_BASE) return; - - if (logfile) - log_vaprint(logp, newfmt, ap); - else { - if (pri < ARRAYLEN(ptab)) - vsyslog(ptab[pri].priority, newfmt, ap); - else - vsyslog(LOG_ALERT, newfmt, ap); - } -} - -void -plogdump(pri, data, len) - int pri; - void *data; - size_t len; -{ - caddr_t buf; - size_t buflen; - int i, j; - - if (pri > loglevel) - return; - - /* - * 2 words a bytes + 1 space 4 bytes + 1 newline 32 bytes - * + 2 newline + '\0' - */ - buflen = (len * 2) + (len / 4) + (len / 32) + 3; - buf = racoon_malloc(buflen); - - i = 0; - j = 0; - while (j < len) { - if (j % 32 == 0) - buf[i++] = '\n'; - else - if (j % 4 == 0) - buf[i++] = ' '; - snprintf(&buf[i], buflen - i, "%02x", - ((unsigned char *)data)[j] & 0xff); - i += 2; - j++; - } - if (buflen - i >= 2) { - buf[i++] = '\n'; - buf[i] = '\0'; - } - plog(pri, LOCATION, NULL, "%s", buf); - - racoon_free(buf); -} - -void -ploginit() -{ - if (logfile) { - logp = log_open(250, logfile); - if (logp == NULL) - errx(1, "ERROR: failed to open log file %s.", logfile); - return; - } - - openlog(pname, LOG_NDELAY, LOG_DAEMON); -} - -void -plogset(file) - char *file; -{ - if (logfile != NULL) - racoon_free(logfile); - logfile = strdup(file); -} - diff --git a/racoon.tproj/plog.h b/racoon.tproj/plog.h deleted file mode 100644 index d8dd456..0000000 --- a/racoon.tproj/plog.h +++ /dev/null @@ -1,74 +0,0 @@ -/* $KAME: plog.h,v 1.10 2002/05/07 08:56:19 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __PLOG_H__ -#define __PLOG_H__ - -#define LC_DEFAULT_LOGF "/var/log/racoon.log" - -#ifdef HAVE_STDARG_H -#include -#else -#include -#endif -#include - -/* - * INFO: begin negotiation, SA establishment/deletion/expiration. - * NOTIFY: just notifiable. - * WARNING: not error strictly. - * ERROR: system call error. also invalid parameter/format. - * DEBUG1: debugging informatioin. - * DEBUG2: too more verbose. e.g. parsing config. - */ -#define LLV_INFO 1 -#define LLV_NOTIFY 2 -#define LLV_WARNING 3 -#define LLV_ERROR 4 -#define LLV_DEBUG 5 -#define LLV_DEBUG2 6 - -#define LLV_BASE 4 /* always logging less than this value. */ - -extern char *pname; -extern u_int32_t loglevel; -extern int f_foreground; - -struct sockaddr; -extern void plog __P((int, const char *, struct sockaddr *, const char *, ...)); -extern void plogv __P((int, const char *, struct sockaddr *, - const char *, va_list)); -extern void plogdump __P((int, void *, size_t)); -extern void ploginit __P((void)); -extern void plogset __P((char *)); - -#endif /* __PLOG_H__ */ - diff --git a/racoon.tproj/policy.c b/racoon.tproj/policy.c deleted file mode 100644 index 8bb16a7..0000000 --- a/racoon.tproj/policy.c +++ /dev/null @@ -1,416 +0,0 @@ -/* $KAME: policy.c,v 1.46 2001/11/16 04:08:10 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "debug.h" - -#include "policy.h" -#include "localconf.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "oakley.h" -#include "handler.h" -#include "strnames.h" -#include "gcmalloc.h" - -static TAILQ_HEAD(_sptree, secpolicy) sptree; - -/* perform exact match against security policy table. */ -struct secpolicy * -getsp(spidx) - struct policyindex *spidx; -{ - struct secpolicy *p; - - for (p = TAILQ_FIRST(&sptree); p; p = TAILQ_NEXT(p, chain)) { - if (!cmpspidxstrict(spidx, &p->spidx)) - return p; - } - - return NULL; -} - -/* - * perform non-exact match against security policy table, only if this is - * transport mode SA negotiation. for example, 0.0.0.0/0 -> 0.0.0.0/0 - * entry in policy.txt can be returned when we're negotiating transport - * mode SA. this is how the kernel works. - */ -#if 1 -struct secpolicy * -getsp_r(spidx) - struct policyindex *spidx; -{ - struct secpolicy *p; - - for (p = TAILQ_FIRST(&sptree); p; p = TAILQ_NEXT(p, chain)) { - if (!cmpspidxwild(spidx, &p->spidx)) - return p; - } - - return NULL; -} -#else -struct secpolicy * -getsp_r(spidx, iph2) - struct policyindex *spidx; - struct ph2handle *iph2; -{ - struct secpolicy *p; - u_int8_t prefixlen; - - plog(LLV_DEBUG, LOCATION, NULL, "checking for transport mode\n"); - - if (spidx->src.ss_family != spidx->dst.ss_family) { - plog(LLV_ERROR, LOCATION, NULL, - "address family mismatch, src:%d dst:%d\n", - spidx->src.ss_family, - spidx->dst.ss_family); - return NULL; - } - switch (spidx->src.ss_family) { - case AF_INET: - prefixlen = sizeof(struct in_addr) << 3; - break; -#ifdef INET6 - case AF_INET6: - prefixlen = sizeof(struct in6_addr) << 3; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", spidx->src.ss_family); - return NULL; - } - - /* is it transport mode SA negotiation? */ - plog(LLV_DEBUG, LOCATION, NULL, "src1: %s\n", - saddr2str(iph2->src)); - plog(LLV_DEBUG, LOCATION, NULL, "src2: %s\n", - saddr2str((struct sockaddr *)&spidx->src)); - if (cmpsaddrwop(iph2->src, (struct sockaddr *)&spidx->src) - || spidx->prefs != prefixlen) - return NULL; - - plog(LLV_DEBUG, LOCATION, NULL, "dst1: %s\n", - saddr2str(iph2->dst)); - plog(LLV_DEBUG, LOCATION, NULL, "dst2: %s\n", - saddr2str((struct sockaddr *)&spidx->dst)); - if (cmpsaddrwop(iph2->dst, (struct sockaddr *)&spidx->dst) - || spidx->prefd != prefixlen) - return NULL; - - plog(LLV_DEBUG, LOCATION, NULL, "looks to be transport mode\n"); - - for (p = TAILQ_FIRST(&sptree); p; p = TAILQ_NEXT(p, chain)) { - if (!cmpspidx_wild(spidx, &p->spidx)) - return p; - } - - return NULL; -} -#endif - -struct secpolicy * -getspbyspid(spid) - u_int32_t spid; -{ - struct secpolicy *p; - - for (p = TAILQ_FIRST(&sptree); p; p = TAILQ_NEXT(p, chain)) { - if (p->id == spid) - return p; - } - - return NULL; -} - -/* - * compare policyindex. - * a: subject b: db - * OUT: 0: equal - * 1: not equal - */ -int -cmpspidxstrict(a, b) - struct policyindex *a, *b; -{ - plog(LLV_DEBUG, LOCATION, NULL, "sub:%p: %s\n", a, spidx2str(a)); - plog(LLV_DEBUG, LOCATION, NULL, "db :%p: %s\n", b, spidx2str(b)); - - /* XXX don't check direction now, but it's to be checked carefully. */ - if (a->dir != b->dir - || a->prefs != b->prefs - || a->prefd != b->prefd - || a->ul_proto != b->ul_proto) - return 1; - - if (cmpsaddrstrict((struct sockaddr *)&a->src, - (struct sockaddr *)&b->src)) - return 1; - if (cmpsaddrstrict((struct sockaddr *)&a->dst, - (struct sockaddr *)&b->dst)) - return 1; - - return 0; -} - -/* - * compare policyindex, with wildcard address/protocol match. - * a: subject b: db, can contain wildcard things. - * OUT: 0: equal - * 1: not equal - */ -int -cmpspidxwild(a, b) - struct policyindex *a, *b; -{ - struct sockaddr_storage sa1, sa2; - - plog(LLV_DEBUG, LOCATION, NULL, "sub:%p: %s\n", a, spidx2str(a)); - plog(LLV_DEBUG, LOCATION, NULL, "db: %p: %s\n", b, spidx2str(b)); - - if (!(b->dir == IPSEC_DIR_ANY || a->dir == b->dir)) - return 1; - - if (!(a->ul_proto == IPSEC_ULPROTO_ANY || - b->ul_proto == IPSEC_ULPROTO_ANY || - a->ul_proto == b->ul_proto)) - return 1; - - if (a->src.ss_family != b->src.ss_family) - return 1; - if (a->dst.ss_family != b->dst.ss_family) - return 1; - - /* compare src address */ - if (sizeof(sa1) < a->src.ss_len || sizeof(sa2) < b->src.ss_len) { - plog(LLV_ERROR, LOCATION, NULL, - "unexpected error: " - "src.ss_len:%d dst.ss_len:%d\n", - a->src.ss_len, b->src.ss_len); - return 1; - } - mask_sockaddr((struct sockaddr *)&sa1, (struct sockaddr *)&a->src, - b->prefs); - mask_sockaddr((struct sockaddr *)&sa2, (struct sockaddr *)&b->src, - b->prefs); - plog(LLV_DEBUG, LOCATION, NULL, "%p masked with /%d: %s\n", - a, b->prefs, saddr2str((struct sockaddr *)&sa1)); - plog(LLV_DEBUG, LOCATION, NULL, "%p masked with /%d: %s\n", - b, b->prefs, saddr2str((struct sockaddr *)&sa2)); - if (cmpsaddrwild((struct sockaddr *)&sa1, (struct sockaddr *)&sa2)) - return 1; - - /* compare dst address */ - if (sizeof(sa1) < a->dst.ss_len || sizeof(sa2) < b->dst.ss_len) { - plog(LLV_ERROR, LOCATION, NULL, "unexpected error\n"); - exit(1); - } - mask_sockaddr((struct sockaddr *)&sa1, (struct sockaddr *)&a->dst, - b->prefd); - mask_sockaddr((struct sockaddr *)&sa2, (struct sockaddr *)&b->dst, - b->prefd); - plog(LLV_DEBUG, LOCATION, NULL, "%p masked with /%d: %s\n", - a, b->prefd, saddr2str((struct sockaddr *)&sa1)); - plog(LLV_DEBUG, LOCATION, NULL, "%p masked with /%d: %s\n", - b, b->prefd, saddr2str((struct sockaddr *)&sa2)); - if (cmpsaddrwild((struct sockaddr *)&sa1, (struct sockaddr *)&sa2)) - return 1; - - return 0; -} - -struct secpolicy * -newsp() -{ - struct secpolicy *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - return NULL; - - return new; -} - -void -delsp(sp) - struct secpolicy *sp; -{ - struct ipsecrequest *req = NULL, *next; - - for (req = sp->req; req; req = next) { - next = req->next; - racoon_free(req); - } - - racoon_free(sp); -} - -void -delsp_bothdir(spidx0) - struct policyindex *spidx0; -{ - struct policyindex spidx; - struct secpolicy *sp; - struct sockaddr_storage addr; - u_int8_t pref; - - memcpy(&spidx, spidx0, sizeof(spidx)); - - sp = getsp(&spidx); - if (sp) { - remsp(sp); - delsp(sp); - } - - spidx.dir = spidx.dir == IPSEC_DIR_OUTBOUND - ? IPSEC_DIR_INBOUND - : IPSEC_DIR_OUTBOUND ; - addr = spidx.src; - spidx.src = spidx.dst; - spidx.dst = addr; - pref = spidx.prefs; - spidx.prefs = spidx.prefd; - spidx.prefd = pref; - - sp = getsp(&spidx); - if (sp) { - remsp(sp); - delsp(sp); - } -} - -void -inssp(new) - struct secpolicy *new; -{ - TAILQ_INSERT_TAIL(&sptree, new, chain); -} - -void -remsp(sp) - struct secpolicy *sp; -{ - TAILQ_REMOVE(&sptree, sp, chain); -} - -void -flushsp() -{ - struct secpolicy *p, *next; - - for (p = TAILQ_FIRST(&sptree); p; p = next) { - next = TAILQ_NEXT(p, chain); - remsp(p); - delsp(p); - } -} - -void -initsp() -{ - TAILQ_INIT(&sptree); -} - -struct ipsecrequest * -newipsecreq() -{ - struct ipsecrequest *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - return NULL; - - return new; -} - -const char * -spidx2str(spidx) - const struct policyindex *spidx; -{ - /* addr/pref[port] addr/pref[port] ul dir act */ - static char buf[256]; - char *p, *a, *b; - int blen, i; - - blen = sizeof(buf) - 1; - p = buf; - - a = saddr2str((const struct sockaddr *)&spidx->src); - for (b = a; *b != '\0'; b++) - if (*b == '[') { - *b = '\0'; - b++; - break; - } - i = snprintf(p, blen, "%s/%d[%s ", a, spidx->prefs, b); - if (i < 0 || i >= blen) - return NULL; - p += i; - blen -= i; - - a = saddr2str((const struct sockaddr *)&spidx->dst); - for (b = a; *b != '\0'; b++) - if (*b == '[') { - *b = '\0'; - b++; - break; - } - i = snprintf(p, blen, "%s/%d[%s ", a, spidx->prefd, b); - if (i < 0 || i >= blen) - return NULL; - p += i; - blen -= i; - - snprintf(p, blen, "proto=%s dir=%s", - s_proto(spidx->ul_proto), s_direction(spidx->dir)); - - return buf; -} diff --git a/racoon.tproj/policy.h b/racoon.tproj/policy.h deleted file mode 100644 index 27ba3fd..0000000 --- a/racoon.tproj/policy.h +++ /dev/null @@ -1,122 +0,0 @@ -/* $KAME: policy.h,v 1.18 2001/10/02 04:10:17 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -#ifndef __POLICY_H__ -#define __POLICY_H__ - - -#include - -/* refs. ipsec.h */ -/* - * Security Policy Index - * NOTE: Ensure to be same address family and upper layer protocol. - * NOTE: ul_proto, port number, uid, gid: - * ANY: reserved for waldcard. - * 0 to (~0 - 1): is one of the number of each value. - */ -struct policyindex { - u_int8_t dir; /* direction of packet flow, see blow */ - struct sockaddr_storage src; /* IP src address for SP */ - struct sockaddr_storage dst; /* IP dst address for SP */ - u_int8_t prefs; /* prefix length in bits for src */ - u_int8_t prefd; /* prefix length in bits for dst */ - u_int16_t ul_proto; /* upper layer Protocol */ -}; - -/* Security Policy Data Base */ -struct secpolicy { - TAILQ_ENTRY(secpolicy) chain; - - struct policyindex spidx; /* selector */ - u_int32_t id; /* It's unique number on the system. */ - - u_int policy; /* DISCARD, NONE or IPSEC, see keyv2.h */ - struct ipsecrequest *req; - /* pointer to the ipsec request tree, */ - /* if policy == IPSEC else this value == NULL.*/ -}; - -/* Security Assocciation Index */ -/* NOTE: Ensure to be same address family */ -struct secasindex { - struct sockaddr_storage src; /* srouce address for SA */ - struct sockaddr_storage dst; /* destination address for SA */ - u_int16_t proto; /* IPPROTO_ESP or IPPROTO_AH */ - u_int8_t mode; /* mode of protocol, see ipsec.h */ - u_int32_t reqid; /* reqid id who owned this SA */ - /* see IPSEC_MANUAL_REQID_MAX. */ -}; - -/* Request for IPsec */ -struct ipsecrequest { - struct ipsecrequest *next; - /* pointer to next structure */ - /* If NULL, it means the end of chain. */ - - struct secasindex saidx;/* hint for search proper SA */ - /* if __ss_len == 0 then no address specified.*/ - u_int level; /* IPsec level defined below. */ - - struct secpolicy *sp; /* back pointer to SP */ -}; - -#define KEY_SETSECSPIDX(_dir, s, d, ps, pd, ulp, idx) \ -do { \ - bzero((idx), sizeof(struct policyindex)); \ - (idx)->dir = (_dir); \ - (idx)->prefs = (ps); \ - (idx)->prefd = (pd); \ - (idx)->ul_proto = (ulp); \ - memcpy(&(idx)->src, (s), ((struct sockaddr *)(s))->sa_len); \ - memcpy(&(idx)->dst, (d), ((struct sockaddr *)(d))->sa_len); \ -} while (0) - -struct ph2handle; -struct policyindex; -extern struct secpolicy *getsp __P((struct policyindex *)); -extern struct secpolicy *getsp_r __P((struct policyindex *)); -struct secpolicy *getspbyspid __P((u_int32_t)); -extern int cmpspidxstrict __P((struct policyindex *, struct policyindex *)); -extern int cmpspidxwild __P((struct policyindex *, struct policyindex *)); -extern struct secpolicy *newsp __P((void)); -extern void delsp __P((struct secpolicy *)); -extern void delsp_bothdir __P((struct policyindex *)); -extern void inssp __P((struct secpolicy *)); -extern void remsp __P((struct secpolicy *)); -extern void flushsp __P((void)); -extern void initsp __P((void)); -extern struct ipsecrequest *newipsecreq __P((void)); - -extern const char *spidx2str __P((const struct policyindex *)); - - -#endif /* __POLICY_H__ */ - diff --git a/racoon.tproj/proposal.c b/racoon.tproj/proposal.c deleted file mode 100644 index b7d9d44..0000000 --- a/racoon.tproj/proposal.c +++ /dev/null @@ -1,1124 +0,0 @@ -/* $KAME: proposal.c,v 1.48 2002/05/07 09:32:50 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "debug.h" - -#include "policy.h" -#include "pfkey.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "isakmp_natd.h" -#include "ipsec_doi.h" -#include "algorithm.h" -#include "proposal.h" -#include "sainfo.h" -#include "localconf.h" -#include "remoteconf.h" -#include "oakley.h" -#include "handler.h" -#include "strnames.h" -#include "gcmalloc.h" - -/* %%% - * modules for ipsec sa spec - */ -struct saprop * -newsaprop() -{ - struct saprop *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - return NULL; - - return new; -} - -struct saproto * -newsaproto() -{ - struct saproto *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - return NULL; - - return new; -} - -/* set saprop to last part of the prop tree */ -void -inssaprop(head, new) - struct saprop **head; - struct saprop *new; -{ - struct saprop *p; - - if (*head == NULL) { - *head = new; - return; - } - - for (p = *head; p->next; p = p->next) - ; - p->next = new; - - return; -} - -/* set saproto to the end of the proto tree in saprop */ -void -inssaproto(pp, new) - struct saprop *pp; - struct saproto *new; -{ - struct saproto *p; - - for (p = pp->head; p && p->next; p = p->next) - ; - if (p == NULL) - pp->head = new; - else - p->next = new; - - return; -} - -/* set saproto to the top of the proto tree in saprop */ -void -inssaprotorev(pp, new) - struct saprop *pp; - struct saproto *new; -{ - new->next = pp->head; - pp->head = new; - - return; -} - -struct satrns * -newsatrns() -{ - struct satrns *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - return NULL; - - return new; -} - -/* set saproto to last part of the proto tree in saprop */ -void -inssatrns(pr, new) - struct saproto *pr; - struct satrns *new; -{ - struct satrns *tr; - - for (tr = pr->head; tr && tr->next; tr = tr->next) - ; - if (tr == NULL) - pr->head = new; - else - tr->next = new; - - return; -} - -/* - * take a single match between saprop. allocate a new proposal and return it - * for future use (like picking single proposal from a bundle). - * pp1: peer's proposal. - * pp2: my proposal. - * NOTE: In the case of initiator, must be ensured that there is no - * modification of the proposal by calling cmp_aproppair_i() before - * this function. - * XXX cannot understand the comment! - */ -struct saprop * -cmpsaprop_alloc(ph1, pp1, pp2, side) - struct ph1handle *ph1; - const struct saprop *pp1, *pp2; - int side; -{ - struct saprop *newpp = NULL; - struct saproto *pr1, *pr2, *newpr = NULL; - struct satrns *tr1, *tr2, *newtr; - const int ordermatters = 0; - int npr1, npr2; - int spisizematch; - - newpp = newsaprop(); - if (newpp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate saprop.\n"); - return NULL; - } - newpp->prop_no = pp1->prop_no; - - /* see proposal.h about lifetime/key length and PFS selection. */ - - /* check time/bytes lifetime and PFS */ - switch (ph1->rmconf->pcheck_level) { - case PROP_CHECK_OBEY: - newpp->lifetime = pp1->lifetime; - newpp->lifebyte = pp1->lifebyte; - newpp->pfs_group = pp1->pfs_group; - break; - case PROP_CHECK_STRICT: - if (pp1->lifetime > pp2->lifetime) { - plog(LLV_ERROR, LOCATION, NULL, - "long lifetime proposed: " - "my:%d peer:%d\n", - pp2->lifetime, pp1->lifetime); - goto err; - } - if (pp1->lifebyte > pp2->lifebyte) { - plog(LLV_ERROR, LOCATION, NULL, - "long lifebyte proposed: " - "my:%d peer:%d\n", - pp2->lifebyte, pp1->lifebyte); - goto err; - } - newpp->lifetime = pp1->lifetime; - newpp->lifebyte = pp1->lifebyte; - - prop_pfs_check: - if (pp2->pfs_group != 0 && pp1->pfs_group != pp2->pfs_group) { - plog(LLV_ERROR, LOCATION, NULL, - "pfs group mismatched: " - "my:%d peer:%d\n", - pp2->pfs_group, pp1->pfs_group); - goto err; - } - newpp->pfs_group = pp1->pfs_group; - break; - case PROP_CHECK_CLAIM: - /* lifetime */ - if (pp1->lifetime <= pp2->lifetime) { - newpp->lifetime = pp1->lifetime; - } else { - newpp->lifetime = pp2->lifetime; - newpp->claim |= IPSECDOI_ATTR_SA_LD_TYPE_SEC; - plog(LLV_NOTIFY, LOCATION, NULL, - "use own lifetime: " - "my:%d peer:%d\n", - pp2->lifetime, pp1->lifetime); - } - - /* lifebyte */ - if (pp1->lifebyte > pp2->lifebyte) { - newpp->lifebyte = pp2->lifebyte; - newpp->claim |= IPSECDOI_ATTR_SA_LD_TYPE_SEC; - plog(LLV_NOTIFY, LOCATION, NULL, - "use own lifebyte: " - "my:%d peer:%d\n", - pp2->lifebyte, pp1->lifebyte); - } - newpp->lifebyte = pp1->lifebyte; - - goto prop_pfs_check; - break; - case PROP_CHECK_EXACT: - if (pp1->lifetime != pp2->lifetime) { - plog(LLV_ERROR, LOCATION, NULL, - "lifetime mismatched: " - "my:%d peer:%d\n", - pp2->lifetime, pp1->lifetime); - goto err; - } - if (pp1->lifebyte != pp2->lifebyte) { - plog(LLV_ERROR, LOCATION, NULL, - "lifebyte mismatched: " - "my:%d peer:%d\n", - pp2->lifebyte, pp1->lifebyte); - goto err; - } - if (pp1->pfs_group != pp2->pfs_group) { - plog(LLV_ERROR, LOCATION, NULL, - "pfs group mismatched: " - "my:%d peer:%d\n", - pp2->pfs_group, pp1->pfs_group); - goto err; - } - newpp->lifebyte = pp1->lifebyte; - newpp->lifebyte = pp1->lifebyte; - newpp->pfs_group = pp1->pfs_group; - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid pcheck_level why?.\n"); - goto err; - } - - npr1 = npr2 = 0; - for (pr1 = pp1->head; pr1; pr1 = pr1->next) - npr1++; - for (pr2 = pp2->head; pr2; pr2 = pr2->next) - npr2++; - if (npr1 != npr2) - goto err; - - /* check protocol order */ - pr1 = pp1->head; - pr2 = pp2->head; - - while (1) { - if (!ordermatters) { - /* - * XXX does not work if we have multiple proposals - * with the same proto_id - */ - switch (side) { - case RESPONDER: - if (!pr2) - break; - for (pr1 = pp1->head; pr1; pr1 = pr1->next) { - if (pr1->proto_id == pr2->proto_id) - break; - } - break; - case INITIATOR: - if (!pr1) - break; - for (pr2 = pp2->head; pr2; pr2 = pr2->next) { - if (pr2->proto_id == pr1->proto_id) - break; - } - break; - } - } - if (!pr1 || !pr2) - break; - - if (pr1->proto_id != pr2->proto_id) { - plog(LLV_ERROR, LOCATION, NULL, - "proto_id mismatched: " - "my:%d peer:%d\n", - pr2->proto_id, pr1->proto_id); - goto err; - } - spisizematch = 0; - if (pr1->spisize == pr2->spisize) - spisizematch = 1; - else if (pr1->proto_id == IPSECDOI_PROTO_IPCOMP) { - /* - * draft-shacham-ippcp-rfc2393bis-05.txt: - * need to accept 16bit and 32bit SPI (CPI) for IPComp. - */ - if (pr1->spisize == sizeof(u_int16_t) && - pr2->spisize == sizeof(u_int32_t)) { - spisizematch = 1; - } else if (pr1->spisize == sizeof(u_int16_t) && - pr2->spisize == sizeof(u_int32_t)) { - spisizematch = 1; - } - if (spisizematch) { - plog(LLV_ERROR, LOCATION, NULL, - "IPComp SPI size promoted " - "from 16bit to 32bit\n"); - } - } - if (!spisizematch) { - plog(LLV_ERROR, LOCATION, NULL, - "spisize mismatched: " - "my:%d peer:%d\n", - pr2->spisize, pr1->spisize); - goto err; - } - if (pr1->encmode != pr2->encmode) { - plog(LLV_ERROR, LOCATION, NULL, - "encmode mismatched: " - "my:%d peer:%d\n", - pr2->encmode, pr1->encmode); - goto err; - } - - for (tr1 = pr1->head; tr1; tr1 = tr1->next) { - for (tr2 = pr2->head; tr2; tr2 = tr2->next) { - if (cmpsatrns(tr1, tr2) == 0) - goto found; - } - } - - goto err; - - found: - newpr = newsaproto(); - if (newpr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate saproto.\n"); - goto err; - } - newpr->proto_id = pr1->proto_id; - newpr->spisize = pr1->spisize; - newpr->encmode = pr1->encmode; - newpr->spi = pr2->spi; /* copy my SPI */ - newpr->spi_p = pr1->spi; /* copy peer's SPI */ - newpr->reqid_in = pr2->reqid_in; - newpr->reqid_out = pr2->reqid_out; - - newtr = newsatrns(); - if (newtr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate satrns.\n"); - goto err; - } - newtr->trns_no = tr1->trns_no; - newtr->trns_id = tr1->trns_id; - newtr->encklen = tr1->encklen; - newtr->authtype = tr1->authtype; - - inssatrns(newpr, newtr); - inssaproto(newpp, newpr); - - pr1 = pr1->next; - pr2 = pr2->next; - } - - /* XXX should check if we have visited all items or not */ - if (!ordermatters) { - switch (side) { - case RESPONDER: - if (!pr2) - pr1 = NULL; - break; - case INITIATOR: - if (!pr1) - pr2 = NULL; - break; - } - } - - /* should be matched all protocols in a proposal */ - if (pr1 != NULL || pr2 != NULL) - goto err; - - return newpp; - -err: - flushsaprop(newpp); - return NULL; -} - -/* take a single match between saprop. returns 0 if pp1 equals to pp2. */ -int -cmpsaprop(pp1, pp2) - const struct saprop *pp1, *pp2; -{ - if (pp1->pfs_group != pp2->pfs_group) { - plog(LLV_WARNING, LOCATION, NULL, - "pfs_group mismatch. mine:%d peer:%d\n", - pp1->pfs_group, pp2->pfs_group); - /* FALLTHRU */ - } - - if (pp1->lifetime > pp2->lifetime) { - plog(LLV_WARNING, LOCATION, NULL, - "less lifetime proposed. mine:%d peer:%d\n", - pp1->lifetime, pp2->lifetime); - /* FALLTHRU */ - } - if (pp1->lifebyte > pp2->lifebyte) { - plog(LLV_WARNING, LOCATION, NULL, - "less lifebyte proposed. mine:%d peer:%d\n", - pp1->lifebyte, pp2->lifebyte); - /* FALLTHRU */ - } - - return 0; -} - -/* - * take a single match between satrns. returns 0 if tr1 equals to tr2. - * tr1: peer's satrns - * tr2: my satrns - */ -int -cmpsatrns(tr1, tr2) - const struct satrns *tr1, *tr2; -{ - if (tr1->trns_id != tr2->trns_id) { - plog(LLV_ERROR, LOCATION, NULL, - "trns_id mismatched: " - "my:%d peer:%d\n", - tr2->trns_id, tr1->trns_id); - return 1; - } - if (tr1->authtype != tr2->authtype) { - plog(LLV_ERROR, LOCATION, NULL, - "authtype mismatched: " - "my:%d peer:%d\n", - tr2->authtype, tr1->authtype); - return 1; - } - - /* XXX - * At this moment for interoperability, the responder obey - * the initiator. It should be defined a notify message. - */ - if (tr1->encklen > tr2->encklen) { - plog(LLV_WARNING, LOCATION, NULL, - "less key length proposed, " - "mine:%d peer:%d. Use initiaotr's one.\n", - tr2->encklen, tr1->encklen); - /* FALLTHRU */ - } - - return 0; -} - -int -set_satrnsbysainfo(pr, sainfo) - struct saproto *pr; - struct sainfo *sainfo; -{ - struct sainfoalg *a, *b; - struct satrns *newtr; - int t; - - switch (pr->proto_id) { - case IPSECDOI_PROTO_IPSEC_AH: - if (sainfo->algs[algclass_ipsec_auth] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no auth algorithm found\n"); - goto err; - } - t = 1; - for (a = sainfo->algs[algclass_ipsec_auth]; a; a = a->next) { - - if (a->alg == IPSECDOI_ATTR_AUTH_NONE) - continue; - - /* allocate satrns */ - newtr = newsatrns(); - if (newtr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate satrns.\n"); - goto err; - } - - newtr->trns_no = t++; - newtr->trns_id = ipsecdoi_authalg2trnsid(a->alg); - newtr->authtype = a->alg; - - inssatrns(pr, newtr); - } - break; - case IPSECDOI_PROTO_IPSEC_ESP: - if (sainfo->algs[algclass_ipsec_enc] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no encryption algorithm found\n"); - goto err; - } - t = 1; - for (a = sainfo->algs[algclass_ipsec_enc]; a; a = a->next) { - for (b = sainfo->algs[algclass_ipsec_auth]; b; b = b->next) { - /* allocate satrns */ - newtr = newsatrns(); - if (newtr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate satrns.\n"); - goto err; - } - - newtr->trns_no = t++; - newtr->trns_id = a->alg; - newtr->encklen = a->encklen; - newtr->authtype = b->alg; - - inssatrns(pr, newtr); - } - } - break; - case IPSECDOI_PROTO_IPCOMP: - if (sainfo->algs[algclass_ipsec_comp] == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "no ipcomp algorithm found\n"); - goto err; - } - t = 1; - for (a = sainfo->algs[algclass_ipsec_comp]; a; a = a->next) { - - /* allocate satrns */ - newtr = newsatrns(); - if (newtr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate satrns.\n"); - goto err; - } - - newtr->trns_no = t++; - newtr->trns_id = a->alg; - newtr->authtype = IPSECDOI_ATTR_AUTH_NONE; /*no auth*/ - - inssatrns(pr, newtr); - } - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "unknown proto_id (%d).\n", pr->proto_id); - goto err; - } - - /* no proposal found */ - if (pr->head == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "no algorithms found.\n"); - return -1; - } - - return 0; - -err: - flushsatrns(pr->head); - return -1; -} - -struct saprop * -aproppair2saprop(p0) - struct prop_pair *p0; -{ - struct prop_pair *p, *t; - struct saprop *newpp; - struct saproto *newpr; - struct satrns *newtr; - u_int8_t *spi; - - if (p0 == NULL) - return NULL; - - /* allocate ipsec a sa proposal */ - newpp = newsaprop(); - if (newpp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate saprop.\n"); - return NULL; - } - newpp->prop_no = p0->prop->p_no; - /* lifetime & lifebyte must be updated later */ - - for (p = p0; p; p = p->next) { - - /* allocate ipsec sa protocol */ - newpr = newsaproto(); - if (newpr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate saproto.\n"); - goto err; - } - - /* check spi size */ - /* XXX should be handled isakmp cookie */ - if (sizeof(newpr->spi) < p->prop->spi_size) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid spi size %d.\n", p->prop->spi_size); - goto err; - } - - /* - * XXX SPI bits are left-filled, for use with IPComp. - * we should be switching to variable-length spi field... - */ - newpr->proto_id = p->prop->proto_id; - newpr->spisize = p->prop->spi_size; - memset(&newpr->spi, 0, sizeof(newpr->spi)); - spi = (u_int8_t *)&newpr->spi; - spi += sizeof(newpr->spi); - spi -= p->prop->spi_size; - memcpy(spi, p->prop + 1, p->prop->spi_size); - newpr->reqid_in = 0; - newpr->reqid_out = 0; - - for (t = p; t; t = t->tnext) { - - plog(LLV_DEBUG, LOCATION, NULL, - "prop#=%d prot-id=%s spi-size=%d " - "#trns=%d trns#=%d trns-id=%s\n", - t->prop->p_no, - s_ipsecdoi_proto(t->prop->proto_id), - t->prop->spi_size, t->prop->num_t, - t->trns->t_no, - s_ipsecdoi_trns(t->prop->proto_id, - t->trns->t_id)); - - /* allocate ipsec sa transform */ - newtr = newsatrns(); - if (newtr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate satrns.\n"); - goto err; - } - - if (ipsecdoi_t2satrns(t->trns, newpp, newpr, newtr) < 0) { - flushsaprop(newpp); - return NULL; - } - - inssatrns(newpr, newtr); - } - - /* - * If the peer does not specify encryption mode, use - * transport mode by default. This is to conform to - * draft-shacham-ippcp-rfc2393bis-08.txt (explicitly specifies - * that unspecified == transport), as well as RFC2407 - * (unspecified == implementation dependent default). - */ - if (newpr->encmode == 0) - newpr->encmode = IPSECDOI_ATTR_ENC_MODE_TRNS; - - inssaproto(newpp, newpr); - } - - return newpp; - -err: - flushsaprop(newpp); - return NULL; -} - -void -flushsaprop(head) - struct saprop *head; -{ - struct saprop *p, *save; - - for (p = head; p != NULL; p = save) { - save = p->next; - flushsaproto(p->head); - racoon_free(p); - } - - return; -} - -void -flushsaproto(head) - struct saproto *head; -{ - struct saproto *p, *save; - - for (p = head; p != NULL; p = save) { - save = p->next; - flushsatrns(p->head); - vfree(p->keymat); - vfree(p->keymat_p); - racoon_free(p); - } - - return; -} - -void -flushsatrns(head) - struct satrns *head; -{ - struct satrns *p, *save; - - for (p = head; p != NULL; p = save) { - save = p->next; - racoon_free(p); - } - - return; -} - -/* - * print multiple proposals - */ -void -printsaprop(pri, pp) - const int pri; - const struct saprop *pp; -{ - const struct saprop *p; - - if (pp == NULL) { - plog(pri, LOCATION, NULL, "(null)"); - return; - } - - for (p = pp; p; p = p->next) { - printsaprop0(pri, p); - } - - return; -} - -/* - * print one proposal. - */ -void -printsaprop0(pri, pp) - int pri; - const struct saprop *pp; -{ - const struct saproto *p; - - if (pp == NULL) - return; - - for (p = pp->head; p; p = p->next) { - printsaproto(pri, p); - } - - return; -} - -void -printsaproto(pri, pr) - const int pri; - const struct saproto *pr; -{ - struct satrns *tr; - - if (pr == NULL) - return; - - plog(pri, LOCATION, NULL, - " (proto_id=%s spisize=%d spi=%08lx spi_p=%08lx " - "encmode=%s reqid=%d:%d)\n", - s_ipsecdoi_proto(pr->proto_id), - pr->spisize, - (unsigned long)ntohl(pr->spi), - (unsigned long)ntohl(pr->spi_p), - s_ipsecdoi_attr_v(IPSECDOI_ATTR_ENC_MODE, pr->encmode), - pr->reqid_in, pr->reqid_out); - - for (tr = pr->head; tr; tr = tr->next) { - printsatrns(pri, pr->proto_id, tr); - } - - return; -} - -void -printsatrns(pri, proto_id, tr) - const int pri; - const int proto_id; - const struct satrns *tr; -{ - if (tr == NULL) - return; - - switch (proto_id) { - case IPSECDOI_PROTO_IPSEC_AH: - plog(pri, LOCATION, NULL, - " (trns_id=%s authtype=%s)\n", - s_ipsecdoi_trns(proto_id, tr->trns_id), - s_ipsecdoi_attr_v(IPSECDOI_ATTR_AUTH, tr->authtype)); - break; - case IPSECDOI_PROTO_IPSEC_ESP: - plog(pri, LOCATION, NULL, - " (trns_id=%s encklen=%d authtype=%s)\n", - s_ipsecdoi_trns(proto_id, tr->trns_id), - tr->encklen, - s_ipsecdoi_attr_v(IPSECDOI_ATTR_AUTH, tr->authtype)); - break; - case IPSECDOI_PROTO_IPCOMP: - plog(pri, LOCATION, NULL, - " (trns_id=%s)\n", - s_ipsecdoi_trns(proto_id, tr->trns_id)); - break; - default: - plog(pri, LOCATION, NULL, - "(unknown proto_id %d)\n", proto_id); - } - - return; -} - -void -print_proppair0(pri, p, level) - int pri; - struct prop_pair *p; - int level; -{ - char spc[21]; - - memset(spc, ' ', sizeof(spc)); - spc[sizeof(spc) - 1] = '\0'; - if (level < 20) { - spc[level] = '\0'; - } - - plog(pri, LOCATION, NULL, - "%s%p: next=%p tnext=%p\n", spc, p, p->next, p->tnext); - if (p->next) - print_proppair0(pri, p->next, level + 1); - if (p->tnext) - print_proppair0(pri, p->tnext, level + 1); -} - -void -print_proppair(pri, p) - int pri; - struct prop_pair *p; -{ - print_proppair0(pri, p, 1); -} - -int -set_proposal_from_policy(iph2, sp_main, sp_sub) - struct ph2handle *iph2; - struct secpolicy *sp_main, *sp_sub; -{ - struct saprop *newpp; - struct ipsecrequest *req; - int encmodesv = IPSEC_MODE_TRANSPORT; /* use only when complex_bundle */ - - newpp = newsaprop(); - if (newpp == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate saprop.\n"); - goto err; - } - newpp->prop_no = 1; - newpp->lifetime = iph2->sainfo->lifetime; - newpp->lifebyte = iph2->sainfo->lifebyte; - newpp->pfs_group = iph2->sainfo->pfs_group; - - if (lcconf->complex_bundle) - goto skip1; - - /* - * decide the encryption mode of this SA bundle. - * the mode becomes tunnel mode when there is even one policy - * of tunnel mode in the SPD. otherwise the mode becomes - * transport mode. - */ - encmodesv = IPSEC_MODE_TRANSPORT; - for (req = sp_main->req; req; req = req->next) { - if (req->saidx.mode == IPSEC_MODE_TUNNEL) { - encmodesv = pfkey2ipsecdoi_mode(req->saidx.mode, - iph2->ph1 ? natd_hasnat(iph2->ph1) : 0); - break; - } - } - - skip1: - for (req = sp_main->req; req; req = req->next) { - struct saproto *newpr; - caddr_t paddr = NULL; - - /* - * check if SA bundle ? - * nested SAs negotiation is NOT supported. - * me +--- SA1 ---+ peer1 - * me +--- SA2 --------------+ peer2 - */ - if (req->saidx.src.ss_len && req->saidx.dst.ss_len) { - - /* check the end of ip addresses of SA */ - if (iph2->side == INITIATOR) - paddr = (caddr_t)&req->saidx.dst; - else - paddr = (caddr_t)&req->saidx.src; - - if (memcmp(iph2->dst, paddr, iph2->dst->sa_len)){ - plog(LLV_ERROR, LOCATION, NULL, - "not supported nested SA."); - goto err; - } - } - - /* allocate ipsec sa protocol */ - newpr = newsaproto(); - if (newpr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate saproto.\n"); - goto err; - } - - newpr->proto_id = ipproto2doi(req->saidx.proto); - newpr->spisize = 4; - if (lcconf->complex_bundle) - newpr->encmode = pfkey2ipsecdoi_mode(req->saidx.mode, - iph2->ph1 ? natd_hasnat(iph2->ph1) : 0); - else - newpr->encmode = encmodesv; - - if (iph2->side == INITIATOR) - newpr->reqid_out = req->saidx.reqid; - else - newpr->reqid_in = req->saidx.reqid; - - if (set_satrnsbysainfo(newpr, iph2->sainfo) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get algorithms.\n"); - goto err; - } - - /* set new saproto */ - inssaprotorev(newpp, newpr); - } - - /* get reqid_in from inbound policy */ - if (sp_sub) { - struct saproto *pr; - - req = sp_sub->req; - pr = newpp->head; - while (req && pr) { - if (iph2->side == INITIATOR) - pr->reqid_in = req->saidx.reqid; - else - pr->reqid_out = req->saidx.reqid; - pr = pr->next; - req = req->next; - } - if (pr || req) { - plog(LLV_NOTIFY, LOCATION, NULL, - "There is a difference " - "between the in/out bound policies in SPD.\n"); - } - } - - iph2->proposal = newpp; - - printsaprop0(LLV_DEBUG, newpp); - - return 0; -err: - return -1; -} - -/* - * generate a policy from peer's proposal. - * this function unconditionally choices first proposal in SA payload - * passed by peer. - */ -int -set_proposal_from_proposal(iph2) - struct ph2handle *iph2; -{ - struct saprop *newpp = NULL, *pp0, *pp_peer = NULL; - struct saproto *newpr = NULL, *pr; - struct prop_pair **pair; - int error = -1; - int i; - - /* get proposal pair */ - pair = get_proppair(iph2->sa, IPSECDOI_TYPE_PH2); - if (pair == NULL) - goto end; - - /* - * make my proposal according as the client proposal. - * XXX assumed there is only one proposal even if it's the SA bundle. - */ - for (i = 0; i < MAXPROPPAIRLEN; i++) { - if (pair[i] == NULL) - continue; - pp_peer = aproppair2saprop(pair[i]); - if (pp_peer == NULL) - goto end; - - pp0 = newsaprop(); - if (pp0 == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate saprop.\n"); - goto end; - } - pp0->prop_no = 1; - pp0->lifetime = iph2->sainfo->lifetime; - pp0->lifebyte = iph2->sainfo->lifebyte; - pp0->pfs_group = iph2->sainfo->pfs_group; - - if (pp_peer->next != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "pp_peer is inconsistency, ignore it.\n"); - /*FALLTHROUGH*/ - } - - for (pr = pp_peer->head; pr; pr = pr->next) { - - newpr = newsaproto(); - if (newpr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate saproto.\n"); - goto end; - } - newpr->proto_id = pr->proto_id; - newpr->spisize = pr->spisize; - newpr->encmode = pr->encmode; - newpr->spi = 0; - newpr->spi_p = pr->spi; /* copy peer's SPI */ - newpr->reqid_in = 0; - newpr->reqid_out = 0; - } - - if (set_satrnsbysainfo(newpr, iph2->sainfo) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get algorithms.\n"); - goto end; - } - - inssaproto(pp0, newpr); - inssaprop(&newpp, pp0); - } - - plog(LLV_DEBUG, LOCATION, NULL, "make a proposal from peer's:\n"); - printsaprop0(LLV_DEBUG, newpp); - - iph2->proposal = newpp; - - error = 0; - -end: - if (error && newpp) - flushsaprop(newpp); - - if (pp_peer) - flushsaprop(pp_peer); - free_proppair(pair); - return error; -} diff --git a/racoon.tproj/proposal.h b/racoon.tproj/proposal.h deleted file mode 100644 index 68036c1..0000000 --- a/racoon.tproj/proposal.h +++ /dev/null @@ -1,209 +0,0 @@ -/* $KAME: proposal.h,v 1.16 2001/08/16 05:02:13 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __PROPOSAL_H__ -#define __PROPOSAL_H__ - -#include - -/* - * A. chained list of transform, only for single proto_id - * (this is same as set of transforms in single proposal payload) - * B. proposal. this will point to multiple (A) items (order is important - * here so pointer to (A) must be ordered array, or chained list). - * this covers multiple proposal on a packet if proposal # is the same. - * C. finally, (B) needs to be connected as chained list. - * - * head ---> prop[.......] ---> prop[...] ---> prop[...] ---> ... - * | | | | - * | | | +- proto4 <== must preserve order here - * | | +--- proto3 - * | +----- proto2 - * +------- proto1[trans1, trans2, trans3, ...] - * - * incoming packets needs to be parsed to construct the same structure - * (check "prop_pair" too). - */ -/* SA proposal specification */ -struct saprop { - int prop_no; - time_t lifetime; - int lifebyte; - int pfs_group; /* pfs group */ - int claim; /* flag to send RESPONDER-LIFETIME. */ - /* XXX assumed DOI values are 1 or 2. */ - - struct saproto *head; - struct saprop *next; -}; - -/* SA protocol specification */ -struct saproto { - int proto_id; - size_t spisize; /* spi size */ - int encmode; /* encryption mode */ - - /* XXX should be vchar_t * */ - /* these are network byte order */ - u_int32_t spi; /* inbound. i.e. --SA-> me */ - u_int32_t spi_p; /* outbound. i.e. me -SA-> */ - - vchar_t *keymat; /* KEYMAT */ - vchar_t *keymat_p; /* peer's KEYMAT */ - - int reqid_out; /* request id (outbound) */ - int reqid_in; /* request id (inbound) */ - - int ok; /* if 1, success to set SA in kenrel */ - - struct satrns *head; /* header of transform */ - struct saproto *next; /* next protocol */ -}; - -/* SA algorithm specification */ -struct satrns { - int trns_no; - int trns_id; /* transform id */ - int encklen; /* key length of encryption algorithm */ - int authtype; /* authentication algorithm if ESP */ - - struct satrns *next; /* next transform */ -}; - -/* - * prop_pair: (proposal number, transform number) - * - * (SA (P1 (T1 T2)) (P1' (T1' T2')) (P2 (T1" T2"))) - * - * p[1] p[2] - * top (P1,T1) (P2",T1") - * | |tnext |tnext - * | v v - * | (P1, T2) (P2", T2") - * v next - * (P1', T1') - * |tnext - * v - * (P1', T2') - * - * when we convert it to saprop in prop2saprop(), it should become like: - * - * (next) - * saprop --------------------> saprop - * | (head) | (head) - * +-> saproto +-> saproto - * | | (head) | (head) - * | +-> satrns(P1 T1) +-> satrns(P2" T1") - * | | (next) | (next) - * | v v - * | satrns(P1, T2) satrns(P2", T2") - * v (next) - * saproto - * | (head) - * +-> satrns(P1' T1') - * | (next) - * v - * satrns(P1', T2') - */ -struct prop_pair { - struct isakmp_pl_p *prop; - struct isakmp_pl_t *trns; - struct prop_pair *next; /* next prop_pair with same proposal # */ - /* (bundle case) */ - struct prop_pair *tnext; /* next prop_pair in same proposal payload */ - /* (multiple tranform case) */ -}; -#define MAXPROPPAIRLEN 256 /* It's enough because field size is 1 octet. */ - -/* - * Lifetime length selection refered to the section 4.5.4 of RFC2407. It does - * not completely conform to the description of RFC. There are four types of - * the behavior. If the value of "proposal_check" in "remote" directive is; - * "obey" - * the responder obey the initiator anytime. - * "strict" - * If the responder's length is longer than the initiator's one, the - * responder uses the intitiator's one. Otherwise rejects the proposal. - * If PFS is not required by the responder, the responder obeys the - * proposal. If PFS is required by both sides and if the responder's - * group is not equal to the initiator's one, then the responder reject - * the proposal. - * "claim" - * If the responder's length is longer than the initiator's one, the - * responder use the intitiator's one. If the responder's length is - * shorter than the initiator's one, the responder uses own length - * AND send RESPONDER-LIFETIME notify message to a initiator in the - * case of lifetime. - * About PFS, this directive is same as "strict". - * "exact" - * If the initiator's length is not equal to the responder's one, the - * responder rejects the proposal. - * If PFS is required and if the responder's group is not equal to - * the initiator's one, then the responder reject the proposal. - * XXX should be defined the behavior of key length. - */ -#define PROP_CHECK_OBEY 1 -#define PROP_CHECK_STRICT 2 -#define PROP_CHECK_CLAIM 3 -#define PROP_CHECK_EXACT 4 - -struct sainfo; -struct ph1handle; -struct secpolicy; -extern struct saprop *newsaprop __P((void)); -extern struct saproto *newsaproto __P((void)); -extern void inssaprop __P((struct saprop **, struct saprop *)); -extern void inssaproto __P((struct saprop *, struct saproto *)); -extern void inssaprotorev __P((struct saprop *, struct saproto *)); -extern struct satrns *newsatrns __P((void)); -extern void inssatrns __P((struct saproto *, struct satrns *)); -extern struct saprop *cmpsaprop_alloc __P((struct ph1handle *, - const struct saprop *, const struct saprop *, int)); -extern int cmpsaprop __P((const struct saprop *, const struct saprop *)); -extern int cmpsatrns __P((const struct satrns *, const struct satrns *)); -extern int set_satrnsbysainfo __P((struct saproto *, struct sainfo *)); -extern struct saprop *aproppair2saprop __P((struct prop_pair *)); -extern void free_proppair __P((struct prop_pair **)); -extern void flushsaprop __P((struct saprop *)); -extern void flushsaproto __P((struct saproto *)); -extern void flushsatrns __P((struct satrns *)); -extern void printsaprop __P((const int, const struct saprop *)); -extern void printsaprop0 __P((const int, const struct saprop *)); -extern void printsaproto __P((const int, const struct saproto *)); -extern void printsatrns __P((const int, const int, const struct satrns *)); -extern void print_proppair0 __P((int, struct prop_pair *, int)); -extern void print_proppair __P((int, struct prop_pair *)); -extern int set_proposal_from_policy __P((struct ph2handle *, - struct secpolicy *, struct secpolicy *)); -extern int set_proposal_from_proposal __P((struct ph2handle *)); - -#endif /* __PROPOSAL_H__ */ - diff --git a/racoon.tproj/psk.txt b/racoon.tproj/psk.txt deleted file mode 100644 index db42233..0000000 --- a/racoon.tproj/psk.txt +++ /dev/null @@ -1,10 +0,0 @@ -# IPv4/v6 addresses -# 10.160.94.3 asecretkeygoeshere -# 172.16.1.133 asecretkeygoeshere -# 3ffe:501:410:ffff:200:86ff:fe05:80fa asecretkeygoeshere -# 3ffe:501:410:ffff:210:4bff:fea2:8baa asecretkeygoeshere - -# USER_FQDN -macuser@localhost somethingsecret -# FQDN -kame hoge diff --git a/racoon.tproj/racoon.8 b/racoon.tproj/racoon.8 deleted file mode 100644 index 210f0c6..0000000 --- a/racoon.tproj/racoon.8 +++ /dev/null @@ -1,140 +0,0 @@ -.\" $KAME: racoon.8,v 1.30 2002/04/26 02:53:11 itojun Exp $ -.\" -.\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of the project nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd November 20, 2000 -.Dt RACOON 8 -.Os KAME -.\" -.Sh NAME -.Nm racoon -.Nd IKE (ISAKMP/Oakley) key management daemon -.\" -.Sh SYNOPSIS -.Nm racoon -.Bk -words -.Op Fl BdFv46 -.Ek -.Bk -words -.Op Fl f Ar configfile -.Ek -.Bk -words -.Op Fl l Ar logfile -.Ek -.Bk -words -.Op Fl p Ar isakmp-port -.Ek -.\" -.Sh DESCRIPTION -.Nm -speaks IKE -.Pq ISAKMP/Oakley -key management protocol, -to establish security association with other hosts. -SPD -.Pq Security Policy Database -in the kernel usually triggers to start -.Nm racoon . -.Nm racoon -usually sends all of informational messages, warnings and error messages to -.Xr syslogd 8 -with the facility LOG_DAEMON, the priority LOG_INFO. -Debugging messages are sent with the priority LOG_DEBUG. -You should configure -.Xr syslog.conf 5 -appropriately to see these messages. -.Bl -tag -width Ds -.It Fl B -Install SA(s) from the file which is specified in -.Xr racoon.conf 5 . -.It Fl d -Increase the debug level. -Multiple -.Fl d -will increase the debug level even more. -.It Fl F -Run -.Nm racoon -in the foreground. -.It Fl f Ar configfile -Use -.Ar configfile -as the configuration file instead of the default. -.It Fl l Ar logfile -Use -.Ar logfile -as the logging file instead of -.Xr syslogd 8 . -.It Fl p Ar isakmp-port -Listen to ISAKMP key exchange on port -.Ar isakmp-port -instead of the default port number, 500. -.It Fl v -The flag causes the packet dump be more verbose, with higher debugging level. -.It Fl 4 -.It Fl 6 -Specifies the default address family for the sockets. -.El -.Pp -.Nm -assumes the presence of kernel random number device -.Xr rnd 4 -at -.Pa /dev/urandom . -Informational messages are labeled -.Em info , -and debugging messages are labeled -.Em debug . -You have to configure -.Xr syslog.conf 5 -if you want to see them in a logging file. -.\" -.Sh RETURN VALUES -The command exits with 0 on success, and non-zero on errors. -.\" -.Sh FILES -.Bl -tag -width /usr/local/v6/etc/racoon.conf -compact -.It Pa /usr/local/v6/etc/racoon.conf -default configuration file. -.El -.\" -.Sh SEE ALSO -.Xr ipsec 4 , -.Xr racoon.conf 5 , -.Xr syslog.conf 5 , -.Xr setkey 8 , -.Xr syslogd 8 -.\" -.Sh HISTORY -The -.Nm -command first appeared in -.Dq YIPS -Yokogawa IPsec implementation. -.\" -.\".Sh BUGS diff --git a/racoon.tproj/racoon.conf b/racoon.tproj/racoon.conf deleted file mode 100644 index 8eff697..0000000 --- a/racoon.tproj/racoon.conf +++ /dev/null @@ -1,134 +0,0 @@ -# $KAME: racoon.conf.in,v 1.17 2001/08/14 12:10:22 sakane Exp $ - -# "path" must be placed before it should be used. -# You can overwrite which you defined, but it should not use due to confusing. -path include "/etc/racoon" ; - -# Allow third parties the ability to specify remote and sainfo entries -# by including all files matching /etc/racoon/remote/*.conf -include "/etc/racoon/remote/*.conf" ; - -# search this file for pre_shared_key with various ID key. -path pre_shared_key "/etc/racoon/psk.txt" ; - -# racoon will look for certificate file in the directory, -# if the certificate/certificate request payload is received. -path certificate "/etc/cert" ; - -# "log" specifies logging level. It is followed by either "notify", "debug" -# or "debug2". -#log debug; - -# "padding" defines some parameter of padding. You should not touch these. -padding -{ - maximum_length 20; # maximum padding length. - randomize off; # enable randomize length. - strict_check off; # enable strict check. - exclusive_tail off; # extract last one octet. -} - -# if no listen directive is specified, racoon will listen to all -# available interface addresses. -listen -{ - #isakmp ::1 [7000]; - #isakmp 202.249.11.124 [500]; - #admin [7002]; # administrative's port by kmpstat. - #strict_address; # required all addresses must be bound. -} - -# Specification of default various timer. -timer -{ - # These value can be changed per remote node. - counter 10; # maximum trying count to send. - interval 3 sec; # interval to resend (retransmit) - persend 1; # the number of packets per a send. - - # timer for waiting to complete each phase. - phase1 30 sec; - phase2 30 sec; -} - -# -# anonymous entry is defined in /etc/racoon/remote/anonymous.conf -# -#remote anonymous -#{ -# #exchange_mode main,aggressive; -# exchange_mode aggressive,main; -# doi ipsec_doi; -# situation identity_only; -# -# #my_identifier address; -# my_identifier user_fqdn "macuser@localhost"; -# peers_identifier user_fqdn "macuser@localhost"; -# #certificate_type x509 "mycert" "mypriv"; -# -# nonce_size 16; -# lifetime time 1 min; # sec,min,hour -# initial_contact on; -# support_mip6 on; -# proposal_check obey; # obey, strict or claim -# -# proposal { -# encryption_algorithm 3des; -# hash_algorithm sha1; -# authentication_method pre_shared_key ; -# dh_group 2 ; -# } -#} - -remote ::1 [8000] -{ - #exchange_mode main,aggressive; - exchange_mode aggressive,main; - doi ipsec_doi; - situation identity_only; - - my_identifier user_fqdn "macuser@localhost"; - peers_identifier user_fqdn "macuser@localhost"; - #certificate_type x509 "mycert" "mypriv"; - - nonce_size 16; - lifetime time 1 min; # sec,min,hour - - proposal { - encryption_algorithm 3des; - hash_algorithm sha1; - authentication_method pre_shared_key ; - dh_group 2 ; - } -} - -# -# anonymous entry is defined in /etc/racoon/remote/anonymous.conf -# -#sainfo anonymous -#{ -# pfs_group 1; -# lifetime time 30 sec; -# encryption_algorithm aes, 3des ; -# authentication_algorithm hmac_sha1; -# compression_algorithm deflate ; -#} - -# sainfo address 203.178.141.209 any address 203.178.141.218 any -# { -# pfs_group 1; -# lifetime time 30 sec; -# encryption_algorithm des ; -# authentication_algorithm hmac_md5; -# compression_algorithm deflate ; -# } - -sainfo address ::1 icmp6 address ::1 icmp6 -{ - pfs_group 1; - lifetime time 60 sec; - encryption_algorithm 3des, cast128, blowfish 448, des ; - authentication_algorithm hmac_sha1, hmac_md5 ; - compression_algorithm deflate ; -} - diff --git a/racoon.tproj/racoon.conf.5 b/racoon.tproj/racoon.conf.5 deleted file mode 100644 index e9de0b6..0000000 --- a/racoon.tproj/racoon.conf.5 +++ /dev/null @@ -1,726 +0,0 @@ -.\" $KAME: racoon.conf.5,v 1.102 2003/04/07 00:46:19 itojun Exp $ -.\" -.\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of the project nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd November 20, 2000 -.Dt RACOON.CONF 5 -.Os KAME -.\" -.Sh NAME -.Nm racoon.conf -.Nd configuration file for racoon -.\" -.\" .Sh SYNOPSIS -.\" -.Sh DESCRIPTION -.Nm -is the configuration file for the -.Xr racoon 8 -ISAKMP daemon. -.Xr racoon 8 -negotiates security associations for itself (ISAKMP SA, or phase 1 SA) -and for kernel IPsec (IPsec SA, or phase 2 SA). -The file consists of a sequence of directives and statements. -Each directive is composed by a tag, and statements are enclosed by -.Ql { -and -.Ql } . -Lines beginning with -.Ql # -are comments. -.\" -.Ss Meta Syntax -Keywords and special characters that the parser expects exactly are -displayed using -.Ic this -font. -Parameters are specified with -.Ar this -font. -Square brackets -.Po -.Ql \*(lB -and -.Ql \*(rB -.Pc -are used to show optional keywords and parameters. -Note that -you have to pay attention when this manual is describing -.Ar port -numbers. -The -.Ar port -number is always enclosed by -.Ql \*(lB -and -.Ql \*(rB . -In this case, the port number is not an optional keyword. -If it is possible to omit -.Ar port -number, -the expression becomes -.Bq Ic Bq Ar port . -The vertical bar -.Pq Ql \*(Ba -is used to indicate -a choice between optional parameters. -Parentheses -.Po -.Ql \*(lP -and -.Ql \*(rP -.Pc -are used to group keywords and parameters when necessary. -Major parameters are listed below. -.Pp -.Bl -tag -width addressx -compact -.It Ar number -means a hexadecimal or a decimal number. -The former must be prefixed with -.Ql Li 0x . -.It Ar string -.It Ar path -.It Ar file -means any string enclosed in -.Ql \&" -.Pq double quote . -.It Ar address -means IPv6 and/or IPv4 address. -.It Ar port -means a TCP/UDP port number. -The port number is always enclosed by -.Ql \*(lB -and -.Ql \*(rB . -.It Ar timeunit -is one of following: -.Ic sec , secs , second , seconds , -.Ic min , mins , minute , minutes , -.Ic hour , hours . -.El -.\" -.Ss Path Specification -.Bl -tag -width Ds -compact -.It Ic path include Ar path ; -specifies a path to include a file. -See -.Sx File Inclusion . -.It Ic path pre_shared_key Ar file ; -specifies a file containing pre-shared key(s) for various ID(s). -See -.Sx Pre-shared key File . -.It Ic path certificate Ar path ; -.Xr racoon 8 -will search this directory if a certificate or certificate request is received. -.It Ic path backupsa Ar file ; -specifies a file to be stored a SA information which is negotiated by racoon. -.Xr racoon 8 -will install SA(s) from the file with a boot option -.Fl B . -The file is increasing because -.Xr racoon 8 -simply add a SA to the file at the moment. -You should maintain the file manually. -.El -.\" -.Ss File Inclusion -.Bl -tag -width Ds -compact -.It Ic include Ar file -other configuration files can be included. -.El -.\" -.Ss Identifier Specification -is obsolete. -It must be defined at each -.Ic remote -directive. -.\" -.Ss Timer Specification -.Bl -tag -width Ds -compact -.It Ic timer { Ar statements Ic } -specifies various timer values. -.Pp -.Bl -tag -width Ds -compact -.It Ic counter Ar number ; -the maximum number of retries to send. -The default is 5. -.It Ic interval Ar number Ar timeunit ; -the interval to resend, in seconds. -The default time is 10 seconds. -.It Ic persend Ar number ; -the number of packets per send. -The default is 1. -.It Ic phase1 Ar number Ar timeunit ; -the maximum time it should take to complete phase 1. -The default time is 15 seconds. -.It Ic phase2 Ar number Ar timeunit ; -the maximum time it should take to complete phase 2. -The default time is 10 seconds. -.El -.El -.\" -.Ss Listening Port Specification -.Bl -tag -width Ds -compact -.It Ic listen { Ar statements Ic } -If no -.Ar listen -directive is specified, -.Xr racoon 8 -will listen on all of the available interface addresses. -The following is the list of valid statements: -.Pp -.Bl -tag -width Ds -compact -.\" How do I express bold brackets; `[' and `]' . -.\" Is the "Bq Ic [ Ar port ] ;" buggy ? -.It Ic isakmp Ar address Bq Bq Ar port ; -If this is specified, -.Xr racoon 8 -will only listen on -.Ar address . -The default port is 500, which is specified by IANA. -You can provide more than one address definition. -.It Ic strict_address ; -require that all addresses for ISAKMP must be bound. -This statement will be ignored if you do not specify any addresses. -.El -.El -.\" -.Ss Remote Nodes Specifications -.Bl -tag -width Ds -compact -.It Xo -.Ic remote ( Ar address \*(Ba Ic anonymous ) -.Bq Bq Ar port -.Ic { Ar statements Ic } -.Xc -specifies the parameters for IKE phase 1 for each remote node. -The default port is 500. -If -.Ic anonymous -is specified, the statements apply to all peers which do not match -any other -.Ic remote -directive. -.Pp -The following are valid statements. -.Pp -.Bl -tag -width Ds -compact -.\" -.It Ic exchange_mode ( main \*(Ba aggressive \*(Ba base ) ; -defines the exchange mode for phase 1 when racoon is the initiator. -Also it means the acceptable exchange mode when racoon is responder. -More than one mode can be specified by separating them with a comma. -All of the modes are acceptable. -The first exchange mode is what racoon uses when it is the initiator. -.\" -.It Ic doi Ic ipsec_doi ; -means to use IPsec-DOI as specified RFC 2407. -You can omit this statement. -.\" -.It Ic situation Ic identity_only ; -means to use SIT_IDENTITY_ONLY as specified RFC 2407. -You can omit this statement. -.\" -.It Ic identifier Ar idtype ; -is obsolete. -Instead, use -.Ic my_identifier . -.\" -.It Ic my_identifier Ar idtype ... ; -specifies the identifier sent to the remote host -and the type to use in the phase 1 negotiation. -.Ic address, fqdn , user_fqdn , keyid and asn1dn -can be used as an -.Ar idtype . -they are used like: -.Bl -tag -width Ds -compact -.It Ic my_identifier Ic address Bq Ar address ; -the type is the IP address. -This is the default type if you do not specify an identifier to use. -.It Ic my_identifier Ic user_fqdn Ar string ; -the type is a USER_FQDN (user fully-qualified domain name). -.It Ic my_identifier Ic fqdn Ar string ; -the type is a FQDN (fully-qualified domain name). -.It Ic my_identifier Ic keyid Ar file ; -the type is a KEY_ID. -.It Ic my_identifier Ic asn1dn Bq Ar string ; -the type is an ASN.1 distinguished name. -If -.Ar string -is omitted, -.Xr racoon 8 -will get DN from Subject field in the certificate. -.El -.\" -.It Ic peers_identifier Ar idtype ... ; -specifies the peer's identifier to be received. -If it is not defined then -.Xr racoon 8 -will not verify the peer's identifier in ID payload transmitted from the peer. -If it is defined, the behavior of the verification depends on the flag of -.Ic verify_identifier . -The usage of -.Ar idtype -is same to -.Ic my_identifier . -.\" -.It Ic verify_identifier (on \(ba off) ; -If you want to verify the peer's identifier, -set this to on. -In this case, if the value defined by -.Ic peers_identifier -is not same to the peer's identifier in the ID payload, -the negotiation will failed. -The default is off. -.\" -.It Ic certificate_type Ar certspec ; -specifies a certificate specification. -.Ar certspec -is one of followings: -.Bl -tag -width Ds -compact -.It Ic x509 Ar certfile Ar privkeyfile; -.Ar certfile -means a file name of certificate. -.Ar privkeyfile -means a file name of secret key. -.El -.\" -.It Ic peers_certfile ( dnssec \*(Ba Ar certfile ) ; -If -.Ic dnssec -is defined, -.Xr racoon 8 -will ignore the CERT payload from the peer, -and try to get the peer's certificate from DNS instead. -If -.Ar certfile -is defined, -.Xr racoon 8 -will ignore the CERT payload from the peer, -and will use this certificate as the peer's certificate. -.\" -.It Ic send_cert (on \(ba off) ; -If you do not want to send a certificate for some reason, set this to off. -The default is on. -.\" -.It Ic send_cr (on \(ba off) ; -If you do not want to send a certificate request for some reason, set this to off. -The default is on. -.\" -.It Ic verify_cert (on \(ba off) ; -If you do not want to verify the peer's certificate for some reason, -set this to off. -The default is on. -.\" -.It Ic lifetime time Ar number Ar timeunit ; -define a lifetime of a certain time -which will be proposed in the phase 1 negotiations. -Any proposal will be accepted, and the attribute(s) will be not proposed to -the peer if you do not specify it(them). -They can be individually specified in each proposal. -.\" -.It Ic initial_contact (on \(ba off) ; -enable this to send an INITIAL-CONTACT message. -The default value is -.Ic on . -This message is useful only when -the implementation of the responder choices an old SA when there are multiple -SAs which are different established time, and the initiator reboots. -If racoon did not use the message, -the responder would use an old SA even when an new SA was established. -The KAME stack has the switch in the system wide value, -net.key.preferred_oldsa. -when the value is zero, the stack always use an new SA. -.\" -.It Ic passive (on \(ba off) ; -If you do not want to initiate the negotiation, set this to on. -The default value is -.Ic off . -It is useful for a server. -.\" -.It Ic proposal_check Ar level ; -specifies the action of lifetime length and PFS of the phase 2 -selection on the responder side. -The default level is -.Ic strict . -If the -.Ar level -is; -.Bl -tag -width Ds -compact -.It Ic obey -the responder will obey the initiator anytime. -.It Ic strict -If the responder's length is longer than the initiator's one, the -responder uses the initiator's one. -Otherwise it rejects the proposal. -If PFS is not required by the responder, the responder will obey the proposal. -If PFS is required by both sides and if the responder's group is not equal to -the initiator's one, then the responder will reject the proposal. -.It Ic claim -If the responder's length is longer than the initiator's one, the -responder will use the initiator's one. -If the responder's length is -shorter than the initiator's one, the responder uses its own length -AND sends a RESPONDER-LIFETIME notify message to an initiator in the -case of lifetime. -About PFS, this directive is same as -.Ic strict . -.It Ic exact -If the initiator's length is not equal to the responder's one, the -responder will reject the proposal. -If PFS is required by both sides and if the responder's group is not equal to -the initiator's one, then the responder will reject the proposal. -.El -.\" -.It Ic support_mip6 (on \(ba off) ; -If this value is set on then both values of ID payloads in phase 2 exchange -are always used as the addresses of end-point of IPsec-SAs. -The default is off. -.\" -.It Ic generate_policy (on \(ba off) ; -This directive is for the responder. -Therefore you should set -.Ic passive -on in order that -.Xr racoon 8 -only becomes a responder. -If the responder does not have any policy in SPD during phase 2 negotiation, -and the directive is set on, then -.Xr racoon 8 -will choice the first proposal in the -SA payload from the initiator, and generate policy entries from the proposal. -It is useful to negotiate with the client which is allocated IP address -dynamically. -Note that inappropriate policy might be installed into the responder's SPD -by the initiator. -So that other communication might fail if such policies installed -due to some policy mismatches between the initiator and the responder. -This directive is ignored in the initiator case. -The default value is -.Ic off . -.\" -.It Ic nonce_size Ar number ; -define the byte size of nonce value. -Racoon can send any value although -RFC2409 specifies that the value MUST be between 8 and 256 bytes. -The default size is 16 bytes. -.\" -.It Xo -.Ic proposal { Ar sub-substatements Ic } -.Xc -.Bl -tag -width Ds -compact -.\" -.It Ic encryption_algorithm Ar algorithm ; -specify the encryption algorithm used for the phase 1 negotiation. -This directive must be defined. -.Ar algorithm -is one of following: -.Ic des , 3des , blowfish , cast128 -.\".Ic rc5 , idea -for oakley. -For other transforms, this statement should not be used. -.\" -.It Ic hash_algorithm Ar algorithm; -define the hash algorithm used for the phase 1 negotiation. -This directive must be defined. -.Ar algorithm -is one of following: -.Ic md5, sha1 -for oakley. -.\" -.It Ic authentication_method Ar type ; -defines the authentication method used for the phase 1 negotiation. -This directive must be defined. -.Ar type -is one of: -.Ic pre_shared_key, rsasig , gssapi_krb . -.\" -.It Ic dh_group Ar group ; -define the group used for the Diffie-Hellman exponentiations. -This directive must be defined. -.Ar group -is one of following: -.Ic modp768 , modp1024 , modp1536 . -Or you can define 1, 2, or 5 as the DH group number. -When you want to use aggressive mode, -you must define same DH group in each proposal. -.It Ic lifetime time Ar number Ar timeunit ; -define lifetime of the phase 1 SA proposal. -Refer to the description of -.Ic lifetime -directive immediately defined in -.Ic remote -directive. -.It Ic gssapi_id Ar string ; -define the GSS-API endpoint name, to be included as an attribute in the SA, -if the -.Ic gssapi_krb -authentication method is used. If this is not defined, the default value of -.Ql ike/hostname -is used, where hostname is the FQDN of the interface being used. -.El -.El -.El -.\" -.Ss Policy Specifications -The policy directive is obsolete, policies are now in the SPD. -.Xr racoon 8 -will obey the policy configured into the kernel by -.Xr setkey 8 , -and will construct phase 2 proposals by combining -.Ic sainfo -specifications in -.Nm Ns , -and policies in the kernel. -.\" -.Ss Sainfo Specifications -.Bl -tag -width Ds -compact -.It Xo -.Ic sainfo ( Ar source_id destination_id \*(Ba Ic anonymous ) -.Ic { Ar statements Ic } -.Xc -defines the parameters of the IKE phase 2 (IPsec-SA establishment). -.Ar source_id -and -.Ar destination_id -are constructed like: -.Pp -.Ic address Ar address -.Bq Ic / Ar prefix -.Bq Ic [ Ar port ] -.Ar ul_proto -.Pp -or -.Pp -.Ar idtype Ar string -.Pp -It means exactly the content of ID payload. -This is not like a filter rule. -For example, if you define 3ffe:501:4819::/48 as -.Ar source_id . -3ffe:501:4819:1000:/64 will not match. -.Pp -.Bl -tag -width Ds -compact -.\" -.It Ic pfs_group Ar group ; -define the group of Diffie-Hellman exponentiations. -If you do not require PFS then you can omit this directive. -Any proposal will be accepted if you do not specify one. -.Ar group -is one of following: -.Ic modp768 , modp1024 , modp1536 . -Or you can define 1, 2, or 5 as the DH group number. -.\" -.It Ic lifetime time Ar number Ar timeunit ; -define the lifetime of amount of time -which are to be used IPsec-SA. -Any proposal will be accepted, and no attribute(s) will be proposed to -the peer if you do not specify it(them). -See the -.Ic proposal_check -directive. -.\" -.It Ic my_identifier Ar idtype ... ; -is obsolete. -It does not make sense to specify a identifier in the phase 2. -.El -.\" -.Pp -.Xr racoon 8 -does not have the list of security protocols to be negotiated. -The list of security protocols are passed by SPD in the kernel. -Therefore you have to define all of the potential algorithms -in the phase 2 proposals even if there is a algorithm which will not be used. -These algorithms are define by using the following three directives, -and they are lined with single comma as the separator. -For algorithms that can take variable-length keys, algorithm names -can be followed by a key length, like -.Dq Li blowfish 448 . -.Xr racoon 8 -will compute the actual phase 2 proposals by computing -the permutation of the specified algorithms, -and then combining them with the security protocol specified by the SPD. -For example, if -.Ic des, 3des, hmac_md5, -and -.Ic hmac_sha1 -are specified as algorithms, we have four combinations for use with ESP, -and two for AH. -Then, based on the SPD settings, -.Xr racoon 8 -will construct the actual proposals. -If the SPD entry asks for ESP only, there will be 4 proposals. -If it asks for both AH and ESP, there will be 8 proposals. -Note that the kernel may not support the algorithm you have specified. -.\" -.Bl -tag -width Ds -compact -.It Ic encryption_algorithm Ar algorithms ; -.Ic des , 3des , des_iv64 , des_iv32 , -.Ic rc5 , rc4 , idea , 3idea , -.Ic cast128 , blowfish , null_enc , -.Ic twofish , rijndael -.Pq used with ESP -.\" -.It Ic authentication_algorithm Ar algorithms ; -.Ic des , 3des , des_iv64 , des_iv32 , -.Ic hmac_md5 , hmac_sha1 , non_auth -.Pq used with ESP authentication and AH -.\" -.It Ic compression_algorithm Ar algorithms ; -.Ic deflate -.Pq used with IPComp -.El -.El -.\" -.Ss Logging level -.Bl -tag -width Ds -compact -.It Ic log Ar level ; -define logging level. -.Ar level -is one of following: -.Ic notify , debug -and -.Ic debug2 . -The default is -.Ic notify . -If you put too high logging level on slower machines, -IKE negotiation can fail due to timing constraint changes. -.El -.\" -.Ss Specifying the way to pad -.Bl -tag -width Ds -compact -.It Ic padding { Ar statements Ic } -specified padding format. -The following are valid statements: -.Bl -tag -width Ds -compact -.It Ic randomize (on \(ba off) ; -enable using a randomized value for padding. -The default is on. -.It Ic randomize_length (on \(ba off) ; -the pad length is random. -The default is off. -.It Ic maximum_length Ar number ; -define a maximum padding length. -If -.Ic randomize_length is off, this is ignored. -The default is 20 bytes. -.It Ic exclusive_tail (on \(ba off) ; -means to put the number of pad bytes minus one into last part of the padding. -The default is on. -.It Ic strict_check (on \(ba off) ; -means to be constrained the peer to set the number of pad bytes. -The default is off. -.El -.El -.Ss Special directives -.Bl -tag -width Ds -compact -.It Ic complex_bundle (on \(ba off) ; -defines the interpretation of proposal in the case of SA bundle. -Normally -.Dq IP AH ESP IP payload -is proposed as -.Dq AH tunnel and ESP tunnel . -The interpretation is more common to other IKE implementations, however, -it allows very limited set of combinations for proposals. -With the option enabled, it will be proposed as -.Dq AH transport and ESP tunnel . -The default value is -.Ic off . -.El -.\" -.Ss Pre-shared key File -Pre-shared key file defines a pair of the identifier and the shared secret key -which are used at Pre-shared key authentication method in phase 1. -The pair in each lines are separated by some number of blanks and/or tab -characters like -.Xr hosts 5 . -Key can be included any blanks because all of the words after 2nd column -are interpreted as a secret key. -Lines start with -.Ql # -are ignored. -Keys which start with -.Ql 0x -are hexa-decimal strings. -Note that the file must be owned by the user ID running -.Xr racoon 8 -.Pq usually the privileged user , -and must not be accessible by others. -.\" -.Sh EXAMPLES -The following shows how the remote directive should be configured. -.Bd -literal -offset -path pre_shared_key "/usr/local/v6/etc/psk.txt" ; -remote anonymous -{ - exchange_mode aggressive,main,base; - lifetime time 24 hour; - proposal { - encryption_algorithm 3des; - hash_algorithm sha1; - authentication_method pre_shared_key; - dh_group 2; - } -} - -sainfo anonymous -{ - pfs_group 2; - lifetime time 12 hour ; - encryption_algorithm 3des, blowfish 448, twofish, rijndael ; - authentication_algorithm hmac_sha1, hmac_md5 ; - compression_algorithm deflate ; -} -.Ed -.Pp -The following is a sample of the file defined pre-shared key. -.Bd -literal -offset -10.160.94.3 mekmitasdigoat -172.16.1.133 0x12345678 -194.100.55.1 whatcertificatereally -3ffe:501:410:ffff:200:86ff:fe05:80fa mekmitasdigoat -3ffe:501:410:ffff:210:4bff:fea2:8baa mekmitasdigoat -foo@kame.net mekmitasdigoat -foo.kame.net hoge -.Ed -.\" -.Sh SEE ALSO -.\".Xr racoonctl 8 , -.Xr racoon 8 , -.Xr setkey 8 -.\" -.Sh HISTORY -The -.Nm -configuration file first appeared in -.Dq YIPS -Yokogawa IPsec implementation. -.\" -.Sh BUGS -Some statements may not be handled by -.Xr racoon 8 -yet. diff --git a/racoon.tproj/remoteconf.c b/racoon.tproj/remoteconf.c deleted file mode 100644 index 8e12a8d..0000000 --- a/racoon.tproj/remoteconf.c +++ /dev/null @@ -1,331 +0,0 @@ -/* $KAME: remoteconf.c,v 1.29 2001/12/07 08:39:39 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#include - -#ifdef IPV6_INRIA_VERSION -#include -#else -#include -#endif - -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "debug.h" - -#include "isakmp_var.h" -#include "isakmp.h" -#include "ipsec_doi.h" -#include "oakley.h" -#include "remoteconf.h" -#include "localconf.h" -#include "grabmyaddr.h" -#include "proposal.h" -#include "vendorid.h" -#include "gcmalloc.h" - -static LIST_HEAD(_rmtree, remoteconf) rmtree; - -/*%%%*/ -/* - * search remote configuration. - * don't use port number to search if its value is either IPSEC_PORT_ANY. - * If matching anonymous entry, then new entry is copied from anonymous entry. - * If no anonymous entry found, then return NULL. - * OUT: NULL: NG - * Other: remote configuration entry. - */ -struct remoteconf * -getrmconf(remote) - struct sockaddr *remote; -{ - struct remoteconf *p; - struct remoteconf *anon = NULL; - int withport; - char buf[NI_MAXHOST + NI_MAXSERV + 10]; - char addr[NI_MAXHOST], port[NI_MAXSERV]; - - withport = 0; - - switch (remote->sa_family) { - case AF_INET: - if (((struct sockaddr_in *)remote)->sin_port != IPSEC_PORT_ANY) - withport = 1; - break; -#ifdef INET6 - case AF_INET6: - if (((struct sockaddr_in6 *)remote)->sin6_port != IPSEC_PORT_ANY) - withport = 1; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", remote->sa_family); - exit(1); - } - - GETNAMEINFO(remote, addr, port); - snprintf(buf, sizeof(buf), "%s%s%s%s", addr, - withport ? "[" : "", - withport ? port : "", - withport ? "]" : ""); - - LIST_FOREACH(p, &rmtree, chain) { - if ((!withport && cmpsaddrwop(remote, p->remote) == 0) - || (withport && cmpsaddrstrict(remote, p->remote) == 0)) { - plog(LLV_DEBUG, LOCATION, NULL, - "configuration found for %s.\n", buf); - return p; - } - - /* save the pointer to the anonymous configuration */ - if (p->remote->sa_family == AF_UNSPEC) - anon = p; - } - - if (anon != NULL) { - plog(LLV_DEBUG, LOCATION, NULL, - "anonymous configuration selected for %s.\n", buf); - return anon; - } - - plog(LLV_DEBUG, LOCATION, NULL, - "no remote configuration found.\n"); - return NULL; -} - -struct remoteconf * -newrmconf() -{ - struct remoteconf *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - return NULL; - - new->proposal = NULL; - - /* set default */ - new->doitype = IPSEC_DOI; - new->sittype = IPSECDOI_SIT_IDENTITY_ONLY; - new->idvtype = IDTYPE_ADDRESS; - new->idvtype_p = IDTYPE_ADDRESS; - new->nonce_size = DEFAULT_NONCE_SIZE; - new->keepalive = FALSE; - new->passive = FALSE; - new->ini_contact = TRUE; - new->pcheck_level = PROP_CHECK_STRICT; - new->verify_identifier = FALSE; - new->verify_cert = TRUE; - new->getcert_method = ISAKMP_GETCERT_PAYLOAD; - new->send_cert = TRUE; - new->send_cr = TRUE; - new->support_mip6 = FALSE; - new->gen_policy = FALSE; - new->retry_counter = lcconf->retry_counter; - new->retry_interval = lcconf->retry_interval; - - return new; -} - -void -delrmconf(rmconf) - struct remoteconf *rmconf; -{ - - if (rmconf->etypes) - deletypes(rmconf->etypes); - if (rmconf->dhgrp) - oakley_dhgrp_free(rmconf->dhgrp); - if (rmconf->proposal) - delisakmpsa(rmconf->proposal); - if (rmconf->idv) - vfree(rmconf->idv); - if (rmconf->idv_p) - vfree(rmconf->idv_p); - if (rmconf->remote) - racoon_free(rmconf->remote); - if (rmconf->shared_secret) - vfree(rmconf->shared_secret); - if (rmconf->keychainCertRef) - CFRelease(rmconf->keychainCertRef); - if (rmconf->open_dir_auth_group) - vfree(rmconf->open_dir_auth_group); - - racoon_free(rmconf); -} - -void -delisakmpsa(sa) - struct isakmpsa *sa; -{ - if (sa->dhgrp) - oakley_dhgrp_free(sa->dhgrp); - if (sa->next) - delisakmpsa(sa->next); -#ifdef HAVE_GSSAPI - if (sa->gssid) - vfree(sa->gssid); -#endif - racoon_free(sa); -} - -void -deletypes(e) - struct etypes *e; -{ - if (e->next) - deletypes(e->next); - racoon_free(e); -} - -/* - * insert into head of list. - */ -void -insrmconf(new) - struct remoteconf *new; -{ - LIST_INSERT_HEAD(&rmtree, new, chain); -} - -void -remrmconf(rmconf) - struct remoteconf *rmconf; -{ - LIST_REMOVE(rmconf, chain); -} - -void -flushrmconf() -{ - struct remoteconf *p, *next; - - for (p = LIST_FIRST(&rmtree); p; p = next) { - next = LIST_NEXT(p, chain); - remrmconf(p); - delrmconf(p); - } -} - -void -initrmconf() -{ - LIST_INIT(&rmtree); -} - -/* check exchange type to be acceptable */ -struct etypes * -check_etypeok(rmconf, etype) - struct remoteconf *rmconf; - u_int8_t etype; -{ - struct etypes *e; - - for (e = rmconf->etypes; e != NULL; e = e->next) { - if (e->type == etype) - break; - } - - return e; -} - -/*%%%*/ -struct isakmpsa * -newisakmpsa() -{ - struct isakmpsa *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - return NULL; - - /* - * Just for sanity, make sure this is initialized. This is - * filled in for real when the ISAKMP proposal is configured. - */ - new->vendorid = VENDORID_UNKNOWN; - - new->next = NULL; - new->rmconf = NULL; -#ifdef HAVE_GSSAPI - new->gssid = NULL; -#endif - - return new; -} - -/* - * insert into tail of list. - */ -void -insisakmpsa(new, rmconf) - struct isakmpsa *new; - struct remoteconf *rmconf; -{ - struct isakmpsa *p; - - new->rmconf = rmconf; - - if (rmconf->proposal == NULL) { - rmconf->proposal = new; - return; - } - - for (p = rmconf->proposal; p->next != NULL; p = p->next) - ; - p->next = new; - - return; -} - -const char * -rm2str(rmconf) - const struct remoteconf *rmconf; -{ - if (rmconf->remote->sa_family == AF_UNSPEC) - return "anonymous"; - return saddr2str(rmconf->remote); -} diff --git a/racoon.tproj/remoteconf.h b/racoon.tproj/remoteconf.h deleted file mode 100644 index 86ede32..0000000 --- a/racoon.tproj/remoteconf.h +++ /dev/null @@ -1,139 +0,0 @@ -/* $KAME: remoteconf.h,v 1.27 2001/12/07 08:39:39 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __REMOTECONF_H__ -#define __REMOTECONF_H__ - -/* remote configuration */ - -#include -#include - - -struct etypes { - int type; - struct etypes *next; -}; - -struct remoteconf { - struct sockaddr *remote; /* remote IP address */ - /* if family is AF_UNSPEC, that is - * for anonymous configuration. */ - - struct etypes *etypes; /* exchange type list. the head - * is a type to be sent first. */ - int doitype; /* doi type */ - int sittype; /* situation type */ - - int idvtype; /* my identifier type */ - vchar_t *idv; /* my identifier */ - int idvtype_p; /* peer's identifier type */ - vchar_t *idv_p; /* peer's identifier */ - - int secrettype; /* type of secret [use, key, keychain] */ - vchar_t *shared_secret; /* shared secret */ - vchar_t *open_dir_auth_group; /* group to be used to authorize user */ - - int certtype; /* certificate type if need */ - int identity_in_keychain; /* cert and private key is in the keychain */ - CFDataRef keychainCertRef; /* peristant keychain ref for cert */ - char *mycertfile; /* file name of my certificate */ - char *myprivfile; /* file name of my private key file */ - char *peerscertfile; /* file name of peer's certifcate */ - - int getcert_method; /* the way to get peer's certificate */ - int send_cert; /* send to CERT or not */ - int send_cr; /* send to CR or not */ - int verify_cert; /* verify a CERT strictly */ - int cert_verification; /* openssl or security framework */ - int cert_verification_option; /* nothing, peers identifier, or open_dir */ - int verify_identifier; /* vefify the peer's identifier */ - int nonce_size; /* the number of bytes of nonce */ - int keepalive; /* XXX may not use */ - int passive; /* never initiate */ - int support_mip6; /* support mip6 */ - int gen_policy; /* generate policy if no policy found */ - int ini_contact; /* initial contact */ - int pcheck_level; /* level of protocol checking */ - - int dh_group; /* use it when only aggressive mode */ - struct dhgroup *dhgrp; /* use it when only aggressive mode */ - /* above two can't be defined by user*/ - - int retry_counter; /* times to retry. */ - int retry_interval; /* interval each retry. */ - /* above 2 values are copied from localconf. */ - - struct isakmpsa *proposal; /* proposal list */ - LIST_ENTRY(remoteconf) chain; /* next remote conf */ -}; - -struct dhgroup; - -/* ISAKMP SA specification */ -struct isakmpsa { - int prop_no; - int trns_no; - time_t lifetime; - int lifebyte; - int enctype; - int encklen; - int authmethod; - int hashtype; - int vendorid; -#ifdef HAVE_GSSAPI - vchar_t *gssid; -#endif - int dh_group; /* don't use it if aggressive mode */ - struct dhgroup *dhgrp; /* don't use it if aggressive mode */ - - struct isakmpsa *next; /* next transform */ - struct remoteconf *rmconf; /* backpointer to remoteconf */ -}; - -struct remoteconf *getrmconf __P((struct sockaddr *)); -extern struct remoteconf *newrmconf __P((void)); -extern void delrmconf __P((struct remoteconf *)); -extern void delisakmpsa __P((struct isakmpsa *)); -extern void deletypes __P((struct etypes *)); -extern void insrmconf __P((struct remoteconf *)); -extern void remrmconf __P((struct remoteconf *)); -extern void flushrmconf __P((void)); -extern void initrmconf __P((void)); -extern struct etypes *check_etypeok - __P((struct remoteconf *, u_int8_t)); - -extern struct isakmpsa *newisakmpsa __P((void)); -extern void insisakmpsa __P((struct isakmpsa *, struct remoteconf *)); -extern const char *rm2str __P((const struct remoteconf *)); - -#endif /* __REMOTECONF_H__ */ - diff --git a/racoon.tproj/rijndael-alg-fst.c b/racoon.tproj/rijndael-alg-fst.c deleted file mode 100644 index 19f0651..0000000 --- a/racoon.tproj/rijndael-alg-fst.c +++ /dev/null @@ -1,492 +0,0 @@ -/* $KAME: rijndael-alg-fst.c,v 1.9 2001/06/19 15:21:05 itojun Exp $ */ - -/* - * rijndael-alg-fst.c v2.3 April '2000 - * - * Optimised ANSI C code - * - * authors: v1.0: Antoon Bosselaers - * v2.0: Vincent Rijmen - * v2.3: Paulo Barreto - * - * This code is placed in the public domain. - */ - -#include -#include -#ifdef _KERNEL -#include -#else -#include -#endif -#include -#include - -#include - -#include -#define bcopy(a, b, c) memcpy((b), (a), (c)) -#define bzero(a, b) memset((a), 0, (b)) -#define panic(a) err(1, (a)) - -int rijndaelKeySched(word8 k[MAXKC][4], word8 W[MAXROUNDS+1][4][4], int ROUNDS) { - /* Calculate the necessary round keys - * The number of calculations depends on keyBits and blockBits - */ - int j, r, t, rconpointer = 0; - union { - word8 x8[MAXKC][4]; - word32 x32[MAXKC]; - } xtk; -#define tk xtk.x8 - int KC = ROUNDS - 6; - - for (j = KC-1; j >= 0; j--) { - *((word32*)tk[j]) = *((word32*)k[j]); - } - r = 0; - t = 0; - /* copy values into round key array */ - for (j = 0; (j < KC) && (r < ROUNDS + 1); ) { - for (; (j < KC) && (t < 4); j++, t++) { - *((word32*)W[r][t]) = *((word32*)tk[j]); - } - if (t == 4) { - r++; - t = 0; - } - } - - while (r < ROUNDS + 1) { /* while not enough round key material calculated */ - /* calculate new values */ - tk[0][0] ^= S[tk[KC-1][1]]; - tk[0][1] ^= S[tk[KC-1][2]]; - tk[0][2] ^= S[tk[KC-1][3]]; - tk[0][3] ^= S[tk[KC-1][0]]; - tk[0][0] ^= rcon[rconpointer++]; - - if (KC != 8) { - for (j = 1; j < KC; j++) { - *((word32*)tk[j]) ^= *((word32*)tk[j-1]); - } - } else { - for (j = 1; j < KC/2; j++) { - *((word32*)tk[j]) ^= *((word32*)tk[j-1]); - } - tk[KC/2][0] ^= S[tk[KC/2 - 1][0]]; - tk[KC/2][1] ^= S[tk[KC/2 - 1][1]]; - tk[KC/2][2] ^= S[tk[KC/2 - 1][2]]; - tk[KC/2][3] ^= S[tk[KC/2 - 1][3]]; - for (j = KC/2 + 1; j < KC; j++) { - *((word32*)tk[j]) ^= *((word32*)tk[j-1]); - } - } - /* copy values into round key array */ - for (j = 0; (j < KC) && (r < ROUNDS + 1); ) { - for (; (j < KC) && (t < 4); j++, t++) { - *((word32*)W[r][t]) = *((word32*)tk[j]); - } - if (t == 4) { - r++; - t = 0; - } - } - } - return 0; -#undef tk -} - -int rijndaelKeyEncToDec(word8 W[MAXROUNDS+1][4][4], int ROUNDS) { - int r; - word8 *w; - - for (r = 1; r < ROUNDS; r++) { - w = W[r][0]; - *((word32*)w) = - *((const word32*)U1[w[0]]) - ^ *((const word32*)U2[w[1]]) - ^ *((const word32*)U3[w[2]]) - ^ *((const word32*)U4[w[3]]); - - w = W[r][1]; - *((word32*)w) = - *((const word32*)U1[w[0]]) - ^ *((const word32*)U2[w[1]]) - ^ *((const word32*)U3[w[2]]) - ^ *((const word32*)U4[w[3]]); - - w = W[r][2]; - *((word32*)w) = - *((const word32*)U1[w[0]]) - ^ *((const word32*)U2[w[1]]) - ^ *((const word32*)U3[w[2]]) - ^ *((const word32*)U4[w[3]]); - - w = W[r][3]; - *((word32*)w) = - *((const word32*)U1[w[0]]) - ^ *((const word32*)U2[w[1]]) - ^ *((const word32*)U3[w[2]]) - ^ *((const word32*)U4[w[3]]); - } - return 0; -} - -/** - * Encrypt a single block. - */ -int rijndaelEncrypt(word8 in[16], word8 out[16], word8 rk[MAXROUNDS+1][4][4], int ROUNDS) { - int r; - union { - word8 x8[16]; - word32 x32[4]; - } xa, xb; -#define a xa.x8 -#define b xb.x8 - union { - word8 x8[4][4]; - word32 x32[4]; - } xtemp; -#define temp xtemp.x8 - - memcpy(a, in, sizeof a); - - *((word32*)temp[0]) = *((word32*)(a )) ^ *((word32*)rk[0][0]); - *((word32*)temp[1]) = *((word32*)(a+ 4)) ^ *((word32*)rk[0][1]); - *((word32*)temp[2]) = *((word32*)(a+ 8)) ^ *((word32*)rk[0][2]); - *((word32*)temp[3]) = *((word32*)(a+12)) ^ *((word32*)rk[0][3]); - *((word32*)(b )) = *((const word32*)T1[temp[0][0]]) - ^ *((const word32*)T2[temp[1][1]]) - ^ *((const word32*)T3[temp[2][2]]) - ^ *((const word32*)T4[temp[3][3]]); - *((word32*)(b + 4)) = *((const word32*)T1[temp[1][0]]) - ^ *((const word32*)T2[temp[2][1]]) - ^ *((const word32*)T3[temp[3][2]]) - ^ *((const word32*)T4[temp[0][3]]); - *((word32*)(b + 8)) = *((const word32*)T1[temp[2][0]]) - ^ *((const word32*)T2[temp[3][1]]) - ^ *((const word32*)T3[temp[0][2]]) - ^ *((const word32*)T4[temp[1][3]]); - *((word32*)(b +12)) = *((const word32*)T1[temp[3][0]]) - ^ *((const word32*)T2[temp[0][1]]) - ^ *((const word32*)T3[temp[1][2]]) - ^ *((const word32*)T4[temp[2][3]]); - for (r = 1; r < ROUNDS-1; r++) { - *((word32*)temp[0]) = *((word32*)(b )) ^ *((word32*)rk[r][0]); - *((word32*)temp[1]) = *((word32*)(b+ 4)) ^ *((word32*)rk[r][1]); - *((word32*)temp[2]) = *((word32*)(b+ 8)) ^ *((word32*)rk[r][2]); - *((word32*)temp[3]) = *((word32*)(b+12)) ^ *((word32*)rk[r][3]); - - *((word32*)(b )) = *((const word32*)T1[temp[0][0]]) - ^ *((const word32*)T2[temp[1][1]]) - ^ *((const word32*)T3[temp[2][2]]) - ^ *((const word32*)T4[temp[3][3]]); - *((word32*)(b + 4)) = *((const word32*)T1[temp[1][0]]) - ^ *((const word32*)T2[temp[2][1]]) - ^ *((const word32*)T3[temp[3][2]]) - ^ *((const word32*)T4[temp[0][3]]); - *((word32*)(b + 8)) = *((const word32*)T1[temp[2][0]]) - ^ *((const word32*)T2[temp[3][1]]) - ^ *((const word32*)T3[temp[0][2]]) - ^ *((const word32*)T4[temp[1][3]]); - *((word32*)(b +12)) = *((const word32*)T1[temp[3][0]]) - ^ *((const word32*)T2[temp[0][1]]) - ^ *((const word32*)T3[temp[1][2]]) - ^ *((const word32*)T4[temp[2][3]]); - } - /* last round is special */ - *((word32*)temp[0]) = *((word32*)(b )) ^ *((word32*)rk[ROUNDS-1][0]); - *((word32*)temp[1]) = *((word32*)(b+ 4)) ^ *((word32*)rk[ROUNDS-1][1]); - *((word32*)temp[2]) = *((word32*)(b+ 8)) ^ *((word32*)rk[ROUNDS-1][2]); - *((word32*)temp[3]) = *((word32*)(b+12)) ^ *((word32*)rk[ROUNDS-1][3]); - b[ 0] = T1[temp[0][0]][1]; - b[ 1] = T1[temp[1][1]][1]; - b[ 2] = T1[temp[2][2]][1]; - b[ 3] = T1[temp[3][3]][1]; - b[ 4] = T1[temp[1][0]][1]; - b[ 5] = T1[temp[2][1]][1]; - b[ 6] = T1[temp[3][2]][1]; - b[ 7] = T1[temp[0][3]][1]; - b[ 8] = T1[temp[2][0]][1]; - b[ 9] = T1[temp[3][1]][1]; - b[10] = T1[temp[0][2]][1]; - b[11] = T1[temp[1][3]][1]; - b[12] = T1[temp[3][0]][1]; - b[13] = T1[temp[0][1]][1]; - b[14] = T1[temp[1][2]][1]; - b[15] = T1[temp[2][3]][1]; - *((word32*)(b )) ^= *((word32*)rk[ROUNDS][0]); - *((word32*)(b+ 4)) ^= *((word32*)rk[ROUNDS][1]); - *((word32*)(b+ 8)) ^= *((word32*)rk[ROUNDS][2]); - *((word32*)(b+12)) ^= *((word32*)rk[ROUNDS][3]); - - memcpy(out, b, sizeof b /* XXX out */); - - return 0; -#undef a -#undef b -#undef temp -} - -#ifdef INTERMEDIATE_VALUE_KAT -/** - * Encrypt only a certain number of rounds. - * Only used in the Intermediate Value Known Answer Test. - */ -int rijndaelEncryptRound(word8 a[4][4], word8 rk[MAXROUNDS+1][4][4], int ROUNDS, int rounds) { - int r; - word8 temp[4][4]; - - /* make number of rounds sane */ - if (rounds > ROUNDS) { - rounds = ROUNDS; - } - - *((word32*)a[0]) = *((word32*)a[0]) ^ *((word32*)rk[0][0]); - *((word32*)a[1]) = *((word32*)a[1]) ^ *((word32*)rk[0][1]); - *((word32*)a[2]) = *((word32*)a[2]) ^ *((word32*)rk[0][2]); - *((word32*)a[3]) = *((word32*)a[3]) ^ *((word32*)rk[0][3]); - - for (r = 1; (r <= rounds) && (r < ROUNDS); r++) { - *((word32*)temp[0]) = *((const word32*)T1[a[0][0]]) - ^ *((const word32*)T2[a[1][1]]) - ^ *((const word32*)T3[a[2][2]]) - ^ *((const word32*)T4[a[3][3]]); - *((word32*)temp[1]) = *((const word32*)T1[a[1][0]]) - ^ *((const word32*)T2[a[2][1]]) - ^ *((const word32*)T3[a[3][2]]) - ^ *((const word32*)T4[a[0][3]]); - *((word32*)temp[2]) = *((const word32*)T1[a[2][0]]) - ^ *((const word32*)T2[a[3][1]]) - ^ *((const word32*)T3[a[0][2]]) - ^ *((const word32*)T4[a[1][3]]); - *((word32*)temp[3]) = *((const word32*)T1[a[3][0]]) - ^ *((const word32*)T2[a[0][1]]) - ^ *((const word32*)T3[a[1][2]]) - ^ *((const word32*)T4[a[2][3]]); - *((word32*)a[0]) = *((word32*)temp[0]) ^ *((word32*)rk[r][0]); - *((word32*)a[1]) = *((word32*)temp[1]) ^ *((word32*)rk[r][1]); - *((word32*)a[2]) = *((word32*)temp[2]) ^ *((word32*)rk[r][2]); - *((word32*)a[3]) = *((word32*)temp[3]) ^ *((word32*)rk[r][3]); - } - if (rounds == ROUNDS) { - /* last round is special */ - temp[0][0] = T1[a[0][0]][1]; - temp[0][1] = T1[a[1][1]][1]; - temp[0][2] = T1[a[2][2]][1]; - temp[0][3] = T1[a[3][3]][1]; - temp[1][0] = T1[a[1][0]][1]; - temp[1][1] = T1[a[2][1]][1]; - temp[1][2] = T1[a[3][2]][1]; - temp[1][3] = T1[a[0][3]][1]; - temp[2][0] = T1[a[2][0]][1]; - temp[2][1] = T1[a[3][1]][1]; - temp[2][2] = T1[a[0][2]][1]; - temp[2][3] = T1[a[1][3]][1]; - temp[3][0] = T1[a[3][0]][1]; - temp[3][1] = T1[a[0][1]][1]; - temp[3][2] = T1[a[1][2]][1]; - temp[3][3] = T1[a[2][3]][1]; - *((word32*)a[0]) = *((word32*)temp[0]) ^ *((word32*)rk[ROUNDS][0]); - *((word32*)a[1]) = *((word32*)temp[1]) ^ *((word32*)rk[ROUNDS][1]); - *((word32*)a[2]) = *((word32*)temp[2]) ^ *((word32*)rk[ROUNDS][2]); - *((word32*)a[3]) = *((word32*)temp[3]) ^ *((word32*)rk[ROUNDS][3]); - } - - return 0; -} -#endif /* INTERMEDIATE_VALUE_KAT */ - -/** - * Decrypt a single block. - */ -int rijndaelDecrypt(word8 in[16], word8 out[16], word8 rk[MAXROUNDS+1][4][4], int ROUNDS) { - int r; - union { - word8 x8[16]; - word32 x32[4]; - } xa, xb; -#define a xa.x8 -#define b xb.x8 - union { - word8 x8[4][4]; - word32 x32[4]; - } xtemp; -#define temp xtemp.x8 - - memcpy(a, in, sizeof a); - - *((word32*)temp[0]) = *((word32*)(a )) ^ *((word32*)rk[ROUNDS][0]); - *((word32*)temp[1]) = *((word32*)(a+ 4)) ^ *((word32*)rk[ROUNDS][1]); - *((word32*)temp[2]) = *((word32*)(a+ 8)) ^ *((word32*)rk[ROUNDS][2]); - *((word32*)temp[3]) = *((word32*)(a+12)) ^ *((word32*)rk[ROUNDS][3]); - - *((word32*)(b )) = *((const word32*)T5[temp[0][0]]) - ^ *((const word32*)T6[temp[3][1]]) - ^ *((const word32*)T7[temp[2][2]]) - ^ *((const word32*)T8[temp[1][3]]); - *((word32*)(b+ 4)) = *((const word32*)T5[temp[1][0]]) - ^ *((const word32*)T6[temp[0][1]]) - ^ *((const word32*)T7[temp[3][2]]) - ^ *((const word32*)T8[temp[2][3]]); - *((word32*)(b+ 8)) = *((const word32*)T5[temp[2][0]]) - ^ *((const word32*)T6[temp[1][1]]) - ^ *((const word32*)T7[temp[0][2]]) - ^ *((const word32*)T8[temp[3][3]]); - *((word32*)(b+12)) = *((const word32*)T5[temp[3][0]]) - ^ *((const word32*)T6[temp[2][1]]) - ^ *((const word32*)T7[temp[1][2]]) - ^ *((const word32*)T8[temp[0][3]]); - for (r = ROUNDS-1; r > 1; r--) { - *((word32*)temp[0]) = *((word32*)(b )) ^ *((word32*)rk[r][0]); - *((word32*)temp[1]) = *((word32*)(b+ 4)) ^ *((word32*)rk[r][1]); - *((word32*)temp[2]) = *((word32*)(b+ 8)) ^ *((word32*)rk[r][2]); - *((word32*)temp[3]) = *((word32*)(b+12)) ^ *((word32*)rk[r][3]); - *((word32*)(b )) = *((const word32*)T5[temp[0][0]]) - ^ *((const word32*)T6[temp[3][1]]) - ^ *((const word32*)T7[temp[2][2]]) - ^ *((const word32*)T8[temp[1][3]]); - *((word32*)(b+ 4)) = *((const word32*)T5[temp[1][0]]) - ^ *((const word32*)T6[temp[0][1]]) - ^ *((const word32*)T7[temp[3][2]]) - ^ *((const word32*)T8[temp[2][3]]); - *((word32*)(b+ 8)) = *((const word32*)T5[temp[2][0]]) - ^ *((const word32*)T6[temp[1][1]]) - ^ *((const word32*)T7[temp[0][2]]) - ^ *((const word32*)T8[temp[3][3]]); - *((word32*)(b+12)) = *((const word32*)T5[temp[3][0]]) - ^ *((const word32*)T6[temp[2][1]]) - ^ *((const word32*)T7[temp[1][2]]) - ^ *((const word32*)T8[temp[0][3]]); - } - /* last round is special */ - *((word32*)temp[0]) = *((word32*)(b )) ^ *((word32*)rk[1][0]); - *((word32*)temp[1]) = *((word32*)(b+ 4)) ^ *((word32*)rk[1][1]); - *((word32*)temp[2]) = *((word32*)(b+ 8)) ^ *((word32*)rk[1][2]); - *((word32*)temp[3]) = *((word32*)(b+12)) ^ *((word32*)rk[1][3]); - b[ 0] = S5[temp[0][0]]; - b[ 1] = S5[temp[3][1]]; - b[ 2] = S5[temp[2][2]]; - b[ 3] = S5[temp[1][3]]; - b[ 4] = S5[temp[1][0]]; - b[ 5] = S5[temp[0][1]]; - b[ 6] = S5[temp[3][2]]; - b[ 7] = S5[temp[2][3]]; - b[ 8] = S5[temp[2][0]]; - b[ 9] = S5[temp[1][1]]; - b[10] = S5[temp[0][2]]; - b[11] = S5[temp[3][3]]; - b[12] = S5[temp[3][0]]; - b[13] = S5[temp[2][1]]; - b[14] = S5[temp[1][2]]; - b[15] = S5[temp[0][3]]; - *((word32*)(b )) ^= *((word32*)rk[0][0]); - *((word32*)(b+ 4)) ^= *((word32*)rk[0][1]); - *((word32*)(b+ 8)) ^= *((word32*)rk[0][2]); - *((word32*)(b+12)) ^= *((word32*)rk[0][3]); - - memcpy(out, b, sizeof b /* XXX out */); - - return 0; -#undef a -#undef b -#undef temp -} - - -#ifdef INTERMEDIATE_VALUE_KAT -/** - * Decrypt only a certain number of rounds. - * Only used in the Intermediate Value Known Answer Test. - * Operations rearranged such that the intermediate values - * of decryption correspond with the intermediate values - * of encryption. - */ -int rijndaelDecryptRound(word8 a[4][4], word8 rk[MAXROUNDS+1][4][4], int ROUNDS, int rounds) { - int r, i; - word8 temp[4], shift; - - /* make number of rounds sane */ - if (rounds > ROUNDS) { - rounds = ROUNDS; - } - /* first round is special: */ - *(word32 *)a[0] ^= *(word32 *)rk[ROUNDS][0]; - *(word32 *)a[1] ^= *(word32 *)rk[ROUNDS][1]; - *(word32 *)a[2] ^= *(word32 *)rk[ROUNDS][2]; - *(word32 *)a[3] ^= *(word32 *)rk[ROUNDS][3]; - for (i = 0; i < 4; i++) { - a[i][0] = Si[a[i][0]]; - a[i][1] = Si[a[i][1]]; - a[i][2] = Si[a[i][2]]; - a[i][3] = Si[a[i][3]]; - } - for (i = 1; i < 4; i++) { - shift = (4 - i) & 3; - temp[0] = a[(0 + shift) & 3][i]; - temp[1] = a[(1 + shift) & 3][i]; - temp[2] = a[(2 + shift) & 3][i]; - temp[3] = a[(3 + shift) & 3][i]; - a[0][i] = temp[0]; - a[1][i] = temp[1]; - a[2][i] = temp[2]; - a[3][i] = temp[3]; - } - /* ROUNDS-1 ordinary rounds */ - for (r = ROUNDS-1; r > rounds; r--) { - *(word32 *)a[0] ^= *(word32 *)rk[r][0]; - *(word32 *)a[1] ^= *(word32 *)rk[r][1]; - *(word32 *)a[2] ^= *(word32 *)rk[r][2]; - *(word32 *)a[3] ^= *(word32 *)rk[r][3]; - - *((word32*)a[0]) = - *((const word32*)U1[a[0][0]]) - ^ *((const word32*)U2[a[0][1]]) - ^ *((const word32*)U3[a[0][2]]) - ^ *((const word32*)U4[a[0][3]]); - - *((word32*)a[1]) = - *((const word32*)U1[a[1][0]]) - ^ *((const word32*)U2[a[1][1]]) - ^ *((const word32*)U3[a[1][2]]) - ^ *((const word32*)U4[a[1][3]]); - - *((word32*)a[2]) = - *((const word32*)U1[a[2][0]]) - ^ *((const word32*)U2[a[2][1]]) - ^ *((const word32*)U3[a[2][2]]) - ^ *((const word32*)U4[a[2][3]]); - - *((word32*)a[3]) = - *((const word32*)U1[a[3][0]]) - ^ *((const word32*)U2[a[3][1]]) - ^ *((const word32*)U3[a[3][2]]) - ^ *((const word32*)U4[a[3][3]]); - for (i = 0; i < 4; i++) { - a[i][0] = Si[a[i][0]]; - a[i][1] = Si[a[i][1]]; - a[i][2] = Si[a[i][2]]; - a[i][3] = Si[a[i][3]]; - } - for (i = 1; i < 4; i++) { - shift = (4 - i) & 3; - temp[0] = a[(0 + shift) & 3][i]; - temp[1] = a[(1 + shift) & 3][i]; - temp[2] = a[(2 + shift) & 3][i]; - temp[3] = a[(3 + shift) & 3][i]; - a[0][i] = temp[0]; - a[1][i] = temp[1]; - a[2][i] = temp[2]; - a[3][i] = temp[3]; - } - } - if (rounds == 0) { - /* End with the extra key addition */ - *(word32 *)a[0] ^= *(word32 *)rk[0][0]; - *(word32 *)a[1] ^= *(word32 *)rk[0][1]; - *(word32 *)a[2] ^= *(word32 *)rk[0][2]; - *(word32 *)a[3] ^= *(word32 *)rk[0][3]; - } - return 0; -} -#endif /* INTERMEDIATE_VALUE_KAT */ diff --git a/racoon.tproj/rijndael-alg-fst.h b/racoon.tproj/rijndael-alg-fst.h deleted file mode 100644 index 7a725ae..0000000 --- a/racoon.tproj/rijndael-alg-fst.h +++ /dev/null @@ -1,34 +0,0 @@ -/* $KAME: rijndael-alg-fst.h,v 1.4 2000/10/02 17:14:26 itojun Exp $ */ - -/* - * rijndael-alg-fst.h v2.3 April '2000 - * - * Optimised ANSI C code - * - * #define INTERMEDIATE_VALUE_KAT to generate the Intermediate Value Known Answer Test. - */ - -#ifndef __RIJNDAEL_ALG_FST_H__ -#define __RIJNDAEL_ALG_FST_H__ - -#define RIJNDAEL_MAXKC (256/32) -#define RIJNDAEL_MAXROUNDS 14 - -int rijndaelKeySched(u_int8_t k[RIJNDAEL_MAXKC][4], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS); - -int rijndaelKeyEncToDec(u_int8_t W[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS); - -int rijndaelEncrypt(u_int8_t a[16], u_int8_t b[16], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS); - -#ifdef INTERMEDIATE_VALUE_KAT -int rijndaelEncryptRound(u_int8_t a[4][4], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS, int rounds); -#endif /* INTERMEDIATE_VALUE_KAT */ - -int rijndaelDecrypt(u_int8_t a[16], u_int8_t b[16], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS); - -#ifdef INTERMEDIATE_VALUE_KAT -int rijndaelDecryptRound(u_int8_t a[4][4], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS, int rounds); -#endif /* INTERMEDIATE_VALUE_KAT */ - -#endif /* __RIJNDAEL_ALG_FST_H__ */ - diff --git a/racoon.tproj/rijndael-api-fst.c b/racoon.tproj/rijndael-api-fst.c deleted file mode 100644 index a3104c2..0000000 --- a/racoon.tproj/rijndael-api-fst.c +++ /dev/null @@ -1,495 +0,0 @@ -/* $KAME: rijndael-api-fst.c,v 1.1.1.1 2001/08/08 09:56:23 sakane Exp $ */ - -/* - * rijndael-api-fst.c v2.3 April '2000 - * - * Optimised ANSI C code - * - * authors: v1.0: Antoon Bosselaers - * v2.0: Vincent Rijmen - * v2.1: Vincent Rijmen - * v2.2: Vincent Rijmen - * v2.3: Paulo Barreto - * v2.4: Vincent Rijmen - * - * This code is placed in the public domain. - */ - -#include -#include -#ifdef _KERNEL -#include -#include -#else -#include -#endif -#include -#include -#include - -#include -#define bcopy(a, b, c) memcpy(b, a, c) -#define bzero(a, b) memset(a, 0, b) -#define panic(a) err(1, (a)) - -int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen, char *keyMaterial) { - word8 k[MAXKC][4]; - int i; - char *keyMat; - - if (key == NULL) { - return BAD_KEY_INSTANCE; - } - - if ((direction == DIR_ENCRYPT) || (direction == DIR_DECRYPT)) { - key->direction = direction; - } else { - return BAD_KEY_DIR; - } - - if ((keyLen == 128) || (keyLen == 192) || (keyLen == 256)) { - key->keyLen = keyLen; - } else { - return BAD_KEY_MAT; - } - - if (keyMaterial != NULL) { - bcopy(keyMaterial, key->keyMaterial, keyLen/8); - } - - key->ROUNDS = keyLen/32 + 6; - - /* initialize key schedule: */ - keyMat = key->keyMaterial; - for (i = 0; i < key->keyLen/8; i++) { - k[i >> 2][i & 3] = (word8)keyMat[i]; - } - rijndaelKeySched(k, key->keySched, key->ROUNDS); - if (direction == DIR_DECRYPT) { - rijndaelKeyEncToDec(key->keySched, key->ROUNDS); - } - - return TRUE; -} - -int rijndael_cipherInit(cipherInstance *cipher, BYTE mode, char *IV) { - if ((mode == MODE_ECB) || (mode == MODE_CBC) || (mode == MODE_CFB1)) { - cipher->mode = mode; - } else { - return BAD_CIPHER_MODE; - } - if (IV != NULL) { - bcopy(IV, cipher->IV, MAX_IV_SIZE); - } else { - bzero(cipher->IV, MAX_IV_SIZE); - } - return TRUE; -} - -int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputLen, BYTE *outBuffer) { - int i, k, numBlocks; - word8 block[16], iv[4][4]; - - if (cipher == NULL || - key == NULL || - key->direction == DIR_DECRYPT) { - return BAD_CIPHER_STATE; - } - if (input == NULL || inputLen <= 0) { - return 0; /* nothing to do */ - } - - numBlocks = inputLen/128; - - switch (cipher->mode) { - case MODE_ECB: - for (i = numBlocks; i > 0; i--) { - rijndaelEncrypt(input, outBuffer, key->keySched, key->ROUNDS); - input += 16; - outBuffer += 16; - } - break; - - case MODE_CBC: -#if 0 /*STRICT_ALIGN*/ - bcopy(cipher->IV, block, 16); - bcopy(input, iv, 16); - ((word32*)block)[0] ^= ((word32*)iv)[0]; - ((word32*)block)[1] ^= ((word32*)iv)[1]; - ((word32*)block)[2] ^= ((word32*)iv)[2]; - ((word32*)block)[3] ^= ((word32*)iv)[3]; -#else - ((word32*)block)[0] = ((word32*)cipher->IV)[0] ^ ((word32*)input)[0]; - ((word32*)block)[1] = ((word32*)cipher->IV)[1] ^ ((word32*)input)[1]; - ((word32*)block)[2] = ((word32*)cipher->IV)[2] ^ ((word32*)input)[2]; - ((word32*)block)[3] = ((word32*)cipher->IV)[3] ^ ((word32*)input)[3]; -#endif - rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); - input += 16; - for (i = numBlocks - 1; i > 0; i--) { -#if 0 /*STRICT_ALIGN*/ - bcopy(outBuffer, block, 16); - ((word32*)block)[0] ^= ((word32*)iv)[0]; - ((word32*)block)[1] ^= ((word32*)iv)[1]; - ((word32*)block)[2] ^= ((word32*)iv)[2]; - ((word32*)block)[3] ^= ((word32*)iv)[3]; -#else - ((word32*)block)[0] = ((word32*)outBuffer)[0] ^ ((word32*)input)[0]; - ((word32*)block)[1] = ((word32*)outBuffer)[1] ^ ((word32*)input)[1]; - ((word32*)block)[2] = ((word32*)outBuffer)[2] ^ ((word32*)input)[2]; - ((word32*)block)[3] = ((word32*)outBuffer)[3] ^ ((word32*)input)[3]; -#endif - outBuffer += 16; - rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); - input += 16; - } - break; - - case MODE_CFB1: -#if 0 /*STRICT_ALIGN*/ - bcopy(cipher->IV, iv, 16); -#else /* !STRICT_ALIGN */ - *((word32*)iv[0]) = *((word32*)(cipher->IV )); - *((word32*)iv[1]) = *((word32*)(cipher->IV+ 4)); - *((word32*)iv[2]) = *((word32*)(cipher->IV+ 8)); - *((word32*)iv[3]) = *((word32*)(cipher->IV+12)); -#endif /* ?STRICT_ALIGN */ - for (i = numBlocks; i > 0; i--) { - for (k = 0; k < 128; k++) { - *((word32*) block ) = *((word32*)iv[0]); - *((word32*)(block+ 4)) = *((word32*)iv[1]); - *((word32*)(block+ 8)) = *((word32*)iv[2]); - *((word32*)(block+12)) = *((word32*)iv[3]); - rijndaelEncrypt(block, block, key->keySched, key->ROUNDS); - outBuffer[k/8] ^= (block[0] & 0x80) >> (k & 7); - iv[0][0] = (iv[0][0] << 1) | (iv[0][1] >> 7); - iv[0][1] = (iv[0][1] << 1) | (iv[0][2] >> 7); - iv[0][2] = (iv[0][2] << 1) | (iv[0][3] >> 7); - iv[0][3] = (iv[0][3] << 1) | (iv[1][0] >> 7); - iv[1][0] = (iv[1][0] << 1) | (iv[1][1] >> 7); - iv[1][1] = (iv[1][1] << 1) | (iv[1][2] >> 7); - iv[1][2] = (iv[1][2] << 1) | (iv[1][3] >> 7); - iv[1][3] = (iv[1][3] << 1) | (iv[2][0] >> 7); - iv[2][0] = (iv[2][0] << 1) | (iv[2][1] >> 7); - iv[2][1] = (iv[2][1] << 1) | (iv[2][2] >> 7); - iv[2][2] = (iv[2][2] << 1) | (iv[2][3] >> 7); - iv[2][3] = (iv[2][3] << 1) | (iv[3][0] >> 7); - iv[3][0] = (iv[3][0] << 1) | (iv[3][1] >> 7); - iv[3][1] = (iv[3][1] << 1) | (iv[3][2] >> 7); - iv[3][2] = (iv[3][2] << 1) | (iv[3][3] >> 7); - iv[3][3] = (iv[3][3] << 1) | ((outBuffer[k/8] >> (7-(k&7))) & 1); - } - } - break; - - default: - return BAD_CIPHER_STATE; - } - - return 128*numBlocks; -} - -/** - * Encrypt data partitioned in octets, using RFC 2040-like padding. - * - * @param input data to be encrypted (octet sequence) - * @param inputOctets input length in octets (not bits) - * @param outBuffer encrypted output data - * - * @return length in octets (not bits) of the encrypted output buffer. - */ -int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputOctets, BYTE *outBuffer) { - int i, numBlocks, padLen; - word8 block[16], *iv, *cp; - - if (cipher == NULL || - key == NULL || - key->direction == DIR_DECRYPT) { - return BAD_CIPHER_STATE; - } - if (input == NULL || inputOctets <= 0) { - return 0; /* nothing to do */ - } - - numBlocks = inputOctets/16; - - switch (cipher->mode) { - case MODE_ECB: - for (i = numBlocks; i > 0; i--) { - rijndaelEncrypt(input, outBuffer, key->keySched, key->ROUNDS); - input += 16; - outBuffer += 16; - } - padLen = 16 - (inputOctets - 16*numBlocks); - if (padLen > 0 && padLen <= 16) - panic("rijndael_padEncrypt(ECB)"); - bcopy(input, block, 16 - padLen); - for (cp = block + 16 - padLen; cp < block + 16; cp++) - *cp = padLen; - rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); - break; - - case MODE_CBC: - iv = cipher->IV; - for (i = numBlocks; i > 0; i--) { - ((word32*)block)[0] = ((word32*)input)[0] ^ ((word32*)iv)[0]; - ((word32*)block)[1] = ((word32*)input)[1] ^ ((word32*)iv)[1]; - ((word32*)block)[2] = ((word32*)input)[2] ^ ((word32*)iv)[2]; - ((word32*)block)[3] = ((word32*)input)[3] ^ ((word32*)iv)[3]; - rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); - iv = outBuffer; - input += 16; - outBuffer += 16; - } -#if 0 /*XXX i'm not sure that is correct. sakane@kame.net */ - padLen = 16 - (inputOctets - 16*numBlocks); -#else - padLen = 16 - inputOctets % 16; - if (padLen == 16) - padLen = 0; -#endif - if (padLen > 0 && padLen <= 16) - panic("rijndael_padEncrypt(CBC)"); - for (i = 0; i < 16 - padLen; i++) { - block[i] = input[i] ^ iv[i]; - } - for (i = 16 - padLen; i < 16; i++) { - block[i] = (BYTE)padLen ^ iv[i]; - } - rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); - break; - - default: - return BAD_CIPHER_STATE; - } - - return 16*(numBlocks + 1); -} - -int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputLen, BYTE *outBuffer) { - int i, k, numBlocks; - word8 block[16], iv[4][4]; - - if (cipher == NULL || - key == NULL || - (cipher->mode != MODE_CFB1 && key->direction == DIR_ENCRYPT)) { - return BAD_CIPHER_STATE; - } - if (input == NULL || inputLen <= 0) { - return 0; /* nothing to do */ - } - - numBlocks = inputLen/128; - - switch (cipher->mode) { - case MODE_ECB: - for (i = numBlocks; i > 0; i--) { - rijndaelDecrypt(input, outBuffer, key->keySched, key->ROUNDS); - input += 16; - outBuffer += 16; - } - break; - - case MODE_CBC: -#if 0 /*STRICT_ALIGN */ - bcopy(cipher->IV, iv, 16); -#else - *((word32*)iv[0]) = *((word32*)(cipher->IV )); - *((word32*)iv[1]) = *((word32*)(cipher->IV+ 4)); - *((word32*)iv[2]) = *((word32*)(cipher->IV+ 8)); - *((word32*)iv[3]) = *((word32*)(cipher->IV+12)); -#endif - for (i = numBlocks; i > 0; i--) { - rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); - ((word32*)block)[0] ^= *((word32*)iv[0]); - ((word32*)block)[1] ^= *((word32*)iv[1]); - ((word32*)block)[2] ^= *((word32*)iv[2]); - ((word32*)block)[3] ^= *((word32*)iv[3]); -#if 0 /*STRICT_ALIGN*/ - bcopy(input, iv, 16); - bcopy(block, outBuffer, 16); -#else - *((word32*)iv[0]) = ((word32*)input)[0]; ((word32*)outBuffer)[0] = ((word32*)block)[0]; - *((word32*)iv[1]) = ((word32*)input)[1]; ((word32*)outBuffer)[1] = ((word32*)block)[1]; - *((word32*)iv[2]) = ((word32*)input)[2]; ((word32*)outBuffer)[2] = ((word32*)block)[2]; - *((word32*)iv[3]) = ((word32*)input)[3]; ((word32*)outBuffer)[3] = ((word32*)block)[3]; -#endif - input += 16; - outBuffer += 16; - } - break; - - case MODE_CFB1: -#if 0 /*STRICT_ALIGN */ - bcopy(cipher->IV, iv, 16); -#else - *((word32*)iv[0]) = *((word32*)(cipher->IV)); - *((word32*)iv[1]) = *((word32*)(cipher->IV+ 4)); - *((word32*)iv[2]) = *((word32*)(cipher->IV+ 8)); - *((word32*)iv[3]) = *((word32*)(cipher->IV+12)); -#endif - for (i = numBlocks; i > 0; i--) { - for (k = 0; k < 128; k++) { - *((word32*) block ) = *((word32*)iv[0]); - *((word32*)(block+ 4)) = *((word32*)iv[1]); - *((word32*)(block+ 8)) = *((word32*)iv[2]); - *((word32*)(block+12)) = *((word32*)iv[3]); - rijndaelEncrypt(block, block, key->keySched, key->ROUNDS); - iv[0][0] = (iv[0][0] << 1) | (iv[0][1] >> 7); - iv[0][1] = (iv[0][1] << 1) | (iv[0][2] >> 7); - iv[0][2] = (iv[0][2] << 1) | (iv[0][3] >> 7); - iv[0][3] = (iv[0][3] << 1) | (iv[1][0] >> 7); - iv[1][0] = (iv[1][0] << 1) | (iv[1][1] >> 7); - iv[1][1] = (iv[1][1] << 1) | (iv[1][2] >> 7); - iv[1][2] = (iv[1][2] << 1) | (iv[1][3] >> 7); - iv[1][3] = (iv[1][3] << 1) | (iv[2][0] >> 7); - iv[2][0] = (iv[2][0] << 1) | (iv[2][1] >> 7); - iv[2][1] = (iv[2][1] << 1) | (iv[2][2] >> 7); - iv[2][2] = (iv[2][2] << 1) | (iv[2][3] >> 7); - iv[2][3] = (iv[2][3] << 1) | (iv[3][0] >> 7); - iv[3][0] = (iv[3][0] << 1) | (iv[3][1] >> 7); - iv[3][1] = (iv[3][1] << 1) | (iv[3][2] >> 7); - iv[3][2] = (iv[3][2] << 1) | (iv[3][3] >> 7); - iv[3][3] = (iv[3][3] << 1) | ((input[k/8] >> (7-(k&7))) & 1); - outBuffer[k/8] ^= (block[0] & 0x80) >> (k & 7); - } - } - break; - - default: - return BAD_CIPHER_STATE; - } - - return 128*numBlocks; -} - -int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputOctets, BYTE *outBuffer) { - int i, numBlocks, padLen; - word8 block[16]; - word32 iv[4]; - - if (cipher == NULL || - key == NULL || - key->direction == DIR_ENCRYPT) { - return BAD_CIPHER_STATE; - } - if (input == NULL || inputOctets <= 0) { - return 0; /* nothing to do */ - } - if (inputOctets % 16 != 0) { - return BAD_DATA; - } - - numBlocks = inputOctets/16; - - switch (cipher->mode) { - case MODE_ECB: - /* all blocks but last */ - for (i = numBlocks - 1; i > 0; i--) { - rijndaelDecrypt(input, outBuffer, key->keySched, key->ROUNDS); - input += 16; - outBuffer += 16; - } - /* last block */ - rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); - padLen = block[15]; - if (padLen >= 16) { - return BAD_DATA; - } - for (i = 16 - padLen; i < 16; i++) { - if (block[i] != padLen) { - return BAD_DATA; - } - } - bcopy(block, outBuffer, 16 - padLen); - break; - - case MODE_CBC: - bcopy(cipher->IV, iv, 16); - /* all blocks but last */ - for (i = numBlocks - 1; i > 0; i--) { - rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); - ((word32*)block)[0] ^= iv[0]; - ((word32*)block)[1] ^= iv[1]; - ((word32*)block)[2] ^= iv[2]; - ((word32*)block)[3] ^= iv[3]; - bcopy(input, iv, 16); - bcopy(block, outBuffer, 16); - input += 16; - outBuffer += 16; - } - /* last block */ - rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); - ((word32*)block)[0] ^= iv[0]; - ((word32*)block)[1] ^= iv[1]; - ((word32*)block)[2] ^= iv[2]; - ((word32*)block)[3] ^= iv[3]; - padLen = block[15]; - if (padLen <= 0 || padLen > 16) { - return BAD_DATA; - } - for (i = 16 - padLen; i < 16; i++) { - if (block[i] != padLen) { - return BAD_DATA; - } - } - bcopy(block, outBuffer, 16 - padLen); - break; - - default: - return BAD_CIPHER_STATE; - } - - return 16*numBlocks - padLen; -} - -#ifdef INTERMEDIATE_VALUE_KAT -/** - * cipherUpdateRounds: - * - * Encrypts/Decrypts exactly one full block a specified number of rounds. - * Only used in the Intermediate Value Known Answer Test. - * - * Returns: - * TRUE - on success - * BAD_CIPHER_STATE - cipher in bad state (e.g., not initialized) - */ -int rijndael_cipherUpdateRounds(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputLen, BYTE *outBuffer, int rounds) { - int j; - word8 block[4][4]; - - if (cipher == NULL || key == NULL) { - return BAD_CIPHER_STATE; - } - - for (j = 3; j >= 0; j--) { - /* parse input stream into rectangular array */ - *((word32*)block[j]) = *((word32*)(input+4*j)); - } - - switch (key->direction) { - case DIR_ENCRYPT: - rijndaelEncryptRound(block, key->keySched, key->ROUNDS, rounds); - break; - - case DIR_DECRYPT: - rijndaelDecryptRound(block, key->keySched, key->ROUNDS, rounds); - break; - - default: - return BAD_KEY_DIR; - } - - for (j = 3; j >= 0; j--) { - /* parse rectangular array into output ciphertext bytes */ - *((word32*)(outBuffer+4*j)) = *((word32*)block[j]); - } - - return TRUE; -} -#endif /* INTERMEDIATE_VALUE_KAT */ diff --git a/racoon.tproj/rijndael-api-fst.h b/racoon.tproj/rijndael-api-fst.h deleted file mode 100644 index 9e0ed3a..0000000 --- a/racoon.tproj/rijndael-api-fst.h +++ /dev/null @@ -1,104 +0,0 @@ -/* $KAME: rijndael-api-fst.h,v 1.6 2001/05/27 00:23:23 itojun Exp $ */ - -/* - * rijndael-api-fst.h v2.3 April '2000 - * - * Optimised ANSI C code - * - * #define INTERMEDIATE_VALUE_KAT to generate the Intermediate Value Known Answer Test. - */ - -#ifndef __RIJNDAEL_API_FST_H__ -#define __RIJNDAEL_API_FST_H__ - -#include - -/* Defines: - Add any additional defines you need -*/ - -#define DIR_ENCRYPT 0 /* Are we encrpyting? */ -#define DIR_DECRYPT 1 /* Are we decrpyting? */ -#define MODE_ECB 1 /* Are we ciphering in ECB mode? */ -#define MODE_CBC 2 /* Are we ciphering in CBC mode? */ -#define MODE_CFB1 3 /* Are we ciphering in 1-bit CFB mode? */ -#define TRUE 1 -#define FALSE 0 -#define BITSPERBLOCK 128 /* Default number of bits in a cipher block */ - -/* Error Codes - CHANGE POSSIBLE: inclusion of additional error codes */ -#define BAD_KEY_DIR -1 /* Key direction is invalid, e.g., unknown value */ -#define BAD_KEY_MAT -2 /* Key material not of correct length */ -#define BAD_KEY_INSTANCE -3 /* Key passed is not valid */ -#define BAD_CIPHER_MODE -4 /* Params struct passed to cipherInit invalid */ -#define BAD_CIPHER_STATE -5 /* Cipher in wrong state (e.g., not initialized) */ -#define BAD_BLOCK_LENGTH -6 -#define BAD_CIPHER_INSTANCE -7 -#define BAD_DATA -8 /* Data contents are invalid, e.g., invalid padding */ -#define BAD_OTHER -9 /* Unknown error */ - -/* CHANGE POSSIBLE: inclusion of algorithm specific defines */ -#define MAX_KEY_SIZE 64 /* # of ASCII char's needed to represent a key */ -#define MAX_IV_SIZE 16 /* # bytes needed to represent an IV */ - -/* Typedefs: - - Typedef'ed data storage elements. Add any algorithm specific -parameters at the bottom of the structs as appropriate. -*/ - -/* The structure for key information */ -typedef struct { - u_int8_t direction; /* Key used for encrypting or decrypting? */ - int keyLen; /* Length of the key */ - char keyMaterial[MAX_KEY_SIZE+1]; /* Raw key data in ASCII, e.g., user input or KAT values */ - /* The following parameters are algorithm dependent, replace or add as necessary */ - int ROUNDS; /* key-length-dependent number of rounds */ - int blockLen; /* block length */ - union { - u_int8_t xkS8[RIJNDAEL_MAXROUNDS+1][4][4]; /* key schedule */ - u_int32_t xkS32[RIJNDAEL_MAXROUNDS+1][4]; /* key schedule */ - } xKeySched; -#define keySched xKeySched.xkS8 -} keyInstance; - -/* The structure for cipher information */ -typedef struct { /* changed order of the components */ - u_int8_t mode; /* MODE_ECB, MODE_CBC, or MODE_CFB1 */ - u_int8_t IV[MAX_IV_SIZE]; /* A possible Initialization Vector for ciphering */ - /* Add any algorithm specific parameters needed here */ - int blockLen; /* Sample: Handles non-128 bit block sizes (if available) */ -} cipherInstance; - -/* Function prototypes */ -/* CHANGED: nothing - TODO: implement the following extensions to setup 192-bit and 256-bit block lengths: - makeKeyEx(): parameter blockLen added - -- this parameter is absolutely necessary if you want to - setup the round keys in a variable block length setting - cipherInitEx(): parameter blockLen added (for obvious reasons) - */ - -int rijndael_makeKey(keyInstance *key, u_int8_t direction, int keyLen, char *keyMaterial); - -int rijndael_cipherInit(cipherInstance *cipher, u_int8_t mode, char *IV); - -int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key, - u_int8_t *input, int inputLen, u_int8_t *outBuffer); - -int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key, - u_int8_t *input, int inputOctets, u_int8_t *outBuffer); - -int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key, - u_int8_t *input, int inputLen, u_int8_t *outBuffer); - -int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key, - u_int8_t *input, int inputOctets, u_int8_t *outBuffer); - -#ifdef INTERMEDIATE_VALUE_KAT -int rijndael_cipherUpdateRounds(cipherInstance *cipher, keyInstance *key, - u_int8_t *input, int inputLen, u_int8_t *outBuffer, int Rounds); -#endif /* INTERMEDIATE_VALUE_KAT */ - -#endif /* __RIJNDAEL_API_FST_H__ */ - diff --git a/racoon.tproj/rijndael.h b/racoon.tproj/rijndael.h deleted file mode 100644 index 6af4aa0..0000000 --- a/racoon.tproj/rijndael.h +++ /dev/null @@ -1,10 +0,0 @@ -/* $KAME: rijndael.h,v 1.2 2000/10/02 17:14:27 itojun Exp $ */ - -#ifndef __RIJNDAEL_H__ -#define __RIJNDAEL_H__ - -#include - - -#endif /* __RIJNDAEL_H__ */ - diff --git a/racoon.tproj/rijndael_local.h b/racoon.tproj/rijndael_local.h deleted file mode 100644 index 652b328..0000000 --- a/racoon.tproj/rijndael_local.h +++ /dev/null @@ -1,17 +0,0 @@ -/* $KAME: rijndael_local.h,v 1.3 2000/10/02 17:14:27 itojun Exp $ */ - -#ifndef __RIJNDAEL_LOCAL_H__ -#define __RIJNDAEL_LOCAL_H__ - -/* the file should not be used from outside */ -typedef u_int8_t BYTE; -typedef u_int8_t word8; -typedef u_int16_t word16; -typedef u_int32_t word32; - -#define MAXKC RIJNDAEL_MAXKC -#define MAXROUNDS RIJNDAEL_MAXROUNDS - - -#endif /* __RIJNDAEL_LOCAL_H__ */ - diff --git a/racoon.tproj/safefile.c b/racoon.tproj/safefile.c deleted file mode 100644 index 19dd9fb..0000000 --- a/racoon.tproj/safefile.c +++ /dev/null @@ -1,89 +0,0 @@ -/* $KAME: safefile.c,v 1.5 2001/03/05 19:54:06 thorpej Exp $ */ - -/* - * Copyright (C) 2000 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include - -#include "plog.h" -#include "debug.h" -#include "misc.h" -#include "safefile.h" - -int -safefile(path, secret) - const char *path; - int secret; -{ - struct stat s; - uid_t me; - - /* no setuid */ - if (getuid() != geteuid()) { - plog(LLV_ERROR, LOCATION, NULL, - "setuid'ed execution not allowed\n"); - return -1; - } - - if (stat(path, &s) != 0) - return -1; - - /* the file must be owned by the running uid */ - me = getuid(); - if (s.st_uid != me) { - plog(LLV_ERROR, LOCATION, NULL, - "%s has invalid owner uid\n", path); - return -1; - } - - switch (s.st_mode & S_IFMT) { - case S_IFREG: - break; - default: - plog(LLV_ERROR, LOCATION, NULL, - "%s is an invalid file type 0x%x\n", path, - (s.st_mode & S_IFMT)); - return -1; - } - - /* secret file should not be read by others */ - if (secret) { - if ((s.st_mode & S_IRWXG) != 0 || (s.st_mode & S_IRWXO) != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "%s has weak file permission\n", path); - return -1; - } - } - - return 0; -} diff --git a/racoon.tproj/safefile.h b/racoon.tproj/safefile.h deleted file mode 100644 index bbb67ce..0000000 --- a/racoon.tproj/safefile.h +++ /dev/null @@ -1,40 +0,0 @@ -/* $KAME: safefile.h,v 1.2 2000/09/13 04:50:28 itojun Exp $ */ - -/* $KAME: safefile.h,v 1.2 2000/09/13 04:50:28 itojun Exp $ */ - -/* - * Copyright (C) 2000 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __SAFEFILE_H__ -#define __SAFEFILE_H__ - -extern int safefile __P((const char *, int)); - -#endif /* __SAFEFILE_H__ */ - diff --git a/racoon.tproj/sainfo.c b/racoon.tproj/sainfo.c deleted file mode 100644 index 1ba2135..0000000 --- a/racoon.tproj/sainfo.c +++ /dev/null @@ -1,224 +0,0 @@ -/* $KAME: sainfo.c,v 1.15 2001/11/16 04:12:59 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "sockmisc.h" -#include "debug.h" - -#include "localconf.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "ipsec_doi.h" -#include "oakley.h" -#include "handler.h" -#include "algorithm.h" -#include "sainfo.h" -#include "gcmalloc.h" - -static LIST_HEAD(_sitree, sainfo) sitree; - -/* %%% - * modules for ipsec sa info - */ -/* - * return matching entry. - * no matching entry found and if there is anonymous entry, return it. - * else return NULL. - * XXX by each data type, should be changed to compare the buffer. - */ -struct sainfo * -getsainfo(src, dst) - const vchar_t *src, *dst; -{ - struct sainfo *s = NULL; - struct sainfo *anonymous = NULL; - - LIST_FOREACH(s, &sitree, chain) { - if (s->idsrc == NULL) { - anonymous = s; - continue; - } - - /* anonymous ? */ - if (src == NULL) { - if (anonymous != NULL) - break; - continue; - } - - if (memcmp(src->v, s->idsrc->v, s->idsrc->l) == 0 - && memcmp(dst->v, s->iddst->v, s->iddst->l) == 0) - return s; - } - - if (anonymous) { - plog(LLV_DEBUG, LOCATION, NULL, - "anonymous sainfo selected.\n"); - } - return anonymous; -} - -struct sainfo * -newsainfo() -{ - struct sainfo *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - return NULL; - - new->idvtype = IDTYPE_ADDRESS; - new->lifetime = IPSECDOI_ATTR_SA_LD_SEC_DEFAULT; - new->lifebyte = IPSECDOI_ATTR_SA_LD_KB_MAX; - - return new; -} - -void -delsainfo(si) - struct sainfo *si; -{ - int i; - - for (i = 0; i < MAXALGCLASS; i++) - delsainfoalg(si->algs[i]); - - if (si->idsrc) - vfree(si->idsrc); - if (si->iddst) - vfree(si->iddst); - - racoon_free(si); -} - -void -inssainfo(new) - struct sainfo *new; -{ - LIST_INSERT_HEAD(&sitree, new, chain); -} - -void -remsainfo(si) - struct sainfo *si; -{ - LIST_REMOVE(si, chain); -} - -void -flushsainfo() -{ - struct sainfo *s, *next; - - for (s = LIST_FIRST(&sitree); s; s = next) { - next = LIST_NEXT(s, chain); - remsainfo(s); - delsainfo(s); - } -} - -void -initsainfo() -{ - LIST_INIT(&sitree); -} - -struct sainfoalg * -newsainfoalg() -{ - struct sainfoalg *new; - - new = racoon_calloc(1, sizeof(*new)); - if (new == NULL) - return NULL; - - return new; -} - -void -delsainfoalg(alg) - struct sainfoalg *alg; -{ - struct sainfoalg *a, *next; - - for (a = alg; a; a = next) { - next = a->next; - racoon_free(a); - } -} - -void -inssainfoalg(head, new) - struct sainfoalg **head; - struct sainfoalg *new; -{ - struct sainfoalg *a; - - for (a = *head; a && a->next; a = a->next) - ; - if (a) - a->next = new; - else - *head = new; -} - -const char * -sainfo2str(si) - const struct sainfo *si; -{ - static char buf[256]; - - if (si->idsrc == NULL) - return "anonymous"; - - snprintf(buf, sizeof(buf), "%s", ipsecdoi_id2str(si->idsrc)); - snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), - " %s", ipsecdoi_id2str(si->iddst)); - - return buf; -} diff --git a/racoon.tproj/sainfo.h b/racoon.tproj/sainfo.h deleted file mode 100644 index 1712a63..0000000 --- a/racoon.tproj/sainfo.h +++ /dev/null @@ -1,77 +0,0 @@ -/* $KAME: sainfo.h,v 1.7 2000/10/11 19:54:08 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __SAINFO_H__ -#define __SAINFO_H__ - -#include - -/* SA info */ -struct sainfo { - vchar_t *idsrc; - vchar_t *iddst; - /* - * idsrc and iddst are constructed body of ID payload. - * that is (struct ipsecdoi_id_b) + ID value. - * If idsrc == NULL, that is anonymous entry. - */ - - time_t lifetime; - int lifebyte; - int pfs_group; /* only use when pfs is required. */ - int idvtype; /* my identifier type */ - vchar_t *idv; /* my identifier */ - struct sainfoalg *algs[MAXALGCLASS]; - - LIST_ENTRY(sainfo) chain; -}; - -/* algorithm type */ -struct sainfoalg { - int alg; - int encklen; /* key length if encryption algorithm */ - struct sainfoalg *next; -}; - -extern struct sainfo *getsainfo __P((const vchar_t *, const vchar_t *)); -extern struct sainfo *newsainfo __P((void)); -extern void delsainfo __P((struct sainfo *)); -extern void inssainfo __P((struct sainfo *)); -extern void remsainfo __P((struct sainfo *)); -extern void flushsainfo __P((void)); -extern void initsainfo __P((void)); -extern struct sainfoalg *newsainfoalg __P((void)); -extern void delsainfoalg __P((struct sainfoalg *)); -extern void inssainfoalg __P((struct sainfoalg **, struct sainfoalg *)); -extern const char * sainfo2str __P((const struct sainfo *)); - -#endif /* __SAINFO_H__ */ - diff --git a/racoon.tproj/schedule.c b/racoon.tproj/schedule.c deleted file mode 100644 index dd3f5dc..0000000 --- a/racoon.tproj/schedule.c +++ /dev/null @@ -1,358 +0,0 @@ -/* $KAME: schedule.c,v 1.19 2001/11/05 10:53:19 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#include -#include -#include - -#include "misc.h" -#include "plog.h" -#include "schedule.h" -#include "var.h" -#include "gcmalloc.h" - -#define FIXY2038PROBLEM - -#ifndef TAILQ_FOREACH -#define TAILQ_FOREACH(elm, head, field) \ - for (elm = TAILQ_FIRST(head); elm; elm = TAILQ_NEXT(elm, field)) -#endif - -static struct timeval timeout; - -#ifdef FIXY2038PROBLEM -#define Y2038TIME_T 0x7fffffff -static time_t launched; /* time when the program launched. */ -static time_t deltaY2038; -#endif - -static TAILQ_HEAD(_schedtree, sched) sctree; - -static void sched_add __P((struct sched *)); -static time_t current_time __P((void)); - -/* - * schedule handler - * OUT: - * time to block until next event. - * if no entry, NULL returned. - */ -struct timeval * -schedular() -{ - time_t now, delta; - struct sched *p, *next = NULL; - - now = current_time(); - - for (p = TAILQ_FIRST(&sctree); p; p = next) { - /* if the entry has been daed, remove it */ - if (p->dead) - goto next_schedule; - - /* if the time hasn't come, proceed to the next entry */ - if (now < p->xtime) { - next = TAILQ_NEXT(p, chain); - continue; - } - - /* mark it with dead. and call the function. */ - p->dead = 1; - if (p->func != NULL) - (p->func)(p->param); - - next_schedule: - next = TAILQ_NEXT(p, chain); - TAILQ_REMOVE(&sctree, p, chain); - racoon_free(p); - } - - p = TAILQ_FIRST(&sctree); - if (p == NULL) - return NULL; - - now = current_time(); - - delta = p->xtime - now; - timeout.tv_sec = delta < 0 ? 0 : delta; - timeout.tv_usec = 0; - - return &timeout; -} - -/* - * add new schedule to schedule table. - */ -struct sched * -sched_new(tick, func, param) - time_t tick; - void (*func) __P((void *)); - void *param; -{ - static long id = 1; - struct sched *new; - - new = (struct sched *)racoon_malloc(sizeof(*new)); - if (new == NULL) - return NULL; - - memset(new, 0, sizeof(*new)); - new->func = func; - new->param = param; - - new->id = id++; - time(&new->created); - new->tick = tick; - - new->xtime = current_time() + tick; - new->dead = 0; - - /* add to schedule table */ - sched_add(new); - - return(new); -} - -/* add new schedule to schedule table */ -static void -sched_add(sc) - struct sched *sc; -{ - struct sched *p; - - TAILQ_FOREACH(p, &sctree, chain) { - if (sc->xtime < p->xtime) { - TAILQ_INSERT_BEFORE(p, sc, chain); - return; - } - } - if (p == NULL) - TAILQ_INSERT_TAIL(&sctree, sc, chain); - - return; -} - -/* get current time. - * if defined FIXY2038PROBLEM, base time is the time when called sched_init(). - * Otherwise, conform to time(3). - */ -static time_t -current_time() -{ - time_t n; -#ifdef FIXY2038PROBLEM - time_t t; - - time(&n); - t = n - launched; - if (t < 0) - t += deltaY2038; - - return t; -#else - return time(&n); -#endif -} - -void -sched_kill(sc) - struct sched *sc; -{ - sc->dead = 1; - - return; -} - -/* XXX this function is probably unnecessary. */ -void -sched_scrub_param(param) - void *param; -{ - struct sched *sc; - - TAILQ_FOREACH(sc, &sctree, chain) { - if (sc->param == param) { - if (!sc->dead) { - plog(LLV_DEBUG, LOCATION, NULL, - "an undead schedule has been deleted.\n"); - } - sched_kill(sc); - } - } -} - -/* - * for debug - */ -int -sched_dump(buf, len) - caddr_t *buf; - int *len; -{ - caddr_t new; - struct sched *p; - struct scheddump *dst; - int cnt = 0; - - /* initialize */ - *len = 0; - *buf = NULL; - - TAILQ_FOREACH(p, &sctree, chain) - cnt++; - - /* no entry */ - if (cnt == 0) - return -1; - - *len = cnt * sizeof(*dst); - - new = racoon_malloc(*len); - if (new == NULL) - return -1; - dst = (struct scheddump *)new; - - p = TAILQ_FIRST(&sctree); - while (p) { - dst->xtime = p->xtime; - dst->id = p->id; - dst->created = p->created; - dst->tick = p->tick; - - p = TAILQ_NEXT(p, chain); - if (p == NULL) - break; - dst++; - } - - *buf = new; - - return 0; -} - -/* initialize schedule table */ -void -sched_init() -{ -#ifdef FIXY2038PROBLEM - time(&launched); - - deltaY2038 = Y2038TIME_T - launched; -#endif - - TAILQ_INIT(&sctree); - - return; -} - -#ifdef STEST -#include -#include -#include -#include - -void -test(tick) - int *tick; -{ - printf("execute %d\n", *tick); - racoon_free(tick); -} - -void -getstdin() -{ - int *tick; - char buf[16]; - - read(0, buf, sizeof(buf)); - if (buf[0] == 'd') { - struct scheddump *scbuf, *p; - int len; - sched_dump((caddr_t *)&scbuf, &len); - if (buf == NULL) - return; - for (p = scbuf; len; p++) { - printf("xtime=%ld\n", p->xtime); - len -= sizeof(*p); - } - racoon_free(scbuf); - return; - } - - tick = (int *)racoon_malloc(sizeof(*tick)); - *tick = atoi(buf); - printf("new queue tick = %d\n", *tick); - sched_new(*tick, test, tick); -} - -int -main() -{ - static fd_set mask0; - int nfds = 0; - fd_set rfds; - struct timeval *timeout; - int error; - - FD_ZERO(&mask0); - FD_SET(0, &mask0); - nfds = 1; - - /* initialize */ - sched_init(); - - while (1) { - rfds = mask0; - - timeout = schedular(); - - error = select(nfds, &rfds, (fd_set *)0, (fd_set *)0, timeout); - if (error < 0) { - switch (errno) { - case EINTR: continue; - default: - err(1, "select"); - } - /*NOTREACHED*/ - } - - if (FD_ISSET(0, &rfds)) - getstdin(); - } -} -#endif diff --git a/racoon.tproj/schedule.h b/racoon.tproj/schedule.h deleted file mode 100644 index a604e05..0000000 --- a/racoon.tproj/schedule.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $KAME: schedule.h,v 1.12 2001/03/06 20:41:02 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __SCHEDULE_H__ -#define __SCHEDULE_H__ - -#include - -/* scheduling table */ -/* the head is the nearest event. */ -struct sched { - time_t xtime; /* event time which is as time(3). */ - /* - * if defined FIXY2038PROBLEM, this time - * is from the time when called sched_init(). - */ - void (*func) __P((void *)); /* call this function when timeout. */ - void *param; /* pointer to parameter */ - - int dead; /* dead or alive */ - long id; /* for debug */ - time_t created; /* for debug */ - time_t tick; /* for debug */ - - TAILQ_ENTRY(sched) chain; -}; - -/* cancel schedule */ -#define SCHED_KILL(s) \ -do { \ - sched_kill(s); \ - s = NULL; \ -} while(0) - -/* must be called after it's called from scheduler. */ -#define SCHED_INIT(s) (s) = NULL - -struct scheddump { - time_t xtime; - long id; - time_t created; - time_t tick; -}; - -struct timeval *schedular __P((void)); -struct sched *sched_new __P((time_t, void (*func) __P((void *)), void *)); -void sched_kill __P((struct sched *)); -int sched_dump __P((caddr_t *, int *)); -void sched_init __P((void)); -void sched_scrub_param __P((void *)); - -#endif /* __SCHEDULE_H__ */ - diff --git a/racoon.tproj/session.c b/racoon.tproj/session.c deleted file mode 100644 index bdd2975..0000000 --- a/racoon.tproj/session.c +++ /dev/null @@ -1,452 +0,0 @@ -/* $KAME: session.c,v 1.31 2002/11/20 02:06:18 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#if HAVE_SYS_WAIT_H -# include -#endif -#ifndef WEXITSTATUS -# define WEXITSTATUS(s) ((unsigned)(s) >> 8) -#endif -#ifndef WIFEXITED -# define WIFEXITED(s) (((s) & 255) == 0) -#endif - -#ifdef IPV6_INRIA_VERSION -#include -#else -#include -#endif - -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include - -#include "libpfkey.h" - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "debug.h" - -#include "schedule.h" -#include "session.h" -#include "grabmyaddr.h" -#include "cfparse.h" -#include "isakmp_var.h" -#include "admin_var.h" -#include "oakley.h" -#include "pfkey.h" -#include "handler.h" -#include "localconf.h" -#include "remoteconf.h" -#include "backupsa.h" - -static void close_session __P((void)); -static void check_rtsock __P((void *)); -static void initfds __P((void)); -static void init_signal __P((void)); -static int set_signal __P((int sig, RETSIGTYPE (*func) __P((int)))); -static void check_sigreq __P((void)); -static void check_flushsa_stub __P((void *)); -static void check_flushsa __P((void)); -static int close_sockets __P((void)); - -static fd_set mask0; -static int nfds = 0; -static int sigreq = 0; - -int -session(void) -{ - fd_set rfds; - struct timeval *timeout; - int error; - struct myaddrs *p; - - /* initialize schedular */ - sched_init(); - - init_signal(); - -#ifdef ENABLE_ADMINPORT - /* debug port has no authentication, do not open it */ - if (admin_init() < 0) - exit(1); -#endif - - initmyaddr(); - - if (isakmp_init() < 0) - exit(1); - - initfds(); - - sigreq = 0; - while (1) { - - /* - * asynchronous requests via signal. - * make sure to reset sigreq to 0. - */ - check_sigreq(); - - /* scheduling */ - timeout = schedular(); - rfds = mask0; - error = select(nfds, &rfds, (fd_set *)0, (fd_set *)0, timeout); - if (error < 0) { - switch (errno) { - case EINTR: - continue; - default: - plog(LLV_ERROR, LOCATION, NULL, - "failed to select (%s)\n", - strerror(errno)); - return -1; - } - /*NOTREACHED*/ - } -#ifdef ENABLE_ADMINPORT - if (FD_ISSET(lcconf->sock_admin, &rfds)) - admin_handler(); -#endif - - for (p = lcconf->myaddrs; p; p = p->next) { - if (!p->addr) - continue; - - if (FD_ISSET(p->sock, &rfds)) - if ((error = isakmp_handler(p->sock)) == -2) - break; - - -#ifdef IKE_NAT_T - if (p->nattsock >= 0 && FD_ISSET(p->nattsock, &rfds)) - if ((error = isakmp_natt_handler(p->nattsock)) == -2) - break; -#endif - } - if (error == -2) { - if (lcconf->autograbaddr) { - /* serious socket problem - close all listening sockets and re-open */ - isakmp_close(); - initfds(); - sched_new(5, check_rtsock, NULL); - continue; - } else { - isakmp_close_sockets(); - isakmp_open(); - } - - } - - if (FD_ISSET(lcconf->sock_pfkey, &rfds)) - pfkey_handler(); - - if (lcconf->rtsock >= 0 && FD_ISSET(lcconf->rtsock, &rfds)) - if (update_myaddrs() && lcconf->autograbaddr) - sched_new(5, check_rtsock, NULL); - } -} - -/* clear all status and exit program. */ -static void -close_session() -{ - flushph1(); - close_sockets(); - backupsa_clean(); - - plog(LLV_INFO, LOCATION, NULL, "racoon shutdown\n"); - exit(0); -} - - -static void -check_rtsock(p) - void *p; -{ - grab_myaddrs(); - isakmp_close_unused(); - autoconf_myaddrsport(); - isakmp_open(); - - /* initialize socket list again */ - initfds(); -} - -static void -initfds() -{ - struct myaddrs *p; - - nfds = 0; - - FD_ZERO(&mask0); - -#ifdef ENABLE_ADMINPORT - if (lcconf->sock_admin >= FD_SETSIZE) { - plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun\n"); - exit(1); - } - FD_SET(lcconf->sock_admin, &mask0); - nfds = (nfds > lcconf->sock_admin ? nfds : lcconf->sock_admin); -#endif - if (lcconf->sock_pfkey >= FD_SETSIZE) { - plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun\n"); - exit(1); - } - FD_SET(lcconf->sock_pfkey, &mask0); - nfds = (nfds > lcconf->sock_pfkey ? nfds : lcconf->sock_pfkey); - if (lcconf->rtsock >= 0) { - if (lcconf->rtsock >= FD_SETSIZE) { - plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun\n"); - exit(1); - } - FD_SET(lcconf->rtsock, &mask0); - nfds = (nfds > lcconf->rtsock ? nfds : lcconf->rtsock); - } - - for (p = lcconf->myaddrs; p; p = p->next) { - if (!p->addr) - continue; - if (p->sock >= FD_SETSIZE) { - plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun\n"); - exit(1); - } - FD_SET(p->sock, &mask0); - nfds = (nfds > p->sock ? nfds : p->sock); -#ifdef IKE_NAT_T - if (p->nattsock >= 0) { - if (p-> nattsock >= FD_SETSIZE) { - plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun\n"); - exit(1); - } - FD_SET(p->nattsock, &mask0); - nfds = (nfds > p->nattsock ? nfds : p->nattsock); - } -#endif - } - nfds++; -} - -static int signals[] = { - SIGHUP, - SIGINT, - SIGTERM, - SIGUSR1, - SIGUSR2, - SIGCHLD, - 0 -}; - -/* - * asynchronous requests will actually dispatched in the - * main loop in session(). - */ -RETSIGTYPE -signal_handler(sig) - int sig; -{ - switch (sig) { - case SIGCHLD: - { - pid_t pid; - int s; - - pid = wait(&s); - } - break; - -#ifdef DEBUG_RECORD_MALLOCATION - case SIGUSR2: - DRM_dump(); - break; -#endif - default: - /* XXX should be blocked any signal ? */ - sigreq = sig; - break; - } -} - -extern int cfreparse(void); - -static void -check_sigreq() -{ - switch (sigreq) { - case 0: - return; - - case SIGHUP: - if (cfreparse()) { - plog(LLV_ERROR, LOCATION, NULL, - "configuration read failed\n"); - exit(1); - } - sigreq = 0; - break; - - default: - plog(LLV_INFO, LOCATION, NULL, "caught signal %d\n", sigreq); - pfkey_send_flush(lcconf->sock_pfkey, SADB_SATYPE_UNSPEC); - sched_new(1, check_flushsa_stub, NULL); - sigreq = 0; - break; - } -} - -/* - * waiting the termination of processing until sending DELETE message - * for all inbound SA will complete. - */ -static void -check_flushsa_stub(p) - void *p; -{ - - check_flushsa(); -} - -static void -check_flushsa() -{ - vchar_t *buf; - struct sadb_msg *msg, *end, *next; - struct sadb_sa *sa; - caddr_t mhp[SADB_EXT_MAX + 1]; - int n; - - buf = pfkey_dump_sadb(SADB_SATYPE_UNSPEC); - - msg = (struct sadb_msg *)buf->v; - end = (struct sadb_msg *)(buf->v + buf->l); - - /* counting SA except of dead one. */ - n = 0; - while (msg < end) { - if (PFKEY_UNUNIT64(msg->sadb_msg_len) < sizeof(*msg)) - break; - next = (struct sadb_msg *)((caddr_t)msg + PFKEY_UNUNIT64(msg->sadb_msg_len)); - if (msg->sadb_msg_type != SADB_DUMP) { - msg = next; - continue; - } - - if (pfkey_align(msg, mhp) || pfkey_check(mhp)) { - plog(LLV_ERROR, LOCATION, NULL, - "pfkey_check (%s)\n", ipsec_strerror()); - msg = next; - continue; - } - - sa = (struct sadb_sa *)(mhp[SADB_EXT_SA]); - if (!sa) { - msg = next; - continue; - } - - if (sa->sadb_sa_state != SADB_SASTATE_DEAD) { - n++; - msg = next; - continue; - } - - msg = next; - } - - if (buf) vfree(buf); - - if (n) { - sched_new(1, check_flushsa_stub, NULL); - return; - } - - close_session(); -} - -static void -init_signal() -{ - int i; - - for (i = 0; signals[i] != 0; i++) - if (set_signal(signals[i], signal_handler) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to set_signal (%s)\n", - strerror(errno)); - exit(1); - } -} - -static int -set_signal(sig, func) - int sig; - RETSIGTYPE (*func) __P((int)); -{ - struct sigaction sa; - - memset((caddr_t)&sa, 0, sizeof(sa)); - sa.sa_handler = func; - sa.sa_flags = SA_RESTART; - - if (sigemptyset(&sa.sa_mask) < 0) - return -1; - - if (sigaction(sig, &sa, (struct sigaction *)0) < 0) - return(-1); - - return 0; -} - -static int -close_sockets() -{ - isakmp_close(); - pfkey_close(lcconf->sock_pfkey); -#ifdef ENABLE_ADMINPORT - (void)admin_close(); -#endif - return 0; -} - diff --git a/racoon.tproj/session.h b/racoon.tproj/session.h deleted file mode 100644 index d993bbd..0000000 --- a/racoon.tproj/session.h +++ /dev/null @@ -1,40 +0,0 @@ -/* $KAME: session.h,v 1.4 2000/10/04 17:41:04 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __SESSION_H__ -#define __SESSION_H__ - -extern int session __P((void)); -extern RETSIGTYPE signal_handler __P((int)); - - -#endif /* __SESSION_H__ */ - diff --git a/racoon.tproj/sha2.c b/racoon.tproj/sha2.c deleted file mode 100644 index 80deb6a..0000000 --- a/racoon.tproj/sha2.c +++ /dev/null @@ -1,1102 +0,0 @@ -/* $KAME: sha2.c,v 1.4 2001/09/02 08:59:55 itojun Exp $ */ - -/* - * sha2.c - * - * Version 1.0.0beta1 - * - * Written by Aaron D. Gifford - * - * Copyright 2000 Aaron D. Gifford. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the copyright holder nor the names of contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTOR(S) BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - - -#include -#include -#include -#include -#include - -#include -#include -#define bcopy(a, b, c) memcpy((b), (a), (c)) -#define bzero(a, b) memset((a), 0, (b)) -#define panic(a) err(1, (a)) - -/* - * ASSERT NOTE: - * Some sanity checking code is included using assert(). On my FreeBSD - * system, this additional code can be removed by compiling with NDEBUG - * defined. Check your own systems manpage on assert() to see how to - * compile WITHOUT the sanity checking code on your system. - * - * UNROLLED TRANSFORM LOOP NOTE: - * You can define SHA2_UNROLL_TRANSFORM to use the unrolled transform - * loop version for the hash transform rounds (defined using macros - * later in this file). Either define on the command line, for example: - * - * cc -DSHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c - * - * or define below: - * - * #define SHA2_UNROLL_TRANSFORM - * - */ - -#define assert(x) - - -/*** SHA-256/384/512 Machine Architecture Definitions *****************/ -/* - * BYTE_ORDER NOTE: - * - * Please make sure that your system defines BYTE_ORDER. If your - * architecture is little-endian, make sure it also defines - * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are - * equivilent. - * - * If your system does not define the above, then you can do so by - * hand like this: - * - * #define LITTLE_ENDIAN 1234 - * #define BIG_ENDIAN 4321 - * - * And for little-endian machines, add: - * - * #define BYTE_ORDER LITTLE_ENDIAN - * - * Or for big-endian machines: - * - * #define BYTE_ORDER BIG_ENDIAN - * - * The FreeBSD machine this was written on defines BYTE_ORDER - * appropriately by including (which in turn includes - * where the appropriate definitions are actually - * made). - */ -#if !defined(BYTE_ORDER) || (BYTE_ORDER != LITTLE_ENDIAN && BYTE_ORDER != BIG_ENDIAN) -#error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN -#endif - -/* - * Define the followingsha2_* types to types of the correct length on - * the native archtecture. Most BSD systems and Linux define u_intXX_t - * types. Machines with very recent ANSI C headers, can use the - * uintXX_t definintions from inttypes.h by defining SHA2_USE_INTTYPES_H - * during compile or in the sha.h header file. - * - * Machines that support neither u_intXX_t nor inttypes.h's uintXX_t - * will need to define these three typedefs below (and the appropriate - * ones in sha.h too) by hand according to their system architecture. - * - * Thank you, Jun-ichiro itojun Hagino, for suggesting using u_intXX_t - * types and pointing out recent ANSI C support for uintXX_t in inttypes.h. - */ -#if 0 /*def SHA2_USE_INTTYPES_H*/ - -typedef uint8_t sha2_byte; /* Exactly 1 byte */ -typedef uint32_t sha2_word32; /* Exactly 4 bytes */ -typedef uint64_t sha2_word64; /* Exactly 8 bytes */ - -#else /* SHA2_USE_INTTYPES_H */ - -typedef u_int8_t sha2_byte; /* Exactly 1 byte */ -typedef u_int32_t sha2_word32; /* Exactly 4 bytes */ -typedef u_int64_t sha2_word64; /* Exactly 8 bytes */ - -#endif /* SHA2_USE_INTTYPES_H */ - - -/*** SHA-256/384/512 Various Length Definitions ***********************/ -/* NOTE: Most of these are in sha2.h */ -#define SHA256_SHORT_BLOCK_LENGTH (SHA256_BLOCK_LENGTH - 8) -#define SHA384_SHORT_BLOCK_LENGTH (SHA384_BLOCK_LENGTH - 16) -#define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16) - - -/*** ENDIAN REVERSAL MACROS *******************************************/ -#if BYTE_ORDER == LITTLE_ENDIAN -#define REVERSE32(w,x) { \ - sha2_word32 tmp = (w); \ - tmp = (tmp >> 16) | (tmp << 16); \ - (x) = ((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8); \ -} -#define REVERSE64(w,x) { \ - sha2_word64 tmp = (w); \ - tmp = (tmp >> 32) | (tmp << 32); \ - tmp = ((tmp & 0xff00ff00ff00ff00ULL) >> 8) | \ - ((tmp & 0x00ff00ff00ff00ffULL) << 8); \ - (x) = ((tmp & 0xffff0000ffff0000ULL) >> 16) | \ - ((tmp & 0x0000ffff0000ffffULL) << 16); \ -} -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - -/* - * Macro for incrementally adding the unsigned 64-bit integer n to the - * unsigned 128-bit integer (represented using a two-element array of - * 64-bit words): - */ -#define ADDINC128(w,n) { \ - (w)[0] += (sha2_word64)(n); \ - if ((w)[0] < (n)) { \ - (w)[1]++; \ - } \ -} - -/*** THE SIX LOGICAL FUNCTIONS ****************************************/ -/* - * Bit shifting and rotation (used by the six SHA-XYZ logical functions: - * - * NOTE: The naming of R and S appears backwards here (R is a SHIFT and - * S is a ROTATION) because the SHA-256/384/512 description document - * (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this - * same "backwards" definition. - */ -/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */ -#define R(b,x) ((x) >> (b)) -/* 32-bit Rotate-right (used in SHA-256): */ -#define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b)))) -/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */ -#define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b)))) - -/* Two of six logical functions used in SHA-256, SHA-384, and SHA-512: */ -#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) -#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) - -/* Four of six logical functions used in SHA-256: */ -#define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x))) -#define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x))) -#define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x))) -#define sigma1_256(x) (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x))) - -/* Four of six logical functions used in SHA-384 and SHA-512: */ -#define Sigma0_512(x) (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x))) -#define Sigma1_512(x) (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x))) -#define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x))) -#define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x))) - -/*** INTERNAL FUNCTION PROTOTYPES *************************************/ -/* NOTE: These should not be accessed directly from outside this - * library -- they are intended for private internal visibility/use - * only. - */ -void SHA512_Last(SHA512_CTX*); -void SHA256_Transform(SHA256_CTX*, const sha2_word32*); -void SHA512_Transform(SHA512_CTX*, const sha2_word64*); - - -/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/ -/* Hash constant words K for SHA-256: */ -const static sha2_word32 K256[64] = { - 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, - 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, - 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, - 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL, - 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL, - 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, - 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, - 0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL, - 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL, - 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, - 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, - 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, - 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL, - 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL, - 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, - 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL -}; - -/* Initial hash value H for SHA-256: */ -const static sha2_word32 sha256_initial_hash_value[8] = { - 0x6a09e667UL, - 0xbb67ae85UL, - 0x3c6ef372UL, - 0xa54ff53aUL, - 0x510e527fUL, - 0x9b05688cUL, - 0x1f83d9abUL, - 0x5be0cd19UL -}; - -/* Hash constant words K for SHA-384 and SHA-512: */ -const static sha2_word64 K512[80] = { - 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, - 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, - 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, - 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, - 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL, - 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, - 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, - 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL, - 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, - 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, - 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, - 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, - 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, - 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, - 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, - 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, - 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, - 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, - 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, - 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, - 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, - 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, - 0xd192e819d6ef5218ULL, 0xd69906245565a910ULL, - 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, - 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, - 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, - 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, - 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, - 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, - 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, - 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, - 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, - 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, - 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, - 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, - 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, - 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, - 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL, - 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, - 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL -}; - -/* Initial hash value H for SHA-384 */ -const static sha2_word64 sha384_initial_hash_value[8] = { - 0xcbbb9d5dc1059ed8ULL, - 0x629a292a367cd507ULL, - 0x9159015a3070dd17ULL, - 0x152fecd8f70e5939ULL, - 0x67332667ffc00b31ULL, - 0x8eb44a8768581511ULL, - 0xdb0c2e0d64f98fa7ULL, - 0x47b5481dbefa4fa4ULL -}; - -/* Initial hash value H for SHA-512 */ -const static sha2_word64 sha512_initial_hash_value[8] = { - 0x6a09e667f3bcc908ULL, - 0xbb67ae8584caa73bULL, - 0x3c6ef372fe94f82bULL, - 0xa54ff53a5f1d36f1ULL, - 0x510e527fade682d1ULL, - 0x9b05688c2b3e6c1fULL, - 0x1f83d9abfb41bd6bULL, - 0x5be0cd19137e2179ULL -}; - -/* - * Constant used by SHA256/384/512_End() functions for converting the - * digest to a readable hexadecimal character string: - */ -static const char *sha2_hex_digits = "0123456789abcdef"; - - -/*** SHA-256: *********************************************************/ -void SHA256_Init(SHA256_CTX* context) { - if (context == (SHA256_CTX*)0) { - return; - } - bcopy(sha256_initial_hash_value, context->state, SHA256_DIGEST_LENGTH); - bzero(context->buffer, SHA256_BLOCK_LENGTH); - context->bitcount = 0; -} - -#ifdef SHA2_UNROLL_TRANSFORM - -/* Unrolled SHA-256 round macros: */ - -#if BYTE_ORDER == LITTLE_ENDIAN - -#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \ - REVERSE32(*data++, W256[j]); \ - T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \ - K256[j] + W256[j]; \ - (d) += T1; \ - (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ - j++ - - -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - -#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \ - T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \ - K256[j] + (W256[j] = *data++); \ - (d) += T1; \ - (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ - j++ - -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - -#define ROUND256(a,b,c,d,e,f,g,h) \ - s0 = W256[(j+1)&0x0f]; \ - s0 = sigma0_256(s0); \ - s1 = W256[(j+14)&0x0f]; \ - s1 = sigma1_256(s1); \ - T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + K256[j] + \ - (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \ - (d) += T1; \ - (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ - j++ - -void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) { - sha2_word32 a, b, c, d, e, f, g, h, s0, s1; - sha2_word32 T1, *W256; - int j; - - W256 = (sha2_word32*)context->buffer; - - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; - - j = 0; - do { - /* Rounds 0 to 15 (unrolled): */ - ROUND256_0_TO_15(a,b,c,d,e,f,g,h); - ROUND256_0_TO_15(h,a,b,c,d,e,f,g); - ROUND256_0_TO_15(g,h,a,b,c,d,e,f); - ROUND256_0_TO_15(f,g,h,a,b,c,d,e); - ROUND256_0_TO_15(e,f,g,h,a,b,c,d); - ROUND256_0_TO_15(d,e,f,g,h,a,b,c); - ROUND256_0_TO_15(c,d,e,f,g,h,a,b); - ROUND256_0_TO_15(b,c,d,e,f,g,h,a); - } while (j < 16); - - /* Now for the remaining rounds to 64: */ - do { - ROUND256(a,b,c,d,e,f,g,h); - ROUND256(h,a,b,c,d,e,f,g); - ROUND256(g,h,a,b,c,d,e,f); - ROUND256(f,g,h,a,b,c,d,e); - ROUND256(e,f,g,h,a,b,c,d); - ROUND256(d,e,f,g,h,a,b,c); - ROUND256(c,d,e,f,g,h,a,b); - ROUND256(b,c,d,e,f,g,h,a); - } while (j < 64); - - /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; - - /* Clean up */ - a = b = c = d = e = f = g = h = T1 = 0; -} - -#else /* SHA2_UNROLL_TRANSFORM */ - -void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) { - sha2_word32 a, b, c, d, e, f, g, h, s0, s1; - sha2_word32 T1, T2, *W256; - int j; - - W256 = (sha2_word32*)context->buffer; - - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; - - j = 0; - do { -#if BYTE_ORDER == LITTLE_ENDIAN - /* Copy data while converting to host byte order */ - REVERSE32(*data++,W256[j]); - /* Apply the SHA-256 compression function to update a..h */ - T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j]; -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - /* Apply the SHA-256 compression function to update a..h with copy */ - T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + (W256[j] = *data++); -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - T2 = Sigma0_256(a) + Maj(a, b, c); - h = g; - g = f; - f = e; - e = d + T1; - d = c; - c = b; - b = a; - a = T1 + T2; - - j++; - } while (j < 16); - - do { - /* Part of the message block expansion: */ - s0 = W256[(j+1)&0x0f]; - s0 = sigma0_256(s0); - s1 = W256[(j+14)&0x0f]; - s1 = sigma1_256(s1); - - /* Apply the SHA-256 compression function to update a..h */ - T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + - (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); - T2 = Sigma0_256(a) + Maj(a, b, c); - h = g; - g = f; - f = e; - e = d + T1; - d = c; - c = b; - b = a; - a = T1 + T2; - - j++; - } while (j < 64); - - /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; - - /* Clean up */ - a = b = c = d = e = f = g = h = T1 = T2 = 0; -} - -#endif /* SHA2_UNROLL_TRANSFORM */ - -void SHA256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) { - unsigned int freespace, usedspace; - - if (len == 0) { - /* Calling with no data is valid - we do nothing */ - return; - } - - /* Sanity check: */ - assert(context != (SHA256_CTX*)0 && data != (sha2_byte*)0); - - usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH; - if (usedspace > 0) { - /* Calculate how much free space is available in the buffer */ - freespace = SHA256_BLOCK_LENGTH - usedspace; - - if (len >= freespace) { - /* Fill the buffer completely and process it */ - bcopy(data, &context->buffer[usedspace], freespace); - context->bitcount += freespace << 3; - len -= freespace; - data += freespace; - SHA256_Transform(context, (sha2_word32*)context->buffer); - } else { - /* The buffer is not yet full */ - bcopy(data, &context->buffer[usedspace], len); - context->bitcount += len << 3; - /* Clean up: */ - usedspace = freespace = 0; - return; - } - } - while (len >= SHA256_BLOCK_LENGTH) { - /* Process as many complete blocks as we can */ - SHA256_Transform(context, (const sha2_word32*)data); - context->bitcount += SHA256_BLOCK_LENGTH << 3; - len -= SHA256_BLOCK_LENGTH; - data += SHA256_BLOCK_LENGTH; - } - if (len > 0) { - /* There's left-overs, so save 'em */ - bcopy(data, context->buffer, len); - context->bitcount += len << 3; - } - /* Clean up: */ - usedspace = freespace = 0; -} - -void SHA256_Final(sha2_byte digest[], SHA256_CTX* context) { - sha2_word32 *d = (sha2_word32*)digest; - unsigned int usedspace; - - /* Sanity check: */ - assert(context != (SHA256_CTX*)0); - - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (sha2_byte*)0) { - usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH; -#if BYTE_ORDER == LITTLE_ENDIAN - /* Convert FROM host byte order */ - REVERSE64(context->bitcount,context->bitcount); -#endif - if (usedspace > 0) { - /* Begin padding with a 1 bit: */ - context->buffer[usedspace++] = 0x80; - - if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) { - /* Set-up for the last transform: */ - bzero(&context->buffer[usedspace], SHA256_SHORT_BLOCK_LENGTH - usedspace); - } else { - if (usedspace < SHA256_BLOCK_LENGTH) { - bzero(&context->buffer[usedspace], SHA256_BLOCK_LENGTH - usedspace); - } - /* Do second-to-last transform: */ - SHA256_Transform(context, (sha2_word32*)context->buffer); - - /* And set-up for the last transform: */ - bzero(context->buffer, SHA256_SHORT_BLOCK_LENGTH); - } - } else { - /* Set-up for the last transform: */ - bzero(context->buffer, SHA256_SHORT_BLOCK_LENGTH); - - /* Begin padding with a 1 bit: */ - *context->buffer = 0x80; - } - /* Set the bit count: */ - *(sha2_word64*)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount; - - /* Final transform: */ - SHA256_Transform(context, (sha2_word32*)context->buffer); - -#if BYTE_ORDER == LITTLE_ENDIAN - { - /* Convert TO host byte order */ - int j; - for (j = 0; j < 8; j++) { - REVERSE32(context->state[j],context->state[j]); - *d++ = context->state[j]; - } - } -#else - bcopy(context->state, d, SHA256_DIGEST_LENGTH); -#endif - } - - /* Clean up state data: */ - bzero(context, sizeof(context)); - usedspace = 0; -} - -char *SHA256_End(SHA256_CTX* context, char buffer[]) { - sha2_byte digest[SHA256_DIGEST_LENGTH], *d = digest; - int i; - - /* Sanity check: */ - assert(context != (SHA256_CTX*)0); - - if (buffer != (char*)0) { - SHA256_Final(digest, context); - - for (i = 0; i < SHA256_DIGEST_LENGTH; i++) { - *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; - *buffer++ = sha2_hex_digits[*d & 0x0f]; - d++; - } - *buffer = (char)0; - } else { - bzero(context, sizeof(context)); - } - bzero(digest, SHA256_DIGEST_LENGTH); - return buffer; -} - -char* SHA256_Data(const sha2_byte* data, size_t len, char digest[SHA256_DIGEST_STRING_LENGTH]) { - SHA256_CTX context; - - SHA256_Init(&context); - SHA256_Update(&context, data, len); - return SHA256_End(&context, digest); -} - - -/*** SHA-512: *********************************************************/ -void SHA512_Init(SHA512_CTX* context) { - if (context == (SHA512_CTX*)0) { - return; - } - bcopy(sha512_initial_hash_value, context->state, SHA512_DIGEST_LENGTH); - bzero(context->buffer, SHA512_BLOCK_LENGTH); - context->bitcount[0] = context->bitcount[1] = 0; -} - -#ifdef SHA2_UNROLL_TRANSFORM - -/* Unrolled SHA-512 round macros: */ -#if BYTE_ORDER == LITTLE_ENDIAN - -#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \ - REVERSE64(*data++, W512[j]); \ - T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \ - K512[j] + W512[j]; \ - (d) += T1, \ - (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)), \ - j++ - - -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - -#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \ - T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \ - K512[j] + (W512[j] = *data++); \ - (d) += T1; \ - (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \ - j++ - -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - -#define ROUND512(a,b,c,d,e,f,g,h) \ - s0 = W512[(j+1)&0x0f]; \ - s0 = sigma0_512(s0); \ - s1 = W512[(j+14)&0x0f]; \ - s1 = sigma1_512(s1); \ - T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + K512[j] + \ - (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \ - (d) += T1; \ - (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \ - j++ - -void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) { - sha2_word64 a, b, c, d, e, f, g, h, s0, s1; - sha2_word64 T1, *W512 = (sha2_word64*)context->buffer; - int j; - - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; - - j = 0; - do { - ROUND512_0_TO_15(a,b,c,d,e,f,g,h); - ROUND512_0_TO_15(h,a,b,c,d,e,f,g); - ROUND512_0_TO_15(g,h,a,b,c,d,e,f); - ROUND512_0_TO_15(f,g,h,a,b,c,d,e); - ROUND512_0_TO_15(e,f,g,h,a,b,c,d); - ROUND512_0_TO_15(d,e,f,g,h,a,b,c); - ROUND512_0_TO_15(c,d,e,f,g,h,a,b); - ROUND512_0_TO_15(b,c,d,e,f,g,h,a); - } while (j < 16); - - /* Now for the remaining rounds up to 79: */ - do { - ROUND512(a,b,c,d,e,f,g,h); - ROUND512(h,a,b,c,d,e,f,g); - ROUND512(g,h,a,b,c,d,e,f); - ROUND512(f,g,h,a,b,c,d,e); - ROUND512(e,f,g,h,a,b,c,d); - ROUND512(d,e,f,g,h,a,b,c); - ROUND512(c,d,e,f,g,h,a,b); - ROUND512(b,c,d,e,f,g,h,a); - } while (j < 80); - - /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; - - /* Clean up */ - a = b = c = d = e = f = g = h = T1 = 0; -} - -#else /* SHA2_UNROLL_TRANSFORM */ - -void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) { - sha2_word64 a, b, c, d, e, f, g, h, s0, s1; - sha2_word64 T1, T2, *W512 = (sha2_word64*)context->buffer; - int j; - - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; - - j = 0; - do { -#if BYTE_ORDER == LITTLE_ENDIAN - /* Convert TO host byte order */ - REVERSE64(*data++, W512[j]); - /* Apply the SHA-512 compression function to update a..h */ - T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j]; -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - /* Apply the SHA-512 compression function to update a..h with copy */ - T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + (W512[j] = *data++); -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - T2 = Sigma0_512(a) + Maj(a, b, c); - h = g; - g = f; - f = e; - e = d + T1; - d = c; - c = b; - b = a; - a = T1 + T2; - - j++; - } while (j < 16); - - do { - /* Part of the message block expansion: */ - s0 = W512[(j+1)&0x0f]; - s0 = sigma0_512(s0); - s1 = W512[(j+14)&0x0f]; - s1 = sigma1_512(s1); - - /* Apply the SHA-512 compression function to update a..h */ - T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + - (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); - T2 = Sigma0_512(a) + Maj(a, b, c); - h = g; - g = f; - f = e; - e = d + T1; - d = c; - c = b; - b = a; - a = T1 + T2; - - j++; - } while (j < 80); - - /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; - - /* Clean up */ - a = b = c = d = e = f = g = h = T1 = T2 = 0; -} - -#endif /* SHA2_UNROLL_TRANSFORM */ - -void SHA512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) { - unsigned int freespace, usedspace; - - if (len == 0) { - /* Calling with no data is valid - we do nothing */ - return; - } - - /* Sanity check: */ - assert(context != (SHA512_CTX*)0 && data != (sha2_byte*)0); - - usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH; - if (usedspace > 0) { - /* Calculate how much free space is available in the buffer */ - freespace = SHA512_BLOCK_LENGTH - usedspace; - - if (len >= freespace) { - /* Fill the buffer completely and process it */ - bcopy(data, &context->buffer[usedspace], freespace); - ADDINC128(context->bitcount, freespace << 3); - len -= freespace; - data += freespace; - SHA512_Transform(context, (sha2_word64*)context->buffer); - } else { - /* The buffer is not yet full */ - bcopy(data, &context->buffer[usedspace], len); - ADDINC128(context->bitcount, len << 3); - /* Clean up: */ - usedspace = freespace = 0; - return; - } - } - while (len >= SHA512_BLOCK_LENGTH) { - /* Process as many complete blocks as we can */ - SHA512_Transform(context, (const sha2_word64*)data); - ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3); - len -= SHA512_BLOCK_LENGTH; - data += SHA512_BLOCK_LENGTH; - } - if (len > 0) { - /* There's left-overs, so save 'em */ - bcopy(data, context->buffer, len); - ADDINC128(context->bitcount, len << 3); - } - /* Clean up: */ - usedspace = freespace = 0; -} - -void SHA512_Last(SHA512_CTX* context) { - unsigned int usedspace; - - usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH; -#if BYTE_ORDER == LITTLE_ENDIAN - /* Convert FROM host byte order */ - REVERSE64(context->bitcount[0],context->bitcount[0]); - REVERSE64(context->bitcount[1],context->bitcount[1]); -#endif - if (usedspace > 0) { - /* Begin padding with a 1 bit: */ - context->buffer[usedspace++] = 0x80; - - if (usedspace <= SHA512_SHORT_BLOCK_LENGTH) { - /* Set-up for the last transform: */ - bzero(&context->buffer[usedspace], SHA512_SHORT_BLOCK_LENGTH - usedspace); - } else { - if (usedspace < SHA512_BLOCK_LENGTH) { - bzero(&context->buffer[usedspace], SHA512_BLOCK_LENGTH - usedspace); - } - /* Do second-to-last transform: */ - SHA512_Transform(context, (sha2_word64*)context->buffer); - - /* And set-up for the last transform: */ - bzero(context->buffer, SHA512_BLOCK_LENGTH - 2); - } - } else { - /* Prepare for final transform: */ - bzero(context->buffer, SHA512_SHORT_BLOCK_LENGTH); - - /* Begin padding with a 1 bit: */ - *context->buffer = 0x80; - } - /* Store the length of input data (in bits): */ - *(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1]; - *(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0]; - - /* Final transform: */ - SHA512_Transform(context, (sha2_word64*)context->buffer); -} - -void SHA512_Final(sha2_byte digest[], SHA512_CTX* context) { - sha2_word64 *d = (sha2_word64*)digest; - - /* Sanity check: */ - assert(context != (SHA512_CTX*)0); - - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (sha2_byte*)0) { - SHA512_Last(context); - - /* Save the hash data for output: */ -#if BYTE_ORDER == LITTLE_ENDIAN - { - /* Convert TO host byte order */ - int j; - for (j = 0; j < 8; j++) { - REVERSE64(context->state[j],context->state[j]); - *d++ = context->state[j]; - } - } -#else - bcopy(context->state, d, SHA512_DIGEST_LENGTH); -#endif - } - - /* Zero out state data */ - bzero(context, sizeof(context)); -} - -char *SHA512_End(SHA512_CTX* context, char buffer[]) { - sha2_byte digest[SHA512_DIGEST_LENGTH], *d = digest; - int i; - - /* Sanity check: */ - assert(context != (SHA512_CTX*)0); - - if (buffer != (char*)0) { - SHA512_Final(digest, context); - - for (i = 0; i < SHA512_DIGEST_LENGTH; i++) { - *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; - *buffer++ = sha2_hex_digits[*d & 0x0f]; - d++; - } - *buffer = (char)0; - } else { - bzero(context, sizeof(context)); - } - bzero(digest, SHA512_DIGEST_LENGTH); - return buffer; -} - -char* SHA512_Data(const sha2_byte* data, size_t len, char digest[SHA512_DIGEST_STRING_LENGTH]) { - SHA512_CTX context; - - SHA512_Init(&context); - SHA512_Update(&context, data, len); - return SHA512_End(&context, digest); -} - - -/*** SHA-384: *********************************************************/ -void SHA384_Init(SHA384_CTX* context) { - if (context == (SHA384_CTX*)0) { - return; - } - bcopy(sha384_initial_hash_value, context->state, SHA512_DIGEST_LENGTH); - bzero(context->buffer, SHA384_BLOCK_LENGTH); - context->bitcount[0] = context->bitcount[1] = 0; -} - -void SHA384_Update(SHA384_CTX* context, const sha2_byte* data, size_t len) { - SHA512_Update((SHA512_CTX*)context, data, len); -} - -void SHA384_Final(sha2_byte digest[], SHA384_CTX* context) { - sha2_word64 *d = (sha2_word64*)digest; - - /* Sanity check: */ - assert(context != (SHA384_CTX*)0); - - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (sha2_byte*)0) { - SHA512_Last((SHA512_CTX*)context); - - /* Save the hash data for output: */ -#if BYTE_ORDER == LITTLE_ENDIAN - { - /* Convert TO host byte order */ - int j; - for (j = 0; j < 6; j++) { - REVERSE64(context->state[j],context->state[j]); - *d++ = context->state[j]; - } - } -#else - bcopy(context->state, d, SHA384_DIGEST_LENGTH); -#endif - } - - /* Zero out state data */ - bzero(context, sizeof(context)); -} - -char *SHA384_End(SHA384_CTX* context, char buffer[]) { - sha2_byte digest[SHA384_DIGEST_LENGTH], *d = digest; - int i; - - /* Sanity check: */ - assert(context != (SHA384_CTX*)0); - - if (buffer != (char*)0) { - SHA384_Final(digest, context); - - for (i = 0; i < SHA384_DIGEST_LENGTH; i++) { - *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; - *buffer++ = sha2_hex_digits[*d & 0x0f]; - d++; - } - *buffer = (char)0; - } else { - bzero(context, sizeof(context)); - } - bzero(digest, SHA384_DIGEST_LENGTH); - return buffer; -} - -char* SHA384_Data(const sha2_byte* data, size_t len, char digest[SHA384_DIGEST_STRING_LENGTH]) { - SHA384_CTX context; - - SHA384_Init(&context); - SHA384_Update(&context, data, len); - return SHA384_End(&context, digest); -} - -/*glue*/ -static struct env_md_st sha2_256_md = { - 0, /*NID_sha1*/ - 0, /*NID_sha1WithRSAEncryption*/ - SHA256_DIGEST_LENGTH, - SHA256_Init, - SHA256_Update, - SHA256_Final, - NULL, NULL, {0, 0, 0, 0}, - SHA256_BLOCK_LENGTH, - sizeof(struct env_md_st *) + sizeof(SHA256_CTX), -}; - -struct env_md_st *EVP_sha2_256(void) -{ - return(&sha2_256_md); -} - -static struct env_md_st sha2_384_md = { - 0, /*NID_sha1*/ - 0, /*NID_sha1WithRSAEncryption*/ - SHA384_DIGEST_LENGTH, - SHA384_Init, - SHA384_Update, - SHA384_Final, - NULL, NULL, {0, 0, 0, 0}, - SHA384_BLOCK_LENGTH, - sizeof(struct env_md_st *) + sizeof(SHA384_CTX), -}; - -struct env_md_st *EVP_sha2_384(void) -{ - return(&sha2_384_md); -} - -static struct env_md_st sha2_512_md = { - 0, /*NID_sha1*/ - 0, /*NID_sha1WithRSAEncryption*/ - SHA512_DIGEST_LENGTH, - SHA512_Init, - SHA512_Update, - SHA512_Final, - NULL, NULL, {0, 0, 0, 0}, /*EVP_PKEY_RSA_method*/ - SHA512_BLOCK_LENGTH, - sizeof(struct env_md_st *) + sizeof(SHA512_CTX), -}; - -struct env_md_st *EVP_sha2_512(void) -{ - return(&sha2_512_md); -} diff --git a/racoon.tproj/sha2.h b/racoon.tproj/sha2.h deleted file mode 100644 index 65f1d45..0000000 --- a/racoon.tproj/sha2.h +++ /dev/null @@ -1,144 +0,0 @@ -/* $KAME: sha2.h,v 1.1.1.1 2001/08/08 09:56:28 sakane Exp $ */ - -/* - * sha2.h - * - * Version 1.0.0beta1 - * - * Written by Aaron D. Gifford - * - * Copyright 2000 Aaron D. Gifford. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the copyright holder nor the names of contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTOR(S) BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#ifndef __SHA2_H__ -#define __SHA2_H__ - -#ifdef __cplusplus -extern "C" { -#endif - - -/*** SHA-256/384/512 Various Length Definitions ***********************/ -#define SHA256_BLOCK_LENGTH 64 -#define SHA256_DIGEST_LENGTH 32 -#define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1) -#define SHA384_BLOCK_LENGTH 128 -#define SHA384_DIGEST_LENGTH 48 -#define SHA384_DIGEST_STRING_LENGTH (SHA384_DIGEST_LENGTH * 2 + 1) -#define SHA512_BLOCK_LENGTH 128 -#define SHA512_DIGEST_LENGTH 64 -#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1) - - -/*** SHA-256/384/512 Context Structures *******************************/ -/* NOTE: If your architecture does not define either u_intXX_t types or - * uintXX_t (from inttypes.h), you may need to define things by hand - * for your system: - */ -#if 0 -typedef unsigned char u_int8_t; /* 1-byte (8-bits) */ -typedef unsigned int u_int32_t; /* 4-bytes (32-bits) */ -typedef unsigned long long u_int64_t; /* 8-bytes (64-bits) */ -#endif -/* - * Most BSD systems already define u_intXX_t types, as does Linux. - * Some systems, however, like Compaq's Tru64 Unix instead can use - * uintXX_t types defined by very recent ANSI C standards and included - * in the file: - * - * #include - * - * If you choose to use then please define: - * - * #define SHA2_USE_INTTYPES_H - * - * Or on the command line during compile: - * - * cc -DSHA2_USE_INTTYPES_H ... - */ -#if 0 /*def SHA2_USE_INTTYPES_H*/ - -typedef struct _SHA256_CTX { - uint32_t state[8]; - uint64_t bitcount; - uint8_t buffer[SHA256_BLOCK_LENGTH]; -} SHA256_CTX; -typedef struct _SHA512_CTX { - uint64_t state[8]; - uint64_t bitcount[2]; - uint8_t buffer[SHA512_BLOCK_LENGTH]; -} SHA512_CTX; - -#else /* SHA2_USE_INTTYPES_H */ - -typedef struct _SHA256_CTX { - u_int32_t state[8]; - u_int64_t bitcount; - u_int8_t buffer[SHA256_BLOCK_LENGTH]; -} SHA256_CTX; -typedef struct _SHA512_CTX { - u_int64_t state[8]; - u_int64_t bitcount[2]; - u_int8_t buffer[SHA512_BLOCK_LENGTH]; -} SHA512_CTX; - -#endif /* SHA2_USE_INTTYPES_H */ - -typedef SHA512_CTX SHA384_CTX; - - -/*** SHA-256/384/512 Function Prototypes ******************************/ - -void SHA256_Init __P((SHA256_CTX *)); -void SHA256_Update __P((SHA256_CTX*, const u_int8_t*, size_t)); -void SHA256_Final __P((u_int8_t[SHA256_DIGEST_LENGTH], SHA256_CTX*)); -char* SHA256_End __P((SHA256_CTX*, char[SHA256_DIGEST_STRING_LENGTH])); -char* SHA256_Data __P((const u_int8_t*, size_t, char[SHA256_DIGEST_STRING_LENGTH])); - -void SHA384_Init __P((SHA384_CTX*)); -void SHA384_Update __P((SHA384_CTX*, const u_int8_t*, size_t)); -void SHA384_Final __P((u_int8_t[SHA384_DIGEST_LENGTH], SHA384_CTX*)); -char* SHA384_End __P((SHA384_CTX*, char[SHA384_DIGEST_STRING_LENGTH])); -char* SHA384_Data __P((const u_int8_t*, size_t, char[SHA384_DIGEST_STRING_LENGTH])); - -void SHA512_Init __P((SHA512_CTX*)); -void SHA512_Update __P((SHA512_CTX*, const u_int8_t*, size_t)); -void SHA512_Final __P((u_int8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*)); -char* SHA512_End __P((SHA512_CTX*, char[SHA512_DIGEST_STRING_LENGTH])); -char* SHA512_Data __P((const u_int8_t*, size_t, char[SHA512_DIGEST_STRING_LENGTH])); - -struct env_md_st *EVP_sha2_256 __P((void)); -struct env_md_st *EVP_sha2_384 __P((void)); -struct env_md_st *EVP_sha2_512 __P((void)); - -#ifdef __cplusplus -} -#endif /* __cplusplus */ - -#endif /* __SHA2_H__ */ - diff --git a/racoon.tproj/sockmisc.c b/racoon.tproj/sockmisc.c deleted file mode 100644 index 24abd4e..0000000 --- a/racoon.tproj/sockmisc.c +++ /dev/null @@ -1,793 +0,0 @@ -/* $KAME: sockmisc.c,v 1.36 2002/04/15 06:20:08 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include -#ifdef IPV6_INRIA_VERSION -#include -#define IPV6_RECVDSTADDR IP_RECVDSTADDR -#else -#include -#endif -#include - -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "var.h" -#include "misc.h" -#include "plog.h" -#include "sockmisc.h" -#include "debug.h" -#include "gcmalloc.h" - -const int niflags = 0; - -/* - * compare two sockaddr without port number. - * OUT: 0: equal. - * 1: not equal. - */ -int -cmpsaddrwop(addr1, addr2) - struct sockaddr *addr1; - struct sockaddr *addr2; -{ - caddr_t sa1, sa2; - - if (addr1 == 0 && addr2 == 0) - return 0; - if (addr1 == 0 || addr2 == 0) - return 1; - - if (addr1->sa_len != addr2->sa_len - || addr1->sa_family != addr2->sa_family) - return 1; - - switch (addr1->sa_family) { - case AF_INET: - sa1 = (caddr_t)&((struct sockaddr_in *)addr1)->sin_addr; - sa2 = (caddr_t)&((struct sockaddr_in *)addr2)->sin_addr; - if (memcmp(sa1, sa2, sizeof(struct in_addr)) != 0) - return 1; - break; -#ifdef INET6 - case AF_INET6: - sa1 = (caddr_t)&((struct sockaddr_in6 *)addr1)->sin6_addr; - sa2 = (caddr_t)&((struct sockaddr_in6 *)addr2)->sin6_addr; - if (memcmp(sa1, sa2, sizeof(struct in6_addr)) != 0) - return 1; - if (((struct sockaddr_in6 *)addr1)->sin6_scope_id != - ((struct sockaddr_in6 *)addr2)->sin6_scope_id) - return 1; - break; -#endif - default: - return 1; - } - - return 0; -} - -/* - * compare two sockaddr with port, taking care wildcard. - * addr1 is a subject address, addr2 is in a database entry. - * OUT: 0: equal. - * 1: not equal. - */ -int -cmpsaddrwild(addr1, addr2) - struct sockaddr *addr1; - struct sockaddr *addr2; -{ - caddr_t sa1, sa2; - u_short port1, port2; - - if (addr1 == 0 && addr2 == 0) - return 0; - if (addr1 == 0 || addr2 == 0) - return 1; - - if (addr1->sa_len != addr2->sa_len - || addr1->sa_family != addr2->sa_family) - return 1; - - switch (addr1->sa_family) { - case AF_INET: - sa1 = (caddr_t)&((struct sockaddr_in *)addr1)->sin_addr; - sa2 = (caddr_t)&((struct sockaddr_in *)addr2)->sin_addr; - port1 = ((struct sockaddr_in *)addr1)->sin_port; - port2 = ((struct sockaddr_in *)addr2)->sin_port; - if (!(port1 == IPSEC_PORT_ANY || - port2 == IPSEC_PORT_ANY || - port1 == port2)) - return 1; - if (memcmp(sa1, sa2, sizeof(struct in_addr)) != 0) - return 1; - break; -#ifdef INET6 - case AF_INET6: - sa1 = (caddr_t)&((struct sockaddr_in6 *)addr1)->sin6_addr; - sa2 = (caddr_t)&((struct sockaddr_in6 *)addr2)->sin6_addr; - port1 = ((struct sockaddr_in6 *)addr1)->sin6_port; - port2 = ((struct sockaddr_in6 *)addr2)->sin6_port; - if (!(port1 == IPSEC_PORT_ANY || - port2 == IPSEC_PORT_ANY || - port1 == port2)) - return 1; - if (memcmp(sa1, sa2, sizeof(struct in6_addr)) != 0) - return 1; - if (((struct sockaddr_in6 *)addr1)->sin6_scope_id != - ((struct sockaddr_in6 *)addr2)->sin6_scope_id) - return 1; - break; -#endif - default: - return 1; - } - - return 0; -} - -/* - * compare two sockaddr with strict match on port. - * OUT: 0: equal. - * 1: not equal. - */ -int -cmpsaddrstrict(addr1, addr2) - struct sockaddr *addr1; - struct sockaddr *addr2; -{ - caddr_t sa1, sa2; - u_short port1, port2; - - if (addr1 == 0 && addr2 == 0) - return 0; - if (addr1 == 0 || addr2 == 0) - return 1; - - if (addr1->sa_len != addr2->sa_len - || addr1->sa_family != addr2->sa_family) - return 1; - - switch (addr1->sa_family) { - case AF_INET: - sa1 = (caddr_t)&((struct sockaddr_in *)addr1)->sin_addr; - sa2 = (caddr_t)&((struct sockaddr_in *)addr2)->sin_addr; - port1 = ((struct sockaddr_in *)addr1)->sin_port; - port2 = ((struct sockaddr_in *)addr2)->sin_port; - if (port1 != port2) - return 1; - if (memcmp(sa1, sa2, sizeof(struct in_addr)) != 0) - return 1; - break; -#ifdef INET6 - case AF_INET6: - sa1 = (caddr_t)&((struct sockaddr_in6 *)addr1)->sin6_addr; - sa2 = (caddr_t)&((struct sockaddr_in6 *)addr2)->sin6_addr; - port1 = ((struct sockaddr_in6 *)addr1)->sin6_port; - port2 = ((struct sockaddr_in6 *)addr2)->sin6_port; - if (port1 != port2) - return 1; - if (memcmp(sa1, sa2, sizeof(struct in6_addr)) != 0) - return 1; - if (((struct sockaddr_in6 *)addr1)->sin6_scope_id != - ((struct sockaddr_in6 *)addr2)->sin6_scope_id) - return 1; - break; -#endif - default: - return 1; - } - - return 0; -} - -/* get local address against the destination. */ -struct sockaddr * -getlocaladdr(remote) - struct sockaddr *remote; -{ - struct sockaddr *local; - int local_len = sizeof(struct sockaddr_storage); - int s; /* for dummy connection */ - - /* allocate buffer */ - if ((local = racoon_calloc(1, local_len)) == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to get address buffer.\n"); - goto err; - } - - /* get real interface received packet */ - if ((s = socket(remote->sa_family, SOCK_DGRAM, 0)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "socket (%s)\n", strerror(errno)); - goto err; - } - - if (connect(s, remote, remote->sa_len) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "connect (%s)\n", strerror(errno)); - close(s); - goto err; - } - - if (getsockname(s, local, &local_len) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "getsockname (%s)\n", strerror(errno)); - close(s); - return NULL; - } - - close(s); - return local; - - err: - if (local != NULL) - racoon_free(local); - return NULL; -} - -/* - * Receive packet, with src/dst information. It is assumed that necessary - * setsockopt() have already performed on socket. - */ -int -recvfromto(s, buf, buflen, flags, from, fromlen, to, tolen) - int s; - void *buf; - size_t buflen; - int flags; - struct sockaddr *from; - int *fromlen; - struct sockaddr *to; - int *tolen; -{ - int otolen; - int len; - struct sockaddr_storage ss; - struct msghdr m; - struct cmsghdr *cm; - struct iovec iov[2]; - u_char cmsgbuf[256]; -#if defined(INET6) && defined(ADVAPI) - struct in6_pktinfo *pi; -#endif /*ADVAPI*/ - struct sockaddr_in *sin; -#ifdef INET6 - struct sockaddr_in6 *sin6; -#endif - - len = sizeof(ss); - if (getsockname(s, (struct sockaddr *)&ss, &len) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "getsockname (%s)\n", strerror(errno)); - return -1; - } - - m.msg_name = (caddr_t)from; - m.msg_namelen = *fromlen; - iov[0].iov_base = (caddr_t)buf; - iov[0].iov_len = buflen; - m.msg_iov = iov; - m.msg_iovlen = 1; - memset(cmsgbuf, 0, sizeof(cmsgbuf)); - cm = (struct cmsghdr *)cmsgbuf; - m.msg_control = (caddr_t)cm; - m.msg_controllen = sizeof(cmsgbuf); - if ((len = recvmsg(s, &m, flags)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "recvmsg (%s)\n", strerror(errno)); - return -1; - } - *fromlen = m.msg_namelen; - - otolen = *tolen; - *tolen = 0; - for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(&m); - m.msg_controllen != 0 && cm; - cm = (struct cmsghdr *)CMSG_NXTHDR(&m, cm)) { -#if 0 - plog(LLV_ERROR, LOCATION, NULL, - "cmsg %d %d\n", cm->cmsg_level, cm->cmsg_type);) -#endif -#if defined(INET6) && defined(ADVAPI) - if (ss.ss_family == AF_INET6 - && cm->cmsg_level == IPPROTO_IPV6 - && cm->cmsg_type == IPV6_PKTINFO - && otolen >= sizeof(*sin6)) { - pi = (struct in6_pktinfo *)(CMSG_DATA(cm)); - *tolen = sizeof(*sin6); - sin6 = (struct sockaddr_in6 *)to; - memset(sin6, 0, sizeof(*sin6)); - sin6->sin6_family = AF_INET6; - sin6->sin6_len = sizeof(*sin6); - memcpy(&sin6->sin6_addr, &pi->ipi6_addr, - sizeof(sin6->sin6_addr)); - /* XXX other cases, such as site-local? */ - if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) - sin6->sin6_scope_id = pi->ipi6_ifindex; - else - sin6->sin6_scope_id = 0; - sin6->sin6_port = - ((struct sockaddr_in6 *)&ss)->sin6_port; - otolen = -1; /* "to" already set */ - continue; - } -#endif -#if defined(INET6) && defined(IPV6_RECVDSTADDR) - if (ss.ss_family == AF_INET6 - && cm->cmsg_level == IPPROTO_IPV6 - && cm->cmsg_type == IPV6_RECVDSTADDR - && otolen >= sizeof(*sin6)) { - *tolen = sizeof(*sin6); - sin6 = (struct sockaddr_in6 *)to; - memset(sin6, 0, sizeof(*sin6)); - sin6->sin6_family = AF_INET6; - sin6->sin6_len = sizeof(*sin6); - memcpy(&sin6->sin6_addr, CMSG_DATA(cm), - sizeof(sin6->sin6_addr)); - sin6->sin6_port = - ((struct sockaddr_in6 *)&ss)->sin6_port; - otolen = -1; /* "to" already set */ - continue; - } -#endif - if (ss.ss_family == AF_INET - && cm->cmsg_level == IPPROTO_IP - && cm->cmsg_type == IP_RECVDSTADDR - && otolen >= sizeof(*sin)) { - *tolen = sizeof(*sin); - sin = (struct sockaddr_in *)to; - memset(sin, 0, sizeof(*sin)); - sin->sin_family = AF_INET; - sin->sin_len = sizeof(*sin); - memcpy(&sin->sin_addr, CMSG_DATA(cm), - sizeof(sin->sin_addr)); - sin->sin_port = ((struct sockaddr_in *)&ss)->sin_port; - otolen = -1; /* "to" already set */ - continue; - } - } - - return len; -} - -/* send packet, with fixing src/dst address pair. */ -int -sendfromto(s, buf, buflen, src, dst, cnt) - int s, cnt; - const void *buf; - size_t buflen; - struct sockaddr *src; - struct sockaddr *dst; -{ - struct sockaddr_storage ss; - int len; - int i; - - if (src->sa_family != dst->sa_family) { - plog(LLV_ERROR, LOCATION, NULL, - "address family mismatch\n"); - return -1; - } - - len = sizeof(ss); - if (getsockname(s, (struct sockaddr *)&ss, &len) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "getsockname (%s)\n", strerror(errno)); - return -1; - } - - plog(LLV_DEBUG, LOCATION, NULL, - "sockname %s\n", saddr2str((struct sockaddr *)&ss)); - plog(LLV_DEBUG, LOCATION, NULL, - "send packet from %s\n", saddr2str(src)); - plog(LLV_DEBUG, LOCATION, NULL, - "send packet to %s\n", saddr2str(dst)); - - if (src->sa_family != ss.ss_family) { - plog(LLV_ERROR, LOCATION, NULL, - "address family mismatch\n"); - return -1; - } - - switch (src->sa_family) { -#if defined(INET6) && defined(ADVAPI) && !defined(IPV6_INRIA_VERSION) - case AF_INET6: - { - struct msghdr m; - struct cmsghdr *cm; - struct iovec iov[2]; - u_char cmsgbuf[256]; - struct in6_pktinfo *pi; - int ifindex; - struct sockaddr_in6 src6, dst6; - - memcpy(&src6, src, sizeof(src6)); - memcpy(&dst6, dst, sizeof(dst6)); - - /* XXX take care of other cases, such as site-local */ - ifindex = 0; - if (IN6_IS_ADDR_LINKLOCAL(&src6.sin6_addr) - || IN6_IS_ADDR_MULTICAST(&src6.sin6_addr)) { - ifindex = src6.sin6_scope_id; /*???*/ - } - - /* XXX some sanity check on dst6.sin6_scope_id */ - - /* flowinfo for IKE? mmm, maybe useful but for now make it 0 */ - src6.sin6_flowinfo = dst6.sin6_flowinfo = 0; - - memset(&m, 0, sizeof(m)); - m.msg_name = (caddr_t)&dst6; - m.msg_namelen = sizeof(dst6); - iov[0].iov_base = (char *)buf; - iov[0].iov_len = buflen; - m.msg_iov = iov; - m.msg_iovlen = 1; - - memset(cmsgbuf, 0, sizeof(cmsgbuf)); - cm = (struct cmsghdr *)cmsgbuf; - m.msg_control = (caddr_t)cm; - m.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo)); - - cm->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); - cm->cmsg_level = IPPROTO_IPV6; - cm->cmsg_type = IPV6_PKTINFO; - pi = (struct in6_pktinfo *)CMSG_DATA(cm); - memcpy(&pi->ipi6_addr, &src6.sin6_addr, sizeof(src6.sin6_addr)); - pi->ipi6_ifindex = ifindex; - - plog(LLV_DEBUG, LOCATION, NULL, - "src6 %s %d\n", - saddr2str((struct sockaddr *)&src6), - src6.sin6_scope_id); - plog(LLV_DEBUG, LOCATION, NULL, - "dst6 %s %d\n", - saddr2str((struct sockaddr *)&dst6), - dst6.sin6_scope_id); - - for (i = 0; i < cnt; i++) { - len = sendmsg(s, &m, 0 /*MSG_DONTROUTE*/); - if (len < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "sendmsg (%s)\n", strerror(errno)); - return -1; - } - plog(LLV_DEBUG, LOCATION, NULL, - "%d times of %d bytes message will be sent " - "to %s\n", - i + 1, len, saddr2str(src)); - } - plogdump(LLV_DEBUG, (char *)buf, buflen); - - return len; - } -#endif - default: - { - int needclose = 0; - int sendsock; - - if (ss.ss_family == src->sa_family && memcmp(&ss, src, src->sa_len) == 0) { - sendsock = s; - needclose = 0; - } else { - int yes = 1; - /* - * Use newly opened socket for sending packets. - * NOTE: this is unsafe, because if the peer is quick enough - * the packet from the peer may be queued into sendsock. - * Better approach is to prepare bind'ed udp sockets for - * each of the interface addresses. - */ - sendsock = socket(src->sa_family, SOCK_DGRAM, 0); - if (sendsock < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "socket (%s)\n", strerror(errno)); - return -1; - } - if (setsockopt(sendsock, SOL_SOCKET, SO_REUSEPORT, - (void *)&yes, sizeof(yes)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt (%s)\n", strerror(errno)); - close(sendsock); - return -1; - } -#ifdef IPV6_USE_MIN_MTU - if (src->sa_family == AF_INET6 && - setsockopt(sendsock, IPPROTO_IPV6, IPV6_USE_MIN_MTU, - (void *)&yes, sizeof(yes)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt (%s)\n", strerror(errno)); - close(sendsock); - return -1; - } -#endif - if (setsockopt_bypass(sendsock, src->sa_family) < 0) { - close(sendsock); - return -1; - } - - if (bind(sendsock, (struct sockaddr *)src, src->sa_len) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "bind 1 (%s)\n", strerror(errno)); - close(sendsock); - return -1; - } - needclose = 1; - } - - for (i = 0; i < cnt; i++) { - len = sendto(sendsock, buf, buflen, 0, dst, dst->sa_len); - if (len < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "sendto (%s)\n", strerror(errno)); - if (needclose) - close(sendsock); - return len; - } - plog(LLV_DEBUG, LOCATION, NULL, - "%d times of %d bytes message will be sent " - "to %s\n", - i + 1, len, saddr2str(src)); - } - plogdump(LLV_DEBUG, (char *)buf, buflen); - - if (needclose) - close(sendsock); - - return len; - } - } -} - -int -setsockopt_bypass(so, family) - int so, family; -{ - int level; - char *buf; - char *policy; - - switch (family) { - case AF_INET: - level = IPPROTO_IP; - break; -#ifdef INET6 - case AF_INET6: - level = IPPROTO_IPV6; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "unsupported address family %d\n", family); - return -1; - } - - policy = "in bypass"; - buf = ipsec_set_policy(policy, strlen(policy)); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "ipsec_set_policy (%s)\n", - ipsec_strerror()); - return -1; - } - if (setsockopt(so, level, - (level == IPPROTO_IP ? - IP_IPSEC_POLICY : IPV6_IPSEC_POLICY), - buf, ipsec_get_policylen(buf)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt (%s)\n", - strerror(errno)); - return -1; - } - racoon_free(buf); - - policy = "out bypass"; - buf = ipsec_set_policy(policy, strlen(policy)); - if (buf == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "ipsec_set_policy (%s)\n", - ipsec_strerror()); - return -1; - } - if (setsockopt(so, level, - (level == IPPROTO_IP ? - IP_IPSEC_POLICY : IPV6_IPSEC_POLICY), - buf, ipsec_get_policylen(buf)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt (%s)\n", - strerror(errno)); - return -1; - } - racoon_free(buf); - - return 0; -} - -struct sockaddr * -newsaddr(len) - int len; -{ - struct sockaddr *new; - - new = racoon_calloc(1, len); - if (new == NULL) - plog(LLV_ERROR, LOCATION, NULL, - "%s\n", strerror(errno)); - - /* initial */ - new->sa_len = len; - - return new; -} - -struct sockaddr * -dupsaddr(src) - struct sockaddr *src; -{ - struct sockaddr *dst; - - dst = racoon_calloc(1, src->sa_len); - if (dst == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "%s\n", strerror(errno)); - return NULL; - } - - memcpy(dst, src, src->sa_len); - - return dst; -} - -char * -saddr2str(saddr) - const struct sockaddr *saddr; -{ - static char buf[NI_MAXHOST + NI_MAXSERV + 10]; - char addr[NI_MAXHOST], port[NI_MAXSERV]; - - if (saddr == NULL) - return NULL; - - GETNAMEINFO(saddr, addr, port); - snprintf(buf, sizeof(buf), "%s[%s]", addr, port); - - return buf; -} - -char * -saddrwop2str(saddr) - struct sockaddr *saddr; -{ - static char buf[NI_MAXHOST + NI_MAXSERV + 10]; - char addr[NI_MAXHOST]; - - if (saddr == NULL) - return NULL; - - GETNAMEINFO(saddr, addr, NULL); - snprintf(buf, sizeof(buf), "%s", addr); - - return buf; -} - -struct sockaddr * -str2saddr(host, port) - char *host; - char *port; -{ - struct addrinfo hints, *res; - struct sockaddr *saddr; - int error; - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_DGRAM; - hints.ai_flags = AI_NUMERICHOST; - error = getaddrinfo(host, port, &hints, &res); - if (error != 0) { - plog(LLV_ERROR, LOCATION, NULL, - "getaddrinfo(%s%s%s): %s", - host, port ? "," : "", port ? port : "", - gai_strerror(error)); - return NULL; - } - if (res->ai_next != NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "getaddrinfo(%s%s%s): " - "resolved to multiple address, " - "taking the first one", - host, port ? "," : "", port ? port : ""); - } - saddr = racoon_malloc(res->ai_addrlen); - if (saddr == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate buffer.\n"); - freeaddrinfo(res); - return NULL; - } - memcpy(saddr, res->ai_addr, res->ai_addrlen); - freeaddrinfo(res); - - return saddr; -} - -void -mask_sockaddr(a, b, l) - struct sockaddr *a; - const struct sockaddr *b; - size_t l; -{ - size_t i; - u_int8_t *p, alen; - - switch (b->sa_family) { - case AF_INET: - alen = sizeof(struct in_addr); - p = (u_int8_t *)&((struct sockaddr_in *)a)->sin_addr; - break; -#ifdef INET6 - case AF_INET6: - alen = sizeof(struct in6_addr); - p = (u_int8_t *)&((struct sockaddr_in6 *)a)->sin6_addr; - break; -#endif - default: - plog(LLV_ERROR, LOCATION, NULL, - "invalid family: %d\n", b->sa_family); - exit(1); - } - - if ((alen << 3) < l) { - plog(LLV_ERROR, LOCATION, NULL, - "unexpected inconsistency: %d %d\n", b->sa_family, l); - exit(1); - } - - memcpy(a, b, b->sa_len); - p[l / 8] &= (0xff00 >> (l % 8)) & 0xff; - for (i = l / 8 + 1; i < alen; i++) - p[i] = 0x00; -} diff --git a/racoon.tproj/sockmisc.h b/racoon.tproj/sockmisc.h deleted file mode 100644 index b323ca5..0000000 --- a/racoon.tproj/sockmisc.h +++ /dev/null @@ -1,59 +0,0 @@ -/* $KAME: sockmisc.h,v 1.12 2001/12/07 08:39:39 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __SOCKMISC_H__ -#define __SOCKMISC_H__ - -extern const int niflags; - -extern int cmpsaddrwop __P((struct sockaddr *, struct sockaddr *)); -extern int cmpsaddrwild __P((struct sockaddr *, struct sockaddr *)); -extern int cmpsaddrstrict __P((struct sockaddr *, struct sockaddr *)); - -extern struct sockaddr *getlocaladdr __P((struct sockaddr *)); - -extern int recvfromto __P((int, void *, size_t, int, - struct sockaddr *, int *, struct sockaddr *, int *)); -extern int sendfromto __P((int, const void *, size_t, - struct sockaddr *, struct sockaddr *, int)); - -extern int setsockopt_bypass __P((int, int)); - -extern struct sockaddr *newsaddr __P((int)); -extern struct sockaddr *dupsaddr __P((struct sockaddr *)); -extern char *saddr2str __P((const struct sockaddr *)); -extern char *saddrwop2str __P((struct sockaddr *)); -extern struct sockaddr *str2saddr __P((char *, char *)); -extern void mask_sockaddr __P((struct sockaddr *, const struct sockaddr *, - size_t)); - -#endif /* __SOCKMISC_H__ */ - diff --git a/racoon.tproj/str2val.c b/racoon.tproj/str2val.c deleted file mode 100644 index fa8c6cf..0000000 --- a/racoon.tproj/str2val.c +++ /dev/null @@ -1,122 +0,0 @@ -/* $KAME: str2val.c,v 1.11 2001/08/16 14:37:29 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include - -#include "str2val.h" -#include "gcmalloc.h" - -/* - * exchange a value to a hex string. - * must free buffer allocated later. - */ -caddr_t -val2str(buf, mlen) - const char *buf; - size_t mlen; -{ - caddr_t new; - size_t len = (mlen * 2) + mlen / 8 + 10; - size_t i, j; - - if ((new = racoon_malloc(len)) == 0) return(0); - - for (i = 0, j = 0; i < mlen; i++) { - snprintf(&new[j], len - j, "%02x", (u_char)buf[i]); - j += 2; - if (i % 8 == 7) { - new[j++] = ' '; - new[j] = '\0'; - } - } - new[j] = '\0'; - - return(new); -} - -/* - * exchange a string based "base" to a value. - */ -char * -str2val(str, base, len) - const char *str; - int base; - size_t *len; -{ - int f; - size_t i; - char *dst; - char *rp; - const char *p; - char b[3]; - - i = 0; - for (p = str; *p != '\0'; p++) { - if (isxdigit(*p)) - i++; - else if (isspace(*p)) - ; - else - return NULL; - } - if (i == 0 || (i % 2) != 0) - return NULL; - i /= 2; - - if ((dst = racoon_malloc(i)) == NULL) - return NULL; - - i = 0; - f = 0; - for (rp = dst, p = str; *p != '\0'; p++) { - if (isxdigit(*p)) { - if (!f) { - b[0] = *p; - f = 1; - } else { - b[1] = *p; - b[2] = '\0'; - *rp++ = (char)strtol(b, NULL, base); - i++; - f = 0; - } - } - } - - *len = i; - - return(dst); -} diff --git a/racoon.tproj/str2val.h b/racoon.tproj/str2val.h deleted file mode 100644 index 296e0a9..0000000 --- a/racoon.tproj/str2val.h +++ /dev/null @@ -1,40 +0,0 @@ -/* $KAME: str2val.h,v 1.6 2001/08/16 14:37:29 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __STR2VAL_H__ -#define __STR2VAL_H__ - -extern caddr_t val2str __P((const char *, size_t)); -extern char *str2val __P((const char *, int, size_t *)); - - -#endif /* __STR2VAL_H__ */ - diff --git a/racoon.tproj/strnames.c b/racoon.tproj/strnames.c deleted file mode 100644 index c460d8f..0000000 --- a/racoon.tproj/strnames.c +++ /dev/null @@ -1,843 +0,0 @@ -/* $KAME: strnames.c,v 1.23 2001/12/12 18:23:42 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include - -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" - -#include "isakmp_var.h" -#include "isakmp.h" -#include "ipsec_doi.h" -#include "oakley.h" -#include "handler.h" -#include "pfkey.h" -#include "strnames.h" -#include "algorithm.h" - -struct ksmap { - int key; - char *str; - char *(*f) __P((int)); -}; - -static char *num2str __P((int n)); - -static char * -num2str(n) - int n; -{ - static char buf[20]; - - snprintf(buf, sizeof(buf), "%d", n); - - return buf; -} - -/* isakmp.h */ -char * -s_isakmp_state(t, d, s) - int t, d, s; -{ - switch (t) { - case ISAKMP_ETYPE_AGG: - switch (d) { - case INITIATOR: - switch (s) { - case PHASE1ST_MSG1SENT: - return "agg I msg1"; - case PHASE1ST_ESTABLISHED: - return "agg I msg2"; - default: - break; - } - case RESPONDER: - switch (s) { - case PHASE1ST_MSG1SENT: - return "agg R msg1"; - default: - break; - } - } - break; - case ISAKMP_ETYPE_BASE: - switch (d) { - case INITIATOR: - switch (s) { - case PHASE1ST_MSG1SENT: - return "base I msg1"; - case PHASE1ST_MSG2SENT: - return "base I msg2"; - default: - break; - } - case RESPONDER: - switch (s) { - case PHASE1ST_MSG1SENT: - return "base R msg1"; - case PHASE1ST_ESTABLISHED: - return "base R msg2"; - default: - break; - } - } - break; - case ISAKMP_ETYPE_IDENT: - switch (d) { - case INITIATOR: - switch (s) { - case PHASE1ST_MSG1SENT: - return "ident I msg1"; - case PHASE1ST_MSG2SENT: - return "ident I msg2"; - case PHASE1ST_MSG3SENT: - return "ident I msg3"; - default: - break; - } - case RESPONDER: - switch (s) { - case PHASE1ST_MSG1SENT: - return "ident R msg1"; - case PHASE1ST_MSG2SENT: - return "ident R msg2"; - case PHASE1ST_ESTABLISHED: - return "ident R msg3"; - default: - break; - } - } - break; - case ISAKMP_ETYPE_QUICK: - switch (d) { - case INITIATOR: - switch (s) { - case PHASE2ST_MSG1SENT: - return "quick I msg1"; - case PHASE2ST_ADDSA: - return "quick I msg2"; - default: - break; - } - case RESPONDER: - switch (s) { - case PHASE2ST_MSG1SENT: - return "quick R msg1"; - case PHASE2ST_COMMIT: - return "quick R msg2"; - default: - break; - } - } - break; - default: - case ISAKMP_ETYPE_NONE: - case ISAKMP_ETYPE_AUTH: - case ISAKMP_ETYPE_INFO: - case ISAKMP_ETYPE_NEWGRP: - case ISAKMP_ETYPE_ACKINFO: - break; - } - /*NOTREACHED*/ - - return "???"; -} - -static struct ksmap name_isakmp_certtype[] = { -{ ISAKMP_CERT_NONE, "NONE", NULL }, -{ ISAKMP_CERT_PKCS7, "PKCS #7 wrapped X.509 certificate", NULL }, -{ ISAKMP_CERT_PGP, "PGP Certificate", NULL }, -{ ISAKMP_CERT_DNS, "DNS Signed Key", NULL }, -{ ISAKMP_CERT_X509SIGN, "X.509 Certificate Signature", NULL }, -{ ISAKMP_CERT_X509KE, "X.509 Certificate Key Exchange", NULL }, -{ ISAKMP_CERT_KERBEROS, "Kerberos Tokens", NULL }, -{ ISAKMP_CERT_CRL, "Certificate Revocation List (CRL)", NULL }, -{ ISAKMP_CERT_ARL, "Authority Revocation List (ARL)", NULL }, -{ ISAKMP_CERT_SPKI, "SPKI Certificate", NULL }, -{ ISAKMP_CERT_X509ATTR, "X.509 Certificate Attribute", NULL }, -}; - -char * -s_isakmp_certtype(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_isakmp_certtype); i++) - if (name_isakmp_certtype[i].key == k) - return name_isakmp_certtype[i].str; - return num2str(k); -} - -static struct ksmap name_isakmp_etype[] = { -{ ISAKMP_ETYPE_NONE, "None", NULL }, -{ ISAKMP_ETYPE_BASE, "Base", NULL }, -{ ISAKMP_ETYPE_IDENT, "Identity Protection", NULL }, -{ ISAKMP_ETYPE_AUTH, "Authentication Only", NULL }, -{ ISAKMP_ETYPE_AGG, "Aggressive", NULL }, -{ ISAKMP_ETYPE_INFO, "Informational", NULL }, -{ ISAKMP_ETYPE_QUICK, "Quick", NULL }, -{ ISAKMP_ETYPE_NEWGRP, "New Group", NULL }, -{ ISAKMP_ETYPE_ACKINFO, "Acknowledged Informational", NULL }, -}; - -char * -s_isakmp_etype(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_isakmp_etype); i++) - if (name_isakmp_etype[i].key == k) - return name_isakmp_etype[i].str; - return num2str(k); -} - -static struct ksmap name_isakmp_notify_msg[] = { -{ ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE, "INVALID-PAYLOAD-TYPE", NULL }, -{ ISAKMP_NTYPE_DOI_NOT_SUPPORTED, "DOI-NOT-SUPPORTED", NULL }, -{ ISAKMP_NTYPE_SITUATION_NOT_SUPPORTED, "SITUATION-NOT-SUPPORTED", NULL }, -{ ISAKMP_NTYPE_INVALID_COOKIE, "INVALID-COOKIE", NULL }, -{ ISAKMP_NTYPE_INVALID_MAJOR_VERSION, "INVALID-MAJOR-VERSION", NULL }, -{ ISAKMP_NTYPE_INVALID_MINOR_VERSION, "INVALID-MINOR-VERSION", NULL }, -{ ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE, "INVALID-EXCHANGE-TYPE", NULL }, -{ ISAKMP_NTYPE_INVALID_FLAGS, "INVALID-FLAGS", NULL }, -{ ISAKMP_NTYPE_INVALID_MESSAGE_ID, "INVALID-MESSAGE-ID", NULL }, -{ ISAKMP_NTYPE_INVALID_PROTOCOL_ID, "INVALID-PROTOCOL-ID", NULL }, -{ ISAKMP_NTYPE_INVALID_SPI, "INVALID-SPI", NULL }, -{ ISAKMP_NTYPE_INVALID_TRANSFORM_ID, "INVALID-TRANSFORM-ID", NULL }, -{ ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED, "ATTRIBUTES-NOT-SUPPORTED", NULL }, -{ ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN, "NO-PROPOSAL-CHOSEN", NULL }, -{ ISAKMP_NTYPE_BAD_PROPOSAL_SYNTAX, "BAD-PROPOSAL-SYNTAX", NULL }, -{ ISAKMP_NTYPE_PAYLOAD_MALFORMED, "PAYLOAD-MALFORMED", NULL }, -{ ISAKMP_NTYPE_INVALID_KEY_INFORMATION, "INVALID-KEY-INFORMATION", NULL }, -{ ISAKMP_NTYPE_INVALID_ID_INFORMATION, "INVALID-ID-INFORMATION", NULL }, -{ ISAKMP_NTYPE_INVALID_CERT_ENCODING, "INVALID-CERT-ENCODING", NULL }, -{ ISAKMP_NTYPE_INVALID_CERTIFICATE, "INVALID-CERTIFICATE", NULL }, -{ ISAKMP_NTYPE_BAD_CERT_REQUEST_SYNTAX, "BAD-CERT-REQUEST-SYNTAX", NULL }, -{ ISAKMP_NTYPE_INVALID_CERT_AUTHORITY, "INVALID-CERT-AUTHORITY", NULL }, -{ ISAKMP_NTYPE_INVALID_HASH_INFORMATION, "INVALID-HASH-INFORMATION", NULL }, -{ ISAKMP_NTYPE_AUTHENTICATION_FAILED, "AUTHENTICATION-FAILED", NULL }, -{ ISAKMP_NTYPE_INVALID_SIGNATURE, "INVALID-SIGNATURE", NULL }, -{ ISAKMP_NTYPE_ADDRESS_NOTIFICATION, "ADDRESS-NOTIFICATION", NULL }, -{ ISAKMP_NTYPE_NOTIFY_SA_LIFETIME, "NOTIFY-SA-LIFETIME", NULL }, -{ ISAKMP_NTYPE_CERTIFICATE_UNAVAILABLE, "CERTIFICATE-UNAVAILABLE", NULL }, -{ ISAKMP_NTYPE_UNSUPPORTED_EXCHANGE_TYPE, "UNSUPPORTED-EXCHANGE-TYPE", NULL }, -{ ISAKMP_NTYPE_UNEQUAL_PAYLOAD_LENGTHS, "UNEQUAL-PAYLOAD-LENGTHS", NULL }, -{ ISAKMP_NTYPE_CONNECTED, "CONNECTED", NULL }, -{ ISAKMP_NTYPE_RESPONDER_LIFETIME, "RESPONDER-LIFETIME", NULL }, -{ ISAKMP_NTYPE_REPLAY_STATUS, "REPLAY-STATUS", NULL }, -{ ISAKMP_NTYPE_INITIAL_CONTACT, "INITIAL-CONTACT", NULL }, -{ ISAKMP_LOG_RETRY_LIMIT_REACHED, "RETRY-LIMIT-REACHED", NULL }, -}; - -char * -s_isakmp_notify_msg(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_isakmp_notify_msg); i++) - if (name_isakmp_notify_msg[i].key == k) - return name_isakmp_notify_msg[i].str; - - return num2str(k); -} - -static struct ksmap name_isakmp_nptype[] = { -{ ISAKMP_NPTYPE_NONE, "none", NULL }, -{ ISAKMP_NPTYPE_SA, "sa", NULL }, -{ ISAKMP_NPTYPE_P, "prop", NULL }, -{ ISAKMP_NPTYPE_T, "trns", NULL }, -{ ISAKMP_NPTYPE_KE, "ke", NULL }, -{ ISAKMP_NPTYPE_ID, "id", NULL }, -{ ISAKMP_NPTYPE_CERT, "cert", NULL }, -{ ISAKMP_NPTYPE_CR, "cr", NULL }, -{ ISAKMP_NPTYPE_HASH, "hash", NULL }, -{ ISAKMP_NPTYPE_SIG, "sig", NULL }, -{ ISAKMP_NPTYPE_NONCE, "nonce", NULL }, -{ ISAKMP_NPTYPE_N, "notify", NULL }, -{ ISAKMP_NPTYPE_D, "delete", NULL }, -{ ISAKMP_NPTYPE_VID, "vid", NULL }, -{ ISAKMP_NPTYPE_GSS, "gss id", NULL }, -{ 0, "", NULL }, -{ ISAKMP_NPTYPE_NATD_RFC, "natd", NULL }, -{ ISAKMP_NPTYPE_NATOA_RFC, "nat-oa", NULL }, -{ ISAKMP_NPTYPE_NATD_DRAFT, "natd (draft)", NULL }, -{ ISAKMP_NPTYPE_NATOA_DRAFT, "nat-oa (draft)", NULL }, -{ ISAKMP_NPTYPE_NATD_BADDRAFT, "natd (bad draft)", NULL }, -{ ISAKMP_NPTYPE_NATOA_BADDRAFT, "nat-oa (bad draft)", NULL } -}; - -char * -s_isakmp_nptype(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_isakmp_nptype); i++) - if (name_isakmp_nptype[i].key == k) - return name_isakmp_nptype[i].str; - return num2str(k); -} - -/* ipsec_doi.h */ -static struct ksmap name_ipsecdoi_proto[] = { -{ IPSECDOI_PROTO_ISAKMP, "ISAKMP", s_ipsecdoi_trns_isakmp }, -{ IPSECDOI_PROTO_IPSEC_AH, "AH", s_ipsecdoi_trns_ah }, -{ IPSECDOI_PROTO_IPSEC_ESP, "ESP", s_ipsecdoi_trns_esp }, -{ IPSECDOI_PROTO_IPCOMP, "IPCOMP", s_ipsecdoi_trns_ipcomp }, -}; - -char * -s_ipsecdoi_proto(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_ipsecdoi_proto); i++) - if (name_ipsecdoi_proto[i].key == k) - return name_ipsecdoi_proto[i].str; - return num2str(k); -} - -static struct ksmap name_ipsecdoi_trns_isakmp[] = { -{ IPSECDOI_KEY_IKE, "IKE", NULL }, -}; - -char * -s_ipsecdoi_trns_isakmp(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_isakmp); i++) - if (name_ipsecdoi_trns_isakmp[i].key == k) - return name_ipsecdoi_trns_isakmp[i].str; - return num2str(k); -} - -static struct ksmap name_ipsecdoi_trns_ah[] = { -{ IPSECDOI_AH_MD5, "MD5", NULL }, -{ IPSECDOI_AH_SHA, "SHA", NULL }, -{ IPSECDOI_AH_DES, "DES", NULL }, -}; - -char * -s_ipsecdoi_trns_ah(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_ah); i++) - if (name_ipsecdoi_trns_ah[i].key == k) - return name_ipsecdoi_trns_ah[i].str; - return num2str(k); -} - -static struct ksmap name_ipsecdoi_trns_esp[] = { -{ IPSECDOI_ESP_DES_IV64, "DES_IV64", NULL }, -{ IPSECDOI_ESP_DES, "DES", NULL }, -{ IPSECDOI_ESP_3DES, "3DES", NULL }, -{ IPSECDOI_ESP_RC5, "RC5", NULL }, -{ IPSECDOI_ESP_IDEA, "IDEA", NULL }, -{ IPSECDOI_ESP_CAST, "CAST", NULL }, -{ IPSECDOI_ESP_BLOWFISH, "BLOWFISH", NULL }, -{ IPSECDOI_ESP_3IDEA, "3IDEA", NULL }, -{ IPSECDOI_ESP_DES_IV32, "DES_IV32", NULL }, -{ IPSECDOI_ESP_RC4, "RC4", NULL }, -{ IPSECDOI_ESP_NULL, "NULL", NULL }, -{ IPSECDOI_ESP_RIJNDAEL, "RIJNDAEL", NULL }, -{ IPSECDOI_ESP_TWOFISH, "TWOFISH", NULL }, -}; - -char * -s_ipsecdoi_trns_esp(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_esp); i++) - if (name_ipsecdoi_trns_esp[i].key == k) - return name_ipsecdoi_trns_esp[i].str; - return num2str(k); -} - -static struct ksmap name_ipsecdoi_trns_ipcomp[] = { -{ IPSECDOI_IPCOMP_OUI, "OUI", NULL}, -{ IPSECDOI_IPCOMP_DEFLATE, "DEFLATE", NULL}, -{ IPSECDOI_IPCOMP_LZS, "LZS", NULL}, -}; - -char * -s_ipsecdoi_trns_ipcomp(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_ipcomp); i++) - if (name_ipsecdoi_trns_ipcomp[i].key == k) - return name_ipsecdoi_trns_ipcomp[i].str; - return num2str(k); -} - -char * -s_ipsecdoi_trns(proto, trns) - int proto, trns; -{ - int i; - for (i = 0; i < ARRAYLEN(name_ipsecdoi_proto); i++) - if (name_ipsecdoi_proto[i].key == proto - && name_ipsecdoi_proto[i].f) - return (name_ipsecdoi_proto[i].f)(trns); - return num2str(trns); -} - -static struct ksmap name_attr_ipsec[] = { -{ IPSECDOI_ATTR_SA_LD_TYPE, "SA Life Type", s_ipsecdoi_ltype }, -{ IPSECDOI_ATTR_SA_LD, "SA Life Duration", NULL }, -{ IPSECDOI_ATTR_GRP_DESC, "Group Description", NULL }, -{ IPSECDOI_ATTR_ENC_MODE, "Encription Mode", s_ipsecdoi_encmode }, -{ IPSECDOI_ATTR_AUTH, "Authentication Algorithm", s_ipsecdoi_auth }, -{ IPSECDOI_ATTR_KEY_LENGTH, "Key Length", NULL }, -{ IPSECDOI_ATTR_KEY_ROUNDS, "Key Rounds", NULL }, -{ IPSECDOI_ATTR_COMP_DICT_SIZE, "Compression Dictionary Size", NULL }, -{ IPSECDOI_ATTR_COMP_PRIVALG, "Compression Private Algorithm", NULL }, -}; - -char * -s_ipsecdoi_attr(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_attr_ipsec); i++) - if (name_attr_ipsec[i].key == k) - return name_attr_ipsec[i].str; - return num2str(k); -} - -static struct ksmap name_attr_ipsec_ltype[] = { -{ IPSECDOI_ATTR_SA_LD_TYPE_SEC, "seconds", NULL }, -{ IPSECDOI_ATTR_SA_LD_TYPE_KB, "kilobytes", NULL }, -}; - -char * -s_ipsecdoi_ltype(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_attr_ipsec_ltype); i++) - if (name_attr_ipsec_ltype[i].key == k) - return name_attr_ipsec_ltype[i].str; - return num2str(k); -} - -static struct ksmap name_attr_ipsec_encmode[] = { -{ IPSECDOI_ATTR_ENC_MODE_ANY, "Any", NULL }, -{ IPSECDOI_ATTR_ENC_MODE_TUNNEL, "Tunnel", NULL }, -{ IPSECDOI_ATTR_ENC_MODE_TRNS, "Transport", NULL }, -{ IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC, "UDP Encapsulated Tunnel", NULL }, -{ IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC, "UDP Encapsulated Transport", NULL }, -{ IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT, "UDP Encapsulated Tunnel (NATT DRAFT)", NULL }, -{ IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT, "UDP Encapsulated Transport (NATT DRAFT)", NULL }, -}; - -char * -s_ipsecdoi_encmode(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_attr_ipsec_encmode); i++) - if (name_attr_ipsec_encmode[i].key == k) - return name_attr_ipsec_encmode[i].str; - return num2str(k); -} - -static struct ksmap name_attr_ipsec_auth[] = { -{ IPSECDOI_ATTR_AUTH_HMAC_MD5, "hmac-md5", NULL }, -{ IPSECDOI_ATTR_AUTH_HMAC_SHA1, "hmac-sha", NULL }, -{ IPSECDOI_ATTR_AUTH_DES_MAC, "des-mac", NULL }, -{ IPSECDOI_ATTR_AUTH_KPDK, "kpdk", NULL }, -}; - -char * -s_ipsecdoi_auth(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_attr_ipsec_auth); i++) - if (name_attr_ipsec_auth[i].key == k) - return name_attr_ipsec_auth[i].str; - return num2str(k); -} - -char * -s_ipsecdoi_attr_v(type, val) - int type, val; -{ - int i; - for (i = 0; i < ARRAYLEN(name_ipsecdoi_proto); i++) - if (name_attr_ipsec[i].key == type - && name_attr_ipsec[i].f) - return (name_attr_ipsec[i].f)(val); - return num2str(val); -} - -static struct ksmap name_ipsecdoi_ident[] = { -{ IPSECDOI_ID_IPV4_ADDR, "IPv4_address", NULL }, -{ IPSECDOI_ID_FQDN, "FQDN", NULL }, -{ IPSECDOI_ID_USER_FQDN, "User_FQDN", NULL }, -{ IPSECDOI_ID_IPV4_ADDR_SUBNET, "IPv4_subnet", NULL }, -{ IPSECDOI_ID_IPV6_ADDR, "IPv6_address", NULL }, -{ IPSECDOI_ID_IPV6_ADDR_SUBNET, "IPv6_subnet", NULL }, -{ IPSECDOI_ID_IPV4_ADDR_RANGE, "IPv4_address_range", NULL }, -{ IPSECDOI_ID_IPV6_ADDR_RANGE, "IPv6_address_range", NULL }, -{ IPSECDOI_ID_DER_ASN1_DN, "DER_ASN1_DN", NULL }, -{ IPSECDOI_ID_DER_ASN1_GN, "DER_ASN1_GN", NULL }, -{ IPSECDOI_ID_KEY_ID, "KEY_ID", NULL }, -}; - -char * -s_ipsecdoi_ident(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_ipsecdoi_ident); i++) - if (name_ipsecdoi_ident[i].key == k) - return name_ipsecdoi_ident[i].str; - return num2str(k); -} - -/* oakley.h */ -static struct ksmap name_oakley_attr[] = { -{ OAKLEY_ATTR_ENC_ALG, "Encryption Algorithm", s_attr_isakmp_enc }, -{ OAKLEY_ATTR_HASH_ALG, "Hash Algorithm", s_attr_isakmp_hash }, -{ OAKLEY_ATTR_AUTH_METHOD, "Authentication Method", s_oakley_attr_method }, -{ OAKLEY_ATTR_GRP_DESC, "Group Description", s_attr_isakmp_desc }, -{ OAKLEY_ATTR_GRP_TYPE, "Group Type", s_attr_isakmp_group }, -{ OAKLEY_ATTR_GRP_PI, "Group Prime/Irreducible Polynomial", NULL }, -{ OAKLEY_ATTR_GRP_GEN_ONE, "Group Generator One", NULL }, -{ OAKLEY_ATTR_GRP_GEN_TWO, "Group Generator Two", NULL }, -{ OAKLEY_ATTR_GRP_CURVE_A, "Group Curve A", NULL }, -{ OAKLEY_ATTR_GRP_CURVE_B, "Group Curve B", NULL }, -{ OAKLEY_ATTR_SA_LD_TYPE, "Life Type", s_attr_isakmp_ltype }, -{ OAKLEY_ATTR_SA_LD, "Life Duration", NULL }, -{ OAKLEY_ATTR_PRF, "PRF", NULL }, -{ OAKLEY_ATTR_KEY_LEN, "Key Length", NULL }, -{ OAKLEY_ATTR_FIELD_SIZE, "Field Size", NULL }, -{ OAKLEY_ATTR_GRP_ORDER, "Group Order", NULL }, -{ OAKLEY_ATTR_BLOCK_SIZE, "Block Size", NULL }, -{ OAKLEY_ATTR_GSS_ID, "GSS-API endpoint name",NULL }, -}; - -char * -s_oakley_attr(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_oakley_attr); i++) - if (name_oakley_attr[i].key == k) - return name_oakley_attr[i].str; - return num2str(k); -} - -static struct ksmap name_attr_isakmp_enc[] = { -{ OAKLEY_ATTR_ENC_ALG_DES, "DES-CBC", NULL }, -{ OAKLEY_ATTR_ENC_ALG_IDEA, "IDEA-CBC", NULL }, -{ OAKLEY_ATTR_ENC_ALG_BLOWFISH, "Blowfish-CBC", NULL }, -{ OAKLEY_ATTR_ENC_ALG_RC5, "RC5-R16-B64-CBC", NULL }, -{ OAKLEY_ATTR_ENC_ALG_3DES, "3DES-CBC", NULL }, -{ OAKLEY_ATTR_ENC_ALG_CAST, "CAST-CBC", NULL }, -}; - -char * -s_attr_isakmp_enc(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_attr_isakmp_enc); i++) - if (name_attr_isakmp_enc[i].key == k) - return name_attr_isakmp_enc[i].str; - return num2str(k); -} - -static struct ksmap name_attr_isakmp_hash[] = { -{ OAKLEY_ATTR_HASH_ALG_MD5, "MD5", NULL }, -{ OAKLEY_ATTR_HASH_ALG_SHA, "SHA", NULL }, -{ OAKLEY_ATTR_HASH_ALG_TIGER, "Tiger", NULL }, -}; - -char * -s_attr_isakmp_hash(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_attr_isakmp_hash); i++) - if (name_attr_isakmp_hash[i].key == k) - return name_attr_isakmp_hash[i].str; - return num2str(k); -} - -static struct ksmap name_attr_isakmp_method[] = { -{ OAKLEY_ATTR_AUTH_METHOD_PSKEY, "pre-shared key", NULL }, -{ OAKLEY_ATTR_AUTH_METHOD_DSSSIG, "DSS signatures", NULL }, -{ OAKLEY_ATTR_AUTH_METHOD_RSASIG, "RSA signatures", NULL }, -{ OAKLEY_ATTR_AUTH_METHOD_RSAENC, "Encryption with RSA", NULL }, -{ OAKLEY_ATTR_AUTH_METHOD_RSAREV, "Revised encryption with RSA", NULL }, -{ OAKLEY_ATTR_AUTH_METHOD_EGENC, "Encryption with El-Gamal", NULL }, -{ OAKLEY_ATTR_AUTH_METHOD_EGREV, "Revised encryption with El-Gamal", NULL }, -{ OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB, "GSS-API on Kerberos 5", NULL }, -}; - -char * -s_oakley_attr_method(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_attr_isakmp_method); i++) - if (name_attr_isakmp_method[i].key == k) - return name_attr_isakmp_method[i].str; - return num2str(k); -} - -static struct ksmap name_attr_isakmp_desc[] = { -{ OAKLEY_ATTR_GRP_DESC_MODP768, "768-bit MODP group", NULL }, -{ OAKLEY_ATTR_GRP_DESC_MODP1024, "1024-bit MODP group", NULL }, -{ OAKLEY_ATTR_GRP_DESC_EC2N155, "EC2N group on GP[2^155]", NULL }, -{ OAKLEY_ATTR_GRP_DESC_EC2N185, "EC2N group on GP[2^185]", NULL }, -{ OAKLEY_ATTR_GRP_DESC_MODP1536, "1536-bit MODP group", NULL }, -{ OAKLEY_ATTR_GRP_DESC_MODP2048, "2048-bit MODP group", NULL }, -{ OAKLEY_ATTR_GRP_DESC_MODP3072, "3072-bit MODP group", NULL }, -{ OAKLEY_ATTR_GRP_DESC_MODP4096, "4096-bit MODP group", NULL }, -{ OAKLEY_ATTR_GRP_DESC_MODP6144, "6144-bit MODP group", NULL }, -{ OAKLEY_ATTR_GRP_DESC_MODP8192, "8192-bit MODP group", NULL }, -}; - -char * -s_attr_isakmp_desc(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_attr_isakmp_desc); i++) - if (name_attr_isakmp_desc[i].key == k) - return name_attr_isakmp_desc[i].str; - return num2str(k); -} - -static struct ksmap name_attr_isakmp_group[] = { -{ OAKLEY_ATTR_GRP_TYPE_MODP, "MODP", NULL }, -{ OAKLEY_ATTR_GRP_TYPE_ECP, "ECP", NULL }, -{ OAKLEY_ATTR_GRP_TYPE_EC2N, "EC2N", NULL }, -}; - -char * -s_attr_isakmp_group(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_attr_isakmp_group); i++) - if (name_attr_isakmp_group[i].key == k) - return name_attr_isakmp_group[i].str; - return num2str(k); -} - -static struct ksmap name_attr_isakmp_ltype[] = { -{ OAKLEY_ATTR_SA_LD_TYPE_SEC, "seconds", NULL }, -{ OAKLEY_ATTR_SA_LD_TYPE_KB, "kilobytes", NULL }, -}; - -char * -s_attr_isakmp_ltype(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_attr_isakmp_ltype); i++) - if (name_attr_isakmp_ltype[i].key == k) - return name_attr_isakmp_ltype[i].str; - return num2str(k); -} - -char * -s_oakley_attr_v(type, val) - int type, val; -{ - int i; - for (i = 0; i < ARRAYLEN(name_oakley_attr); i++) - if (name_oakley_attr[i].key == type - && name_oakley_attr[i].f) - return (name_oakley_attr[i].f)(val); - return num2str(val); -} - -/* netinet6/ipsec.h */ -static struct ksmap name_ipsec_level[] = { -{ IPSEC_LEVEL_USE, "use", NULL }, -{ IPSEC_LEVEL_REQUIRE, "require", NULL }, -{ IPSEC_LEVEL_UNIQUE, "unique", NULL }, -}; - -char * -s_ipsec_level(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_ipsec_level); i++) - if (name_ipsec_level[i].key == k) - return name_ipsec_level[i].str; - return num2str(k); -} - -static struct ksmap name_algclass[] = { -{ algclass_ipsec_enc, "ipsec enc", s_ipsecdoi_trns_esp }, -{ algclass_ipsec_auth, "ipsec auth", s_ipsecdoi_trns_ah }, -{ algclass_ipsec_comp, "ipsec comp", s_ipsecdoi_trns_ipcomp }, -{ algclass_isakmp_enc, "isakmp enc", s_attr_isakmp_enc }, -{ algclass_isakmp_hash, "isakmp hash", s_attr_isakmp_hash }, -{ algclass_isakmp_dh, "isakmp dh", s_attr_isakmp_desc }, -{ algclass_isakmp_ameth, "isakmp auth method", s_oakley_attr_method }, -}; - -char * -s_algclass(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_algclass); i++) - if (name_algclass[i].key == k) - return name_algclass[i].str; - return num2str(k); -} - -char * -s_algtype(class, n) - int class, n; -{ - int i; - for (i = 0; i < ARRAYLEN(name_algclass); i++) - if (name_algclass[i].key == class - && name_algclass[i].f) - return (name_algclass[i].f)(n); - return num2str(n); -} - -/* pfkey.h */ -static struct ksmap name_pfkey_type[] = { -{ SADB_GETSPI, "GETSPI", NULL }, -{ SADB_UPDATE, "UPDATE", NULL }, -{ SADB_ADD, "ADD", NULL }, -{ SADB_DELETE, "DELETE", NULL }, -{ SADB_GET, "GET", NULL }, -{ SADB_ACQUIRE, "ACQUIRE", NULL }, -{ SADB_REGISTER, "REGISTER", NULL }, -{ SADB_EXPIRE, "EXPIRE", NULL }, -{ SADB_FLUSH, "FLUSH", NULL }, -{ SADB_DUMP, "DUMP", NULL }, -{ SADB_X_PROMISC, "X_PRIMISC", NULL }, -{ SADB_X_PCHANGE, "X_PCHANGE", NULL }, -{ SADB_X_SPDUPDATE, "X_SPDUPDATE", NULL }, -{ SADB_X_SPDADD, "X_SPDADD", NULL }, -{ SADB_X_SPDDELETE, "X_SPDDELETE", NULL }, -{ SADB_X_SPDGET, "X_SPDGET", NULL }, -{ SADB_X_SPDACQUIRE, "X_SPDACQUIRE", NULL }, -{ SADB_X_SPDDUMP, "X_SPDDUMP", NULL }, -{ SADB_X_SPDFLUSH, "X_SPDFLUSH", NULL }, -{ SADB_X_SPDSETIDX, "X_SPDSETIDX", NULL }, -{ SADB_X_SPDEXPIRE, "X_SPDEXPIRE", NULL }, -{ SADB_X_SPDDELETE2, "X_SPDDELETE2", NULL }, -}; - -char * -s_pfkey_type(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_pfkey_type); i++) - if (name_pfkey_type[i].key == k) - return name_pfkey_type[i].str; - return num2str(k); -} - -static struct ksmap name_pfkey_satype[] = { -{ SADB_SATYPE_UNSPEC, "UNSPEC", NULL }, -{ SADB_SATYPE_AH, "AH", NULL }, -{ SADB_SATYPE_ESP, "ESP", NULL }, -{ SADB_SATYPE_RSVP, "RSVP", NULL }, -{ SADB_SATYPE_OSPFV2, "OSPFV2", NULL }, -{ SADB_SATYPE_RIPV2, "RIPV2", NULL }, -{ SADB_SATYPE_MIP, "MIP", NULL }, -{ SADB_X_SATYPE_IPCOMP, "IPCOMP", NULL }, -}; - -char * -s_pfkey_satype(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_pfkey_satype); i++) - if (name_pfkey_satype[i].key == k) - return name_pfkey_satype[i].str; - return num2str(k); -} - -static struct ksmap name_direction[] = { -{ IPSEC_DIR_INBOUND, "in", NULL }, -{ IPSEC_DIR_OUTBOUND, "out", NULL }, -}; - -char * -s_direction(k) - int k; -{ - int i; - for (i = 0; i < ARRAYLEN(name_direction); i++) - if (name_direction[i].key == k) - return name_direction[i].str; - return num2str(k); -} - -char * -s_proto(k) - int k; -{ - switch (k) { - case IPPROTO_ICMP: - return "icmp"; - case IPPROTO_TCP: - return "tcp"; - case IPPROTO_UDP: - return "udp"; - case IPPROTO_ICMPV6: - return "icmpv6"; - case IPSEC_ULPROTO_ANY: - return "any"; - } - - return num2str(k); -} diff --git a/racoon.tproj/strnames.h b/racoon.tproj/strnames.h deleted file mode 100644 index db0bec8..0000000 --- a/racoon.tproj/strnames.h +++ /dev/null @@ -1,69 +0,0 @@ -/* $KAME: strnames.h,v 1.12 2001/08/09 07:32:19 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __STRNAMES_H__ -#define __STRNAMES_H__ - -extern char * s_isakmp_state __P((int, int, int)); -extern char *s_isakmp_certtype __P((int)); -extern char *s_isakmp_etype __P((int)); -extern char *s_isakmp_notify_msg __P((int)); -extern char *s_isakmp_nptype __P((int)); -extern char *s_ipsecdoi_proto __P((int)); -extern char *s_ipsecdoi_trns_isakmp __P((int)); -extern char *s_ipsecdoi_trns_ah __P((int)); -extern char *s_ipsecdoi_trns_esp __P((int)); -extern char *s_ipsecdoi_trns_ipcomp __P((int)); -extern char *s_ipsecdoi_trns __P((int, int)); -extern char *s_ipsecdoi_attr __P((int)); -extern char *s_ipsecdoi_ltype __P((int)); -extern char *s_ipsecdoi_encmode __P((int)); -extern char *s_ipsecdoi_auth __P((int)); -extern char *s_ipsecdoi_attr_v __P((int, int)); -extern char *s_ipsecdoi_ident __P((int)); -extern char *s_oakley_attr __P((int)); -extern char *s_attr_isakmp_enc __P((int)); -extern char *s_attr_isakmp_hash __P((int)); -extern char *s_oakley_attr_method __P((int)); -extern char *s_attr_isakmp_desc __P((int)); -extern char *s_attr_isakmp_group __P((int)); -extern char *s_attr_isakmp_ltype __P((int)); -extern char *s_oakley_attr_v __P((int, int)); -extern char *s_ipsec_level __P((int)); -extern char *s_algclass __P((int)); -extern char *s_algtype __P((int, int)); -extern char *s_pfkey_type __P((int)); -extern char *s_pfkey_satype __P((int)); -extern char *s_direction __P((int)); -extern char *s_proto __P((int)); - -#endif /* __STRNAMES_H__ */ - diff --git a/racoon.tproj/var.h b/racoon.tproj/var.h deleted file mode 100644 index a036022..0000000 --- a/racoon.tproj/var.h +++ /dev/null @@ -1,94 +0,0 @@ -/* $KAME: var.h,v 1.12 2001/11/13 12:38:51 jinmei Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __VAR_H__ -#define __VAR_H__ - -#define MAX3(a, b, c) (a > b ? (a > c ? a : c) : (b > c ? b : c)) - -#define ISSET(exp, bit) (((exp) & (bit)) == (bit)) - -#define ATOX(c) \ - (isdigit(c) ? (c - '0') : (isupper(c) ? (c - 'A' + 10) : (c - 'a' + 10) )) - -#define LALIGN(a) \ - ((a) > 0 ? ((a) &~ (sizeof(long) - 1)) : sizeof(long)) - -#define RNDUP(a) \ - ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) - -#define ARRAYLEN(a) (sizeof(a)/sizeof(a[0])) - -#define BUFSIZE 5120 - -#ifndef FALSE -#define FALSE 0 -#endif -#ifndef TRUE -#define TRUE 1 -#endif - -#ifdef ENABLE_STATS -#include -#endif -#include - -/* - * XXX use of GETNAMEINFO(x, y, NULL) is not politically correct, - * as sizeof(NULL) would be 4, not 0. - */ -#include -#include - -/* var.h is used from non-racoon code (like eaytest), so we can't use niflags */ -#define NIFLAGS (NI_NUMERICHOST | NI_NUMERICSERV) - -#define GETNAMEINFO(x, y, z) \ -do { \ - if (getnameinfo((x), (x)->sa_len, (y), sizeof(y), (z), sizeof(z), \ - NIFLAGS) != 0) { \ - if (y) \ - strncpy((y), "(invalid)", sizeof(y)); \ - if (z) \ - strncpy((z), "(invalid)", sizeof(z)); \ - } \ -} while (0); - -#include -#ifndef LIST_FOREACH -#define LIST_FOREACH(elm, head, field) \ - for (elm = LIST_FIRST(head); elm; elm = LIST_NEXT(elm, field)) -#endif - -#include "gcmalloc.h" - -#endif /* __VAR_H__ */ - diff --git a/racoon.tproj/vendorid.c b/racoon.tproj/vendorid.c deleted file mode 100644 index 7c57233..0000000 --- a/racoon.tproj/vendorid.c +++ /dev/null @@ -1,139 +0,0 @@ -/* $KAME: vendorid.c,v 1.8 2001/03/27 02:39:57 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "plog.h" -#include "debug.h" - -#include "localconf.h" -#include "isakmp_var.h" -#include "isakmp.h" -#include "vendorid.h" -#include "crypto_openssl.h" - -const char *vendorid_strings[] = VENDORID_STRINGS; - -/* - * set hashed vendor id. - * hash function is always MD5. - */ -vchar_t * -set_vendorid(int vendorid) -{ - vchar_t vid, *vidhash; - - if (vendorid == VENDORID_UNKNOWN) { - /* - * The default unknown ID gets translated to - * KAME/racoon. - */ - vendorid = VENDORID_KAME; - } - - if (vendorid < 0 || vendorid >= NUMVENDORIDS) { - plog(LLV_ERROR, LOCATION, NULL, - "invalid vendor ID index: %d\n", vendorid); - return (NULL); - } - - /* XXX Cast away const. */ - vid.v = (char *) vendorid_strings[vendorid]; - vid.l = strlen(vendorid_strings[vendorid]); - - vidhash = eay_md5_one(&vid); - if (vidhash == NULL) - plog(LLV_ERROR, LOCATION, NULL, - "unable to hash vendor ID string\n"); - - return vidhash; -} - -/* - * Check the vendor ID payload -- return the vendor ID index - * if we find a recognized one, or UNKNOWN if we don't. - */ -int -check_vendorid(gen) - struct isakmp_gen *gen; /* points to Vendor ID payload */ -{ - vchar_t vid, *vidhash; - int i, vidlen; - - if (gen == NULL) - return (VENDORID_UNKNOWN); - - vidlen = ntohs(gen->len) - sizeof(*gen); - - for (i = 0; i < NUMVENDORIDS; i++) { - /* XXX Cast away const. */ - vid.v = (char *) vendorid_strings[i]; - vid.l = strlen(vendorid_strings[i]); - - vidhash = eay_md5_one(&vid); - if (vidhash == NULL) { - plog(LLV_ERROR, LOCATION, NULL, - "unable to hash vendor ID string\n"); - return (VENDORID_UNKNOWN); - } - - /* - * XXX THIS IS NOT QUITE RIGHT! - * - * But we need to be able to recognize - * Windows 2000's ID, which is the MD5 - * has of a known string + 4 bytes of - * what appears to be version info. - */ - if (vidhash->l <= vidlen && - memcmp(vidhash->v, gen + 1, vidhash->l) == 0) { - plog(LLV_INFO, LOCATION, NULL, - "received Vendor ID: %s\n", - vendorid_strings[i]); - vfree(vidhash); - return (i); - } - vfree(vidhash); - } - - plog(LLV_DEBUG, LOCATION, NULL, "received unknown Vendor ID\n"); - return (VENDORID_UNKNOWN); -} diff --git a/racoon.tproj/vendorid.h b/racoon.tproj/vendorid.h deleted file mode 100644 index 8aca6ce..0000000 --- a/racoon.tproj/vendorid.h +++ /dev/null @@ -1,77 +0,0 @@ -/* $KAME: vendorid.h,v 1.6 2001/03/27 02:39:58 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __VENDORID_H__ -#define __VENDORID_H__ - -/* The unknown vendor ID. */ -#define VENDORID_UNKNOWN -1 - -/* Our default vendor ID. */ -#define VENDORID_KAME 0 - -/* - * Refer to draft-ietf-ipsec-isakmp-gss-auth-06.txt. - */ -#define VENDORID_GSSAPI_LONG 1 -#define VENDORID_GSSAPI 2 -#define VENDORID_MS_NT5 3 -#define VENDOR_SUPPORTS_GSSAPI(x) \ - ((x) == VENDORID_GSSAPI_LONG || \ - (x) == VENDORID_GSSAPI || \ - (x) == VENDORID_MS_NT5) -#define VENDORID_NATT_RFC 4 -#define VENDORID_NATT_APPLE 5 -#define VENDORID_NATT_02 6 -#define VENDORID_NATT_02N 7 - -#define NUMVENDORIDS 8 - -#define VENDORID_STRINGS \ -{ \ - "KAME/racoon", \ - "A GSS-API Authentication Method for IKE", \ - "GSSAPI", \ - "MS NT5 ISAKMPOAKLEY", \ - "RFC 3947", \ - "draft-ietf-ipsec-nat-t-ike", \ - "draft-ietf-ipsec-nat-t-ike-02", \ - "draft-ietf-ipsec-nat-t-ike-02\n" \ -} - -extern const char *vendorid_strings[]; - -vchar_t *set_vendorid __P((int)); -int check_vendorid __P((struct isakmp_gen *)); - - -#endif /* __VENDORID_H__ */ - diff --git a/racoon.tproj/vmbuf.c b/racoon.tproj/vmbuf.c deleted file mode 100644 index 1533131..0000000 --- a/racoon.tproj/vmbuf.c +++ /dev/null @@ -1,115 +0,0 @@ -/* $KAME: vmbuf.c,v 1.11 2001/11/26 16:54:29 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define NONEED_DRM -#include -#include - -#include -#include -#include - -#include "var.h" -#include "misc.h" -#include "vmbuf.h" -#include "debug.h" -#include "gcmalloc.h" - -vchar_t * -vmalloc(size) - size_t size; -{ - vchar_t *var; - - if ((var = (vchar_t *)racoon_malloc(sizeof(*var))) == NULL) - return NULL; - - var->l = size; - var->v = (caddr_t)racoon_calloc(1, size); - if (var->v == NULL) { - (void)racoon_free(var); - return NULL; - } - - return var; -} - -vchar_t * -vrealloc(ptr, size) - vchar_t *ptr; - size_t size; -{ - caddr_t v; - - if (ptr != NULL) { - if ((v = (caddr_t)racoon_realloc(ptr->v, size)) == NULL) { - (void)vfree(ptr); - return NULL; - } - memset(v + ptr->l, 0, size - ptr->l); - ptr->v = v; - ptr->l = size; - } else { - if ((ptr = vmalloc(size)) == NULL) - return NULL; - } - - return ptr; -} - -void -vfree(var) - vchar_t *var; -{ - if (var == NULL) - return; - - if (var->v) - (void)racoon_free(var->v); - - (void)racoon_free(var); - - return; -} - -vchar_t * -vdup(src) - vchar_t *src; -{ - vchar_t *new; - - if ((new = vmalloc(src->l)) == NULL) - return NULL; - - memcpy(new->v, src->v, src->l); - - return new; -} diff --git a/racoon.tproj/vmbuf.h b/racoon.tproj/vmbuf.h deleted file mode 100644 index b8884c3..0000000 --- a/racoon.tproj/vmbuf.h +++ /dev/null @@ -1,70 +0,0 @@ -/* $KAME: vmbuf.h,v 1.8 2001/12/12 21:18:33 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __VMBUF_H__ -#define __VMBUF_H__ - -/* - * bp v - * v v - * ........................ - * <--------------> l - * <----------------------> bl - */ -typedef struct _vchar_t_ { -#if notyet - u_int32_t t; /* type of the value */ - vchar_t *n; /* next vchar_t buffer */ - size_t bl; /* length of the buffer */ - caddr_t bp; /* pointer to the buffer */ -#endif - size_t l; /* length of the value */ - caddr_t v; /* place holder to the pointer to the value */ -} vchar_t; - -#define VPTRINIT(p) \ -do { \ - if (p) { \ - vfree(p); \ - (p) = NULL; \ - } \ -} while(0); - -#define vfree vmbuf_free - -extern vchar_t *vmalloc __P((size_t)); -extern vchar_t *vrealloc __P((vchar_t *, size_t)); -extern void vfree __P((vchar_t *)); -extern vchar_t *vdup __P((vchar_t *)); - - -#endif /* __VMBUF_H__ */ - diff --git a/rarpd.tproj/Makefile.preamble b/rarpd.tproj/Makefile.preamble index dc05194..d5547d0 100644 --- a/rarpd.tproj/Makefile.preamble +++ b/rarpd.tproj/Makefile.preamble @@ -1,2 +1,3 @@ +OTHER_CFLAGS += -mdynamic-no-pic OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include diff --git a/rarpd.tproj/rarpd.c b/rarpd.tproj/rarpd.c index 036bffa..1be67c7 100644 --- a/rarpd.tproj/rarpd.c +++ b/rarpd.tproj/rarpd.c @@ -41,15 +41,16 @@ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ +#include #ifndef lint -char copyright[] = +__unused char copyright[] = "@(#) Copyright (c) 1990 The Regents of the University of California.\n\ All rights reserved.\n"; #endif /* not lint */ #ifndef lint -static char rcsid[] = -"@(#) $Id: rarpd.c,v 1.1 1999/05/02 03:57:59 wsanchez Exp $"; +__unused static char rcsid[] = +"@(#) $Id: rarpd.c,v 1.3 2006/04/05 03:13:14 lindak Exp $"; #endif @@ -120,7 +121,7 @@ int aflag = 0; /* listen on "all" interfaces */ int dflag = 0; /* print debugging messages */ int fflag = 0; /* don't fork */ -void +int main(argc, argv) int argc; char **argv; @@ -191,7 +192,7 @@ main(argc, argv) (void) close(f); } (void) chdir("/"); - (void) setpgrp(0, getpid()); + (void) setpgid(0, getpid()); devnull = open("/dev/null", O_RDWR); if (devnull >= 0) { (void) dup2(devnull, 0); @@ -202,6 +203,8 @@ main(argc, argv) } } rarp_loop(); + /* NOTREACHED */ + return 0; } /* * Add 'ifname' to the interface list. Lookup its IP address and network @@ -488,7 +491,7 @@ rarp_bootable(addr) char ipname[9]; static DIR *dd = 0; - (void) sprintf(ipname, "%08X", addr); + (void) sprintf(ipname, "%08lX", addr); /* If directory is already open, rewind it. Otherwise, open it. */ if (d = dd) rewinddir(d); @@ -543,7 +546,7 @@ rarp_process(ii, pkt) ep = (struct ether_header *) pkt; - if (ether_ntohost(ename, &ep->ether_shost) != 0 || + if (ether_ntohost(ename, (struct ether_addr *)&ep->ether_shost) != 0 || (hp = gethostbyname(ename)) == 0) return; @@ -663,7 +666,7 @@ update_arptab(ep, ipaddr) u_char *ep; u_long ipaddr; { - int s; + //int s; struct arpreq request; struct sockaddr_in *sin; @@ -767,6 +770,7 @@ ipaddrtonetmask(addr) return IN_CLASSC_NET; err(FATAL, "unknown IP address class: %08X", addr); /* NOTREACHED */ + return 0; } #if __STDC__ diff --git a/rcp.tproj/Makefile b/rcp.tproj/Makefile deleted file mode 100644 index a35583a..0000000 --- a/rcp.tproj/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rcp - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = extern.h pathnames.h - -CFILES = rcp.c util.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble Makefile.dist\ - rcp.1 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /bin -WINDOWS_INSTALLDIR = /bin -PDO_UNIX_INSTALLDIR = /bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rcp.tproj/Makefile.dist b/rcp.tproj/Makefile.dist deleted file mode 100644 index 898f9a7..0000000 --- a/rcp.tproj/Makefile.dist +++ /dev/null @@ -1,13 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 7/19/93 - -PROG= rcp -SRCS= rcp.c krcmd.c kcmd.c util.c -CFLAGS+=-DKERBEROS -DCRYPT -DPADD= ${LIBKRB} ${LIBDES} -LDADD= -lkrb -ldes -BINOWN= root -BINMODE=4555 -INSTALLFLAGS=-fschg -.PATH: ${.CURDIR}/../../usr.bin/rlogin - -.include diff --git a/rcp.tproj/Makefile.postamble b/rcp.tproj/Makefile.postamble deleted file mode 100644 index 76748f7..0000000 --- a/rcp.tproj/Makefile.postamble +++ /dev/null @@ -1,7 +0,0 @@ -VPATH += :$(SRCROOT)$(SRCPATH)/../rlogin.tproj -INSTALL_PERMISSIONS = 4555 # If set, 'install' chmod's executable to this - -after_install:: - $(CHFLAGS) schg $(DSTROOT)$(INSTALLDIR)/$(NAME) - mkdir -p $(DSTROOT)/usr/share/man/man1 - install -c -m 444 rcp.1 $(DSTROOT)/usr/share/man/man1/rcp.1 diff --git a/rcp.tproj/Makefile.preamble b/rcp.tproj/Makefile.preamble deleted file mode 100644 index 8f3d6b7..0000000 --- a/rcp.tproj/Makefile.preamble +++ /dev/null @@ -1,5 +0,0 @@ -RLOGIN_CFILES = krcmd.c des_rw.c -OTHER_OFILES = $(RLOGIN_CFILES:.c=.o) -VPATH_PREAMBLE = ../rlogin.tproj: -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include diff --git a/rcp.tproj/PB.project b/rcp.tproj/PB.project deleted file mode 100644 index c2b93b6..0000000 --- a/rcp.tproj/PB.project +++ /dev/null @@ -1,29 +0,0 @@ -{ - APPCLASS = NSApplication; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (extern.h, pathnames.h); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (rcp.c, util.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, Makefile.dist, rcp.1); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_INSTALLDIR = /bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_MAINNIB = rcp; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_INSTALLDIR = /bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_MAINNIB = rcp; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = rcp; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_INSTALLDIR = /bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_MAINNIB = rcp; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/rcp.tproj/extern.h b/rcp.tproj/extern.h deleted file mode 100644 index 706251f..0000000 --- a/rcp.tproj/extern.h +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)extern.h 8.1 (Berkeley) 5/31/93 - */ - -typedef struct { - int cnt; - char *buf; -} BUF; - -extern int iamremote; - -BUF *allocbuf __P((BUF *, int, int)); -char *colon __P((char *)); -void lostconn __P((int)); -void nospace __P((void)); -int okname __P((char *)); -void run_err __P((const char *, ...)); -int susystem __P((char *, int)); -void verifydir __P((char *)); diff --git a/rcp.tproj/pathnames.h b/rcp.tproj/pathnames.h deleted file mode 100644 index a93c4e6..0000000 --- a/rcp.tproj/pathnames.h +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 5/31/93 - */ - -#include - -#define _PATH_CP "/bin/cp" -#define _PATH_RSH "/usr/bin/rsh" diff --git a/rcp.tproj/rcp.1 b/rcp.tproj/rcp.1 deleted file mode 100644 index bff0a01..0000000 --- a/rcp.tproj/rcp.1 +++ /dev/null @@ -1,159 +0,0 @@ -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rcp.1 8.1 (Berkeley) 5/31/93 -.\" -.Dd May 31, 1993 -.Dt RCP 1 -.Os BSD 4.3r -.Sh NAME -.Nm rcp -.Nd remote file copy -.Sh SYNOPSIS -.Nm rcp -.Op Fl Kpx -.Op Fl k Ar realm -.Ar file1 file2 -.Nm rcp -.Op Fl Kprx -.Op Fl k Ar realm -.Ar file ... -.Ar directory -.Sh DESCRIPTION -.Nm Rcp -copies files between machines. Each -.Ar file -or -.Ar directory -argument is either a remote file name of the -form ``rname@rhost:path'', or a local file name (containing no `:' characters, -or a `/' before any `:'s). -.Pp -.Bl -tag -width flag -.It Fl K -The -.Fl K -option turns off all Kerberos authentication. -.It Fl k -The -.Fl k -option requests -.Nm rcp -to obtain tickets -for the remote host in realm -.Ar realm -instead of the remote host's realm as determined by -.Xr krb_realmofhost 3 . -.It Fl p -The -.Fl p -option causes -.Nm rcp -to attempt to preserve (duplicate) in its copies the modification -times and modes of the source files, ignoring the -.Ar umask . -By default, the mode and owner of -.Ar file2 -are preserved if it already existed; otherwise the mode of the source file -modified by the -.Xr umask 2 -on the destination host is used. -.It Fl r -If any of the source files are directories, -.Nm rcp -copies each subtree rooted at that name; in this case -the destination must be a directory. -.It Fl x -The -.Fl x -option turns on -.Tn DES -encryption for all data passed by -.Nm rcp . -This may impact response time and -.Tn CPU -utilization, but provides -increased security. -.El -.Pp -If -.Ar path -is not a full path name, it is interpreted relative to -the login directory of the specified user -.Ar ruser -on -.Ar rhost , -or your current user name if no other remote user name is specified. -A -.Ar path -on a remote host may be quoted (using \e, ", or \(aa) -so that the metacharacters are interpreted remotely. -.Pp -.Nm Rcp -does not prompt for passwords; it performs remote execution -via -.Xr rsh 1 , -and requires the same authorization. -.Pp -.Nm Rcp -handles third party copies, where neither source nor target files -are on the current machine. -.Sh SEE ALSO -.Xr cp 1 , -.Xr ftp 1 , -.Xr rsh 1 , -.Xr rlogin 1 -.Sh HISTORY -The -.Nm rcp -command appeared in -.Bx 4.2 . -The version of -.Nm rcp -described here -has been reimplemented with Kerberos in -.Bx 4.3 Reno . -.Sh BUGS -Doesn't detect all cases where the target of a copy might -be a file in cases where only a directory should be legal. -.Pp -Is confused by any output generated by commands in a -.Pa \&.login , -.Pa \&.profile , -or -.Pa \&.cshrc -file on the remote host. -.Pp -The destination user and hostname may have to be specified as -``rhost.rname'' when the destination machine is running the -.Bx 4.2 -version of -.Nm rcp . diff --git a/rcp.tproj/rcp.c b/rcp.tproj/rcp.c deleted file mode 100644 index 579f328..0000000 --- a/rcp.tproj/rcp.c +++ /dev/null @@ -1,938 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1990, 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "pathnames.h" -#include "extern.h" - -#ifdef KERBEROS -#include -#include - -char dst_realm_buf[REALM_SZ]; -char *dest_realm = NULL; -int use_kerberos = 1; -CREDENTIALS cred; -Key_schedule schedule; -extern char *krb_realmofhost(); -#ifdef CRYPT -int doencrypt = 0; -#define OPTIONS "dfKk:prtx" -#else -#define OPTIONS "dfKk:prt" -#endif -#else -#define OPTIONS "dfprt" -#endif - -struct passwd *pwd; -u_short port; -uid_t userid; -int errs, rem; -int pflag, iamremote, iamrecursive, targetshouldbedirectory; - -#define CMDNEEDS 64 -char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ - -#ifdef KERBEROS -int kerberos __P((char **, char *, char *, char *)); -void oldw __P((const char *, ...)); -#endif -int response __P((void)); -void rsource __P((char *, struct stat *)); -void sink __P((int, char *[])); -void source __P((int, char *[])); -void tolocal __P((int, char *[])); -void toremote __P((char *, int, char *[])); -void usage __P((void)); - -int -main(argc, argv) - int argc; - char *argv[]; -{ - struct servent *sp; - int ch, fflag, tflag; - char *targ, *shell; - - fflag = tflag = 0; - while ((ch = getopt(argc, argv, OPTIONS)) != EOF) - switch(ch) { /* User-visible flags. */ - case 'K': -#ifdef KERBEROS - use_kerberos = 0; -#endif - break; -#ifdef KERBEROS - case 'k': - dest_realm = dst_realm_buf; - (void)strncpy(dst_realm_buf, optarg, REALM_SZ); - break; -#ifdef CRYPT - case 'x': - doencrypt = 1; - /* des_set_key(cred.session, schedule); */ - break; -#endif -#endif - case 'p': - pflag = 1; - break; - case 'r': - iamrecursive = 1; - break; - /* Server options. */ - case 'd': - targetshouldbedirectory = 1; - break; - case 'f': /* "from" */ - iamremote = 1; - fflag = 1; - break; - case 't': /* "to" */ - iamremote = 1; - tflag = 1; - break; - case '?': - default: - usage(); - } - argc -= optind; - argv += optind; - -#ifdef KERBEROS - if (use_kerberos) { -#ifdef CRYPT - shell = doencrypt ? "ekshell" : "kshell"; -#else - shell = "kshell"; -#endif - if ((sp = getservbyname(shell, "tcp")) == NULL) { - use_kerberos = 0; - oldw("can't get entry for %s/tcp service", shell); - sp = getservbyname(shell = "shell", "tcp"); - } - } else - sp = getservbyname(shell = "shell", "tcp"); -#else - sp = getservbyname(shell = "shell", "tcp"); -#endif - if (sp == NULL) - errx(1, "%s/tcp: unknown service", shell); - port = sp->s_port; - - if ((pwd = getpwuid(userid = getuid())) == NULL) - errx(1, "unknown user %d", (int)userid); - - rem = STDIN_FILENO; /* XXX */ - - if (fflag) { /* Follow "protocol", send data. */ - (void)response(); - (void)setuid(userid); - source(argc, argv); - exit(errs); - } - - if (tflag) { /* Receive data. */ - (void)setuid(userid); - sink(argc, argv); - exit(errs); - } - - if (argc < 2) - usage(); - if (argc > 2) - targetshouldbedirectory = 1; - - rem = -1; - /* Command to be executed on remote system using "rsh". */ -#ifdef KERBEROS - (void)snprintf(cmd, sizeof(cmd), - "rcp%s%s%s%s", iamrecursive ? " -r" : "", -#ifdef CRYPT - (doencrypt && use_kerberos ? " -x" : ""), -#else - "", -#endif - pflag ? " -p" : "", targetshouldbedirectory ? " -d" : ""); -#else - (void)snprintf(cmd, sizeof(cmd), "rcp%s%s%s", - iamrecursive ? " -r" : "", pflag ? " -p" : "", - targetshouldbedirectory ? " -d" : ""); -#endif - - (void)signal(SIGPIPE, lostconn); - - if (targ = colon(argv[argc - 1])) /* Dest is remote host. */ - toremote(targ, argc, argv); - else { - tolocal(argc, argv); /* Dest is local host. */ - if (targetshouldbedirectory) - verifydir(argv[argc - 1]); - } - exit(errs); -} - -void -toremote(targ, argc, argv) - char *targ, *argv[]; - int argc; -{ - int i, len, tos; - char *bp, *host, *src, *suser, *thost, *tuser; - - *targ++ = 0; - if (*targ == 0) - targ = "."; - - if (thost = strchr(argv[argc - 1], '@')) { - /* user@host */ - *thost++ = 0; - tuser = argv[argc - 1]; - if (*tuser == '\0') - tuser = NULL; - else if (!okname(tuser)) - exit(1); - } else { - thost = argv[argc - 1]; - tuser = NULL; - } - - for (i = 0; i < argc - 1; i++) { - src = colon(argv[i]); - if (src) { /* remote to remote */ - *src++ = 0; - if (*src == 0) - src = "."; - host = strchr(argv[i], '@'); - len = strlen(_PATH_RSH) + strlen(argv[i]) + - strlen(src) + (tuser ? strlen(tuser) : 0) + - strlen(thost) + strlen(targ) + CMDNEEDS + 20; - if (!(bp = malloc(len))) - err(1, NULL); - if (host) { - *host++ = 0; - suser = argv[i]; - if (*suser == '\0') - suser = pwd->pw_name; - else if (!okname(suser)) - continue; - (void)snprintf(bp, len, - "%s %s -l %s -n %s %s '%s%s%s:%s'", - _PATH_RSH, host, suser, cmd, src, - tuser ? tuser : "", tuser ? "@" : "", - thost, targ); - } else - (void)snprintf(bp, len, - "exec %s %s -n %s %s '%s%s%s:%s'", - _PATH_RSH, argv[i], cmd, src, - tuser ? tuser : "", tuser ? "@" : "", - thost, targ); - (void)susystem(bp, userid); - (void)free(bp); - } else { /* local to remote */ - if (rem == -1) { - len = strlen(targ) + CMDNEEDS + 20; - if (!(bp = malloc(len))) - err(1, NULL); - (void)snprintf(bp, len, "%s -t %s", cmd, targ); - host = thost; -#ifdef KERBEROS - if (use_kerberos) - rem = kerberos(&host, bp, - pwd->pw_name, - tuser ? tuser : pwd->pw_name); - else -#endif - rem = rcmd(&host, port, pwd->pw_name, - tuser ? tuser : pwd->pw_name, - bp, 0); - if (rem < 0) - exit(1); - tos = IPTOS_THROUGHPUT; - if (setsockopt(rem, IPPROTO_IP, IP_TOS, - &tos, sizeof(int)) < 0) - warn("TOS (ignored)"); - if (response() < 0) - exit(1); - (void)free(bp); - (void)setuid(userid); - } - source(1, argv+i); - } - } -} - -void -tolocal(argc, argv) - int argc; - char *argv[]; -{ - int i, len, tos; - char *bp, *host, *src, *suser; - - for (i = 0; i < argc - 1; i++) { - if (!(src = colon(argv[i]))) { /* Local to local. */ - len = strlen(_PATH_CP) + strlen(argv[i]) + - strlen(argv[argc - 1]) + 20; - if (!(bp = malloc(len))) - err(1, NULL); - (void)snprintf(bp, len, "exec %s%s%s %s %s", _PATH_CP, - iamrecursive ? " -r" : "", pflag ? " -p" : "", - argv[i], argv[argc - 1]); - if (susystem(bp, userid)) - ++errs; - (void)free(bp); - continue; - } - *src++ = 0; - if (*src == 0) - src = "."; - if ((host = strchr(argv[i], '@')) == NULL) { - host = argv[i]; - suser = pwd->pw_name; - } else { - *host++ = 0; - suser = argv[i]; - if (*suser == '\0') - suser = pwd->pw_name; - else if (!okname(suser)) - continue; - } - len = strlen(src) + CMDNEEDS + 20; - if ((bp = malloc(len)) == NULL) - err(1, NULL); - (void)snprintf(bp, len, "%s -f %s", cmd, src); - rem = -#ifdef KERBEROS - use_kerberos ? - kerberos(&host, bp, pwd->pw_name, suser) : -#endif - rcmd(&host, port, pwd->pw_name, suser, bp, 0); - (void)free(bp); - if (rem < 0) { - ++errs; - continue; - } - (void)seteuid(userid); - tos = IPTOS_THROUGHPUT; - if (setsockopt(rem, IPPROTO_IP, IP_TOS, &tos, sizeof(int)) < 0) - warn("TOS (ignored)"); - sink(1, argv + argc - 1); - (void)seteuid(0); - (void)close(rem); - rem = -1; - } -} - -void -source(argc, argv) - int argc; - char *argv[]; -{ - struct stat stb; - static BUF buffer; - BUF *bp; - off_t i; - int amt, fd, haderr, indx, result; - char *last, *name, buf[BUFSIZ]; - - for (indx = 0; indx < argc; ++indx) { - name = argv[indx]; - if ((fd = open(name, O_RDONLY, 0)) < 0) - goto syserr; - if (fstat(fd, &stb)) { -syserr: run_err("%s: %s", name, strerror(errno)); - goto next; - } - switch (stb.st_mode & S_IFMT) { - case S_IFREG: - break; - case S_IFDIR: - if (iamrecursive) { - rsource(name, &stb); - goto next; - } - /* FALLTHROUGH */ - default: - run_err("%s: not a regular file", name); - goto next; - } - if ((last = strrchr(name, '/')) == NULL) - last = name; - else - ++last; - if (pflag) { - /* - * Make it compatible with possible future - * versions expecting microseconds. - */ - (void)snprintf(buf, sizeof(buf), "T%ld 0 %ld 0\n", - stb.st_mtimespec.tv_sec, stb.st_atimespec.tv_sec); - (void)write(rem, buf, strlen(buf)); - if (response() < 0) - goto next; - } -#define MODEMASK (S_ISUID|S_ISGID|S_ISTXT|S_IRWXU|S_IRWXG|S_IRWXO) - (void)snprintf(buf, sizeof(buf), "C%04o %qd %s\n", - stb.st_mode & MODEMASK, stb.st_size, last); - (void)write(rem, buf, strlen(buf)); - if (response() < 0) - goto next; - if ((bp = allocbuf(&buffer, fd, BUFSIZ)) == NULL) { -next: (void)close(fd); - continue; - } - - /* Keep writing after an error so that we stay sync'd up. */ - for (haderr = i = 0; i < stb.st_size; i += bp->cnt) { - amt = bp->cnt; - if (i + amt > stb.st_size) - amt = stb.st_size - i; - if (!haderr) { - result = read(fd, bp->buf, amt); - if (result != amt) - haderr = result >= 0 ? EIO : errno; - } - if (haderr) - (void)write(rem, bp->buf, amt); - else { - result = write(rem, bp->buf, amt); - if (result != amt) - haderr = result >= 0 ? EIO : errno; - } - } - if (close(fd) && !haderr) - haderr = errno; - if (!haderr) - (void)write(rem, "", 1); - else - run_err("%s: %s", name, strerror(haderr)); - (void)response(); - } -} - -void -rsource(name, statp) - char *name; - struct stat *statp; -{ - DIR *dirp; - struct dirent *dp; - char *last, *vect[1], path[MAXPATHLEN]; - - if (!(dirp = opendir(name))) { - run_err("%s: %s", name, strerror(errno)); - return; - } - last = strrchr(name, '/'); - if (last == 0) - last = name; - else - last++; - if (pflag) { - (void)snprintf(path, sizeof(path), "T%ld 0 %ld 0\n", - statp->st_mtimespec.tv_sec, statp->st_atimespec.tv_sec); - (void)write(rem, path, strlen(path)); - if (response() < 0) { - closedir(dirp); - return; - } - } - (void)snprintf(path, sizeof(path), - "D%04o %d %s\n", statp->st_mode & MODEMASK, 0, last); - (void)write(rem, path, strlen(path)); - if (response() < 0) { - closedir(dirp); - return; - } - while (dp = readdir(dirp)) { - if (dp->d_ino == 0) - continue; - if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, "..")) - continue; - if (strlen(name) + 1 + strlen(dp->d_name) >= MAXPATHLEN - 1) { - run_err("%s/%s: name too long", name, dp->d_name); - continue; - } - (void)snprintf(path, sizeof(path), "%s/%s", name, dp->d_name); - vect[0] = path; - source(1, vect); - } - (void)closedir(dirp); - (void)write(rem, "E\n", 2); - (void)response(); -} - -void -sink(argc, argv) - int argc; - char *argv[]; -{ - static BUF buffer; - struct stat stb; - struct timeval tv[2]; - enum { YES, NO, DISPLAYED } wrerr; - BUF *bp; - off_t i, j; - int amt, count, exists, first, mask, mode, ofd, omode; - int setimes, size, targisdir, wrerrno; - char ch, *cp, *np, *targ, *why, *vect[1], buf[BUFSIZ]; - -#define atime tv[0] -#define mtime tv[1] -#define SCREWUP(str) { why = str; goto screwup; } - - setimes = targisdir = 0; - mask = umask(0); - if (!pflag) - (void)umask(mask); - if (argc != 1) { - run_err("ambiguous target"); - exit(1); - } - targ = *argv; - if (targetshouldbedirectory) - verifydir(targ); - (void)write(rem, "", 1); - if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) - targisdir = 1; - for (first = 1;; first = 0) { - cp = buf; - if (read(rem, cp, 1) <= 0) - return; - if (*cp++ == '\n') - SCREWUP("unexpected "); - do { - if (read(rem, &ch, sizeof(ch)) != sizeof(ch)) - SCREWUP("lost connection"); - *cp++ = ch; - } while (cp < &buf[BUFSIZ - 1] && ch != '\n'); - *cp = 0; - - if (buf[0] == '\01' || buf[0] == '\02') { - if (iamremote == 0) - (void)write(STDERR_FILENO, - buf + 1, strlen(buf + 1)); - if (buf[0] == '\02') - exit(1); - ++errs; - continue; - } - if (buf[0] == 'E') { - (void)write(rem, "", 1); - return; - } - - if (ch == '\n') - *--cp = 0; - -#define getnum(t) (t) = 0; while (isdigit(*cp)) (t) = (t) * 10 + (*cp++ - '0'); - cp = buf; - if (*cp == 'T') { - setimes++; - cp++; - getnum(mtime.tv_sec); - if (*cp++ != ' ') - SCREWUP("mtime.sec not delimited"); - getnum(mtime.tv_usec); - if (*cp++ != ' ') - SCREWUP("mtime.usec not delimited"); - getnum(atime.tv_sec); - if (*cp++ != ' ') - SCREWUP("atime.sec not delimited"); - getnum(atime.tv_usec); - if (*cp++ != '\0') - SCREWUP("atime.usec not delimited"); - (void)write(rem, "", 1); - continue; - } - if (*cp != 'C' && *cp != 'D') { - /* - * Check for the case "rcp remote:foo\* local:bar". - * In this case, the line "No match." can be returned - * by the shell before the rcp command on the remote is - * executed so the ^Aerror_message convention isn't - * followed. - */ - if (first) { - run_err("%s", cp); - exit(1); - } - SCREWUP("expected control record"); - } - mode = 0; - for (++cp; cp < buf + 5; cp++) { - if (*cp < '0' || *cp > '7') - SCREWUP("bad mode"); - mode = (mode << 3) | (*cp - '0'); - } - if (*cp++ != ' ') - SCREWUP("mode not delimited"); - - for (size = 0; isdigit(*cp);) - size = size * 10 + (*cp++ - '0'); - if (*cp++ != ' ') - SCREWUP("size not delimited"); - if (targisdir) { - static char *namebuf; - static int cursize; - size_t need; - - need = strlen(targ) + strlen(cp) + 250; - if (need > cursize) { - if (!(namebuf = malloc(need))) - run_err("%s", strerror(errno)); - } - (void)snprintf(namebuf, need, "%s%s%s", targ, - *targ ? "/" : "", cp); - np = namebuf; - } else - np = targ; - exists = stat(np, &stb) == 0; - if (buf[0] == 'D') { - int mod_flag = pflag; - if (exists) { - if (!S_ISDIR(stb.st_mode)) { - errno = ENOTDIR; - goto bad; - } - if (pflag) - (void)chmod(np, mode); - } else { - /* Handle copying from a read-only directory */ - mod_flag = 1; - if (mkdir(np, mode | S_IRWXU) < 0) - goto bad; - } - vect[0] = np; - sink(1, vect); - if (setimes) { - setimes = 0; - if (utimes(np, tv) < 0) - run_err("%s: set times: %s", - np, strerror(errno)); - } - if (mod_flag) - (void)chmod(np, mode); - continue; - } - omode = mode; - mode |= S_IWRITE; - if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { -bad: run_err("%s: %s", np, strerror(errno)); - continue; - } - (void)write(rem, "", 1); - if ((bp = allocbuf(&buffer, ofd, BUFSIZ)) == NULL) { - (void)close(ofd); - continue; - } - cp = bp->buf; - wrerr = NO; - for (count = i = 0; i < size; i += BUFSIZ) { - amt = BUFSIZ; - if (i + amt > size) - amt = size - i; - count += amt; - do { - j = read(rem, cp, amt); - if (j <= 0) { - run_err("%s", j ? strerror(errno) : - "dropped connection"); - exit(1); - } - amt -= j; - cp += j; - } while (amt > 0); - if (count == bp->cnt) { - /* Keep reading so we stay sync'd up. */ - if (wrerr == NO) { - j = write(ofd, bp->buf, count); - if (j != count) { - wrerr = YES; - wrerrno = j >= 0 ? EIO : errno; - } - } - count = 0; - cp = bp->buf; - } - } - if (count != 0 && wrerr == NO && - (j = write(ofd, bp->buf, count)) != count) { - wrerr = YES; - wrerrno = j >= 0 ? EIO : errno; - } - if (ftruncate(ofd, size)) { - run_err("%s: truncate: %s", np, strerror(errno)); - wrerr = DISPLAYED; - } - if (pflag) { - if (exists || omode != mode) - if (fchmod(ofd, omode)) - run_err("%s: set mode: %s", - np, strerror(errno)); - } else { - if (!exists && omode != mode) - if (fchmod(ofd, omode & ~mask)) - run_err("%s: set mode: %s", - np, strerror(errno)); - } - (void)close(ofd); - (void)response(); - if (setimes && wrerr == NO) { - setimes = 0; - if (utimes(np, tv) < 0) { - run_err("%s: set times: %s", - np, strerror(errno)); - wrerr = DISPLAYED; - } - } - switch(wrerr) { - case YES: - run_err("%s: %s", np, strerror(wrerrno)); - break; - case NO: - (void)write(rem, "", 1); - break; - case DISPLAYED: - break; - } - } -screwup: - run_err("protocol error: %s", why); - exit(1); -} - -#ifdef KERBEROS -int -kerberos(host, bp, locuser, user) - char **host, *bp, *locuser, *user; -{ - struct servent *sp; - -again: - if (use_kerberos) { - rem = KSUCCESS; - errno = 0; - if (dest_realm == NULL) - dest_realm = krb_realmofhost(*host); - rem = -#ifdef CRYPT - doencrypt ? - krcmd_mutual(host, - port, user, bp, 0, dest_realm, &cred, schedule) : -#endif - krcmd(host, port, user, bp, 0, dest_realm); - - if (rem < 0) { - use_kerberos = 0; - if ((sp = getservbyname("shell", "tcp")) == NULL) - errx(1, "unknown service shell/tcp"); - if (errno == ECONNREFUSED) - oldw("remote host doesn't support Kerberos"); - else if (errno == ENOENT) - oldw("can't provide Kerberos authentication data"); - port = sp->s_port; - goto again; - } - } else { -#ifdef CRYPT - if (doencrypt) - errx(1, - "the -x option requires Kerberos authentication"); -#endif - rem = rcmd(host, port, locuser, user, bp, 0); - } - return (rem); -} -#endif /* KERBEROS */ - -int -response() -{ - char ch, *cp, resp, rbuf[BUFSIZ]; - - if (read(rem, &resp, sizeof(resp)) != sizeof(resp)) - lostconn(0); - - cp = rbuf; - switch(resp) { - case 0: /* ok */ - return (0); - default: - *cp++ = resp; - /* FALLTHROUGH */ - case 1: /* error, followed by error msg */ - case 2: /* fatal error, "" */ - do { - if (read(rem, &ch, sizeof(ch)) != sizeof(ch)) - lostconn(0); - *cp++ = ch; - } while (cp < &rbuf[BUFSIZ] && ch != '\n'); - - if (!iamremote) - (void)write(STDERR_FILENO, rbuf, cp - rbuf); - ++errs; - if (resp == 1) - return (-1); - exit(1); - } - /* NOTREACHED */ -} - -void -usage() -{ -#ifdef KERBEROS -#ifdef CRYPT - (void)fprintf(stderr, "%s\n\t%s\n", - "usage: rcp [-Kpx] [-k realm] f1 f2", - "or: rcp [-Kprx] [-k realm] f1 ... fn directory"); -#else - (void)fprintf(stderr, "%s\n\t%s\n", - "usage: rcp [-Kp] [-k realm] f1 f2", - "or: rcp [-Kpr] [-k realm] f1 ... fn directory"); -#endif -#else - (void)fprintf(stderr, - "usage: rcp [-p] f1 f2; or: rcp [-pr] f1 ... fn directory\n"); -#endif - exit(1); -} - -#if __STDC__ -#include -#else -#include -#endif - -#ifdef KERBEROS -void -#if __STDC__ -oldw(const char *fmt, ...) -#else -oldw(fmt, va_alist) - char *fmt; - va_dcl -#endif -{ - va_list ap; -#if __STDC__ - va_start(ap, fmt); -#else - va_start(ap); -#endif - (void)fprintf(stderr, "rcp: "); - (void)vfprintf(stderr, fmt, ap); - (void)fprintf(stderr, ", using standard rcp\n"); - va_end(ap); -} -#endif - -void -#if __STDC__ -run_err(const char *fmt, ...) -#else -run_err(fmt, va_alist) - char *fmt; - va_dcl -#endif -{ - static FILE *fp; - va_list ap; -#if __STDC__ - va_start(ap, fmt); -#else - va_start(ap); -#endif - - ++errs; - if (fp == NULL && !(fp = fdopen(rem, "w"))) - return; - (void)fprintf(fp, "%c", 0x01); - (void)fprintf(fp, "rcp: "); - (void)vfprintf(fp, fmt, ap); - (void)fprintf(fp, "\n"); - (void)fflush(fp); - - if (!iamremote) - vwarnx(fmt, ap); - - va_end(ap); -} diff --git a/rcp.tproj/util.c b/rcp.tproj/util.c deleted file mode 100644 index 7ee6866..0000000 --- a/rcp.tproj/util.c +++ /dev/null @@ -1,187 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "extern.h" - -char * -colon(cp) - char *cp; -{ - if (*cp == ':') /* Leading colon is part of file name. */ - return (0); - - for (; *cp; ++cp) { - if (*cp == ':') - return (cp); - if (*cp == '/') - return (0); - } - return (0); -} - -void -verifydir(cp) - char *cp; -{ - struct stat stb; - - if (!stat(cp, &stb)) { - if (S_ISDIR(stb.st_mode)) - return; - errno = ENOTDIR; - } - run_err("%s: %s", cp, strerror(errno)); - exit(1); -} - -int -okname(cp0) - char *cp0; -{ - int c; - char *cp; - - cp = cp0; - do { - c = *cp; - if (c & 0200) - goto bad; - if (!isalpha(c) && !isdigit(c) && c != '_' && c != '-') - goto bad; - } while (*++cp); - return (1); - -bad: warnx("%s: invalid user name", cp0); - return (0); -} - -int -susystem(s, userid) - int userid; - char *s; -{ - sig_t istat, qstat; - int status, w; - pid_t pid; - - pid = vfork(); - switch (pid) { - case -1: - return (127); - - case 0: - (void)setuid(userid); - execl(_PATH_BSHELL, "sh", "-c", s, NULL); - _exit(127); - } - istat = signal(SIGINT, SIG_IGN); - qstat = signal(SIGQUIT, SIG_IGN); - if (waitpid(pid, &status, 0) < 0) - status = -1; - (void)signal(SIGINT, istat); - (void)signal(SIGQUIT, qstat); - return (status); -} - -BUF * -allocbuf(bp, fd, blksize) - BUF *bp; - int fd, blksize; -{ - struct stat stb; - size_t size; - - if (fstat(fd, &stb) < 0) { - run_err("fstat: %s", strerror(errno)); - return (0); - } - size = roundup(stb.st_blksize, blksize); - if (size == 0) - size = blksize; - if (bp->cnt >= size) - return (bp); - if ((bp->buf = realloc(bp->buf, size)) == NULL) { - bp->cnt = 0; - run_err("%s", strerror(errno)); - return (0); - } - bp->cnt = size; - return (bp); -} - -void -lostconn(signo) - int signo; -{ - if (!iamremote) - warnx("lost connection"); - exit(1); -} diff --git a/revnetgroup.tproj/Makefile b/revnetgroup.tproj/Makefile deleted file mode 100644 index a494108..0000000 --- a/revnetgroup.tproj/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = revnetgroup - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = hash.h - -CFILES = hash.c parse_netgroup.c revnetgroup.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble revnetgroup.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/revnetgroup.tproj/Makefile.postamble b/revnetgroup.tproj/Makefile.postamble deleted file mode 100644 index 159b0ca..0000000 --- a/revnetgroup.tproj/Makefile.postamble +++ /dev/null @@ -1,105 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S -STRIPFLAGS = - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# - -install-man-page: - install -d $(DSTROOT)/usr/share/man/man8 - install -c -m 444 revnetgroup.8 $(DSTROOT)/usr/share/man/man8/revnetgroup.8 diff --git a/revnetgroup.tproj/Makefile.preamble b/revnetgroup.tproj/Makefile.preamble deleted file mode 100644 index e48625d..0000000 --- a/revnetgroup.tproj/Makefile.preamble +++ /dev/null @@ -1,125 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. <> -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSION: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -AFTER_INSTALL += install-man-page diff --git a/revnetgroup.tproj/PB.project b/revnetgroup.tproj/PB.project deleted file mode 100644 index 3a8d039..0000000 --- a/revnetgroup.tproj/PB.project +++ /dev/null @@ -1,27 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (hash.h); - OTHER_LIBS = (); - OTHER_LINKED = (hash.c, parse_netgroup.c, revnetgroup.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, revnetgroup.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = revnetgroup; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/revnetgroup.tproj/hash.c b/revnetgroup.tproj/hash.c deleted file mode 100644 index 9aee4bd..0000000 --- a/revnetgroup.tproj/hash.c +++ /dev/null @@ -1,244 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: hash.c,v 1.1 1997/04/15 22:06:11 maja Exp $ */ -/* - * Copyright (c) 1995 - * Bill Paul . All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Bill Paul. - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD: hash.c,v 1.4 1997/02/22 14:22:01 peter Exp $ - */ - -#include -#include -#include -#include -#include "hash.h" - -#ifndef lint -static const char rcsid[] = "$OpenBSD: hash.c,v 1.1 1997/04/15 22:06:11 maja Exp $"; -#endif - -/* - * This hash function is stolen directly from the - * Berkeley DB package. It already exists inside libc, but - * it's declared static which prevents us from calling it - * from here. - */ -/* - * OZ's original sdbm hash - */ -u_int32_t -hash(keyarg, len) - const void *keyarg; - register size_t len; -{ - register const u_char *key; - register size_t loop; - register u_int32_t h; - -#define HASHC h = *key++ + 65599 * h - - h = 0; - key = keyarg; - if (len > 0) { - loop = (len + 8 - 1) >> 3; - - switch (len & (8 - 1)) { - case 0: - do { - HASHC; - /* FALLTHROUGH */ - case 7: - HASHC; - /* FALLTHROUGH */ - case 6: - HASHC; - /* FALLTHROUGH */ - case 5: - HASHC; - /* FALLTHROUGH */ - case 4: - HASHC; - /* FALLTHROUGH */ - case 3: - HASHC; - /* FALLTHROUGH */ - case 2: - HASHC; - /* FALLTHROUGH */ - case 1: - HASHC; - } while (--loop); - } - } - return (h); -} - -/* - * Generate a hash value for a given key (character string). - * We mask off all but the lower 8 bits since our table array - * can only hold 256 elements. - */ -u_int32_t hashkey(key) - char *key; -{ - - if (key == NULL) - return (-1); - return(hash((void *)key, strlen(key)) & HASH_MASK); -} - -/* Find an entry in the hash table (may be hanging off a linked list). */ -char *lookup(table, key) - struct group_entry *table[]; - char *key; -{ - struct group_entry *cur; - - cur = table[hashkey(key)]; - - while (cur) { - if (!strcmp(cur->key, key)) - return(cur->data); - cur = cur->next; - } - - return(NULL); -} - -/* - * Store an entry in the main netgroup hash table. Here's how this - * works: the table can only be so big when we initialize it (TABLESIZE) - * but the number of netgroups in the /etc/netgroup file could easily be - * much larger than the table. Since our hash values are adjusted to - * never be greater than TABLESIZE too, this means it won't be long before - * we find ourselves with two keys that hash to the same value. - * - * One way to deal with this is to malloc(2) a second table and start - * doing indirection, but this is a pain in the butt and it's not worth - * going to all that trouble for a dinky little program like this. Instead, - * we turn each table entry into a linked list and simply link keys - * with the same hash value together at the same index location within - * the table. - * - * That's a lot of comment for such a small piece of code, isn't it. - */ -void store (table, key, data) - struct group_entry *table[]; - char *key, *data; -{ - struct group_entry *new; - u_int32_t i; - - i = hashkey(key); - - new = (struct group_entry *)malloc(sizeof(struct group_entry)); - new->key = strdup(key); - new->data = strdup(data); - new->next = table[i]; - table[i] = new; - - return; -} - -/* - * Store a group member entry and/or update its grouplist. This is - * a bit more complicated than the previous function since we have to - * maintain not only the hash table of group members, each group member - * structure also has a linked list of groups hung off it. If handed - * a member name that we haven't encountered before, we have to do - * two things: add that member to the table (possibly hanging them - * off the end of a linked list, as above), and add a group name to - * the member's grouplist list. If we're handed a name that already has - * an entry in the table, then we just have to do one thing, which is - * to update its grouplist. - */ -void mstore (table, key, data, domain) - struct member_entry *table[]; - char *key, *data, *domain; -{ - struct member_entry *cur, *new; - struct grouplist *tmp,*p; - u_int32_t i; - - i = hashkey(key); - cur = table[i]; - - tmp = (struct grouplist *)malloc(sizeof(struct grouplist)); - tmp->groupname = strdup(data); - tmp->next = NULL; - - /* Check if all we have to do is insert a new groupname. */ - while (cur) { - if (!strcmp(cur->key, key) && !strcmp(cur->domain,domain)) { - p = cur->groups; - while(p) { - if (!strcmp(p->groupname,data)) - return; - p = p->next; - } - tmp->next = cur->groups; - cur->groups = tmp; - return; - } - cur = cur->next; - } - - /* Didn't find a match -- add the whole mess to the table. */ - new = (struct member_entry *)malloc(sizeof(struct member_entry)); - new->key = strdup(key); - new->domain = strdup(domain); - new->groups = tmp; - new->next = table[i]; - table[i] = new; - - return; -} diff --git a/revnetgroup.tproj/hash.h b/revnetgroup.tproj/hash.h deleted file mode 100644 index 822c9e0..0000000 --- a/revnetgroup.tproj/hash.h +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: hash.h,v 1.1 1997/04/15 22:06:12 maja Exp $ */ -/* - * Copyright (c) 1995 - * Bill Paul . All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Bill Paul. - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD: hash.h,v 1.5 1997/02/22 14:22:02 peter Exp $ - */ - -/* Groupname entry hung off a member_entry node. */ -struct grouplist { - char *groupname; - struct grouplist *next; -}; - -/* Entry in the cooked member list hash table. */ -struct member_entry { - char *key; - char *domain; - struct grouplist *groups; - struct member_entry *next; -}; - -/* Entry in the raw netgroup table. */ -struct group_entry { - char *key; - char *data; - struct group_entry *next; -}; - -/* Table size (chosen arbitrarily). Not too big, not too small. */ -#define TABLESIZE 256 -#define HASH_MASK 0x000000FF - -#define LINSIZ 1024 * 10 - -extern void store __P(( struct group_entry ** , char *, char * )); -extern void mstore __P(( struct member_entry ** , char *, char *, char * )); -extern char *lookup __P(( struct group_entry **, char * )); -extern void __endnetgrent __P(( void )); -extern void __setnetgrent __P(( char * )); -extern int __getnetgrent __P(( char **, char **, char ** )); diff --git a/revnetgroup.tproj/parse_netgroup.c b/revnetgroup.tproj/parse_netgroup.c deleted file mode 100644 index 0d1e07a..0000000 --- a/revnetgroup.tproj/parse_netgroup.c +++ /dev/null @@ -1,394 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: parse_netgroup.c,v 1.2 1997/08/18 03:11:35 millert Exp $ */ -/* - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Rick Macklem at The University of Guelph. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD: parse_netgroup.c,v 1.5 1997/02/22 14:22:02 peter Exp $ - */ - -/* - * This is a specially hacked-up version of getnetgrent.c used to parse - * data from the stored hash table of netgroup info rather than from a - * file. It's used mainly for the parse_netgroup() function. All the YP - * stuff and file support has been stripped out since it isn't needed. - */ - -#include -#include -#include -#include -#include "hash.h" - -#ifndef lint -static const char rcsid[] = "$OpenBSD: parse_netgroup.c,v 1.2 1997/08/18 03:11:35 millert Exp $"; -#endif - -/* - * Static Variables and functions used by setnetgrent(), getnetgrent() and - * __endnetgrent(). - * There are two linked lists: - * - linelist is just used by setnetgrent() to parse the net group file via. - * parse_netgrp() - * - netgrp is the list of entries for the current netgroup - */ -struct linelist { - struct linelist *l_next; /* Chain ptr. */ - int l_parsed; /* Flag for cycles */ - char *l_groupname; /* Name of netgroup */ - char *l_line; /* Netgroup entrie(s) to be parsed */ -}; - -struct netgrp { - struct netgrp *ng_next; /* Chain ptr */ - char *ng_str[3]; /* Field pointers, see below */ -}; -#define NG_HOST 0 /* Host name */ -#define NG_USER 1 /* User name */ -#define NG_DOM 2 /* and Domain name */ - -static struct linelist *linehead = (struct linelist *)0; -static struct netgrp *nextgrp = (struct netgrp *)0; -static struct { - struct netgrp *gr; - char *grname; -} grouphead = { - (struct netgrp *)0, - (char *)0, -}; -static int parse_netgrp(); -static struct linelist *read_for_group(); -void __setnetgrent(), __endnetgrent(); -int __getnetgrent(); -extern struct group_entry *gtable[]; - -/* - * setnetgrent() - * Parse the netgroup file looking for the netgroup and build the list - * of netgrp structures. Let parse_netgrp() and read_for_group() do - * most of the work. - */ -void -__setnetgrent(group) - char *group; -{ - /* Sanity check */ - - if (group == NULL || !strlen(group)) - return; - - if (grouphead.gr == (struct netgrp *)0 || - strcmp(group, grouphead.grname)) { - __endnetgrent(); - if (parse_netgrp(group)) - __endnetgrent(); - else { - grouphead.grname = (char *) - malloc(strlen(group) + 1); - strcpy(grouphead.grname, group); - } - } - nextgrp = grouphead.gr; -} - -/* - * Get the next netgroup off the list. - */ -int -__getnetgrent(hostp, userp, domp) - char **hostp, **userp, **domp; -{ - if (nextgrp) { - *hostp = nextgrp->ng_str[NG_HOST]; - *userp = nextgrp->ng_str[NG_USER]; - *domp = nextgrp->ng_str[NG_DOM]; - nextgrp = nextgrp->ng_next; - return (1); - } - return (0); -} - -/* - * __endnetgrent() - cleanup - */ -void -__endnetgrent() -{ - register struct linelist *lp, *olp; - register struct netgrp *gp, *ogp; - - lp = linehead; - while (lp) { - olp = lp; - lp = lp->l_next; - free(olp->l_groupname); - free(olp->l_line); - free((char *)olp); - } - linehead = (struct linelist *)0; - if (grouphead.grname) { - free(grouphead.grname); - grouphead.grname = (char *)0; - } - gp = grouphead.gr; - while (gp) { - ogp = gp; - gp = gp->ng_next; - if (ogp->ng_str[NG_HOST]) - free(ogp->ng_str[NG_HOST]); - if (ogp->ng_str[NG_USER]) - free(ogp->ng_str[NG_USER]); - if (ogp->ng_str[NG_DOM]) - free(ogp->ng_str[NG_DOM]); - free((char *)ogp); - } - grouphead.gr = (struct netgrp *)0; -} - -/* - * Parse the netgroup file setting up the linked lists. - */ -static int -parse_netgrp(group) - char *group; -{ - register char *spos, *epos; - register int len, strpos; -#ifdef DEBUG - register int fields; -#endif - char *pos, *gpos; - struct netgrp *grp; - struct linelist *lp = linehead; - - /* - * First, see if the line has already been read in. - */ - while (lp) { - if (!strcmp(group, lp->l_groupname)) - break; - lp = lp->l_next; - } - if (lp == (struct linelist *)0 && - (lp = read_for_group(group)) == (struct linelist *)0) - return (1); - if (lp->l_parsed) { -#ifdef DEBUG - /* - * This error message is largely superflous since the - * code handles the error condition sucessfully, and - * spewing it out from inside libc can actually hose - * certain programs. - */ - fprintf(stderr, "Cycle in netgroup %s\n", lp->l_groupname); -#endif - return (1); - } else - lp->l_parsed = 1; - pos = lp->l_line; - /* Watch for null pointer dereferences, dammit! */ - while (pos != NULL && *pos != '\0') { - if (*pos == '(') { - grp = (struct netgrp *)malloc(sizeof (struct netgrp)); - bzero((char *)grp, sizeof (struct netgrp)); - grp->ng_next = grouphead.gr; - grouphead.gr = grp; - pos++; - gpos = strsep(&pos, ")"); -#ifdef DEBUG - fields = 0; -#endif - for (strpos = 0; strpos < 3; strpos++) { - if ((spos = strsep(&gpos, ","))) { -#ifdef DEBUG - fields++; -#endif - while (*spos == ' ' || *spos == '\t') - spos++; - if ((epos = strpbrk(spos, " \t"))) { - *epos = '\0'; - len = epos - spos; - } else - len = strlen(spos); - if (len > 0) { - grp->ng_str[strpos] = (char *) - malloc(len + 1); - bcopy(spos, grp->ng_str[strpos], - len + 1); - } - } else { - /* - * All other systems I've tested - * return NULL for empty netgroup - * fields. It's up to user programs - * to handle the NULLs appropriately. - */ - grp->ng_str[strpos] = NULL; - } - } -#ifdef DEBUG - /* - * Note: on other platforms, malformed netgroup - * entries are not normally flagged. While we - * can catch bad entries and report them, we should - * stay silent by default for compatibility's sake. - */ - if (fields < 3) - fprintf(stderr, "Bad entry (%s%s%s%s%s) in netgroup \"%s\"\n", - grp->ng_str[NG_HOST] == NULL ? "" : grp->ng_str[NG_HOST], - grp->ng_str[NG_USER] == NULL ? "" : ",", - grp->ng_str[NG_USER] == NULL ? "" : grp->ng_str[NG_USER], - grp->ng_str[NG_DOM] == NULL ? "" : ",", - grp->ng_str[NG_DOM] == NULL ? "" : grp->ng_str[NG_DOM], - lp->l_groupname); -#endif - } else { - spos = strsep(&pos, ", \t"); - if (parse_netgrp(spos)) - continue; - } - /* Watch for null pointer dereferences, dammit! */ - if (pos != NULL) - while (*pos == ' ' || *pos == ',' || *pos == '\t') - pos++; - } - return (0); -} - -/* - * Read the netgroup file and save lines until the line for the netgroup - * is found. Return 1 if eof is encountered. - */ -static struct linelist * -read_for_group(group) - char *group; -{ - register char *pos, *spos, *linep = NULL, *olinep = NULL; - register int len, olen; - int cont; - struct linelist *lp; - char line[LINSIZ + 1]; - char *data = NULL; - - data = lookup (gtable, group); - sprintf(line, "%s %s", group, data); - pos = (char *)&line; -#ifdef CANT_HAPPEN - if (*pos == '#') - continue; -#endif - while (*pos == ' ' || *pos == '\t') - pos++; - spos = pos; - while (*pos != ' ' && *pos != '\t' && *pos != '\n' && - *pos != '\0') - pos++; - len = pos - spos; - while (*pos == ' ' || *pos == '\t') - pos++; - if (*pos != '\n' && *pos != '\0') { - lp = (struct linelist *)malloc(sizeof (*lp)); - lp->l_parsed = 0; - lp->l_groupname = (char *)malloc(len + 1); - bcopy(spos, lp->l_groupname, len); - *(lp->l_groupname + len) = '\0'; - len = strlen(pos); - olen = 0; - /* - * Loop around handling line continuations. - */ - do { - if (*(pos + len - 1) == '\n') - len--; - if (*(pos + len - 1) == '\\') { - len--; - cont = 1; - } else - cont = 0; - if (len > 0) { - linep = (char *)malloc(olen + len + 1); - if (olen > 0) { - bcopy(olinep, linep, olen); - free(olinep); - } - bcopy(pos, linep + olen, len); - olen += len; - *(linep + olen) = '\0'; - olinep = linep; - } -#ifdef CANT_HAPPEN - if (cont) { - if (fgets(line, LINSIZ, netf)) { - pos = line; - len = strlen(pos); - } else - cont = 0; - } -#endif - } while (cont); - lp->l_line = linep; - lp->l_next = linehead; - linehead = lp; -#ifdef CANT_HAPPEN - /* - * If this is the one we wanted, we are done. - */ - if (!strcmp(lp->l_groupname, group)) -#endif - return (lp); - } - return ((struct linelist *)0); -} diff --git a/revnetgroup.tproj/revnetgroup.8 b/revnetgroup.tproj/revnetgroup.8 deleted file mode 100644 index aea4095..0000000 --- a/revnetgroup.tproj/revnetgroup.8 +++ /dev/null @@ -1,138 +0,0 @@ -.\" $OpenBSD: revnetgroup.8,v 1.1 1997/04/15 22:06:14 maja Exp $ -.\" Copyright (c) 1995 -.\" Bill Paul . All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Bill Paul. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $FreeBSD: revnetgroup.8,v 1.4 1997/02/22 14:22:03 peter Exp $ -.\" -.Dd October 24, 1995 -.Dt REVNETGROUP 8 -.Os -.Sh NAME -.Nm revnetgroup -.Nd "generate reverse netgroup data" -.Sh SYNOPSIS -.Nm revnetgroup -.Fl u -.Fl h -.Op Fl f Ar netgroup_file -.Sh DESCRIPTION -.Nm revnetgroup -processes the contents of a file in -.Xr netgroup 5 -format into what is called -.Pa reverse netgroup -form. That is, where the original file shows -netgroup memberships in terms of which members reside in a particular -group, the reverse netgroup format specifies what groups are associated -with a particular member. This information is used to generate the -.Nm netgroup.byuser -and -.Nm netgroup.byhosts -YP maps. These reverse netgroup maps are used to help speed up -netgroup lookups, particularly for the -.Fn innetgr -library function. -.Pp -For example, the standard -.Nm /etc/netgroup -file may list a netgroup and a list of its members. Here, the -netgroup is considered the -.Pa key -and the member names are the -.Pa data . -By contrast, the reverse -.Nm netgroup.byusers -database lists each unique -member as the key and the netgroups to which the members belong become -the data. Seperate databases are created to hold information pertaining -to users and hosts; this allows netgroup username lookups -and netgroup hostname lookups to be performed using independent keyspaces. -.Pp -By constructing these reverse netgroup databases (and the corresponding -YP maps) in advance, the -.Xr getnetgrent 3 -library functions are spared from having to work out the dependencies -themselves on the fly. This is important on networks with large numbers -of users and hosts, since it can take a considerable amount of time -to process very large netgroup databases. -.Pp -The -.Nm revnetgroup -command prints its results on the standard output. It is usually called -only by -.Nm /var/yp/\/Makefile -when rebuilding the YP netgroup maps. -.Pp -.Sh OPTIONS -The -.Nm revnetgroup -command supports the following options: -.Bl -tag -width flag -.It Fl u -Generate netgroup.byuser output; only username information in the -original netgroup file is processed. -.It Fl h -Generate netgroup.byhost output; only hostname information in the -original netgroup file is processed. (Note at least one of the -.Fl u -or -.Fl h -flags must be specified.) -.It Op Fl f Ar netgroup_file -The -.Nm revnetgroup -command uses -.Nm /etc/netgroup -as its default input file. The -.Fl f -flag allows the user to specify an alternate input file. Specifying ``-'' -as the input file causes -.Nm revnetgroup -to read from the standard input. -.El -.Sh FILES -.Bl -tag -width Pa -compact -.It Pa /var/yp/\Makefile -The Makefile that calls -.Nm makedbm -and -.Nm revnetgroup -to build the YP databases. -.It Pa /etc/netgroup -The default netgroup database file. This file is most often found -only on the YP master server. -.El -.Sh SEE ALSO -.Xr getnetgrent 3 , -.Xr yp 8 , -.Xr netgroup 5 , -.Xr makedbm 8 -.Sh AUTHOR -Bill Paul diff --git a/revnetgroup.tproj/revnetgroup.c b/revnetgroup.tproj/revnetgroup.c deleted file mode 100644 index a45db99..0000000 --- a/revnetgroup.tproj/revnetgroup.c +++ /dev/null @@ -1,221 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: revnetgroup.c,v 1.1 1997/04/15 22:06:15 maja Exp $ */ -/* - * Copyright (c) 1995 - * Bill Paul . All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Bill Paul. - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * reverse netgroup map generator program - * - * Written by Bill Paul - * Center for Telecommunications Research - * Columbia University, New York City - * - * $FreeBSD: revnetgroup.c,v 1.7 1997/03/28 15:48:15 imp Exp $ - */ - -#include -#include -#include -#include -#include -#include "hash.h" - -#ifndef lint -static const char rcsid[] = "$OpenBSD: revnetgroup.c,v 1.1 1997/04/15 22:06:15 maja Exp $"; -#endif - -/* Default location of netgroup file. */ -char *netgroup = "/etc/netgroup"; - -/* Stored hash table version of 'forward' netgroup database. */ -struct group_entry *gtable[TABLESIZE]; - -/* - * Stored hash table of 'reverse' netgroup member database - * which we will construct. - */ -struct member_entry *mtable[TABLESIZE]; - -void usage(prog) -char *prog; -{ - fprintf (stderr,"usage: %s -u|-h [-f netgroup file]\n",prog); - exit(1); -} - -extern char *optarg; - -int -main(argc, argv) - int argc; - char *argv[]; -{ - FILE *fp; - char readbuf[LINSIZ]; - struct group_entry *gcur; - struct member_entry *mcur; - char *host, *user, *domain; - int ch; - char *key = NULL, *data = NULL; - int hosts = -1, i; - - if (argc < 2) - usage(argv[0]); - - while ((ch = getopt(argc, argv, "uhf:")) != -1) { - switch(ch) { - case 'u': - if (hosts != -1) { - warnx("please use only one of -u or -h"); - usage(argv[0]); - } - hosts = 0; - break; - case 'h': - if (hosts != -1) { - warnx("please use only one of -u or -h"); - usage(argv[0]); - } - hosts = 1; - break; - case 'f': - netgroup = optarg; - break; - default: - usage(argv[0]); - break; - } - } - - if (hosts == -1) - usage(argv[0]); - - if (strcmp(netgroup, "-")) { - if ((fp = fopen(netgroup, "r")) == NULL) { - err(1,netgroup); - } - } else { - fp = stdin; - } - - /* Stuff all the netgroup names and members into a hash table. */ - while (fgets(readbuf, LINSIZ, fp)) { - if (readbuf[0] == '#') - continue; - /* handle backslash line continuations */ - while(readbuf[strlen(readbuf) - 2] == '\\') { - fgets((char *)&readbuf[strlen(readbuf) - 2], - sizeof(readbuf) - strlen(readbuf), fp); - } - data = NULL; - if ((data = (char *)(strpbrk(readbuf, " \t") + 1)) < (char *)2) - continue; - key = (char *)&readbuf; - *(data - 1) = '\0'; - store(gtable, key, data); - } - - fclose(fp); - - /* - * Find all members of each netgroup and keep track of which - * group they belong to. - */ - for (i = 0; i < TABLESIZE; i++) { - gcur = gtable[i]; - while(gcur) { - __setnetgrent(gcur->key); - while(__getnetgrent(&host, &user, &domain) != NULL) { - if (hosts) { - if (!(host && !strcmp(host,"-"))) { - mstore(mtable, - host ? host : "*", - gcur->key, - domain ? domain : "*"); - } - } else { - if (!(user && !strcmp(user,"-"))) { - mstore(mtable, - user ? user : "*", - gcur->key, - domain ? domain : "*"); - } - } - } - gcur = gcur->next; - } - } - - /* Release resources used by the netgroup parser code. */ - __endnetgrent(); - - /* Spew out the results. */ - for (i = 0; i < TABLESIZE; i++) { - mcur = mtable[i]; - while(mcur) { - struct grouplist *tmp; - printf ("%s.%s\t", mcur->key, mcur->domain); - tmp = mcur->groups; - while(tmp) { - printf ("%s", tmp->groupname); - tmp = tmp->next; - if (tmp) - printf(","); - } - mcur = mcur->next; - printf ("\n"); - } - } - - /* Let the OS free all our resources. */ - exit(0); -} diff --git a/rexecd.tproj/Makefile b/rexecd.tproj/Makefile deleted file mode 100644 index cc14895..0000000 --- a/rexecd.tproj/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rexecd - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = rexecd.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble rexecd.8 exec.plist - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/libexec -WINDOWS_INSTALLDIR = /usr/libexec -PDO_UNIX_INSTALLDIR = /usr/libexec -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rexecd.tproj/Makefile.postamble b/rexecd.tproj/Makefile.postamble deleted file mode 100644 index 034b0ce..0000000 --- a/rexecd.tproj/Makefile.postamble +++ /dev/null @@ -1,116 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# ENGLISH - boolean flag set iff $(LANGUAGE) = "English" -# JAPANESE - boolean flag set iff $(LANGUAGE) = "Japanese" -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder that output Makefile -# APPICON - application icon file -# DOCICONS - dock icon files -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A -#COMPATIBILITY_PROJECT_VERSION = 1 - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wall -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root # User/group ownership -#INSTALL_AS_GROUP = wheel # (probably want to set both of these) -#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S # for .a archives -#DYNAMIC_STRIP_OPTS = -S # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. - -after_install: - mkdir -p $(DSTROOT)/usr/share/man/man8 - install -c -m 444 rexecd.8 $(DSTROOT)/usr/share/man/man8/rexecd.8 - mkdir -p "$(DSTROOT)/System/Library/LaunchDaemons" - cp exec.plist "$(DSTROOT)/System/Library/LaunchDaemons/" diff --git a/rexecd.tproj/Makefile.preamble b/rexecd.tproj/Makefile.preamble deleted file mode 100644 index dcbd1c8..0000000 --- a/rexecd.tproj/Makefile.preamble +++ /dev/null @@ -1,119 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set all three of these if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the specified dir on the -# specified public header files with the specified additional flags. Don't put -# $(DSTROOT) in PUBLIC_HEADER_DIR; this is done for you. -PUBLIC_HEADER_DIR = -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# A virtual root directory (other than /) to be prepended to the $(INSTALLDIR) -# passed from ProjectBuilder. -DSTROOT = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - --include ../Makefile.include diff --git a/rexecd.tproj/PB.project b/rexecd.tproj/PB.project deleted file mode 100644 index aa703bb..0000000 --- a/rexecd.tproj/PB.project +++ /dev/null @@ -1,42 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (rexecd.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, rexecd.8); - PRECOMPILED_HEADERS = (); - PROJECT_HEADERS = (); - PUBLIC_HEADERS = (); - SUBPROJECTS = (); - }; - GENERATEMAIN = YES; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_DOCUMENTEXTENSIONS = (); - NEXTSTEP_INSTALLDIR = /usr/libexec; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/libexec; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = rexecd; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/libexec; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/rexecd.tproj/exec.plist b/rexecd.tproj/exec.plist deleted file mode 100644 index 4d2849e..0000000 --- a/rexecd.tproj/exec.plist +++ /dev/null @@ -1,27 +0,0 @@ - - - - - Disabled - - Label - com.apple.rexecd - ProgramArguments - - /usr/libexec/rexecd - - inetdCompatibility - - Wait - - - Sockets - - Listeners - - SockServiceName - exec - - - - diff --git a/rexecd.tproj/rexecd.8 b/rexecd.tproj/rexecd.8 deleted file mode 100644 index 3035900..0000000 --- a/rexecd.tproj/rexecd.8 +++ /dev/null @@ -1,149 +0,0 @@ -.\" Copyright (c) 1983, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rexecd.8 8.3 (Berkeley) 6/1/94 -.\" -.Dd June 1, 1994 -.Dt REXECD 8 -.Os BSD 4.2 -.Sh NAME -.Nm rexecd -.Nd remote execution server -.Sh SYNOPSIS -.Nm rexecd -.Sh DESCRIPTION -.Nm Rexecd -is the server for the -.Xr rexec 3 -routine. The server provides remote execution facilities -with authentication based on user names and -passwords. -.Pp -.Nm Rexecd -listens for service requests at the port indicated in -the ``exec'' service specification; see -.Xr services 5 . -When a service request is received the following protocol -is initiated: -.Bl -enum -.It -The server reads characters from the socket up -to a NUL -.Pq Ql \e0 -byte. The resultant string is -interpreted as an -.Tn ASCII -number, base 10. -.It -If the number received in step 1 is non-zero, -it is interpreted as the port number of a secondary -stream to be used for the -.Em stderr . -A second connection is then created to the specified -port on the client's machine. -.It -A NUL terminated user name of at most 16 characters -is retrieved on the initial socket. -.It -A NUL terminated, unencrypted password of at most -16 characters is retrieved on the initial socket. -.It -A NUL terminated command to be passed to a -shell is retrieved on the initial socket. The length of -the command is limited by the upper bound on the size of -the system's argument list. -.It -.Nm Rexecd -then validates the user as is done at login time -and, if the authentication was successful, changes -to the user's home directory, and establishes the user -and group protections of the user. -If any of these steps fail the connection is -aborted with a diagnostic message returned. -.It -A NUL byte is returned on the initial socket -and the command line is passed to the normal login -shell of the user. The -shell inherits the network connections established -by -.Nm rexecd . -.El -.Sh DIAGNOSTICS -Except for the last one listed below, -all diagnostic messages are returned on the initial socket, -after which any network connections are closed. -An error is indicated by a leading byte with a value of -1 (0 is returned in step 7 above upon successful completion -of all the steps prior to the command execution). -.Pp -.Bl -tag -width Ds -.It Sy username too long -The name is -longer than 16 characters. -.It Sy password too long -The password is longer than 16 characters. -.It Sy command too long -The command line passed exceeds the size of the argument -list (as configured into the system). -.It Sy Login incorrect. -No password file entry for the user name existed. -.It Sy Password incorrect. -The wrong password was supplied. -.ne 1i -.It Sy \&No remote directory. -The -.Xr chdir -command to the home directory failed. -.It Sy Try again. -A -.Xr fork -by the server failed. -.It Sy : ... -The user's login shell could not be started. -This message is returned -on the connection associated with the -.Em stderr , -and is not preceded by a flag byte. -.El -.Sh SEE ALSO -.Xr rexec 3 -.Sh BUGS -Indicating ``Login incorrect'' as opposed to ``Password incorrect'' -is a security breach which allows people to probe a system for users -with null passwords. -.Pp -A facility to allow all data and password exchanges to be encrypted should be -present. -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . diff --git a/rexecd.tproj/rexecd.c b/rexecd.tproj/rexecd.c deleted file mode 100644 index ec9e009..0000000 --- a/rexecd.tproj/rexecd.c +++ /dev/null @@ -1,285 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1983, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -static char sccsid[] = "@(#)rexecd.c 8.1 (Berkeley) 6/4/93"; -#endif /* not lint */ - -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/*VARARGS1*/ -int error(); - -/* - * remote execute server: - * username\0 - * password\0 - * command\0 - * data - */ -/*ARGSUSED*/ -main(argc, argv) - int argc; - char **argv; -{ - struct sockaddr_in from; - int fromlen; - - fromlen = sizeof (from); - if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) { - (void)fprintf(stderr, - "rexecd: getpeername: %s\n", strerror(errno)); - exit(1); - } - doit(0, &from); -} - -char username[20] = "USER="; -char homedir[64] = "HOME="; -char shell[64] = "SHELL="; -char path[sizeof(_PATH_DEFPATH) + sizeof("PATH=")] = "PATH="; -char *envinit[] = - {homedir, shell, path, username, 0}; -#ifdef __APPLE__ -extern -#endif -char **environ; - -struct sockaddr_in asin = { AF_INET }; - -doit(f, fromp) - int f; - struct sockaddr_in *fromp; -{ - char cmdbuf[NCARGS+1], *cp, *namep; - char user[16], pass[16]; - struct passwd *pwd; - int s; - u_short port; - int pv[2], pid, ready, readfrom, cc; - char buf[BUFSIZ], sig; - int one = 1; - - (void) signal(SIGINT, SIG_DFL); - (void) signal(SIGQUIT, SIG_DFL); - (void) signal(SIGTERM, SIG_DFL); -#ifdef DEBUG - { int t = open(_PATH_TTY, 2); - if (t >= 0) { - ioctl(t, TIOCNOTTY, (char *)0); - (void) close(t); - } - } -#endif - dup2(f, 0); - dup2(f, 1); - dup2(f, 2); - (void) alarm(60); - port = 0; - for (;;) { - char c; - if (read(f, &c, 1) != 1) - exit(1); - if (c == 0) - break; - port = port * 10 + c - '0'; - } - (void) alarm(0); - if (port != 0) { - s = socket(AF_INET, SOCK_STREAM, 0); - if (s < 0) - exit(1); - if (bind(s, (struct sockaddr *)&asin, sizeof (asin)) < 0) - exit(1); - (void) alarm(60); - fromp->sin_port = htons(port); - if (connect(s, (struct sockaddr *)fromp, sizeof (*fromp)) < 0) - exit(1); - (void) alarm(0); - } - getstr(user, sizeof(user), "username"); - getstr(pass, sizeof(pass), "password"); - getstr(cmdbuf, sizeof(cmdbuf), "command"); - setpwent(); - pwd = getpwnam(user); - if (pwd == NULL) { - error("Login incorrect.\n"); - exit(1); - } - endpwent(); - if (*pwd->pw_passwd != '\0') { - namep = crypt(pass, pwd->pw_passwd); - if (strcmp(namep, pwd->pw_passwd)) { - error("Password incorrect.\n"); - exit(1); - } - } - if (chdir(pwd->pw_dir) < 0) { - error("No remote directory.\n"); - exit(1); - } - (void) write(2, "\0", 1); - if (port) { - (void) pipe(pv); - pid = fork(); - if (pid == -1) { - error("Try again.\n"); - exit(1); - } - if (pid) { - (void) close(0); (void) close(1); (void) close(2); - (void) close(f); (void) close(pv[1]); - readfrom = (1<pw_shell == '\0') - pwd->pw_shell = _PATH_BSHELL; - if (f > 2) - (void) close(f); - (void) setgid((gid_t)pwd->pw_gid); - initgroups(pwd->pw_name, pwd->pw_gid); - (void) setuid((uid_t)pwd->pw_uid); - (void)strcat(path, _PATH_DEFPATH); - environ = envinit; - strncat(homedir, pwd->pw_dir, sizeof(homedir)-6); - strncat(shell, pwd->pw_shell, sizeof(shell)-7); - strncat(username, pwd->pw_name, sizeof(username)-6); - cp = strrchr(pwd->pw_shell, '/'); - if (cp) - cp++; - else - cp = pwd->pw_shell; - execl(pwd->pw_shell, cp, "-c", cmdbuf, 0); - perror(pwd->pw_shell); - exit(1); -} - -/*VARARGS1*/ -error(fmt, a1, a2, a3) - char *fmt; - int a1, a2, a3; -{ - char buf[BUFSIZ]; - - buf[0] = 1; - (void) sprintf(buf+1, fmt, a1, a2, a3); - (void) write(2, buf, strlen(buf)); -} - -getstr(buf, cnt, err) - char *buf; - int cnt; - char *err; -{ - char c; - - do { - if (read(0, &c, 1) != 1) - exit(1); - *buf++ = c; - if (--cnt == 0) { - error("%s too long\n", err); - exit(1); - } - } while (c != 0); -} diff --git a/rlogin.tproj/Makefile b/rlogin.tproj/Makefile deleted file mode 100644 index bd0c481..0000000 --- a/rlogin.tproj/Makefile +++ /dev/null @@ -1,55 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rlogin - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = krb.h - -CFILES = des_rw.c kcmd.c krcmd.c rlogin.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble rlogin.1 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /usr/bin -PDO_UNIX_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - -NEXTSTEP_PB_CFLAGS = -DCRYPT -WINDOWS_PB_CFLAGS = -DCRYPT -PDO_UNIX_PB_CFLAGS = -DCRYPT - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rlogin.tproj/Makefile.postamble b/rlogin.tproj/Makefile.postamble deleted file mode 100644 index f68db0c..0000000 --- a/rlogin.tproj/Makefile.postamble +++ /dev/null @@ -1,5 +0,0 @@ -INSTALL_PERMISSIONS = 4755 # If set, 'install' chmod's executable to this - -after_install: - mkdir -p $(DSTROOT)/usr/share/man/man1 - install -c -m 444 rlogin.1 $(DSTROOT)/usr/share/man/man1/rlogin.1 diff --git a/rlogin.tproj/Makefile.preamble b/rlogin.tproj/Makefile.preamble deleted file mode 100644 index 925a5c7..0000000 --- a/rlogin.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -CLEAN_ALL_SUBPROJECTS = YES -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include diff --git a/rlogin.tproj/PB.project b/rlogin.tproj/PB.project deleted file mode 100644 index 2898a5d..0000000 --- a/rlogin.tproj/PB.project +++ /dev/null @@ -1,42 +0,0 @@ -{ - FILESTABLE = { - CLASSES = (); - C_FILES = (); - H_FILES = (krb.h); - OTHER_LIBS = (); - OTHER_LINKED = (des_rw.c, kcmd.c, krcmd.c, rlogin.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, rlogin.1); - PRECOMPILED_HEADERS = (); - PROJECT_HEADERS = (); - PUBLIC_HEADERS = (); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_COMPILEROPTIONS = "-DCRYPT"; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_MAINNIB = rlogin; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = "-DCRYPT"; - PDO_UNIX_INSTALLDIR = /usr/bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_MAINNIB = rlogin; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = rlogin; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = "-DCRYPT"; - WINDOWS_INSTALLDIR = /usr/bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_MAINNIB = rlogin; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/rlogin.tproj/des_rw.c b/rlogin.tproj/des_rw.c deleted file mode 100644 index 4e056cf..0000000 --- a/rlogin.tproj/des_rw.c +++ /dev/null @@ -1,226 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)des_rw.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#ifdef CRYPT -#ifdef KERBEROS -#include - -#include -#include - -#include -#include -#include -#include - -static unsigned char des_inbuf[10240], storage[10240], *store_ptr; -static bit_64 *key; -static u_char *key_schedule; - -/* XXX these should be in a kerberos include file */ -int krb_net_read __P((int, char *, int)); -#ifdef notdef -/* XXX too hard to make this work */ -int des_pcbc_encrypt __P((des_cblock *, des_cblock *, long, - des_key_schedule, des_cblock *, int)); -#endif - -/* - * NB: These routines will not function properly if NBIO - * is set - */ - -/* - * des_set_key - * - * Set des encryption/decryption key for use by the des_read and - * des_write routines - * - * The inkey parameter is actually the DES initial vector, - * and the insched is the DES Key unwrapped for faster decryption - */ - -void -des_set_key(inkey, insched) - bit_64 *inkey; - u_char *insched; -{ - key = inkey; - key_schedule = insched; -} - -void -des_clear_key() -{ - bzero((char *) key, sizeof(C_Block)); - bzero((char *) key_schedule, sizeof(Key_schedule)); -} - - -int -des_read(fd, buf, len) - int fd; - register char *buf; - int len; -{ - int nreturned = 0; - long net_len, rd_len; - int nstored = 0; - - if (nstored >= len) { - (void) bcopy(store_ptr, buf, len); - store_ptr += len; - nstored -= len; - return(len); - } else if (nstored) { - (void) bcopy(store_ptr, buf, nstored); - nreturned += nstored; - buf += nstored; - len -= nstored; - nstored = 0; - } - - if (krb_net_read(fd, (char *)&net_len, sizeof(net_len)) != - sizeof(net_len)) { - /* XXX can't read enough, pipe - must have closed */ - return(0); - } - net_len = ntohl(net_len); - if (net_len <= 0 || net_len > sizeof(des_inbuf)) { - /* preposterous length; assume out-of-sync; only - recourse is to close connection, so return 0 */ - return(0); - } - /* the writer tells us how much real data we are getting, but - we need to read the pad bytes (8-byte boundary) */ - rd_len = roundup(net_len, 8); - if (krb_net_read(fd, (char *)des_inbuf, rd_len) != rd_len) { - /* pipe must have closed, return 0 */ - return(0); - } - (void) des_pcbc_encrypt(des_inbuf, /* inbuf */ - storage, /* outbuf */ - net_len, /* length */ - key_schedule, /* DES key */ - key, /* IV */ - DECRYPT); /* direction */ - - if(net_len < 8) - store_ptr = storage + 8 - net_len; - else - store_ptr = storage; - - nstored = net_len; - if (nstored > len) { - (void) bcopy(store_ptr, buf, len); - nreturned += len; - store_ptr += len; - nstored -= len; - } else { - (void) bcopy(store_ptr, buf, nstored); - nreturned += nstored; - nstored = 0; - } - - return(nreturned); -} - -static unsigned char des_outbuf[10240]; /* > longest write */ - -int -des_write(fd, buf, len) - int fd; - char *buf; - int len; -{ - static int seeded = 0; - static char garbage_buf[8]; - long net_len, garbage; - - if(len < 8) { - if(!seeded) { - seeded = 1; - srandom((int) time((long *)0)); - } - garbage = random(); - /* insert random garbage */ - (void) bcopy(&garbage, garbage_buf, MIN(sizeof(long),8)); - /* this "right-justifies" the data in the buffer */ - (void) bcopy(buf, garbage_buf + 8 - len, len); - } - /* pcbc_encrypt outputs in 8-byte (64 bit) increments */ - - (void) des_pcbc_encrypt((len < 8) ? garbage_buf : buf, - des_outbuf, - (len < 8) ? 8 : len, - key_schedule, /* DES key */ - key, /* IV */ - ENCRYPT); - - /* tell the other end the real amount, but send an 8-byte padded - packet */ - net_len = htonl(len); - (void) write(fd, &net_len, sizeof(net_len)); - (void) write(fd, des_outbuf, roundup(len,8)); - return(len); -} -#endif /* KERBEROS */ -#endif /* CRYPT */ diff --git a/rlogin.tproj/kcmd.c b/rlogin.tproj/kcmd.c deleted file mode 100644 index 1482dda..0000000 --- a/rlogin.tproj/kcmd.c +++ /dev/null @@ -1,329 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if !defined(__APPLE__) || defined(KERBEROS) - -#include -#include -#include -#include - -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "krb.h" - -#ifndef MAXHOSTNAMELEN -#define MAXHOSTNAMELEN 64 -#endif - -#define START_PORT 5120 /* arbitrary */ - -int getport __P((int *)); - -int -kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, ticket, service, realm, - cred, schedule, msg_data, laddr, faddr, authopts) - int *sock; - char **ahost; - u_short rport; - char *locuser, *remuser, *cmd; - int *fd2p; - KTEXT ticket; - char *service; - char *realm; - CREDENTIALS *cred; - Key_schedule schedule; - MSG_DAT *msg_data; - struct sockaddr_in *laddr, *faddr; - long authopts; -{ - int s, timo = 1, pid; - long oldmask; - struct sockaddr_in sin, from; - char c; -#ifdef ATHENA_COMPAT - int lport = IPPORT_RESERVED - 1; -#else - int lport = START_PORT; -#endif - struct hostent *hp; - int rc; - char *host_save; - int status; - - pid = getpid(); - hp = gethostbyname(*ahost); - if (hp == NULL) { - /* fprintf(stderr, "%s: unknown host\n", *ahost); */ - return (-1); - } - - host_save = malloc(strlen(hp->h_name) + 1); - strcpy(host_save, hp->h_name); - *ahost = host_save; - -#ifdef KERBEROS - /* If realm is null, look up from table */ - if (realm == NULL || realm[0] == '\0') - realm = krb_realmofhost(host_save); -#endif /* KERBEROS */ - - oldmask = sigblock(sigmask(SIGURG)); - for (;;) { - s = getport(&lport); - if (s < 0) { - if (errno == EAGAIN) - fprintf(stderr, - "kcmd(socket): All ports in use\n"); - else - perror("kcmd: socket"); - sigsetmask(oldmask); - return (-1); - } - fcntl(s, F_SETOWN, pid); - sin.sin_family = hp->h_addrtype; -#if defined(ultrix) || defined(sun) - bcopy(hp->h_addr, (caddr_t)&sin.sin_addr, hp->h_length); -#else - bcopy(hp->h_addr_list[0], (caddr_t)&sin.sin_addr, hp->h_length); -#endif - sin.sin_port = rport; - if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0) - break; - (void) close(s); - if (errno == EADDRINUSE) { - lport--; - continue; - } - /* - * don't wait very long for Kerberos rcmd. - */ - if (errno == ECONNREFUSED && timo <= 4) { - /* sleep(timo); don't wait at all here */ - timo *= 2; - continue; - } -#if !(defined(ultrix) || defined(sun)) - if (hp->h_addr_list[1] != NULL) { - int oerrno = errno; - - fprintf(stderr, - "kcmd: connect to address %s: ", - inet_ntoa(sin.sin_addr)); - errno = oerrno; - perror(NULL); - hp->h_addr_list++; - bcopy(hp->h_addr_list[0], (caddr_t)&sin.sin_addr, - hp->h_length); - fprintf(stderr, "Trying %s...\n", - inet_ntoa(sin.sin_addr)); - continue; - } -#endif /* !(defined(ultrix) || defined(sun)) */ - if (errno != ECONNREFUSED) - perror(hp->h_name); - sigsetmask(oldmask); - return (-1); - } - lport--; - if (fd2p == 0) { - write(s, "", 1); - lport = 0; - } else { - char num[8]; - int s2 = getport(&lport), s3; - int len = sizeof(from); - - if (s2 < 0) { - status = -1; - goto bad; - } - listen(s2, 1); - (void) sprintf(num, "%d", lport); - if (write(s, num, strlen(num) + 1) != strlen(num) + 1) { - perror("kcmd(write): setting up stderr"); - (void) close(s2); - status = -1; - goto bad; - } - s3 = accept(s2, (struct sockaddr *)&from, &len); - (void) close(s2); - if (s3 < 0) { - perror("kcmd:accept"); - lport = 0; - status = -1; - goto bad; - } - *fd2p = s3; - from.sin_port = ntohs((u_short)from.sin_port); - if (from.sin_family != AF_INET || - from.sin_port >= IPPORT_RESERVED) { - fprintf(stderr, - "kcmd(socket): protocol failure in circuit setup.\n"); - status = -1; - goto bad2; - } - } - /* - * Kerberos-authenticated service. Don't have to send locuser, - * since its already in the ticket, and we'll extract it on - * the other side. - */ - /* (void) write(s, locuser, strlen(locuser)+1); */ - - /* set up the needed stuff for mutual auth, but only if necessary */ - if (authopts & KOPT_DO_MUTUAL) { - int sin_len; - *faddr = sin; - - sin_len = sizeof(struct sockaddr_in); - if (getsockname(s, (struct sockaddr *)laddr, &sin_len) < 0) { - perror("kcmd(getsockname)"); - status = -1; - goto bad2; - } - } -#ifdef KERBEROS - if ((status = krb_sendauth(authopts, s, ticket, service, *ahost, - realm, (unsigned long) getpid(), msg_data, - cred, schedule, - laddr, - faddr, - "KCMDV0.1")) != KSUCCESS) - goto bad2; -#endif /* KERBEROS */ - - (void) write(s, remuser, strlen(remuser)+1); - (void) write(s, cmd, strlen(cmd)+1); - - if ((rc = read(s, &c, 1)) != 1) { - if (rc == -1) - perror(*ahost); - else - fprintf(stderr,"kcmd: bad connection with remote host\n"); - status = -1; - goto bad2; - } - if (c != '\0') { - while (read(s, &c, 1) == 1) { - (void) write(2, &c, 1); - if (c == '\n') - break; - } - status = -1; - goto bad2; - } - sigsetmask(oldmask); - *sock = s; - return (KSUCCESS); -bad2: - if (lport) - (void) close(*fd2p); -bad: - (void) close(s); - sigsetmask(oldmask); - return (status); -} - -int -getport(alport) - int *alport; -{ - struct sockaddr_in sin; - int s; - - sin.sin_family = AF_INET; - sin.sin_addr.s_addr = INADDR_ANY; - s = socket(AF_INET, SOCK_STREAM, 0); - if (s < 0) - return (-1); - for (;;) { - sin.sin_port = htons((u_short)*alport); - if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0) - return (s); - if (errno != EADDRINUSE) { - (void) close(s); - return (-1); - } - (*alport)--; -#ifdef ATHENA_COMPAT - if (*alport == IPPORT_RESERVED/2) { -#else - if (*alport == IPPORT_RESERVED) { -#endif - (void) close(s); - errno = EAGAIN; /* close */ - return (-1); - } - } -} - -#endif /* !NeXT || KERBEROS */ diff --git a/rlogin.tproj/krb.h b/rlogin.tproj/krb.h deleted file mode 100644 index 10b6dca..0000000 --- a/rlogin.tproj/krb.h +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)krb.h 8.1 (Berkeley) 6/6/93 - */ - -/* - * XXX - * These should be in a kerberos include file. - */ -void des_clear_key __P(()); -int des_read __P((int, char *, int)); -void des_set_key __P((C_Block, Key_schedule)); -int des_write __P((int, char *, int)); -int krb_net_read __P((int, char *, int)); -char *krb_realmofhost __P((char *)); -int krb_sendauth __P((long, int, KTEXT, char *, char *, char *, - u_long, MSG_DAT *, CREDENTIALS *, Key_schedule, - struct sockaddr_in *, struct sockaddr_in *, char *)); -int krcmd __P((char **, u_short, char *, char *, int *, char *)); -int krcmd_mutual __P((char **, u_short, char *, char *, int *, - char *, CREDENTIALS *, Key_schedule)); diff --git a/rlogin.tproj/krcmd.c b/rlogin.tproj/krcmd.c deleted file mode 100644 index d6acb22..0000000 --- a/rlogin.tproj/krcmd.c +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -/* - * $Source: /Volumes/george/fs-svn/network_cmds/rlogin.tproj/krcmd.c,v $ - * $Header: /mit/kerberos/ucb/mit/kcmd/RCS/krcmd.c,v 5.1 - * 89/07/25 15:38:44 kfall Exp Locker: kfall $ - * static char *rcsid_kcmd_c = - * "$Header: /mit/kerberos/ucb/mit/kcmd/RCS/krcmd.c,v 5.1 89/07/25 15:38:44 - * kfall Exp Locker: kfall $"; - */ - -#ifdef KERBEROS -#include -#ifdef CRYPT -#include -#endif - -#include - -#include -#include - -#include - -#define SERVICE_NAME "rcmd" - -int kcmd __P((int *, char **, u_short, char *, char *, char *, int *, - KTEXT, char *, char *, CREDENTIALS *, Key_schedule, MSG_DAT *, - struct sockaddr_in *, struct sockaddr_in *, long)); - -/* - * krcmd: simplified version of Athena's "kcmd" - * returns a socket attached to the destination, -1 or krb error on error - * if fd2p is non-NULL, another socket is filled in for it - */ - -int -krcmd(ahost, rport, remuser, cmd, fd2p, realm) - char **ahost; - u_short rport; - char *remuser, *cmd; - int *fd2p; - char *realm; -{ - int sock = -1, err = 0; - KTEXT_ST ticket; - long authopts = 0L; - - err = kcmd( - &sock, - ahost, - rport, - NULL, /* locuser not used */ - remuser, - cmd, - fd2p, - &ticket, - SERVICE_NAME, - realm, - (CREDENTIALS *) NULL, /* credentials not used */ - (bit_64 *) NULL, /* key schedule not used */ - (MSG_DAT *) NULL, /* MSG_DAT not used */ - (struct sockaddr_in *) NULL, /* local addr not used */ - (struct sockaddr_in *) NULL, /* foreign addr not used */ - authopts - ); - - if (err > KSUCCESS && err < MAX_KRB_ERRORS) { - fprintf(stderr, "krcmd: %s\n", krb_err_txt[err]); - return(-1); - } - if (err < 0) - return(-1); - return(sock); -} - -#ifdef CRYPT -int -krcmd_mutual(ahost, rport, remuser, cmd, fd2p, realm, cred, sched) - char **ahost; - u_short rport; - char *remuser, *cmd; - int *fd2p; - char *realm; - CREDENTIALS *cred; - Key_schedule sched; -{ - int sock, err; - KTEXT_ST ticket; - MSG_DAT msg_dat; - struct sockaddr_in laddr, faddr; - long authopts = KOPT_DO_MUTUAL; - - err = kcmd( - &sock, - ahost, - rport, - NULL, /* locuser not used */ - remuser, - cmd, - fd2p, - &ticket, - SERVICE_NAME, - realm, - cred, /* filled in */ - sched, /* filled in */ - &msg_dat, /* filled in */ - &laddr, /* filled in */ - &faddr, /* filled in */ - authopts - ); - - if (err > KSUCCESS && err < MAX_KRB_ERRORS) { - fprintf(stderr, "krcmd_mutual: %s\n", krb_err_txt[err]); - return(-1); - } - - if (err < 0) - return (-1); - return(sock); -} -#endif /* CRYPT */ -#endif /* KERBEROS */ diff --git a/rlogin.tproj/rlogin.1 b/rlogin.tproj/rlogin.1 deleted file mode 100644 index b0b0c51..0000000 --- a/rlogin.tproj/rlogin.1 +++ /dev/null @@ -1,131 +0,0 @@ -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rlogin.1 8.2 (Berkeley) 4/29/95 -.\" -.Dd April 29, 1995 -.Dt RLOGIN 1 -.Os BSD 4.2 -.Sh NAME -.Nm rlogin -.Nd remote login -.Sh SYNOPSIS -.Nm rlogin -.Op Fl 8ELd -.Op Fl e Ar char -.Op Fl k Ar realm -.Op Fl l Ar username -.Ar host -.Nm rlogin -.Op Fl 8ELd -.Op Fl e Ar char -.Ar username@host -.Sh DESCRIPTION -.Nm Rlogin -starts a terminal session on a remote host -.Ar host . -.Pp -.Nm Rlogin -first attempts to use the standard Berkeley -.Pa rhosts -authorization mechanism. -The options are as follows: -.Bl -tag -width flag -.It Fl 8 -The -.Fl 8 -option allows an eight-bit input data path at all times; otherwise -parity bits are stripped except when the remote side's stop and start -characters are other than -^S/^Q . -.It Fl E -The -.Fl E -option stops any character from being recognized as an escape character. -When used with the -.Fl 8 -option, this provides a completely transparent connection. -.It Fl L -The -.Fl L -option allows the rlogin session to be run in ``litout'' (see -.Xr tty 4 ) -mode. -.It Fl d -The -.Fl d -option turns on socket debugging (see -.Xr setsockopt 2 ) -on the TCP sockets used for communication with the remote host. -.It Fl e -The -.Fl e -option allows user specification of the escape character, which is -``~'' by default. -This specification may be as a literal character, or as an octal -value in the form \ennn. -.El -.Pp -A line of the form ``.'' disconnects from the remote host. -Similarly, the line ``^Z'' will suspend the -.Nm rlogin -session, and ``'' suspends the -send portion of the rlogin, but allows output from the remote system. -By default, the tilde (``~'') character is the escape character, and -normally control-Y (``^Y'') is the delayed-suspend character. -.Pp -All echoing takes place at the remote site, so that (except for delays) -the -.Nm rlogin -is transparent. -Flow control via ^S/^Q and flushing of input and output on interrupts -are handled properly. -.Sh ENVIRONMENT -The following environment variable is utilized by -.Nm rlogin : -.Bl -tag -width TERM -.It Ev TERM -Determines the user's terminal type. -.El -.Sh SEE ALSO -.Xr rsh 1 -.Sh HISTORY -The -.Nm rlogin -command appeared in -.Bx 4.2 . -.Sh BUGS -.Nm Rlogin -will be replaced by -.Xr telnet 1 -in the near future. -.Pp -More of the environment should be propagated. diff --git a/rlogin.tproj/rlogin.c b/rlogin.tproj/rlogin.c deleted file mode 100644 index b819699..0000000 --- a/rlogin.tproj/rlogin.c +++ /dev/null @@ -1,1011 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -/* - * rlogin - remote login - */ -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#ifdef __STDC__ -#include -#else -#include -#endif - -#ifdef KERBEROS -#include -#include - -#include "krb.h" - -CREDENTIALS cred; -Key_schedule schedule; -int use_kerberos = 1, doencrypt; -char dst_realm_buf[REALM_SZ], *dest_realm = NULL; -#endif - -#ifndef TIOCPKT_WINDOW -#define TIOCPKT_WINDOW 0x80 -#endif - -/* concession to Sun */ -#ifndef SIGUSR1 -#define SIGUSR1 30 -#endif - -int eight, litout, rem; - -int noescape; -u_char escapechar = '~'; - -#ifdef OLDSUN -struct winsize { - unsigned short ws_row, ws_col; - unsigned short ws_xpixel, ws_ypixel; -}; -#else -#define get_window_size(fd, wp) ioctl(fd, TIOCGWINSZ, wp) -#endif -struct winsize winsize; - -void catch_child __P((int)); -void copytochild __P((int)); -__dead void doit __P((sigset_t *)); -__dead void done __P((int)); -void echo __P((char)); -u_int getescape __P((char *)); -static void do_exit __P((int)); -void lostpeer __P((int)); -void mode __P((int)); -void msg __P((char *)); -void oob __P((int)); -int reader __P((sigset_t *)); -void sendwindow __P((void)); -void setsignal __P((int)); -int speed __P((int)); -void sigwinch __P((int)); -void stop __P((char)); -__dead void usage __P((void)); -void writer __P((void)); -void writeroob __P((int)); - -#ifdef KERBEROS -void warning __P((const char *, ...)); -#endif -#ifdef OLDSUN -int get_window_size __P((int, struct winsize *)); -#endif - -int -main(argc, argv) - int argc; - char *argv[]; -{ - struct passwd *pw; - struct servent *sp; - sigset_t smask; - uid_t uid; - int argoff, ch, dflag, one; - char *host, *p, *user, term[1024]; - struct sigaction sa; - - argoff = dflag = 0; - one = 1; - host = user = NULL; - - if (p = strrchr(argv[0], '/')) - ++p; - else - p = argv[0]; - - if (strcmp(p, "rlogin") != 0) - host = p; - - /* handle "rlogin host flags" */ - if (!host && argc > 2 && argv[1][0] != '-') { - host = argv[1]; - argoff = 1; - } - -#ifdef KERBEROS -#define OPTIONS "8EKLde:k:l:x" -#else -#define OPTIONS "8EKLde:l:" -#endif - while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != EOF) - switch(ch) { - case '8': - eight = 1; - break; - case 'E': - noescape = 1; - break; - case 'K': -#ifdef KERBEROS - use_kerberos = 0; -#endif - break; - case 'L': - litout = 1; - break; - case 'd': - dflag = 1; - break; - case 'e': - noescape = 0; - escapechar = getescape(optarg); - break; -#ifdef KERBEROS - case 'k': - dest_realm = dst_realm_buf; - (void)strncpy(dest_realm, optarg, REALM_SZ); - break; -#endif - case 'l': - user = optarg; - break; -#ifdef CRYPT -#ifdef KERBEROS - case 'x': - doencrypt = 1; - des_set_key(cred.session, schedule); - break; -#endif -#endif - case '?': - default: - usage(); - } - optind += argoff; - argc -= optind; - argv += optind; - - /* if haven't gotten a host yet, do so */ - if (!host && !(host = *argv++)) - usage(); - - if (*argv) - usage(); - - if (!(pw = getpwuid(uid = getuid()))) - errx(1, "unknown user id."); - /* Accept user1@host format, though "-l user2" overrides user1 */ - p = strchr(host, '@'); - if (p) { - *p = '\0'; - if (!user && p > host) - user = host; - host = p + 1; - if (*host == '\0') - usage(); - } - if (!user) - user = pw->pw_name; - - sp = NULL; -#ifdef KERBEROS - if (use_kerberos) { - sp = getservbyname((doencrypt ? "eklogin" : "klogin"), "tcp"); - if (sp == NULL) { - use_kerberos = 0; - warning("can't get entry for %s/tcp service", - doencrypt ? "eklogin" : "klogin"); - } - } -#endif - if (sp == NULL) - sp = getservbyname("login", "tcp"); - if (sp == NULL) - errx(1, "login/tcp: unknown service."); - - (void)snprintf(term, sizeof(term), "%s/%d", - ((p = getenv("TERM")) ? p : "network"), - speed(0)); - - (void)get_window_size(0, &winsize); - - sigemptyset(&sa.sa_mask); - sa.sa_flags = SA_RESTART; - sa.sa_handler = lostpeer; - (void)sigaction(SIGPIPE, &sa, (struct sigaction *) 0); - /* will use SIGUSR1 for window size hack, so hold it off */ - sigemptyset(&smask); - sigaddset(&smask, SIGURG); - sigaddset(&smask, SIGUSR1); - (void)sigprocmask(SIG_SETMASK, &smask, &smask); - /* - * We set SIGURG and SIGUSR1 below so that an - * incoming signal will be held pending rather than being - * discarded. Note that these routines will be ready to get - * a signal by the time that they are unblocked below. - */ - sa.sa_handler = copytochild; - (void)sigaction(SIGURG, &sa, (struct sigaction *) 0); - sa.sa_handler = writeroob; - (void)sigaction(SIGUSR1, &sa, (struct sigaction *) 0); - -#ifdef KERBEROS -try_connect: - if (use_kerberos) { - struct hostent *hp; - - /* Fully qualify hostname (needed for krb_realmofhost). */ - hp = gethostbyname(host); - if (hp != NULL && !(host = strdup(hp->h_name))) - errx(1, "%s", strerror(ENOMEM)); - - rem = KSUCCESS; - errno = 0; - if (dest_realm == NULL) - dest_realm = krb_realmofhost(host); - -#ifdef CRYPT - if (doencrypt) - rem = krcmd_mutual(&host, sp->s_port, user, term, 0, - dest_realm, &cred, schedule); - else -#endif /* CRYPT */ - rem = krcmd(&host, sp->s_port, user, term, 0, - dest_realm); - if (rem < 0) { - use_kerberos = 0; - sp = getservbyname("login", "tcp"); - if (sp == NULL) - errx(1, "unknown service login/tcp."); - if (errno == ECONNREFUSED) - warning("remote host doesn't support Kerberos"); - if (errno == ENOENT) - warning("can't provide Kerberos auth data"); - goto try_connect; - } - } else { -#ifdef CRYPT - if (doencrypt) - errx(1, "the -x flag requires Kerberos authentication."); -#endif /* CRYPT */ - rem = rcmd(&host, sp->s_port, pw->pw_name, user, term, 0); - } -#else - rem = rcmd(&host, sp->s_port, pw->pw_name, user, term, 0); -#endif /* KERBEROS */ - - if (rem < 0) - exit(1); - - if (dflag && - setsockopt(rem, SOL_SOCKET, SO_DEBUG, &one, sizeof(one)) < 0) - warn("setsockopt DEBUG (ignored)"); - one = IPTOS_LOWDELAY; - if (setsockopt(rem, IPPROTO_IP, IP_TOS, (char *)&one, sizeof(int)) < 0) - warn("setsockopt TOS (ignored)"); - - (void)setuid(uid); - doit(&smask); - /*NOTREACHED*/ -} - -#if BSD >= 198810 -int -speed(fd) - int fd; -{ - struct termios tt; - - (void)tcgetattr(fd, &tt); - - return ((int) cfgetispeed(&tt)); -} -#else -int speeds[] = { /* for older systems, B0 .. EXTB */ - 0, 50, 75, 110, - 134, 150, 200, 300, - 600, 1200, 1800, 2400, - 4800, 9600, 19200, 38400 -}; - -int -speed(fd) - int fd; -{ - struct termios tt; - - (void)tcgetattr(fd, &tt); - - return (speeds[(int)cfgetispeed(&tt)]); -} -#endif - -pid_t child; -struct termios deftt; -struct termios nott; - -void -doit(smask) - sigset_t *smask; -{ - int i; - struct sigaction sa; - - for (i = 0; i < NCCS; i++) - nott.c_cc[i] = _POSIX_VDISABLE; - tcgetattr(0, &deftt); - nott.c_cc[VSTART] = deftt.c_cc[VSTART]; - nott.c_cc[VSTOP] = deftt.c_cc[VSTOP]; - sigemptyset(&sa.sa_mask); - sa.sa_flags = SA_RESTART; - sa.sa_handler = SIG_IGN; - (void)sigaction(SIGINT, &sa, (struct sigaction *) 0); - setsignal(SIGHUP); - setsignal(SIGQUIT); - child = fork(); - if (child == -1) { - warn("fork"); - done(1); - } - if (child == 0) { - mode(1); - if (reader(smask) == 0) { - msg("connection closed."); - exit(0); - } - sleep(1); - msg("\007connection closed."); - exit(1); - } - - /* - * We may still own the socket, and may have a pending SIGURG (or might - * receive one soon) that we really want to send to the reader. When - * one of these comes in, the trap copytochild simply copies such - * signals to the child. We can now unblock SIGURG and SIGUSR1 - * that were set above. - */ - (void)sigprocmask(SIG_SETMASK, smask, (sigset_t *) 0); - sa.sa_handler = catch_child; - (void)sigaction(SIGCHLD, &sa, (struct sigaction *) 0); - writer(); - msg("closed connection."); - done(0); -} - -/* trap a signal, unless it is being ignored. */ -void -setsignal(sig) - int sig; -{ - struct sigaction sa; - sigset_t sigs; - - sigemptyset(&sigs); - sigaddset(&sigs, sig); - sigprocmask(SIG_BLOCK, &sigs, &sigs); - - sigemptyset(&sa.sa_mask); - sa.sa_handler = do_exit; - sa.sa_flags = SA_RESTART; - (void)sigaction(sig, &sa, &sa); - if (sa.sa_handler == SIG_IGN) - (void)sigaction(sig, &sa, (struct sigaction *) 0); - - (void)sigprocmask(SIG_SETMASK, &sigs, (sigset_t *) 0); -} - -__dead void -done(status) - int status; -{ - pid_t w; - int wstatus; - struct sigaction sa; - - mode(0); - if (child > 0) { - /* make sure catch_child does not snap it up */ - sigemptyset(&sa.sa_mask); - sa.sa_handler = SIG_DFL; - sa.sa_flags = 0; - (void)sigaction(SIGCHLD, &sa, (struct sigaction *) 0); - if (kill(child, SIGKILL) >= 0) - while ((w = wait(&wstatus)) > 0 && w != child) - continue; - } - exit(status); -} - -int dosigwinch; - -/* - * This is called when the reader process gets the out-of-band (urgent) - * request to turn on the window-changing protocol. - */ -void -writeroob(signo) - int signo; -{ - struct sigaction sa; - - if (dosigwinch == 0) { - sendwindow(); - sigemptyset(&sa.sa_mask); - sa.sa_handler = sigwinch; - sa.sa_flags = SA_RESTART; - (void)sigaction(SIGWINCH, &sa, (struct sigaction *) 0); - } - dosigwinch = 1; -} - -void -catch_child(signo) - int signo; -{ - int status; - pid_t pid; - - for (;;) { - pid = waitpid(-1, &status, WNOHANG|WUNTRACED); - if (pid == 0) - return; - /* if the child (reader) dies, just quit */ - if (pid < 0 || (pid == child && !WIFSTOPPED(status))) - done(WEXITSTATUS(status) | WTERMSIG(status)); - } - /* NOTREACHED */ -} - -/* - * writer: write to remote: 0 -> line. - * ~. terminate - * ~^Z suspend rlogin process. - * ~ suspend rlogin process, but leave reader alone. - */ -void -writer() -{ - register int bol, local, n; - char c; - - bol = 1; /* beginning of line */ - local = 0; - for (;;) { - n = read(STDIN_FILENO, &c, 1); - if (n <= 0) { - if (n < 0 && errno == EINTR) - continue; - break; - } - /* - * If we're at the beginning of the line and recognize a - * command character, then we echo locally. Otherwise, - * characters are echo'd remotely. If the command character - * is doubled, this acts as a force and local echo is - * suppressed. - */ - if (bol) { - bol = 0; - if (!noescape && c == escapechar) { - local = 1; - continue; - } - } else if (local) { - local = 0; - if (c == '.' || c == deftt.c_cc[VEOF]) { - echo(c); - break; - } - if (c == deftt.c_cc[VSUSP] || c == deftt.c_cc[VDSUSP]) { - bol = 1; - echo(c); - stop(c); - continue; - } - if (c != escapechar) -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) - (void)des_write(rem, - (char *)&escapechar, 1); - else -#endif -#endif - (void)write(rem, &escapechar, 1); - } - -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) { - if (des_write(rem, &c, 1) == 0) { - msg("line gone"); - break; - } - } else -#endif -#endif - if (write(rem, &c, 1) == 0) { - msg("line gone"); - break; - } - bol = c == deftt.c_cc[VKILL] || c == deftt.c_cc[VEOF] || - c == deftt.c_cc[VINTR] || c == deftt.c_cc[VSUSP] || - c == '\r' || c == '\n'; - } -} - -void -#if __STDC__ -echo(register char c) -#else -echo(c) - register char c; -#endif -{ - register char *p; - char buf[8]; - - p = buf; - c &= 0177; - *p++ = escapechar; - if (c < ' ') { - *p++ = '^'; - *p++ = c + '@'; - } else if (c == 0177) { - *p++ = '^'; - *p++ = '?'; - } else - *p++ = c; - *p++ = '\r'; - *p++ = '\n'; - (void)write(STDOUT_FILENO, buf, p - buf); -} - -void -#if __STDC__ -stop(char cmdc) -#else -stop(cmdc) - char cmdc; -#endif -{ - struct sigaction sa; - - mode(0); - sigemptyset(&sa.sa_mask); - sa.sa_handler = SIG_IGN; - sa.sa_flags = SA_RESTART; - (void)sigaction(SIGCHLD, &sa, (struct sigaction *) 0); - (void)kill(cmdc == deftt.c_cc[VSUSP] ? 0 : getpid(), SIGTSTP); - sa.sa_handler = catch_child; - (void)sigaction(SIGCHLD, &sa, (struct sigaction *) 0); - mode(1); - sigwinch(0); /* check for size changes */ -} - -void -sigwinch(signo) - int signo; -{ - struct winsize ws; - - if (dosigwinch && get_window_size(0, &ws) == 0 && - memcmp(&ws, &winsize, sizeof(ws))) { - winsize = ws; - sendwindow(); - } -} - -/* - * Send the window size to the server via the magic escape - */ -void -sendwindow() -{ - struct winsize *wp; - char obuf[4 + sizeof (struct winsize)]; - - wp = (struct winsize *)(obuf+4); - obuf[0] = 0377; - obuf[1] = 0377; - obuf[2] = 's'; - obuf[3] = 's'; - wp->ws_row = htons(winsize.ws_row); - wp->ws_col = htons(winsize.ws_col); - wp->ws_xpixel = htons(winsize.ws_xpixel); - wp->ws_ypixel = htons(winsize.ws_ypixel); - -#ifdef CRYPT -#ifdef KERBEROS - if(doencrypt) - (void)des_write(rem, obuf, sizeof(obuf)); - else -#endif -#endif - (void)write(rem, obuf, sizeof(obuf)); -} - -/* - * reader: read from remote: line -> 1 - */ -#define READING 1 -#define WRITING 2 - -jmp_buf rcvtop; -pid_t ppid; -int rcvcnt, rcvstate; -char rcvbuf[8 * 1024]; - -void -oob(signo) - int signo; -{ - struct termios tt; - int atmark, n, out, rcvd; - char waste[BUFSIZ], mark; - - out = O_RDWR; - rcvd = 0; - while (recv(rem, &mark, 1, MSG_OOB) < 0) { - switch (errno) { - case EWOULDBLOCK: - /* - * Urgent data not here yet. It may not be possible - * to send it yet if we are blocked for output and - * our input buffer is full. - */ - if (rcvcnt < sizeof(rcvbuf)) { - n = read(rem, rcvbuf + rcvcnt, - sizeof(rcvbuf) - rcvcnt); - if (n <= 0) - return; - rcvd += n; - } else { - n = read(rem, waste, sizeof(waste)); - if (n <= 0) - return; - } - continue; - default: - return; - } - } - if (mark & TIOCPKT_WINDOW) { - /* Let server know about window size changes */ - (void)kill(ppid, SIGUSR1); - } - if (!eight && (mark & TIOCPKT_NOSTOP)) { - tcgetattr(0, &tt); - tt.c_iflag &= ~(IXON | IXOFF); - tt.c_cc[VSTOP] = _POSIX_VDISABLE; - tt.c_cc[VSTART] = _POSIX_VDISABLE; - tcsetattr(0, TCSANOW, &tt); - } - if (!eight && (mark & TIOCPKT_DOSTOP)) { - tcgetattr(0, &tt); - tt.c_iflag |= (IXON|IXOFF); - tt.c_cc[VSTOP] = deftt.c_cc[VSTOP]; - tt.c_cc[VSTART] = deftt.c_cc[VSTART]; - tcsetattr(0, TCSANOW, &tt); - } - if (mark & TIOCPKT_FLUSHWRITE) { - (void)ioctl(1, TIOCFLUSH, (char *)&out); - for (;;) { - if (ioctl(rem, SIOCATMARK, &atmark) < 0) { - warn("ioctl SIOCATMARK (ignored)"); - break; - } - if (atmark) - break; - n = read(rem, waste, sizeof (waste)); - if (n <= 0) - break; - } - /* - * Don't want any pending data to be output, so clear the recv - * buffer. If we were hanging on a write when interrupted, - * don't want it to restart. If we were reading, restart - * anyway. - */ - rcvcnt = 0; - longjmp(rcvtop, 1); - } - - /* oob does not do FLUSHREAD (alas!) */ - - /* - * If we filled the receive buffer while a read was pending, longjmp - * to the top to restart appropriately. Don't abort a pending write, - * however, or we won't know how much was written. - */ - if (rcvd && rcvstate == READING) - longjmp(rcvtop, 1); -} - -/* reader: read from remote: line -> 1 */ -int -reader(smask) - sigset_t *smask; -{ - pid_t pid; - int n, remaining; - char *bufp; - struct sigaction sa; - -#if BSD >= 43 || defined(SUNOS4) - pid = getpid(); /* modern systems use positives for pid */ -#else - pid = -getpid(); /* old broken systems use negatives */ -#endif - sigemptyset(&sa.sa_mask); - sa.sa_flags = SA_RESTART; - sa.sa_handler = SIG_IGN; - (void)sigaction(SIGTTOU, &sa, (struct sigaction *) 0); - sa.sa_handler = oob; - (void)sigaction(SIGURG, &sa, (struct sigaction *) 0); - ppid = getppid(); - (void)fcntl(rem, F_SETOWN, pid); - (void)setjmp(rcvtop); - (void)sigprocmask(SIG_SETMASK, smask, (sigset_t *) 0); - bufp = rcvbuf; - for (;;) { - while ((remaining = rcvcnt - (bufp - rcvbuf)) > 0) { - rcvstate = WRITING; - n = write(STDOUT_FILENO, bufp, remaining); - if (n < 0) { - if (errno != EINTR) - return (-1); - continue; - } - bufp += n; - } - bufp = rcvbuf; - rcvcnt = 0; - rcvstate = READING; - -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) - rcvcnt = des_read(rem, rcvbuf, sizeof(rcvbuf)); - else -#endif -#endif - rcvcnt = read(rem, rcvbuf, sizeof (rcvbuf)); - if (rcvcnt == 0) - return (0); - if (rcvcnt < 0) { - if (errno == EINTR) - continue; - warn("read"); - return (-1); - } - } -} - -void -mode(f) - int f; -{ - struct termios tt; - - switch (f) { - case 0: - tcsetattr(0, TCSADRAIN, &deftt); - break; - case 1: - tt = deftt; - tt.c_oflag &= ~(OPOST); - tt.c_lflag &= ~(ECHO | ICANON | IEXTEN | ISIG); - tt.c_iflag &= ~(ICRNL); - tt.c_cc[VMIN] = 1; - tt.c_cc[VTIME] = 0; - if (eight) { - tt.c_iflag &= ~(IXON | IXOFF | ISTRIP); - tt.c_cc[VSTOP] = _POSIX_VDISABLE; - tt.c_cc[VSTART] = _POSIX_VDISABLE; - } - /*if (litout) - lflags |= LLITOUT;*/ - tcsetattr(0, TCSADRAIN, &tt); - break; - - default: - return; - } -} - -void -lostpeer(signo) - int signo; -{ - struct sigaction sa; - - sigemptyset(&sa.sa_mask); - sa.sa_flags = SA_RESTART; - sa.sa_handler = SIG_IGN; - (void)sigaction(SIGPIPE, &sa, (struct sigaction *) 0); - msg("\007connection closed."); - done(1); -} - -/* copy SIGURGs to the child process. */ -void -copytochild(signo) - int signo; -{ - - (void)kill(child, SIGURG); -} - -static void do_exit(int signo) -{ - exit(signo); -} - -void -msg(str) - char *str; -{ - - (void)fprintf(stderr, "rlogin: %s\r\n", str); -} - -#ifdef KERBEROS -/* VARARGS */ -void -#if __STDC__ -warning(const char *fmt, ...) -#else -warning(fmt, va_alist) - char *fmt; - va_dcl -#endif -{ - va_list ap; - - (void)fprintf(stderr, "rlogin: warning, using standard rlogin: "); -#ifdef __STDC__ - va_start(ap, fmt); -#else - va_start(ap); -#endif - vfprintf(stderr, fmt, ap); - va_end(ap); - (void)fprintf(stderr, ".\n"); -} -#endif - -__dead void -usage() -{ - (void)fprintf(stderr, - "usage: rlogin [ -%s]%s[-e char] [ -l username ] [username@]host\n", -#ifdef KERBEROS -#ifdef CRYPT - "8EKLx", " [-k realm] "); -#else - "8EKL", " [-k realm] "); -#endif -#else - "8EL", " "); -#endif - exit(1); -} - -/* - * The following routine provides compatibility (such as it is) between older - * Suns and others. Suns have only a `ttysize', so we convert it to a winsize. - */ -#ifdef OLDSUN -int -get_window_size(fd, wp) - int fd; - struct winsize *wp; -{ - struct ttysize ts; - int error; - - if ((error = ioctl(0, TIOCGSIZE, &ts)) != 0) - return (error); - wp->ws_row = ts.ts_lines; - wp->ws_col = ts.ts_cols; - wp->ws_xpixel = 0; - wp->ws_ypixel = 0; - return (0); -} -#endif - -u_int -getescape(p) - register char *p; -{ - long val; - int len; - - if ((len = strlen(p)) == 1) /* use any single char, including '\' */ - return ((u_int)*p); - /* otherwise, \nnn */ - if (*p == '\\' && len >= 2 && len <= 4) { - val = strtol(++p, NULL, 8); - for (;;) { - if (!*++p) - return ((u_int)val); - if (*p < '0' || *p > '8') - break; - } - } - msg("illegal option value -- e"); - usage(); - /* NOTREACHED */ -} diff --git a/rlogind.tproj/Makefile b/rlogind.tproj/Makefile deleted file mode 100644 index cfc5a28..0000000 --- a/rlogind.tproj/Makefile +++ /dev/null @@ -1,55 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rlogind - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = pathnames.h - -CFILES = rlogind.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble rlogind.8 login.plist - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/libexec -WINDOWS_INSTALLDIR = /usr/libexec -PDO_UNIX_INSTALLDIR = /usr/libexec -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - -NEXTSTEP_PB_CFLAGS = -DCRYPT -WINDOWS_PB_CFLAGS = -DCRYPT -PDO_UNIX_PB_CFLAGS = -DCRYPT - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rlogind.tproj/Makefile.postamble b/rlogind.tproj/Makefile.postamble deleted file mode 100644 index fc25871..0000000 --- a/rlogind.tproj/Makefile.postamble +++ /dev/null @@ -1,7 +0,0 @@ -VPATH += :../rlogin.tproj - -after_install: - install -d $(DSTROOT)/usr/share/man/man8 - install -c -m 444 rlogind.8 $(DSTROOT)/usr/share/man/man8/rlogind.8 - mkdir -p "$(DSTROOT)/System/Library/LaunchDaemons" - cp login.plist "$(DSTROOT)/System/Library/LaunchDaemons/" diff --git a/rlogind.tproj/Makefile.preamble b/rlogind.tproj/Makefile.preamble deleted file mode 100644 index 97bb72e..0000000 --- a/rlogind.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -CLEAN_ALL_SUBPROJECTS = YES -OTHER_OFILES = des_rw.o --include ../Makefile.include diff --git a/rlogind.tproj/PB.project b/rlogind.tproj/PB.project deleted file mode 100644 index 20866a4..0000000 --- a/rlogind.tproj/PB.project +++ /dev/null @@ -1,41 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (pathnames.h); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (rlogind.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, rlogind.8); - PRECOMPILED_HEADERS = (); - PROJECT_HEADERS = (); - PUBLIC_HEADERS = (); - SUBPROJECTS = (); - }; - GENERATEMAIN = YES; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_COMPILEROPTIONS = "-DCRYPT"; - NEXTSTEP_DOCUMENTEXTENSIONS = (); - NEXTSTEP_INSTALLDIR = /usr/libexec; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = "-DCRYPT"; - PDO_UNIX_INSTALLDIR = /usr/libexec; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = rlogind; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = "-DCRYPT"; - WINDOWS_INSTALLDIR = /usr/libexec; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/rlogind.tproj/login.plist b/rlogind.tproj/login.plist deleted file mode 100644 index 0362a21..0000000 --- a/rlogind.tproj/login.plist +++ /dev/null @@ -1,27 +0,0 @@ - - - - - Disabled - - Label - com.apple.rlogind - ProgramArguments - - /usr/libexec/rlogind - - inetdCompatibility - - Wait - - - Sockets - - Listeners - - SockServiceName - login - - - - diff --git a/rlogind.tproj/pathnames.h b/rlogind.tproj/pathnames.h deleted file mode 100644 index b9a57fa..0000000 --- a/rlogind.tproj/pathnames.h +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/4/93 - */ - -#include - -#define _PATH_LOGIN "/usr/bin/login" diff --git a/rlogind.tproj/rlogind.8 b/rlogind.tproj/rlogind.8 deleted file mode 100644 index 9c19933..0000000 --- a/rlogind.tproj/rlogind.8 +++ /dev/null @@ -1,168 +0,0 @@ -.\" Copyright (c) 1983, 1989, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rlogind.8 8.1 (Berkeley) 6/4/93 -.\" -.Dd June 4, 1993 -.Dt RLOGIND 8 -.Os BSD 4.2 -.Sh NAME -.Nm rlogind -.Nd remote login server -.Sh SYNOPSIS -.Nm rlogind -.Op Fl aln -.Sh DESCRIPTION -.Nm Rlogind -is the server for the -.Xr rlogin 1 -program. The server provides a remote login facility -with authentication based on privileged port numbers from trusted hosts. -.Pp -Options supported by -.Nm rlogind : -.Bl -tag -width Ds -.It Fl a -Ask hostname for verification. -.It Fl l -Prevent any authentication based on the user's -.Dq Pa .rhosts -file, unless the user is logging in as the superuser. -.It Fl n -Disable keep-alive messages. -.El -.Pp -.Nm Rlogind -listens for service requests at the port indicated in -the ``login'' service specification; see -.Xr services 5 . -When a service request is received the following protocol -is initiated: -.Bl -enum -.It -The server checks the client's source port. -If the port is not in the range 512-1023, the server -aborts the connection. -.It -The server checks the client's source address -and requests the corresponding host name (see -.Xr gethostbyaddr 3 , -.Xr hosts 5 -and -.Xr named 8 ) . -If the hostname cannot be determined, -the dot-notation representation of the host address is used. -If the hostname is in the same domain as the server (according to -the last two components of the domain name), -or if the -.Fl a -option is given, -the addresses for the hostname are requested, -verifying that the name and address correspond. -Normal authentication is bypassed if the address verification fails. -.El -.Pp -Once the source port and address have been checked, -.Nm rlogind -proceeds with the authentication process described in -.Xr rshd 8 . -It then allocates a pseudo terminal (see -.Xr pty 4 ) , -and manipulates file descriptors so that the slave -half of the pseudo terminal becomes the -.Em stdin , -.Em stdout , -and -.Em stderr -for a login process. -The login process is an instance of the -.Xr login 1 -program, invoked with the -.Fl f -option if authentication has succeeded. -If automatic authentication fails, the user is -prompted to log in as if on a standard terminal line. -.Pp -The parent of the login process manipulates the master side of -the pseudo terminal, operating as an intermediary -between the login process and the client instance of the -.Xr rlogin -program. In normal operation, the packet protocol described -in -.Xr pty 4 -is invoked to provide -.Ql ^S/^Q -type facilities and propagate -interrupt signals to the remote programs. The login process -propagates the client terminal's baud rate and terminal type, -as found in the environment variable, -.Ql Ev TERM ; -see -.Xr environ 7 . -The screen or window size of the terminal is requested from the client, -and window size changes from the client are propagated to the pseudo terminal. -.Pp -Transport-level keepalive messages are enabled unless the -.Fl n -option is present. -The use of keepalive messages allows sessions to be timed out -if the client crashes or becomes unreachable. -.Sh DIAGNOSTICS -All initial diagnostic messages are indicated -by a leading byte with a value of 1, -after which any network connections are closed. -If there are no errors before -.Xr login -is invoked, a null byte is returned as in indication of success. -.Bl -tag -width Ds -.It Sy Try again. -A -.Xr fork -by the server failed. -.El -.Sh SEE ALSO -.Xr login 1 , -.Xr ruserok 3 , -.Xr rshd 8 -.Sh BUGS -The authentication procedure used here assumes the integrity -of each client machine and the connecting medium. This is -insecure, but is useful in an ``open'' environment. -.Pp -A facility to allow all data exchanges to be encrypted should be -present. -.Pp -A more extensible protocol should be used. -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . diff --git a/rlogind.tproj/rlogind.c b/rlogind.tproj/rlogind.c deleted file mode 100644 index 5bd88f8..0000000 --- a/rlogind.tproj/rlogind.c +++ /dev/null @@ -1,791 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1983, 1988, 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1983, 1988, 1989, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -static char sccsid[] = "@(#)rlogind.c 8.2 (Berkeley) 4/28/95"; -#endif /* not lint */ - -/* - * remote login server: - * \0 - * remuser\0 - * locuser\0 - * terminal_type/speed\0 - * data - */ - -#define FD_SETSIZE 16 /* don't need many bits for select */ -#include -#include -#include -#include -#ifdef __APPLE__ -#include -#else -#include -#endif - -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include "pathnames.h" - -#ifndef TIOCPKT_WINDOW -#define TIOCPKT_WINDOW 0x80 -#endif - -#ifdef KERBEROS -#include -#include -#define SECURE_MESSAGE "This rlogin session is using DES encryption for all transmissions.\r\n" - -AUTH_DAT *kdata; -KTEXT ticket; -u_char auth_buf[sizeof(AUTH_DAT)]; -u_char tick_buf[sizeof(KTEXT_ST)]; -Key_schedule schedule; -int doencrypt, retval, use_kerberos, vacuous; - -#define ARGSTR "alnkvx" -#else -#define ARGSTR "aln" -#endif /* KERBEROS */ - -char *env[2]; -#define NMAX 30 -char lusername[NMAX+1], rusername[NMAX+1]; -static char term[64] = "TERM="; -#define ENVSIZE (sizeof("TERM=")-1) /* skip null for concatenation */ -int keepalive = 1; -int check_all = 0; - -struct passwd *pwd; - -void doit __P((int, struct sockaddr_in *)); -int control __P((int, char *, int)); -void protocol __P((int, int)); -void cleanup __P((int)); -void fatal __P((int, char *, int)); -int do_rlogin __P((struct sockaddr_in *)); -void getstr __P((char *, int, char *)); -void setup_term __P((int)); -int do_krb_login __P((struct sockaddr_in *)); -void usage __P((void)); -int local_domain __P((char *)); -char *topdomain __P((char *)); - -int -main(argc, argv) - int argc; - char *argv[]; -{ - extern int __check_rhosts_file; - struct sockaddr_in from; - int ch, fromlen, on; - - openlog("rlogind", LOG_PID | LOG_CONS, LOG_AUTH); - - opterr = 0; - while ((ch = getopt(argc, argv, ARGSTR)) != EOF) - switch (ch) { - case 'a': - check_all = 1; - break; - case 'l': - __check_rhosts_file = 0; - break; - case 'n': - keepalive = 0; - break; -#ifdef KERBEROS - case 'k': - use_kerberos = 1; - break; - case 'v': - vacuous = 1; - break; -#ifdef CRYPT - case 'x': - doencrypt = 1; - break; -#endif -#endif - case '?': - default: - usage(); - break; - } - argc -= optind; - argv += optind; - -#ifdef KERBEROS - if (use_kerberos && vacuous) { - usage(); - fatal(STDERR_FILENO, "only one of -k and -v allowed", 0); - } -#endif - fromlen = sizeof (from); - if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) { - syslog(LOG_ERR,"Can't get peer name of remote host: %m"); - fatal(STDERR_FILENO, "Can't get peer name of remote host", 1); - } - on = 1; - if (keepalive && - setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof (on)) < 0) - syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); - on = IPTOS_LOWDELAY; - if (setsockopt(0, IPPROTO_IP, IP_TOS, (char *)&on, sizeof(int)) < 0) - syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); - doit(0, &from); -} - -int child; -int netf; -char line[MAXPATHLEN]; -int confirmed; - -struct winsize win = { 0, 0, 0, 0 }; - - -void -doit(f, fromp) - int f; - struct sockaddr_in *fromp; -{ - int master, pid, on = 1; - int authenticated = 0; - register struct hostent *hp; - char hostname[2 * MAXHOSTNAMELEN + 1]; - char c; - - alarm(60); - read(f, &c, 1); - - if (c != 0) - exit(1); -#ifdef KERBEROS - if (vacuous) - fatal(f, "Remote host requires Kerberos authentication", 0); -#endif - - alarm(0); - fromp->sin_port = ntohs((u_short)fromp->sin_port); - hp = gethostbyaddr((char *)&fromp->sin_addr, sizeof(struct in_addr), - fromp->sin_family); - if (hp) - (void)strcpy(hostname, hp->h_name); - else - (void)strcpy(hostname, inet_ntoa(fromp->sin_addr)); - -#ifdef KERBEROS - if (use_kerberos) { - retval = do_krb_login(fromp); - if (retval == 0) - authenticated++; - else if (retval > 0) - fatal(f, krb_err_txt[retval], 0); - write(f, &c, 1); - confirmed = 1; /* we sent the null! */ - } else -#endif - { - if (fromp->sin_family != AF_INET || - fromp->sin_port >= IPPORT_RESERVED || - fromp->sin_port < IPPORT_RESERVED/2) { - syslog(LOG_NOTICE, "Connection from %s on illegal port", - inet_ntoa(fromp->sin_addr)); - fatal(f, "Permission denied", 0); - } -#ifdef IP_OPTIONS - { - u_char optbuf[BUFSIZ/3], *cp; - char lbuf[BUFSIZ], *lp; - int optsize = sizeof(optbuf), ipproto; - struct protoent *ip; - - if ((ip = getprotobyname("ip")) != NULL) - ipproto = ip->p_proto; - else - ipproto = IPPROTO_IP; - if (getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, - &optsize) == 0 && optsize != 0) { - lp = lbuf; - for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3) - sprintf(lp, " %2.2x", *cp); - syslog(LOG_NOTICE, - "Connection received using IP options (ignored):%s", - lbuf); - if (setsockopt(0, ipproto, IP_OPTIONS, - (char *)NULL, optsize) != 0) { - syslog(LOG_ERR, - "setsockopt IP_OPTIONS NULL: %m"); - exit(1); - } - } - } -#endif - if (do_rlogin(fromp) == 0) - authenticated++; - } - if (confirmed == 0) { - write(f, "", 1); - confirmed = 1; /* we sent the null! */ - } -#ifdef KERBEROS -#ifdef CRYPT - if (doencrypt) - (void) des_write(f, SECURE_MESSAGE, sizeof(SECURE_MESSAGE) - 1); -#endif -#endif - netf = f; - - pid = forkpty(&master, line, NULL, &win); - if (pid < 0) { - if (errno == ENOENT) - fatal(f, "Out of ptys", 0); - else - fatal(f, "Forkpty", 1); - } - if (pid == 0) { - if (f > 2) /* f should always be 0, but... */ - (void) close(f); - setup_term(0); - if (authenticated) { -#ifdef KERBEROS - if (use_kerberos && (pwd->pw_uid == 0)) - syslog(LOG_INFO|LOG_AUTH, - "ROOT Kerberos login from %s.%s@%s on %s\n", - kdata->pname, kdata->pinst, kdata->prealm, - hostname); -#endif - - execle(_PATH_LOGIN, "login", "-p", - "-h", hostname, "-f", "--", lusername, NULL, env); - } else - execle(_PATH_LOGIN, "login", "-p", - "-h", hostname, "--", lusername, NULL, env); - fatal(STDERR_FILENO, _PATH_LOGIN, 1); - /*NOTREACHED*/ - } -#ifdef CRYPT -#ifdef KERBEROS - /* - * If encrypted, don't turn on NBIO or the des read/write - * routines will croak. - */ - - if (!doencrypt) -#endif -#endif - ioctl(f, FIONBIO, &on); - ioctl(master, FIONBIO, &on); - ioctl(master, TIOCPKT, &on); - signal(SIGCHLD, cleanup); - protocol(f, master); - signal(SIGCHLD, SIG_IGN); - cleanup(0); -} - -char magic[2] = { 0377, 0377 }; -char oobdata[] = {TIOCPKT_WINDOW}; - -/* - * Handle a "control" request (signaled by magic being present) - * in the data stream. For now, we are only willing to handle - * window size changes. - */ -int -control(pty, cp, n) - int pty; - char *cp; - int n; -{ - struct winsize w; - - if (n < 4+sizeof (w) || cp[2] != 's' || cp[3] != 's') - return (0); - oobdata[0] &= ~TIOCPKT_WINDOW; /* we know he heard */ - memmove(&w, cp+4, sizeof(w)); - w.ws_row = ntohs(w.ws_row); - w.ws_col = ntohs(w.ws_col); - w.ws_xpixel = ntohs(w.ws_xpixel); - w.ws_ypixel = ntohs(w.ws_ypixel); - (void)ioctl(pty, TIOCSWINSZ, &w); - return (4+sizeof (w)); -} - -/* - * rlogin "protocol" machine. - */ -void -protocol(f, p) - register int f, p; -{ - char pibuf[1024+1], fibuf[1024], *pbp, *fbp; - register pcc = 0, fcc = 0; - int cc, nfd, n; - char cntl; - - /* - * Must ignore SIGTTOU, otherwise we'll stop - * when we try and set slave pty's window shape - * (our controlling tty is the master pty). - */ - (void) signal(SIGTTOU, SIG_IGN); - send(f, oobdata, 1, MSG_OOB); /* indicate new rlogin */ - if (f > p) - nfd = f + 1; - else - nfd = p + 1; - if (nfd > FD_SETSIZE) { - syslog(LOG_ERR, "select mask too small, increase FD_SETSIZE"); - fatal(f, "internal error (select mask too small)", 0); - } - for (;;) { - fd_set ibits, obits, ebits, *omask; - - FD_ZERO(&ebits); - FD_ZERO(&ibits); - FD_ZERO(&obits); - omask = (fd_set *)NULL; - if (fcc) { - FD_SET(p, &obits); - omask = &obits; - } else - FD_SET(f, &ibits); - if (pcc >= 0) - if (pcc) { - FD_SET(f, &obits); - omask = &obits; - } else - FD_SET(p, &ibits); - FD_SET(p, &ebits); - if ((n = select(nfd, &ibits, omask, &ebits, 0)) < 0) { - if (errno == EINTR) - continue; - fatal(f, "select", 1); - } - if (n == 0) { - /* shouldn't happen... */ - sleep(5); - continue; - } -#define pkcontrol(c) ((c)&(TIOCPKT_FLUSHWRITE|TIOCPKT_NOSTOP|TIOCPKT_DOSTOP)) - if (FD_ISSET(p, &ebits)) { - cc = read(p, &cntl, 1); - if (cc == 1 && pkcontrol(cntl)) { - cntl |= oobdata[0]; - send(f, &cntl, 1, MSG_OOB); - if (cntl & TIOCPKT_FLUSHWRITE) { - pcc = 0; - FD_CLR(p, &ibits); - } - } - } - if (FD_ISSET(f, &ibits)) { -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) - fcc = des_read(f, fibuf, sizeof(fibuf)); - else -#endif -#endif - fcc = read(f, fibuf, sizeof(fibuf)); - if (fcc < 0 && errno == EWOULDBLOCK) - fcc = 0; - else { - register char *cp; - int left, n; - - if (fcc <= 0) - break; - fbp = fibuf; - - top: - for (cp = fibuf; cp < fibuf+fcc-1; cp++) - if (cp[0] == magic[0] && - cp[1] == magic[1]) { - left = fcc - (cp-fibuf); - n = control(p, cp, left); - if (n) { - left -= n; - if (left > 0) - bcopy(cp+n, cp, left); - fcc -= n; - goto top; /* n^2 */ - } - } - FD_SET(p, &obits); /* try write */ - } - } - - if (FD_ISSET(p, &obits) && fcc > 0) { - cc = write(p, fbp, fcc); - if (cc > 0) { - fcc -= cc; - fbp += cc; - } - } - - if (FD_ISSET(p, &ibits)) { - pcc = read(p, pibuf, sizeof (pibuf)); - pbp = pibuf; - if (pcc < 0 && errno == EWOULDBLOCK) - pcc = 0; - else if (pcc <= 0) - break; - else if (pibuf[0] == 0) { - pbp++, pcc--; -#ifdef CRYPT -#ifdef KERBEROS - if (!doencrypt) -#endif -#endif - FD_SET(f, &obits); /* try write */ - } else { - if (pkcontrol(pibuf[0])) { - pibuf[0] |= oobdata[0]; - send(f, &pibuf[0], 1, MSG_OOB); - } - pcc = 0; - } - } - if ((FD_ISSET(f, &obits)) && pcc > 0) { -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) - cc = des_write(f, pbp, pcc); - else -#endif -#endif - cc = write(f, pbp, pcc); - if (cc < 0 && errno == EWOULDBLOCK) { - /* - * This happens when we try write after read - * from p, but some old kernels balk at large - * writes even when select returns true. - */ - if (!FD_ISSET(p, &ibits)) - sleep(5); - continue; - } - if (cc > 0) { - pcc -= cc; - pbp += cc; - } - } - } -} - -void -cleanup(signo) - int signo; -{ - char *p; - - p = line + sizeof(_PATH_DEV) - 1; - if (logout(p)) - logwtmp(p, "", ""); - (void)chmod(line, 0666); - (void)chown(line, 0, 0); - *p = 'p'; - (void)chmod(line, 0666); - (void)chown(line, 0, 0); - shutdown(netf, 2); - exit(1); -} - -void -fatal(f, msg, syserr) - int f; - char *msg; - int syserr; -{ - int len; - char buf[BUFSIZ], *bp = buf; - - /* - * Prepend binary one to message if we haven't sent - * the magic null as confirmation. - */ - if (!confirmed) - *bp++ = '\01'; /* error indicator */ - if (syserr) - len = sprintf(bp, "rlogind: %s: %s.\r\n", - msg, strerror(errno)); - else - len = sprintf(bp, "rlogind: %s.\r\n", msg); - (void) write(f, buf, bp + len - buf); - exit(1); -} - -int -do_rlogin(dest) - struct sockaddr_in *dest; -{ - getstr(rusername, sizeof(rusername), "remuser too long"); - getstr(lusername, sizeof(lusername), "locuser too long"); - getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type too long"); - - pwd = getpwnam(lusername); - if (pwd == NULL) { - syslog(LOG_ERR, - "rlogin denied for user %s: getpwnam() failed\n", - lusername); - return (-1); - } - if (pwd->pw_uid == 0 && strcmp("root", lusername)) - { - syslog(LOG_ALERT, - "rlogin denied for non-root user %s with uid 0\n", - lusername); - return (-1); - } - return (iruserok(dest->sin_addr.s_addr, 0, rusername, lusername)); -} - -void -getstr(buf, cnt, errmsg) - char *buf; - int cnt; - char *errmsg; -{ - char c; - - do { - if (read(0, &c, 1) != 1) - exit(1); - if (--cnt < 0) - fatal(STDOUT_FILENO, errmsg, 0); - *buf++ = c; - } while (c != 0); -} - -void -setup_term(fd) - int fd; -{ - register char *cp = index(term+ENVSIZE, '/'); - char *speed; - struct termios tt; - -#ifndef notyet - tcgetattr(fd, &tt); - if (cp) { - *cp++ = '\0'; - speed = cp; - cp = index(speed, '/'); - if (cp) - *cp++ = '\0'; - cfsetspeed(&tt, atoi(speed)); - } - - tt.c_iflag = TTYDEF_IFLAG; - tt.c_oflag = TTYDEF_OFLAG; - tt.c_lflag = TTYDEF_LFLAG; - tcsetattr(fd, TCSAFLUSH, &tt); -#else - if (cp) { - *cp++ = '\0'; - speed = cp; - cp = index(speed, '/'); - if (cp) - *cp++ = '\0'; - tcgetattr(fd, &tt); - cfsetspeed(&tt, atoi(speed)); - tcsetattr(fd, TCSAFLUSH, &tt); - } -#endif - - env[0] = term; - env[1] = 0; -} - -#ifdef KERBEROS -#define VERSION_SIZE 9 - -/* - * Do the remote kerberos login to the named host with the - * given inet address - * - * Return 0 on valid authorization - * Return -1 on valid authentication, no authorization - * Return >0 for error conditions - */ -int -do_krb_login(dest) - struct sockaddr_in *dest; -{ - int rc; - char instance[INST_SZ], version[VERSION_SIZE]; - long authopts = 0L; /* !mutual */ - struct sockaddr_in faddr; - - kdata = (AUTH_DAT *) auth_buf; - ticket = (KTEXT) tick_buf; - - instance[0] = '*'; - instance[1] = '\0'; - -#ifdef CRYPT - if (doencrypt) { - rc = sizeof(faddr); - if (getsockname(0, (struct sockaddr *)&faddr, &rc)) - return (-1); - authopts = KOPT_DO_MUTUAL; - rc = krb_recvauth( - authopts, 0, - ticket, "rcmd", - instance, dest, &faddr, - kdata, "", schedule, version); - des_set_key(kdata->session, schedule); - - } else -#endif - rc = krb_recvauth( - authopts, 0, - ticket, "rcmd", - instance, dest, (struct sockaddr_in *) 0, - kdata, "", (bit_64 *) 0, version); - - if (rc != KSUCCESS) - return (rc); - - getstr(lusername, sizeof(lusername), "locuser"); - /* get the "cmd" in the rcmd protocol */ - getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type"); - - pwd = getpwnam(lusername); - if (pwd == NULL) - return (-1); - - /* returns nonzero for no access */ - if (kuserok(kdata, lusername) != 0) - return (-1); - - return (0); - -} -#endif /* KERBEROS */ - -void -usage() -{ -#ifdef KERBEROS - syslog(LOG_ERR, "usage: rlogind [-aln] [-k | -v]"); -#else - syslog(LOG_ERR, "usage: rlogind [-aln]"); -#endif -} - -/* - * Check whether host h is in our local domain, - * defined as sharing the last two components of the domain part, - * or the entire domain part if the local domain has only one component. - * If either name is unqualified (contains no '.'), - * assume that the host is local, as it will be - * interpreted as such. - */ -int -local_domain(h) - char *h; -{ - char localhost[MAXHOSTNAMELEN]; - char *p1, *p2; - - localhost[0] = 0; - (void) gethostname(localhost, sizeof(localhost)); - p1 = topdomain(localhost); - p2 = topdomain(h); - if (p1 == NULL || p2 == NULL || !strcasecmp(p1, p2)) - return (1); - return (0); -} - -char * -topdomain(h) - char *h; -{ - register char *p; - char *maybe = NULL; - int dots = 0; - - for (p = h + strlen(h); p >= h; p--) { - if (*p == '.') { - if (++dots == 2) - return (p); - maybe = p; - } - } - return (maybe); -} diff --git a/route.tproj/Makefile.preamble b/route.tproj/Makefile.preamble index 7d9931c..fc4726f 100644 --- a/route.tproj/Makefile.preamble +++ b/route.tproj/Makefile.preamble @@ -1,4 +1,4 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include -OTHER_CFLAGS += -DINET6 -DIPSEC +OTHER_CFLAGS += -DINET6 -DIPSEC -mdynamic-no-pic AFTER_INSTALL += install-man-page diff --git a/route.tproj/route.c b/route.tproj/route.c index 42d4c45..d218266 100644 --- a/route.tproj/route.c +++ b/route.tproj/route.c @@ -54,8 +54,9 @@ * SUCH DAMAGE. */ +#include #ifndef lint -static const char copyright[] = +__unused static const char copyright[] = "@(#) Copyright (c) 1983, 1989, 1991, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ @@ -64,8 +65,8 @@ static const char copyright[] = #if 0 static char sccsid[] = "@(#)route.c 8.3 (Berkeley) 3/19/94"; #endif -static const char rcsid[] = - "$Id: route.c,v 1.3 2003/01/07 21:03:05 bbraun Exp $"; +__unused static const char rcsid[] = + "$Id: route.c,v 1.4 2006/02/07 06:22:29 lindak Exp $"; #endif /* not lint */ #include @@ -143,7 +144,7 @@ int getaddr(), rtmsg(), x25_makemask(); int prefixlen(); extern char *iso_ntoa(); -void usage __P((const char *)); +void usage __P((const char *)) __dead2; void usage(cp) @@ -592,10 +593,10 @@ set_metric(value, key) int key; { int flag = 0; - u_long noval, *valp = &noval; + u_int noval, *valp = &noval; switch (key) { -#define caseof(x, y, z) case x: valp = &rt_metrics.z; flag = y; break +#define caseof(x, y, z) case x: valp = (u_int *)&rt_metrics.z; flag = y; break caseof(K_MTU, RTV_MTU, rmx_mtu); caseof(K_HOPCOUNT, RTV_HOPCOUNT, rmx_hopcount); caseof(K_EXPIRE, RTV_EXPIRE, rmx_expire); @@ -899,7 +900,7 @@ getaddr(which, s, hpp) char *s; struct hostent **hpp; { - register sup su; + register sup su = NULL; struct hostent *hp; struct netent *np; u_long val; @@ -1507,16 +1508,16 @@ print_getmsg(rtm, msglen) (void) printf("\n%s\n", "\ recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu expire"); - printf("%8ld%c ", rtm->rtm_rmx.rmx_recvpipe, lock(RPIPE)); - printf("%8ld%c ", rtm->rtm_rmx.rmx_sendpipe, lock(SPIPE)); - printf("%8ld%c ", rtm->rtm_rmx.rmx_ssthresh, lock(SSTHRESH)); - printf("%8ld%c ", msec(rtm->rtm_rmx.rmx_rtt), lock(RTT)); - printf("%8ld%c ", msec(rtm->rtm_rmx.rmx_rttvar), lock(RTTVAR)); - printf("%8ld%c ", rtm->rtm_rmx.rmx_hopcount, lock(HOPCOUNT)); - printf("%8ld%c ", rtm->rtm_rmx.rmx_mtu, lock(MTU)); + printf("%8u%c ", rtm->rtm_rmx.rmx_recvpipe, lock(RPIPE)); + printf("%8u%c ", rtm->rtm_rmx.rmx_sendpipe, lock(SPIPE)); + printf("%8u%c ", rtm->rtm_rmx.rmx_ssthresh, lock(SSTHRESH)); + printf("%8u%c ", msec(rtm->rtm_rmx.rmx_rtt), lock(RTT)); + printf("%8u%c ", msec(rtm->rtm_rmx.rmx_rttvar), lock(RTTVAR)); + printf("%8u%c ", rtm->rtm_rmx.rmx_hopcount, lock(HOPCOUNT)); + printf("%8u%c ", rtm->rtm_rmx.rmx_mtu, lock(MTU)); if (rtm->rtm_rmx.rmx_expire) rtm->rtm_rmx.rmx_expire -= time(0); - printf("%8ld%c\n", rtm->rtm_rmx.rmx_expire, lock(EXPIRE)); + printf("%8d%c\n", rtm->rtm_rmx.rmx_expire, lock(EXPIRE)); #undef lock #undef msec #define RTA_IGN (RTA_DST|RTA_GATEWAY|RTA_NETMASK|RTA_IFP|RTA_IFA|RTA_BRD) diff --git a/routed.tproj/Makefile.preamble b/routed.tproj/Makefile.preamble index eede713..8d7afd3 100644 --- a/routed.tproj/Makefile.preamble +++ b/routed.tproj/Makefile.preamble @@ -1,3 +1,4 @@ +OTHER_CFLAGS += -mdynamic-no-pic OTHER_GENERATED_OFILES = $(VERS_OFILE) AFTER_INSTALL += install-man-page -include ../Makefile.include diff --git a/routed.tproj/af.c b/routed.tproj/af.c index a879b6c..0168f2f 100644 --- a/routed.tproj/af.c +++ b/routed.tproj/af.c @@ -89,6 +89,7 @@ struct sockaddr_in inet_default = { #endif AF_INET, INADDR_ANY }; +int inet_hash(sin, hp) register struct sockaddr_in *sin; struct afhash *hp; @@ -102,8 +103,10 @@ inet_hash(sin, hp) hp->afh_nethash = n; hp->afh_hosthash = ntohl(sin->sin_addr.s_addr); hp->afh_hosthash &= 0x7fffffff; + return 0; } +int inet_netmatch(sin1, sin2) struct sockaddr_in *sin1, *sin2; { @@ -114,6 +117,7 @@ inet_netmatch(sin1, sin2) /* * Verify the message is from the right port. */ +int inet_portmatch(sin) register struct sockaddr_in *sin; { @@ -124,6 +128,7 @@ inet_portmatch(sin) /* * Verify the message is from a "trusted" port. */ +int inet_portcheck(sin) struct sockaddr_in *sin; { @@ -134,6 +139,7 @@ inet_portcheck(sin) /* * Internet output routine. */ +int inet_output(s, flags, sin, size) int s, flags; struct sockaddr_in *sin; @@ -150,12 +156,14 @@ inet_output(s, flags, sin, size) if (sendto(s, packet, size, flags, (struct sockaddr *)sin, sizeof (*sin)) < 0) perror("sendto"); + return 0; } /* * Return 1 if the address is believed * for an Internet host -- THIS IS A KLUDGE. */ +int inet_checkhost(sin) struct sockaddr_in *sin; { @@ -175,12 +183,14 @@ inet_checkhost(sin) return (1); } +int inet_canon(sin) struct sockaddr_in *sin; { sin->sin_port = 0; sin->sin_len = sizeof(*sin); + return 0; } char * diff --git a/routed.tproj/defs.h b/routed.tproj/defs.h index fad0ae1..d4338f9 100644 --- a/routed.tproj/defs.h +++ b/routed.tproj/defs.h @@ -63,14 +63,19 @@ * general addressing scheme. */ #include +#include #include #include +struct mbuf; /* forward reference */ #include #include #include #include +#include +#include +#include #include /* NeXT */ @@ -118,14 +123,40 @@ extern struct rip *msg; EXTERN char **argv0; EXTERN struct servent *sp; -EXTERN struct in_addr inet_makeaddr(); -EXTERN int inet_addr(); -EXTERN int inet_maskof(); -EXTERN int sndmsg(); -EXTERN int supply(); -EXTERN int cleanup(); - -EXTERN int rtioctl(); #define ADD 1 #define DELETE 2 #define CHANGE 3 + +/* arpa/inet.h */ +in_addr_t inet_addr(const char *); +in_addr_t inet_network(const char *); +char *inet_ntoa(struct in_addr); + +/* inet.c */ +struct in_addr inet_makeaddr(u_long, u_long); +int inet_netof(struct in_addr); +int inet_lnaof(struct in_addr); +int inet_maskof(u_long); +int inet_rtflags(struct sockaddr_in *); +int inet_sendroute(struct rt_entry *, struct sockaddr_in *); + +/* input.c */ +void rip_input(struct sockaddr *, struct rip *, int); + +/* main.c */ +void timevaladd(struct timeval *, struct timeval *); + +/* startup.c */ +void quit(char *); +void rt_xaddrs(caddr_t, caddr_t, struct rt_addrinfo *); +void ifinit(void); +void addrouteforif(struct interface *); +void add_ptopt_localrt(struct interface *); +void gwkludge(void); +int getnetorhostname(char *, char *, struct sockaddr_in *); +int gethostnameornumber(char *, struct sockaddr_in *); + +/* output.c */ +void toall(int (*)(), int, struct interface *); +void sndmsg(struct sockaddr *, int, struct interface *, int); +void supply(struct sockaddr *, int, struct interface *, int); diff --git a/routed.tproj/inet.c b/routed.tproj/inet.c index ef194a8..6b031aa 100644 --- a/routed.tproj/inet.c +++ b/routed.tproj/inet.c @@ -96,7 +96,7 @@ inet_makeaddr(net, host) /* * Return the network number from an internet address. */ -__private_extern__ +__private_extern__ int inet_netof(in) struct in_addr in; { @@ -124,6 +124,7 @@ inet_netof(in) /* * Return the host portion of an internet address. */ +int inet_lnaof(in) struct in_addr in; { @@ -149,12 +150,13 @@ inet_lnaof(in) for (ifp = ifnet; ifp; ifp = ifp->int_next) if ((ifp->int_netmask & net) == ifp->int_net) return (host &~ ifp->int_subnetmask); - return (host); + return ((int)host); } /* * Return the netmask pertaining to an internet address. */ +int inet_maskof(inaddr) u_long inaddr; { @@ -178,7 +180,7 @@ inet_maskof(inaddr) for (ifp = ifnet; ifp; ifp = ifp->int_next) if ((ifp->int_netmask & i) == ifp->int_net) mask = ifp->int_subnetmask; - return (htonl(mask)); + return ((int)htonl(mask)); } /* @@ -186,6 +188,7 @@ inet_maskof(inaddr) * for an Internet host, RTF_SUBNET for a subnet, * 0 for a network. */ +int inet_rtflags(sin) struct sockaddr_in *sin; { @@ -228,6 +231,7 @@ inet_rtflags(sin) * Send it only if dst is on the same logical network if not "internal", * otherwise only if the route is the "internal" route for the logical net. */ +int inet_sendroute(rt, dst) struct rt_entry *rt; struct sockaddr_in *dst; diff --git a/routed.tproj/input.c b/routed.tproj/input.c index d39615f..e6d2626 100644 --- a/routed.tproj/input.c +++ b/routed.tproj/input.c @@ -66,6 +66,7 @@ /* * Process a newly received packet. */ +void rip_input(from, rip, size) struct sockaddr *from; register struct rip *rip; @@ -105,16 +106,6 @@ rip_input(from, rip, size) if (count < sizeof (struct netinfo)) break; count -= sizeof (struct netinfo); - -#if BSD < 198810 - if (sizeof(n->rip_dst.sa_family) > 1) /* XXX */ - n->rip_dst.sa_family = ntohs(n->rip_dst.sa_family); -#else -#define osa(x) ((struct osockaddr *)(&(x))) - n->rip_dst.sa_family = - ntohs(osa(n->rip_dst)->sa_family); - n->rip_dst.sa_len = sizeof(n->rip_dst); -#endif n->rip_metric = ntohl(n->rip_metric); /* * A single entry with sa_family == AF_UNSPEC and @@ -137,13 +128,6 @@ rip_input(from, rip, size) #define min(a, b) (a < b ? a : b) n->rip_metric = rt == 0 ? HOPCNT_INFINITY : min(rt->rt_metric + 1, HOPCNT_INFINITY); -#if BSD < 198810 - if (sizeof(n->rip_dst.sa_family) > 1) /* XXX */ - n->rip_dst.sa_family = htons(n->rip_dst.sa_family); -#else - osa(n->rip_dst)->sa_family = - htons(n->rip_dst.sa_family); -#endif n->rip_metric = htonl(n->rip_metric); } rip->rip_cmd = RIPCMD_RESPONSE; @@ -225,15 +209,6 @@ rip_input(from, rip, size) for (; size > 0; size -= sizeof (struct netinfo), n++) { if (size < sizeof (struct netinfo)) break; -#if BSD < 198810 - if (sizeof(n->rip_dst.sa_family) > 1) /* XXX */ - n->rip_dst.sa_family = - ntohs(n->rip_dst.sa_family); -#else - n->rip_dst.sa_family = - ntohs(osa(n->rip_dst)->sa_family); - n->rip_dst.sa_len = sizeof(n->rip_dst); -#endif n->rip_metric = ntohl(n->rip_metric); if (n->rip_dst.sa_family >= af_max || (afp = &afswitch[n->rip_dst.sa_family])->af_hash == @@ -346,7 +321,7 @@ rip_input(from, rip, size) timercmp(&nextbcast, &now, <)) { if (traceactions) fprintf(ftrace, "send dynamic update\n"); - toall(supply, RTS_CHANGED, ifp); + toall((int (*)())supply, RTS_CHANGED, ifp); lastbcast = now; needupdate = 0; nextbcast.tv_sec = 0; @@ -362,7 +337,7 @@ rip_input(from, rip, size) delay = RANDOMDELAY(); if (traceactions) fprintf(ftrace, - "inhibit dynamic update for %d usec\n", + "inhibit dynamic update for %lu usec\n", delay); nextbcast.tv_sec = delay / 1000000; nextbcast.tv_usec = delay % 1000000; diff --git a/routed.tproj/main.c b/routed.tproj/main.c index 43597a5..599a54f 100644 --- a/routed.tproj/main.c +++ b/routed.tproj/main.c @@ -63,6 +63,7 @@ #include "defs.h" #include #include +#include #include @@ -79,17 +80,20 @@ int bufspace = 127*1024; /* max. input buffer size to request */ struct rip *msg = (struct rip *)packet; void hup(), rtdeleteall(), sigtrace(), timer(); +int getsocket(int, int, struct sockaddr_in *); +void process(int); +void timevalsub( struct timeval *, struct timeval *); + +int main(argc, argv) int argc; char *argv[]; { - int n, cc, nfd, omask, tflags = 0; - struct sockaddr from; + int n, nfd, omask, tflags = 0; struct timeval *tvp, waittime; struct itimerval itval; register struct rip *query = msg; fd_set ibits; - u_char retry; argv0 = argv; #if BSD >= 43 @@ -180,12 +184,10 @@ main(argc, argv) supplier = 0; query->rip_cmd = RIPCMD_REQUEST; query->rip_vers = RIPVERSION; - if (sizeof(query->rip_nets[0].rip_dst.sa_family) > 1) /* XXX */ - query->rip_nets[0].rip_dst.sa_family = htons((u_short)AF_UNSPEC); - else - query->rip_nets[0].rip_dst.sa_family = AF_UNSPEC; + query->rip_nets[0].rip_dst.sa_family = AF_UNSPEC; + query->rip_nets[0].rip_dst.sa_len = sizeof (query->rip_nets[0].rip_dst); query->rip_nets[0].rip_metric = htonl((u_long)HOPCNT_INFINITY); - toall(sndmsg); + toall((int (*)())sndmsg, 0, NULL); signal(SIGALRM, timer); signal(SIGHUP, hup); signal(SIGTERM, hup); @@ -221,7 +223,7 @@ main(argc, argv) } if (traceactions) fprintf(ftrace, - "select until dynamic update %d/%d sec/usec\n", + "select until dynamic update %ld/%d sec/usec\n", waittime.tv_sec, waittime.tv_usec); tvp = &waittime; } else @@ -245,7 +247,7 @@ main(argc, argv) "send delayed dynamic update\n"); (void) gettimeofday(&now, (struct timezone *)NULL); - toall(supply, RTS_CHANGED, + toall((int (*)())supply, RTS_CHANGED, (struct interface *)NULL); lastbcast = now; needupdate = 0; @@ -276,8 +278,11 @@ printf("s %d, ibits %x index %d, mod %d, sh %x, or %x &ibits %x\n", /* handle ICMP redirects */ sigsetmask(omask); } + /* NOTREACHED */ + return 0; } +void timevaladd(t1, t2) struct timeval *t1, *t2; { @@ -289,6 +294,7 @@ timevaladd(t1, t2) } } +void timevalsub(t1, t2) struct timeval *t1, *t2; { @@ -300,11 +306,13 @@ timevalsub(t1, t2) } } +void process(fd) int fd; { struct sockaddr from; - int fromlen, cc; + socklen_t fromlen; + int cc; union { char buf[MAXPACKETSIZE+1]; struct rip rip; @@ -324,6 +332,7 @@ process(fd) } } +int getsocket(domain, type, sin) int domain, type; struct sockaddr_in *sin; diff --git a/routed.tproj/output.c b/routed.tproj/output.c index 168c320..de7691a 100644 --- a/routed.tproj/output.c +++ b/routed.tproj/output.c @@ -68,6 +68,7 @@ * use of broadcasting use it, otherwise address * the output to the known router. */ +void toall(f, rtstate, skipif) int (*f)(); int rtstate; @@ -93,6 +94,7 @@ toall(f, rtstate, skipif) * Output a preformed packet. */ /*ARGSUSED*/ +void sndmsg(dst, flags, ifp, rtstate) struct sockaddr *dst; int flags; @@ -109,6 +111,7 @@ sndmsg(dst, flags, ifp, rtstate) * Supply dst with the contents of the routing tables. * If this won't fit in one packet, chop it up into several. */ +void supply(dst, flags, ifp, rtstate) struct sockaddr *dst; int flags; @@ -171,13 +174,6 @@ again: npackets++; } n->rip_dst = rt->rt_dst; -#if BSD < 198810 - if (sizeof(n->rip_dst.sa_family) > 1) /* XXX */ - n->rip_dst.sa_family = htons(n->rip_dst.sa_family); -#else -#define osa(x) ((struct osockaddr *)(&(x))) - osa(n->rip_dst)->sa_family = htons(n->rip_dst.sa_family); -#endif n->rip_metric = htonl(rt->rt_metric); n++; } diff --git a/routed.tproj/routed.8 b/routed.tproj/routed.8 index 7102342..bf439a9 100644 --- a/routed.tproj/routed.8 +++ b/routed.tproj/routed.8 @@ -220,7 +220,6 @@ that can handle neither RIPv2 nor Router Discovery. .Pp By default, neither Router Discovery advertisements nor solicitations are sent over point to point links (e.g. PPP). - .Pp Options supported by .Nm routed : @@ -317,7 +316,6 @@ If .Em metric is absent, a value of 14 is assumed to limit the spread of the "fake" default route. - This is a dangerous feature that when used carelessly can cause routing loops. Notice also that more than one interface can match the specified network diff --git a/routed.tproj/startup.c b/routed.tproj/startup.c index c183ac6..5dc8445 100644 --- a/routed.tproj/startup.c +++ b/routed.tproj/startup.c @@ -125,6 +125,7 @@ rt_xaddrs(cp, cplim, rtinfo) * ARPANET IMP), set the lookforinterfaces flag so we'll * come back later and look again. */ +void ifinit() { struct interface ifs, *ifp; @@ -133,7 +134,7 @@ ifinit() char *buf, *cplim, *cp; register struct if_msghdr *ifm; register struct ifa_msghdr *ifam; - struct sockaddr_dl *sdl; + struct sockaddr_dl *sdl = NULL; struct sockaddr_in *sin; u_long i; @@ -287,6 +288,7 @@ ifinit() * otherwise a route to this (sub)network. * INTERNET SPECIFIC. */ +void addrouteforif(ifp) register struct interface *ifp; { @@ -350,6 +352,7 @@ addrouteforif(ifp) * If a route to this network is being sent to neighbors on other nets, * mark this route as subnet so we don't have to propagate it too. */ +void add_ptopt_localrt(ifp) register struct interface *ifp; { @@ -393,6 +396,7 @@ add_ptopt_localrt(ifp) * * PASSIVE ENTRIES AREN'T NEEDED OR USED ON GATEWAYS RUNNING EGP. */ +void gwkludge() { struct sockaddr_in dst, gate; @@ -451,7 +455,7 @@ gwkludge() * to prevent overriding them * with something else. */ - rtadd(&dst, &gate, metric, RTS_EXTERNAL|RTS_PASSIVE); + rtadd((struct sockaddr *)&dst, (struct sockaddr *)&gate, metric, RTS_EXTERNAL|RTS_PASSIVE); continue; } /* assume no duplicate entries */ @@ -474,6 +478,7 @@ gwkludge() fclose(fp); } +int getnetorhostname(type, name, sin) char *type, *name; struct sockaddr_in *sin; @@ -519,6 +524,7 @@ getnetorhostname(type, name, sin) return (0); } +int gethostnameornumber(name, sin) char *name; struct sockaddr_in *sin; diff --git a/routed.tproj/table.h b/routed.tproj/table.h index 3e0246d..bcc581b 100644 --- a/routed.tproj/table.h +++ b/routed.tproj/table.h @@ -127,5 +127,13 @@ struct rt_entry { EXTERN struct rthash nethash[ROUTEHASHSIZ]; EXTERN struct rthash hosthash[ROUTEHASHSIZ]; -struct rt_entry *rtlookup(); -struct rt_entry *rtfind(); + +struct rt_entry *rtlookup(struct sockaddr *); +struct rt_entry *rtfind(struct sockaddr *); +void rtadd(struct sockaddr *, struct sockaddr *, int, int); +void rtchange(struct rt_entry *, struct sockaddr *, short); +void rtdelete(struct rt_entry *); +void rtdeleteall(int); +void rtdefault(void); +void rtinit(void); +int rtioctl(int, struct rtuentry *); diff --git a/routed.tproj/tables.c b/routed.tproj/tables.c index f9ade65..623d6eb 100644 --- a/routed.tproj/tables.c +++ b/routed.tproj/tables.c @@ -63,6 +63,7 @@ #include "defs.h" #include #include +#include #include #ifndef DEBUG @@ -125,7 +126,7 @@ rtfind(dst) register u_int hash; struct afhash h; int af = dst->sa_family; - int doinghost = 1, (*match)(); + int doinghost = 1, (*match)() = NULL; if (af >= af_max) return (0); @@ -165,6 +166,7 @@ again: return (0); } +void rtadd(dst, gate, metric, state) struct sockaddr *dst, *gate; int metric, state; @@ -233,6 +235,7 @@ rtadd(dst, gate, metric, state) } } +void rtchange(rt, gate, metric) struct rt_entry *rt; struct sockaddr *gate; @@ -305,6 +308,7 @@ rtchange(rt, gate, metric) #endif } +void rtdelete(rt) struct rt_entry *rt; { @@ -325,6 +329,7 @@ rtdelete(rt) free((char *)rt); } +void rtdeleteall(sig) int sig; { @@ -361,6 +366,7 @@ again: * but this entry prevents us from listening to other people's defaults * and installing them in the kernel here. */ +void rtdefault() { extern struct sockaddr inet_default; @@ -369,6 +375,7 @@ rtdefault() RTS_CHANGED | RTS_PASSIVE | RTS_INTERNAL); } +void rtinit() { register struct rthash *rh; @@ -379,6 +386,7 @@ rtinit() rh->rt_forw = rh->rt_back = (struct rt_entry *)rh; } +int rtioctl(action, ort) int action; struct rtuentry *ort; diff --git a/routed.tproj/timer.c b/routed.tproj/timer.c index cf8e3ba..90217a0 100644 --- a/routed.tproj/timer.c +++ b/routed.tproj/timer.c @@ -77,7 +77,6 @@ timer() register struct rt_entry *rt; struct rthash *base = hosthash; int doinghost = 1, timetobroadcast; - extern int externalinterfaces; (void) gettimeofday(&now, (struct timezone *)NULL); faketime += TIMER_RATE; @@ -113,7 +112,7 @@ again: goto again; } if (timetobroadcast) { - toall(supply, 0, (struct interface *)NULL); + toall((int (*)())supply, 0, (struct interface *)NULL); lastbcast = now; lastfullupdate = now; needupdate = 0; /* cancel any pending dynamic update */ @@ -124,6 +123,7 @@ again: /* * On hangup, let everyone know we're going away. */ +void hup() { register struct rthash *rh; @@ -143,7 +143,7 @@ again: base = nethash; goto again; } - toall(supply, 0, (struct interface *)NULL); + toall((int (*)())supply, 0, (struct interface *)NULL); } exit(1); } diff --git a/routed.tproj/trace.c b/routed.tproj/trace.c index ade2817..2d00443 100644 --- a/routed.tproj/trace.c +++ b/routed.tproj/trace.c @@ -78,6 +78,7 @@ static char *savetracename; static int iftraceinit(); +void traceinit(ifp) register struct interface *ifp; { @@ -90,6 +91,7 @@ traceinit(ifp) } +static int iftraceinit(ifp, ifd) struct interface *ifp; register struct ifdebug *ifd; @@ -110,6 +112,7 @@ iftraceinit(ifp, ifd) return (1); } +void traceon(file) char *file; { @@ -130,6 +133,7 @@ traceon(file) fprintf(ftrace, "Tracing enabled %s\n", ctime((time_t *)&now.tv_sec)); } +void traceoff() { if (!traceactions) @@ -173,6 +177,7 @@ sigtrace(s) * traceactions + tracehistory (packets and contents after change) * traceactions + tracepackets + tracecontents */ +void bumploglevel() { @@ -206,6 +211,7 @@ bumploglevel() fflush(ftrace); } +void trace(ifd, who, p, len, m) register struct ifdebug *ifd; struct sockaddr *who; @@ -238,6 +244,7 @@ trace(ifd, who, p, len, m) t->ift_metric = m; } +void traceaction(fd, action, rt) FILE *fd; char *action; @@ -265,7 +272,6 @@ traceaction(fd, action, rt) register struct bits *p; register int first; char *cp; - struct interface *ifp; if (fd == NULL) return; @@ -309,6 +315,7 @@ traceaction(fd, action, rt) traceoff(); } +void tracenewmetric(fd, rt, newmetric) FILE *fd; struct rt_entry *rt; @@ -332,6 +339,7 @@ tracenewmetric(fd, rt, newmetric) traceoff(); } +void dumpif(fd, ifp) FILE *fd; register struct interface *ifp; @@ -347,6 +355,7 @@ dumpif(fd, ifp) } } +void dumptrace(fd, dir, ifd) FILE *fd; char *dir; @@ -370,11 +379,12 @@ dumptrace(fd, dir, ifd) t = ifd->ifd_records; if (t->ift_size == 0) continue; - dumppacket(fd, dir, &t->ift_who, t->ift_packet, t->ift_size, + dumppacket(fd, dir, (struct sockaddr_in *)&t->ift_who, t->ift_packet, t->ift_size, &t->ift_stamp); } } +void dumppacket(fd, dir, who, cp, size, stamp) FILE *fd; struct sockaddr_in *who; /* should be sockaddr */ @@ -392,9 +402,9 @@ dumppacket(fd, dir, who, cp, size, stamp) dir, inet_ntoa(who->sin_addr), ntohs(who->sin_port), ctime((time_t *)&stamp->tv_sec)); else { - fprintf(fd, "Bad cmd 0x%x %s %x.%d %.19s\n", msg->rip_cmd, + fprintf(fd, "Bad cmd 0x%x %s %s.%d\n", msg->rip_cmd, dir, inet_ntoa(who->sin_addr), ntohs(who->sin_port)); - fprintf(fd, "size=%d cp=%x packet=%x\n", size, cp, packet, + fprintf(fd, "size=%d cp=%s packet=%s %.19s\n", size, cp, packet, ctime((time_t *)&stamp->tv_sec)); fflush(fd); return; diff --git a/routed.tproj/trace.h b/routed.tproj/trace.h index aa7f753..49519d5 100644 --- a/routed.tproj/trace.h +++ b/routed.tproj/trace.h @@ -93,6 +93,19 @@ EXTERN int traceactions; /* on/off */ EXTERN int tracehistory; /* on/off */ EXTERN FILE *ftrace; /* output trace file */ +void traceinit(struct interface *); +void traceon(char *); +void traceoff(void); +void sigtrace(int); +void bumploglevel(void); +void trace(struct ifdebug *, struct sockaddr *, char *, int, int); +struct rt_entry; /* forward reference */ +void traceaction(FILE *, char *, struct rt_entry *); +void tracenewmetric(FILE *, struct rt_entry *, int); +void dumpif(FILE *, struct interface *); +void dumptrace(FILE *, char *, struct ifdebug *); +void dumppacket(FILE *, char *, struct sockaddr_in *, char *, int, struct timeval *); + #define TRACE_ACTION(action, route) { \ if (traceactions) \ traceaction(ftrace, action, route); \ @@ -109,11 +122,11 @@ EXTERN FILE *ftrace; /* output trace file */ ntohl(ifp->int_metric)); \ } \ if (tracepackets) \ - dumppacket(ftrace, "from", src, pack, size, &now); \ + dumppacket(ftrace, "from", (struct sockaddr_in *)src, pack, size, &now); \ } #define TRACE_OUTPUT(ifp, dst, size) { \ if (tracehistory && ifp) \ trace(&ifp->int_output, dst, packet, size, ifp->int_metric); \ if (tracepackets) \ - dumppacket(ftrace, "to", dst, packet, size, &now); \ + dumppacket(ftrace, "to", (struct sockaddr_in *)dst, packet, size, &now); \ } diff --git a/rpc_lockd.tproj/Makefile b/rpc_lockd.tproj/Makefile deleted file mode 100644 index 960d126..0000000 --- a/rpc_lockd.tproj/Makefile +++ /dev/null @@ -1,46 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rpc.lockd - -PROJECTVERSION = 2.6 -PROJECT_TYPE = Tool -LANGUAGE = English - -HFILES = lockd.h lockd_lock.h - -CFILES = kern.c lock_proc.c lockd.c lockd_lock.c nlm_prot_svc.c\ - nlm_prot_xdr.c sm_inter_xdr.c - -OTHERSRCS = Makefile.dist Makefile.preamble Makefile Makefile.postamble\ - test.c rpc.lockd.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -WINDOWS_INSTALLDIR = /usr/sbin -PDO_UNIX_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - -PB_CFLAGS = - - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rpc_lockd.tproj/Makefile.dist b/rpc_lockd.tproj/Makefile.dist deleted file mode 100644 index dc61e02..0000000 --- a/rpc_lockd.tproj/Makefile.dist +++ /dev/null @@ -1,32 +0,0 @@ -# $NetBSD: Makefile,v 1.12 2000/08/07 16:23:31 thorpej Exp $ -# $FreeBSD: src/usr.sbin/rpc.lockd/Makefile,v 1.17 2002/03/22 19:50:58 alfred Exp $ - -PROG= rpc.lockd -MAN= rpc.lockd.8 -MLINKS= rpc.lockd.8 lockd.8 -SRCS= kern.c nlm_prot_svc.c lockd.c lock_proc.c lockd_lock.c -NO_WERROR= YES -WARNS?= 4 - -CFLAGS+= -I. -I${DESTDIR}/usr/include/rpcsvc - -DPADD= ${LIBRPCSVC} ${LIBUTIL} -LDADD= -lrpcsvc -lutil - -CLEANFILES= nlm_prot_svc.c nlm_prot.h test - -RPCSRC= ${DESTDIR}/usr/include/rpcsvc/nlm_prot.x -RPCGEN= rpcgen -L -C - -nlm_prot_svc.c: ${RPCSRC} - ${RPCGEN} -m -o ${.TARGET} ${RPCSRC} - -nlm_prot.h: ${RPCSRC} - ${RPCGEN} -h -o ${.TARGET} ${RPCSRC} - -test: ${.CURDIR}/test.c - cc -o test ${.CURDIR}/test.c -lrpcsvc - -LDADD= -lrpcsvc - -.include diff --git a/rpc_lockd.tproj/Makefile.postamble b/rpc_lockd.tproj/Makefile.postamble deleted file mode 100644 index 2119949..0000000 --- a/rpc_lockd.tproj/Makefile.postamble +++ /dev/null @@ -1,3 +0,0 @@ -install-man-page: - install -d $(DSTROOT)/usr/share/man/man8 - install -c -m 644 rpc.lockd.8 $(DSTROOT)/usr/share/man/man8/rpc.lockd.8 diff --git a/rpc_lockd.tproj/Makefile.preamble b/rpc_lockd.tproj/Makefile.preamble deleted file mode 100644 index 263ad05..0000000 --- a/rpc_lockd.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include -AFTER_INSTALL += install-man-page diff --git a/rpc_lockd.tproj/PB.project b/rpc_lockd.tproj/PB.project deleted file mode 100644 index 80f4ac2..0000000 --- a/rpc_lockd.tproj/PB.project +++ /dev/null @@ -1,39 +0,0 @@ -{ - BUILDDIR = ""; - BUILDTOOL = /bin/gnumake; - FILESTABLE = { - C_FILES = (); - H_FILES = ( - lockd.h, - lockd_lock.h - ); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = ( - kern.c, - lock_proc.c, - lockd.c, - lockd_lock.c, - nlm_prot_svc.c, - nlm_prot_xdr.c, - sm_inter_xdr.c - ); - OTHER_SOURCES = ( - Makefile.dist, - Makefile.preamble, - Makefile, - Makefile.postamble, - test.c, - rpc.lockd.8 - ); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_INSTALLDIR = /usr/sbin; - PDO_UNIX_INSTALLDIR = /usr/sbin; - PROJECTNAME = rpc.lockd; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.6; - WINDOWS_INSTALLDIR = /usr/sbin; -} diff --git a/rpc_lockd.tproj/kern.c b/rpc_lockd.tproj/kern.c deleted file mode 100644 index 73afb3d..0000000 --- a/rpc_lockd.tproj/kern.c +++ /dev/null @@ -1,726 +0,0 @@ -/*- - * Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Berkeley Software Design Inc's name may not be used to endorse or - * promote products derived from this software without specific prior - * written permission. - * - * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * from BSDI kern.c,v 1.2 1998/11/25 22:38:27 don Exp - * $FreeBSD: src/usr.sbin/rpc.lockd/kern.c,v 1.11 2002/08/15 21:52:21 alfred Exp $ - */ - -#include -#include -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "rpcsvc/nlm_prot.h" -#include -#include -#include -#include - -#include "lockd.h" -#include "lockd_lock.h" - -#define nfslockdans(_v, _ansp) \ - ((_ansp)->la_version = (_v), \ - nfsclnt(NFSCLNT_LOCKDANS, (_ansp))) - - -/* Lock request owner. */ -typedef struct __owner { - pid_t pid; /* Process ID. */ - time_t tod; /* Time-of-day. */ -} OWNER; -static OWNER owner; - -static char hostname[MAXHOSTNAMELEN + 1]; /* Hostname. */ - -static void client_cleanup(void); -static void set_auth(CLIENT *cl, struct xucred *ucred); -int lock_request(LOCKD_MSG *); -int cancel_request(LOCKD_MSG *); -int test_request(LOCKD_MSG *); -void show(LOCKD_MSG *); -int unlock_request(LOCKD_MSG *); - -#define d_calls (debug_level > 1) -#define d_args (debug_level > 2) - -static const char * -from_addr(saddr) - struct sockaddr *saddr; -{ - static char inet_buf[INET6_ADDRSTRLEN]; - - if (getnameinfo(saddr, saddr->sa_len, inet_buf, sizeof(inet_buf), - NULL, 0, NI_NUMERICHOST) == 0) - return inet_buf; - return "???"; -} - -/* - * client_kern_wait() - * - * wait for kernel to signal first lock request before starting - */ -void -client_kern_wait(void) -{ - if (nfsclnt(NFSCLNT_LOCKDWAIT, NULL)) - warn("nfsclnt_lockdwait"); -} - -void -client_cleanup(void) -{ - (void) nfsclnt(NFSCLNT_LOCKDFD, (struct lockd_ans *)-1); - exit(-1); -} - -/* - * client_request -- - * Loop around messages from the kernel, forwarding them off to - * NLM servers. - */ -pid_t -client_request(void) -{ - LOCKD_MSG msg; - fd_set rdset; - int fd, nr, ret; - pid_t child; - mode_t old_umask; - - /* Recreate the NLM fifo. */ - (void)unlink(_PATH_LCKFIFO); - old_umask = umask(S_IXGRP|S_IXOTH); - if (mkfifo(_PATH_LCKFIFO, S_IWUSR | S_IRUSR)) { - syslog(LOG_ERR, "mkfifo: %s: %m", _PATH_LCKFIFO); - exit (1); - } - umask(old_umask); - - /* - * Create a separate process, the client code is really a separate - * daemon that shares a lot of code. - */ - switch (child = fork()) { - case -1: - err(1, "fork"); - case 0: - break; - default: - return (child); - } - - signal(SIGHUP, (sig_t)client_cleanup); - signal(SIGTERM, (sig_t)client_cleanup); - - /* Setup. */ - (void)time(&owner.tod); - owner.pid = getpid(); - - /* Open the fifo for reading. */ - if ((fd = open(_PATH_LCKFIFO, O_RDONLY | O_NONBLOCK)) == -1) { - syslog(LOG_ERR, "open: %s: %m", _PATH_LCKFIFO); - _exit (1); - } - (void)unlink(_PATH_LCKFIFO); - if (nfsclnt(NFSCLNT_LOCKDFD, (struct lockd_ans *)fd)) { - syslog(LOG_ERR, "nfsclnt_fd: %d: %m", fd); - _exit (1); - } - - for (;;) { - /* Wait for contact... fifo's return EAGAIN when read with - * no data - */ - /* Set up the select. */ - FD_ZERO(&rdset); - FD_SET(fd, &rdset); - (void)select(fd + 1, &rdset, NULL, NULL, NULL); - - /* - * Hold off getting hostname until first - * lock request. Otherwise we risk getting - * an initial ".local" name. - */ - if (hostname[0] == '\0') - (void)gethostname(hostname, sizeof(hostname) - 1); - - /* Read the fixed length message. */ - if ((nr = read(fd, &msg, sizeof(msg))) == sizeof(msg)) { - if (d_args) - show(&msg); - - if (msg.lm_version != LOCKD_MSG_VERSION) { - syslog(LOG_ERR, - "unknown msg type: %d", msg.lm_version); - } - /* - * Send it to the NLM server and don't grant the lock - * if we fail for any reason. - */ - switch (msg.lm_fl.l_type) { - case F_RDLCK: - case F_WRLCK: - if (msg.lm_flags & LOCKD_MSG_TEST) - ret = test_request(&msg); - else if (msg.lm_flags & LOCKD_MSG_CANCEL) - ret = cancel_request(&msg); - else - ret = lock_request(&msg); - break; - case F_UNLCK: - ret = unlock_request(&msg); - break; - default: - ret = 1; - syslog(LOG_ERR, - "unknown lock type: %d", msg.lm_fl.l_type); - break; - } - if (ret) { - struct lockd_ans ans; - - ans.la_xid = msg.lm_xid; - ans.la_errno = ENOTSUP; - - if (nfslockdans(LOCKD_ANS_VERSION, &ans)) { - syslog(LOG_DEBUG, "process %lu: %m", - (u_long)msg.lm_fl.l_pid); - } - } - } else if (nr == -1) { - if (errno != EAGAIN) { - syslog(LOG_ERR, "read: %s: %m", _PATH_LCKFIFO); - goto err; - } - } else if (nr != 0) { - syslog(LOG_ERR, - "%s: discard %d bytes", _PATH_LCKFIFO, nr); - } - } - - /* Reached only on error. */ -err: - (void) nfsclnt(NFSCLNT_LOCKDFD, (struct lockd_ans *)-1); - _exit (1); - return 0; -} - -void -set_auth(cl, xucred) - CLIENT *cl; - struct xucred *xucred; -{ - if (cl->cl_auth != NULL) - cl->cl_auth->ah_ops->ah_destroy(cl->cl_auth); - cl->cl_auth = authunix_create(hostname, - xucred->cr_uid, - xucred->cr_groups[0], - xucred->cr_ngroups - 1, - &xucred->cr_groups[1]); -} - - -/* - * test_request -- - * Convert a lock LOCKD_MSG into an NLM request, and send it off. - */ -int -test_request(LOCKD_MSG *msg) -{ - CLIENT *cli; - struct timeval timeout = {0, 0}; /* No timeout, no response. */ - char dummy; - - if (d_calls) - syslog(LOG_DEBUG, "test request: %s: %s to %s", - (msg->lm_flags & LOCKD_MSG_NFSV3) ? "V4" : "V1/3", - msg->lm_fl.l_type == F_WRLCK ? "write" : "read", - from_addr((struct sockaddr *)&msg->lm_addr)); - - if (msg->lm_flags & LOCKD_MSG_NFSV3) { - struct nlm4_testargs arg4; - - arg4.cookie.n_bytes = (char *)&msg->lm_xid; - arg4.cookie.n_len = sizeof(msg->lm_xid); - arg4.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0; - arg4.alock.caller_name = hostname; - arg4.alock.fh.n_bytes = (char *)&msg->lm_fh; - arg4.alock.fh.n_len = msg->lm_fh_len; - arg4.alock.oh.n_bytes = (char *)&owner; - arg4.alock.oh.n_len = sizeof(owner); - arg4.alock.svid = msg->lm_fl.l_pid; - arg4.alock.l_offset = msg->lm_fl.l_start; - arg4.alock.l_len = msg->lm_fl.l_len; - - if ((cli = get_client( - (struct sockaddr *)&msg->lm_addr, - NLM_VERS4)) == NULL) - return (1); - - set_auth(cli, &msg->lm_cred); - (void)clnt_call(cli, NLM4_TEST_MSG, - xdr_nlm4_testargs, &arg4, xdr_void, &dummy, timeout); - } else { - struct nlm_testargs arg; - - arg.cookie.n_bytes = (char *)&msg->lm_xid; - arg.cookie.n_len = sizeof(msg->lm_xid); - arg.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0; - arg.alock.caller_name = hostname; - arg.alock.fh.n_bytes = (char *)&msg->lm_fh; - arg.alock.fh.n_len = msg->lm_fh_len; - arg.alock.oh.n_bytes = (char *)&owner; - arg.alock.oh.n_len = sizeof(owner); - arg.alock.svid = msg->lm_fl.l_pid; - arg.alock.l_offset = msg->lm_fl.l_start; - arg.alock.l_len = msg->lm_fl.l_len; - - if ((cli = get_client( - (struct sockaddr *)&msg->lm_addr, - NLM_VERS)) == NULL) - return (1); - - set_auth(cli, &msg->lm_cred); - (void)clnt_call(cli, NLM_TEST_MSG, - xdr_nlm_testargs, &arg, xdr_void, &dummy, timeout); - } - return (0); -} - -/* - * lock_request -- - * Convert a lock LOCKD_MSG into an NLM request, and send it off. - */ -int -lock_request(LOCKD_MSG *msg) -{ - CLIENT *cli; - struct nlm4_lockargs arg4; - struct nlm_lockargs arg; - struct timeval timeout = {0, 0}; /* No timeout, no response. */ - char dummy; - - if (d_calls) - syslog(LOG_DEBUG, "lock request: %s: %s to %s", - (msg->lm_flags & LOCKD_MSG_NFSV3) ? "V4" : "V1/3", - msg->lm_fl.l_type == F_WRLCK ? "write" : "read", - from_addr((struct sockaddr *)&msg->lm_addr)); - - monitor_lock_host_by_addr((struct sockaddr *)&msg->lm_addr); - - if (msg->lm_flags & LOCKD_MSG_NFSV3) { - arg4.cookie.n_bytes = (char *)&msg->lm_xid; - arg4.cookie.n_len = sizeof(msg->lm_xid); - arg4.block = (msg->lm_flags & LOCKD_MSG_BLOCK) ? 1 : 0; - arg4.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0; - arg4.alock.caller_name = hostname; - arg4.alock.fh.n_bytes = (char *)&msg->lm_fh; - arg4.alock.fh.n_len = msg->lm_fh_len; - arg4.alock.oh.n_bytes = (char *)&owner; - arg4.alock.oh.n_len = sizeof(owner); - arg4.alock.svid = msg->lm_fl.l_pid; - arg4.alock.l_offset = msg->lm_fl.l_start; - arg4.alock.l_len = msg->lm_fl.l_len; - arg4.reclaim = 0; - arg4.state = nsm_state; - - if ((cli = get_client( - (struct sockaddr *)&msg->lm_addr, - NLM_VERS4)) == NULL) - return (1); - - set_auth(cli, &msg->lm_cred); - (void)clnt_call(cli, NLM4_LOCK_MSG, - xdr_nlm4_lockargs, &arg4, xdr_void, &dummy, timeout); - } else { - arg.cookie.n_bytes = (char *)&msg->lm_xid; - arg.cookie.n_len = sizeof(msg->lm_xid); - arg.block = (msg->lm_flags & LOCKD_MSG_BLOCK) ? 1 : 0; - arg.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0; - arg.alock.caller_name = hostname; - arg.alock.fh.n_bytes = (char *)&msg->lm_fh; - arg.alock.fh.n_len = msg->lm_fh_len; - arg.alock.oh.n_bytes = (char *)&owner; - arg.alock.oh.n_len = sizeof(owner); - arg.alock.svid = msg->lm_fl.l_pid; - arg.alock.l_offset = msg->lm_fl.l_start; - arg.alock.l_len = msg->lm_fl.l_len; - arg.reclaim = 0; - arg.state = nsm_state; - - if ((cli = get_client( - (struct sockaddr *)&msg->lm_addr, - NLM_VERS)) == NULL) - return (1); - - set_auth(cli, &msg->lm_cred); - (void)clnt_call(cli, NLM_LOCK_MSG, - xdr_nlm_lockargs, &arg, xdr_void, &dummy, timeout); - } - return (0); -} - -/* - * cancel_request -- - * Convert a lock LOCKD_MSG into an NLM request, and send it off. - */ -int -cancel_request(LOCKD_MSG *msg) -{ - CLIENT *cli; - struct nlm4_cancargs arg4; - struct nlm_cancargs arg; - struct timeval timeout = {0, 0}; /* No timeout, no response. */ - char dummy; - - if (d_calls) - syslog(LOG_DEBUG, "cancel request: %s: %s to %s", - (msg->lm_flags & LOCKD_MSG_NFSV3) ? "V4" : "V1/3", - msg->lm_fl.l_type == F_WRLCK ? "write" : "read", - from_addr((struct sockaddr *)&msg->lm_addr)); - - if (msg->lm_flags & LOCKD_MSG_NFSV3) { - arg4.cookie.n_bytes = (char *)&msg->lm_xid; - arg4.cookie.n_len = sizeof(msg->lm_xid); - arg4.block = (msg->lm_flags & LOCKD_MSG_BLOCK) ? 1 : 0; - arg4.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0; - arg4.alock.caller_name = hostname; - arg4.alock.fh.n_bytes = (char *)&msg->lm_fh; - arg4.alock.fh.n_len = msg->lm_fh_len; - arg4.alock.oh.n_bytes = (char *)&owner; - arg4.alock.oh.n_len = sizeof(owner); - arg4.alock.svid = msg->lm_fl.l_pid; - arg4.alock.l_offset = msg->lm_fl.l_start; - arg4.alock.l_len = msg->lm_fl.l_len; - - if ((cli = get_client( - (struct sockaddr *)&msg->lm_addr, NLM_VERS4)) == NULL) - return (1); - - set_auth(cli, &msg->lm_cred); - (void)clnt_call(cli, NLM4_CANCEL_MSG, - xdr_nlm4_cancargs, &arg4, xdr_void, &dummy, timeout); - } else { - arg.cookie.n_bytes = (char *)&msg->lm_xid; - arg.cookie.n_len = sizeof(msg->lm_xid); - arg.block = (msg->lm_flags & LOCKD_MSG_BLOCK) ? 1 : 0; - arg.exclusive = msg->lm_fl.l_type == F_WRLCK ? 1 : 0; - arg.alock.caller_name = hostname; - arg.alock.fh.n_bytes = (char *)&msg->lm_fh; - arg.alock.fh.n_len = msg->lm_fh_len; - arg.alock.oh.n_bytes = (char *)&owner; - arg.alock.oh.n_len = sizeof(owner); - arg.alock.svid = msg->lm_fl.l_pid; - arg.alock.l_offset = msg->lm_fl.l_start; - arg.alock.l_len = msg->lm_fl.l_len; - - if ((cli = get_client( - (struct sockaddr *)&msg->lm_addr, NLM_VERS)) == NULL) - return (1); - - set_auth(cli, &msg->lm_cred); - (void)clnt_call(cli, NLM_CANCEL_MSG, - xdr_nlm_cancargs, &arg, xdr_void, &dummy, timeout); - } - return (0); -} - -/* - * unlock_request -- - * Convert an unlock LOCKD_MSG into an NLM request, and send it off. - */ -int -unlock_request(LOCKD_MSG *msg) -{ - CLIENT *cli; - struct nlm4_unlockargs arg4; - struct nlm_unlockargs arg; - struct timeval timeout = {0, 0}; /* No timeout, no response. */ - char dummy; - - if (d_calls) - syslog(LOG_DEBUG, "unlock request: %s: to %s", - (msg->lm_flags & LOCKD_MSG_NFSV3) ? "V4" : "V1/3", - from_addr((struct sockaddr *)&msg->lm_addr)); - - if (msg->lm_flags & LOCKD_MSG_NFSV3) { - arg4.cookie.n_bytes = (char *)&msg->lm_xid; - arg4.cookie.n_len = sizeof(msg->lm_xid); - arg4.alock.caller_name = hostname; - arg4.alock.fh.n_bytes = (char *)&msg->lm_fh; - arg4.alock.fh.n_len = msg->lm_fh_len; - arg4.alock.oh.n_bytes = (char *)&owner; - arg4.alock.oh.n_len = sizeof(owner); - arg4.alock.svid = msg->lm_fl.l_pid; - arg4.alock.l_offset = msg->lm_fl.l_start; - arg4.alock.l_len = msg->lm_fl.l_len; - - if ((cli = get_client( - (struct sockaddr *)&msg->lm_addr, - NLM_VERS4)) == NULL) - return (1); - - set_auth(cli, &msg->lm_cred); - (void)clnt_call(cli, NLM4_UNLOCK_MSG, - xdr_nlm4_unlockargs, &arg4, xdr_void, &dummy, timeout); - } else { - arg.cookie.n_bytes = (char *)&msg->lm_xid; - arg.cookie.n_len = sizeof(msg->lm_xid); - arg.alock.caller_name = hostname; - arg.alock.fh.n_bytes = (char *)&msg->lm_fh; - arg.alock.fh.n_len = msg->lm_fh_len; - arg.alock.oh.n_bytes = (char *)&owner; - arg.alock.oh.n_len = sizeof(owner); - arg.alock.svid = msg->lm_fl.l_pid; - arg.alock.l_offset = msg->lm_fl.l_start; - arg.alock.l_len = msg->lm_fl.l_len; - - if ((cli = get_client( - (struct sockaddr *)&msg->lm_addr, - NLM_VERS)) == NULL) - return (1); - - set_auth(cli, &msg->lm_cred); - (void)clnt_call(cli, NLM_UNLOCK_MSG, - xdr_nlm_unlockargs, &arg, xdr_void, &dummy, timeout); - } - - return (0); -} - -int -lock_answer(int version, netobj *netcookie, nlm4_lock *lock, int flags, int result) -{ - struct lockd_ans ans; - - ans.la_flags = 0; - if (flags & LOCK_ANSWER_GRANTED) - ans.la_flags |= LOCKD_ANS_GRANTED; - - if (netcookie->n_len != sizeof(ans.la_xid)) { - if (lock == NULL) { /* we're screwed */ - syslog(LOG_ERR, "inedible nlm cookie"); - return -1; - } - /* no/bad cookie - need to copy lock info to identify request */ - ans.la_xid = 0; - /* copy lock info */ - ans.la_fh_len = lock->fh.n_len; - if (!lock->fh.n_len || (lock->fh.n_len > NFS_SMALLFH)) { - syslog(LOG_ERR, "bogus filehandle size %d in answer", lock->fh.n_len); - return -1; - } - memcpy(ans.la_fh, lock->fh.n_bytes, ans.la_fh_len); - ans.la_pid = lock->svid; - ans.la_start = lock->l_offset; - ans.la_len = lock->l_len; - ans.la_flags |= LOCKD_ANS_LOCK_INFO; - if (flags & LOCK_ANSWER_LOCK_EXCL) - ans.la_flags |= LOCKD_ANS_LOCK_EXCL; - } else { - memcpy(&ans.la_xid, netcookie->n_bytes, sizeof(ans.la_xid)); - ans.la_fh_len = 0; - } - - if (d_calls) - syslog(LOG_DEBUG, "lock answer: pid %lu: %s %d", - (unsigned long)ans.la_pid, - version == NLM_VERS4 ? "nlmv4" : "nlmv3", - result); - - if (version == NLM_VERS4) - switch (result) { - case nlm4_granted: - ans.la_errno = 0; - if ((flags & LOCK_ANSWER_GRANTED) && lock && - !(ans.la_flags & LOCKD_ANS_LOCK_INFO)) { - /* copy lock info */ - ans.la_fh_len = lock->fh.n_len; - if (!lock->fh.n_len || (lock->fh.n_len > NFS_SMALLFH)) { - syslog(LOG_ERR, "bogus filehandle size %d in answer", lock->fh.n_len); - return -1; - } - memcpy(ans.la_fh, lock->fh.n_bytes, ans.la_fh_len); - ans.la_pid = lock->svid; - ans.la_start = lock->l_offset; - ans.la_len = lock->l_len; - ans.la_flags |= LOCKD_ANS_LOCK_INFO; - if (flags & LOCK_ANSWER_LOCK_EXCL) - ans.la_flags |= LOCKD_ANS_LOCK_EXCL; - } - break; - default: - ans.la_errno = EACCES; - break; - case nlm4_denied: - if (lock == NULL) - ans.la_errno = EACCES; - else { - /* this is an answer to a nlm_test msg */ - ans.la_pid = lock->svid; - ans.la_start = lock->l_offset; - ans.la_len = lock->l_len; - ans.la_flags |= LOCKD_ANS_LOCK_INFO; - if (flags & LOCK_ANSWER_LOCK_EXCL) - ans.la_flags |= LOCKD_ANS_LOCK_EXCL; - ans.la_errno = 0; - } - break; - case nlm4_denied_nolocks: - ans.la_errno = ENOLCK; - break; - case nlm4_blocked: - ans.la_errno = EINPROGRESS; - break; - case nlm4_denied_grace_period: - ans.la_errno = EAGAIN; - break; - case nlm4_deadlck: - ans.la_errno = EDEADLK; - break; - case nlm4_rofs: - ans.la_errno = EROFS; - break; - case nlm4_stale_fh: - ans.la_errno = ESTALE; - break; - case nlm4_fbig: - ans.la_errno = EFBIG; - break; - case nlm4_failed: - ans.la_errno = EACCES; - break; - } - else - switch (result) { - case nlm_granted: - ans.la_errno = 0; - if ((flags & LOCK_ANSWER_GRANTED) && lock && - !(ans.la_flags & LOCKD_ANS_LOCK_INFO)) { - /* copy lock info */ - ans.la_fh_len = lock->fh.n_len; - if (!lock->fh.n_len || (lock->fh.n_len > NFS_SMALLFH)) { - syslog(LOG_ERR, "bogus filehandle size %d in answer", lock->fh.n_len); - return -1; - } - memcpy(ans.la_fh, lock->fh.n_bytes, ans.la_fh_len); - ans.la_pid = lock->svid; - ans.la_start = lock->l_offset; - ans.la_len = lock->l_len; - ans.la_flags |= LOCKD_ANS_LOCK_INFO; - if (flags & LOCK_ANSWER_LOCK_EXCL) - ans.la_flags |= LOCKD_ANS_LOCK_EXCL; - } - break; - default: - ans.la_errno = EACCES; - break; - case nlm_denied: - if (lock == NULL) - ans.la_errno = EACCES; - else { - /* this is an answer to a nlm_test msg */ - ans.la_pid = lock->svid; - ans.la_start = lock->l_offset; - ans.la_len = lock->l_len; - ans.la_flags |= LOCKD_ANS_LOCK_INFO; - if (flags & LOCK_ANSWER_LOCK_EXCL) - ans.la_flags |= LOCKD_ANS_LOCK_EXCL; - ans.la_errno = 0; - } - break; - case nlm_denied_nolocks: - ans.la_errno = ENOLCK; - break; - case nlm_blocked: - ans.la_errno = EINPROGRESS; - break; - case nlm_denied_grace_period: - ans.la_errno = EAGAIN; - break; - case nlm_deadlck: - ans.la_errno = EDEADLK; - break; - } - - if (nfslockdans(LOCKD_ANS_VERSION, &ans)) { - syslog(LOG_DEBUG, "lock_answer(%d): process %lu: %m", - result, (u_long)ans.la_pid); - return -1; - } - return 0; -} - -/* - * show -- - * Display the contents of a kernel LOCKD_MSG structure. - */ -void -show(LOCKD_MSG *mp) -{ - static char hex[] = "0123456789abcdef"; - size_t len; - u_int8_t *p, *t, buf[NFS_SMALLFH*3+1]; - - syslog(LOG_DEBUG, "process ID: %lu\n", (long)mp->lm_fl.l_pid); - - for (t = buf, p = (u_int8_t *)mp->lm_fh, - len = mp->lm_fh_len; - len > 0; ++p, --len) { - *t++ = '\\'; - *t++ = hex[(*p & 0xf0) >> 4]; - *t++ = hex[*p & 0x0f]; - } - *t = '\0'; - - syslog(LOG_DEBUG, "fh_len %d, fh %s\n", mp->lm_fh_len, buf); - - /* Show flock structure. */ - syslog(LOG_DEBUG, "start %qu; len %qu; pid %lu; type %d; whence %d\n", - mp->lm_fl.l_start, mp->lm_fl.l_len, (u_long)mp->lm_fl.l_pid, - mp->lm_fl.l_type, mp->lm_fl.l_whence); - - /* Show wait flag. */ - syslog(LOG_DEBUG, "wait was %s\n", (mp->lm_flags & LOCKD_MSG_BLOCK) ? "set" : "not set"); -} diff --git a/rpc_lockd.tproj/lock_proc.c b/rpc_lockd.tproj/lock_proc.c deleted file mode 100644 index df949ae..0000000 --- a/rpc_lockd.tproj/lock_proc.c +++ /dev/null @@ -1,1632 +0,0 @@ -/* $NetBSD: lock_proc.c,v 1.7 2000/10/11 20:23:56 is Exp $ */ -/* $FreeBSD: src/usr.sbin/rpc.lockd/lock_proc.c,v 1.10 2002/03/22 20:00:10 alfred Exp $ */ -/* - * Copyright (c) 1995 - * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed for the FreeBSD project - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#include -#ifndef lint -__RCSID("$NetBSD: lock_proc.c,v 1.7 2000/10/11 20:23:56 is Exp $"); -#endif - -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include "lockd.h" -#include "lockd_lock.h" - - -#define CLIENT_CACHE_SIZE 64 /* No. of client sockets cached */ -#define CLIENT_CACHE_LIFETIME 120 /* In seconds */ - -static void log_from_addr(const char *, struct svc_req *); -static void log_netobj(netobj *obj); - -/* log_from_addr ----------------------------------------------------------- */ -/* - * Purpose: Log name of function called and source address - * Returns: Nothing - * Notes: Extracts the source address from the transport handle - * passed in as part of the called procedure specification - */ -static void -log_from_addr(fun_name, req) - const char *fun_name; - struct svc_req *req; -{ - struct sockaddr_in *addr; - char hostname_buf[NI_MAXHOST]; - - addr = svc_getcaller(req->rq_xprt); - if (getnameinfo((struct sockaddr *)addr, sizeof(*addr), hostname_buf, sizeof hostname_buf, - NULL, 0, 0) != 0) - return; - - syslog(LOG_DEBUG, "%s from %s", fun_name, hostname_buf); -} - -/* log_netobj ----------------------------------------------------------- */ -/* - * Purpose: Log a netobj - * Returns: Nothing - * Notes: This function should only really be called as part of - * a debug subsystem. -*/ -static void -log_netobj(obj) - netobj *obj; -{ - char objvalbuffer[(sizeof(char)*2)*MAX_NETOBJ_SZ+2]; - char objascbuffer[sizeof(char)*MAX_NETOBJ_SZ+1]; - unsigned int i, maxlen; - char *tmp1, *tmp2; - - /* Notify of potential security attacks */ - if (obj->n_len > MAX_NETOBJ_SZ) { - syslog(LOG_DEBUG, "SOMEONE IS TRYING TO DO SOMETHING NASTY!\n"); - syslog(LOG_DEBUG, "netobj too large! Should be %d was %d\n", - MAX_NETOBJ_SZ, obj->n_len); - } - /* Prevent the security hazard from the buffer overflow */ - maxlen = (obj->n_len < MAX_NETOBJ_SZ ? obj->n_len : MAX_NETOBJ_SZ); - for (i=0, tmp1 = objvalbuffer, tmp2 = objascbuffer; i < obj->n_len; - i++, tmp1 +=2, tmp2 +=1) { - sprintf(tmp1,"%02X",*(obj->n_bytes+i)); - sprintf(tmp2,"%c",*(obj->n_bytes+i)); - } - *tmp1 = '\0'; - *tmp2 = '\0'; - syslog(LOG_DEBUG,"netobjvals: %s\n",objvalbuffer); - syslog(LOG_DEBUG,"netobjascs: %s\n",objascbuffer); -} -/* get_client -------------------------------------------------------------- */ -/* - * Purpose: Get a CLIENT* for making RPC calls to lockd on given host - * Returns: CLIENT* pointer, from clnt_udp_create, or NULL if error - * Notes: Creating a CLIENT* is quite expensive, involving a - * conversation with the remote portmapper to get the - * port number. Since a given client is quite likely - * to make several locking requests in succession, it is - * desirable to cache the created CLIENT*. - * - * Since we are using UDP rather than TCP, there is no cost - * to the remote system in keeping these cached indefinitely. - * Unfortunately there is a snag: if the remote system - * reboots, the cached portmapper results will be invalid, - * and we will never detect this since all of the xxx_msg() - * calls return no result - we just fire off a udp packet - * and hope for the best. - * - * We solve this by discarding cached values after two - * minutes, regardless of whether they have been used - * in the meanwhile (since a bad one might have been used - * plenty of times, as the host keeps retrying the request - * and we keep sending the reply back to the wrong port). - * - * Given that the entries will always expire in the order - * that they were created, there is no point in a LRU - * algorithm for when the cache gets full - entries are - * always re-used in sequence. - */ -static CLIENT *clnt_cache_ptr[CLIENT_CACHE_SIZE]; -static long clnt_cache_time[CLIENT_CACHE_SIZE]; /* time entry created */ -static struct sockaddr_storage clnt_cache_addr[CLIENT_CACHE_SIZE]; -static rpcvers_t clnt_cache_vers[CLIENT_CACHE_SIZE]; -static int clnt_cache_next_to_use = 0; - -/* - * Because lockd is single-threaded, slow/unresponsive portmappers on - * clients can cause serious performance issues. So, we keep a list of - * these bad hosts, and limit how often we try to get_client() for those hosts. - */ -struct badhost { - TAILQ_ENTRY(badhost) list; - struct sockaddr_storage addr; /* host address */ - int count; /* # of occurences */ - time_t timelast; /* last attempted */ - time_t timenext; /* next allowed */ -}; -TAILQ_HEAD(badhostlist_head, badhost); -static struct badhostlist_head badhostlist_head = TAILQ_HEAD_INITIALIZER(badhostlist_head); -#define BADHOST_CLIENT_TOOK_TOO_LONG 5 /* In seconds */ -#define BADHOST_INITIAL_DELAY 120 /* In seconds */ -#define BADHOST_MAXIMUM_DELAY 3600 /* In seconds */ -#define BADHOST_DELAY_INCREMENT 300 /* In seconds */ - -int -addrcmp(const struct sockaddr *sa1, const struct sockaddr *sa2) -{ - int len; - void *p1, *p2; - - if (sa1->sa_family != sa2->sa_family) - return -1; - - switch (sa1->sa_family) { - case AF_INET: - p1 = &((struct sockaddr_in *)sa1)->sin_addr; - p2 = &((struct sockaddr_in *)sa2)->sin_addr; - len = 4; - break; - case AF_INET6: - p1 = &((struct sockaddr_in6 *)sa1)->sin6_addr; - p2 = &((struct sockaddr_in6 *)sa2)->sin6_addr; - len = 16; - break; - default: - return -1; - } - - return memcmp(p1, p2, len); -} - -CLIENT * -get_client(host_addr, vers) - struct sockaddr *host_addr; - rpcvers_t vers; -{ - CLIENT *client, *cached_client; - struct timeval retry_time, time_now; - int i; - int sock_no; - time_t time_start, cache_time = 0; - struct badhost *badhost, *nextbadhost; - - gettimeofday(&time_now, NULL); - - /* - * Search for the given client in the cache. - */ - cached_client = NULL; - for (i = 0; i < CLIENT_CACHE_SIZE; i++) { - client = clnt_cache_ptr[i]; - if (!client) - continue; - if (clnt_cache_vers[i] != vers) - continue; - if (addrcmp((struct sockaddr *)&clnt_cache_addr[i], host_addr)) - continue; - /* Found it! */ - if (((clnt_cache_time[i] + CLIENT_CACHE_LIFETIME) > time_now.tv_sec)) { - if (debug_level > 3) - syslog(LOG_DEBUG, "Found CLIENT* in cache"); - return (client); - } - syslog(LOG_DEBUG, "Found expired CLIENT* in cache"); - cached_client = client; - /* if we end up reusing this guy, make sure we keep the same timestamp */ - cache_time = clnt_cache_time[i]; - clnt_cache_time[i] = 0L; - clnt_cache_ptr[i] = NULL; - client = NULL; - break; - } - - /* - * Search for the given client in the badhost list. - */ - badhost = TAILQ_FIRST(&badhostlist_head); - while (badhost) { - nextbadhost = TAILQ_NEXT(badhost, list); - if (!addrcmp(host_addr, (struct sockaddr *)&badhost->addr)) - break; - if ((badhost->timelast + BADHOST_MAXIMUM_DELAY) < time_now.tv_sec) { - /* cleanup entries we haven't heard from in a while */ - TAILQ_REMOVE(&badhostlist_head, badhost, list); - free(badhost); - } - badhost = nextbadhost; - } - - if (badhost && (time_now.tv_sec < badhost->timenext)) { - /* - * We've got a badhost, and we don't want to try - * consulting it again yet. If we've got a stale - * cached CLIENT*, go ahead and try to use that. - */ - if (cached_client) { - syslog(LOG_DEBUG, "badhost delayed: stale CLIENT* found in cache"); - /* Free the next entry if it is in use. */ - if (clnt_cache_ptr[clnt_cache_next_to_use]) { - clnt_destroy(clnt_cache_ptr[clnt_cache_next_to_use]); - clnt_cache_ptr[clnt_cache_next_to_use] = NULL; - } - client = cached_client; - goto update_cache_entry; - } - syslog(LOG_DEBUG, "badhost delayed: valid CLIENT* not found in cache"); - return NULL; - } - - if (debug_level > 3) { - if (!cached_client) - syslog(LOG_DEBUG, "CLIENT* not found in cache, creating"); - else - syslog(LOG_DEBUG, "stale CLIENT* found in cache, updating"); - } - - /* Free the next entry if it is in use. */ - if (clnt_cache_ptr[clnt_cache_next_to_use]) { - clnt_destroy(clnt_cache_ptr[clnt_cache_next_to_use]); - clnt_cache_ptr[clnt_cache_next_to_use] = NULL; - } - - /* Create the new client handle */ - time_start = time_now.tv_sec; - - sock_no = RPC_ANYSOCK; - retry_time.tv_sec = 5; - retry_time.tv_usec = 0; - ((struct sockaddr_in *)host_addr)->sin_port = 0; /* Force consultation with portmapper */ - client = clntudp_create((struct sockaddr_in *)host_addr, NLM_PROG, vers, retry_time, &sock_no); - - gettimeofday(&time_now, NULL); - if (time_now.tv_sec - time_start >= BADHOST_CLIENT_TOOK_TOO_LONG) { - /* - * The client create took a long time! (slow/unresponsive portmapper?) - * Add/update an entry in the badhost list. - */ - if (!badhost && (badhost = malloc(sizeof(struct badhost)))) { - /* allocate new badhost */ - memcpy(&badhost->addr, host_addr, host_addr->sa_len); - badhost->count = 0; - TAILQ_INSERT_TAIL(&badhostlist_head, badhost, list); - } - if (badhost) { - /* update count and times */ - badhost->count++; - badhost->timelast = time_now.tv_sec; - if (badhost->count == 1) { - /* first timers get a shorter initial delay */ - badhost->timenext = time_now.tv_sec + BADHOST_INITIAL_DELAY; - } else { - /* multiple offenders get an increasingly larger delay */ - int delay = (badhost->count - 1) * BADHOST_DELAY_INCREMENT; - if (delay > BADHOST_MAXIMUM_DELAY) - delay = BADHOST_MAXIMUM_DELAY; - badhost->timenext = time_now.tv_sec + delay; - } - /* move to end of list */ - TAILQ_REMOVE(&badhostlist_head, badhost, list); - TAILQ_INSERT_TAIL(&badhostlist_head, badhost, list); - } - } else if (badhost) { - /* host seems good now, remove it from list */ - TAILQ_REMOVE(&badhostlist_head, badhost, list); - free(badhost); - badhost = NULL; - } - - if (!client) { - /* We couldn't get a new CLIENT* */ - if (!cached_client) { - syslog(LOG_WARNING, "Unable to contact %s: %s", - inet_ntoa(((struct sockaddr_in *)host_addr)->sin_addr), - clnt_spcreateerror("clntudp_create")); - return NULL; - } - /* - * We couldn't get updated info from portmapper, but we did - * still have the stale cached data. So we might as well try - * to use it. - */ - client = cached_client; - syslog(LOG_WARNING, "Unable to update contact info for %s: %s", - inet_ntoa(((struct sockaddr_in *)host_addr)->sin_addr), - clnt_spcreateerror("clntudp_create")); - } else { - /* - * We've got a new/updated CLIENT* for this host. - * So, destroy any previously cached CLIENT*. - */ - if (cached_client) - clnt_destroy(cached_client); - - /* - * Disable the default timeout, so we can specify our own in calls - * to clnt_call(). (Note that the timeout is a different concept - * from the retry period set in clnt_udp_create() above.) - */ - retry_time.tv_sec = -1; - retry_time.tv_usec = -1; - clnt_control(client, CLSET_TIMEOUT, (char *)&retry_time); - - if (debug_level > 3) - syslog(LOG_DEBUG, "Created CLIENT* for %s", - inet_ntoa(((struct sockaddr_in *)host_addr)->sin_addr)); - - /* make sure the new entry gets the current timestamp */ - cache_time = time_now.tv_sec; - } - -update_cache_entry: - /* Success (of some sort) - update the cache entry */ - clnt_cache_ptr[clnt_cache_next_to_use] = client; - memcpy(&clnt_cache_addr[clnt_cache_next_to_use], host_addr, - host_addr->sa_len); - clnt_cache_vers[clnt_cache_next_to_use] = vers; - clnt_cache_time[clnt_cache_next_to_use] = cache_time; - if (++clnt_cache_next_to_use >= CLIENT_CACHE_SIZE) - clnt_cache_next_to_use = 0; - - return client; -} - - -/* transmit_result --------------------------------------------------------- */ -/* - * Purpose: Transmit result for nlm_xxx_msg pseudo-RPCs - * Returns: success (0) or failure (-1) at sending the datagram - * Notes: clnt_call() will always fail (with timeout) as we are - * calling it with timeout 0 as a hack to just issue a datagram - * without expecting a result - */ -int -transmit_result(opcode, result, addr) - int opcode; - nlm_res *result; - struct sockaddr *addr; -{ - static char dummy; - CLIENT *cli; - struct timeval timeo; - int success; - - if ((cli = get_client(addr, NLM_VERS)) != NULL) { - timeo.tv_sec = 0; /* No timeout - not expecting response */ - timeo.tv_usec = 0; - - success = clnt_call(cli, opcode, xdr_nlm_res, result, xdr_void, - &dummy, timeo); - - if (debug_level > 2) - syslog(LOG_DEBUG, "clnt_call returns %d(%s)", - success, clnt_sperrno(success)); - return (0); - } - return (-1); -} -/* transmit4_result --------------------------------------------------------- */ -/* - * Purpose: Transmit result for nlm4_xxx_msg pseudo-RPCs - * Returns: success (0) or failure (-1) at sending the datagram - * Notes: clnt_call() will always fail (with timeout) as we are - * calling it with timeout 0 as a hack to just issue a datagram - * without expecting a result - */ -int -transmit4_result(opcode, result, addr) - int opcode; - nlm4_res *result; - struct sockaddr *addr; -{ - static char dummy; - CLIENT *cli; - struct timeval timeo; - int success; - - if ((cli = get_client(addr, NLM_VERS4)) != NULL) { - timeo.tv_sec = 0; /* No timeout - not expecting response */ - timeo.tv_usec = 0; - - success = clnt_call(cli, opcode, xdr_nlm4_res, result, xdr_void, - &dummy, timeo); - - if (debug_level > 2) - syslog(LOG_DEBUG, "clnt_call returns %d(%s)", - success, clnt_sperrno(success)); - return (0); - } - return (-1); -} - -/* - * converts a struct nlm_lock to struct nlm4_lock - */ -static void nlmtonlm4(struct nlm_lock *, struct nlm4_lock *); -static void -nlmtonlm4(arg, arg4) - struct nlm_lock *arg; - struct nlm4_lock *arg4; -{ - arg4->caller_name = arg->caller_name; - arg4->fh = arg->fh; - arg4->oh = arg->oh; - arg4->svid = arg->svid; - arg4->l_offset = arg->l_offset; - arg4->l_len = arg->l_len; -} -/* ------------------------------------------------------------------------- */ -/* - * Functions for Unix<->Unix locking (ie. monitored locking, with rpc.statd - * involved to ensure reclaim of locks after a crash of the "stateless" - * server. - * - * These all come in two flavours - nlm_xxx() and nlm_xxx_msg(). - * The first are standard RPCs with argument and result. - * The nlm_xxx_msg() calls implement exactly the same functions, but - * use two pseudo-RPCs (one in each direction). These calls are NOT - * standard use of the RPC protocol in that they do not return a result - * at all (NB. this is quite different from returning a void result). - * The effect of this is to make the nlm_xxx_msg() calls simple unacknowledged - * datagrams, requiring higher-level code to perform retries. - * - * Despite the disadvantages of the nlm_xxx_msg() approach (some of which - * are documented in the comments to get_client() above), this is the - * interface used by all current commercial NFS implementations - * [Solaris, SCO, AIX etc.]. This is presumed to be because these allow - * implementations to continue using the standard RPC libraries, while - * avoiding the block-until-result nature of the library interface. - * - * No client implementations have been identified so far that make use - * of the true RPC version (early SunOS releases would be a likely candidate - * for testing). - */ - -/* nlm_test ---------------------------------------------------------------- */ -/* - * Purpose: Test whether a specified lock would be granted if requested - * Returns: nlm_granted (or error code) - * Notes: - */ -nlm_testres * -nlm_test_1_svc(arg, rqstp) - nlm_testargs *arg; - struct svc_req *rqstp; -{ - static nlm_testres res; - struct nlm4_lock arg4; - struct nlm4_holder *holder; - nlmtonlm4(&arg->alock, &arg4); - - if (debug_level) - log_from_addr("nlm_test", rqstp); - - holder = testlock(&arg4, arg->exclusive, 0); - /* - * Copy the cookie from the argument into the result. Note that this - * is slightly hazardous, as the structure contains a pointer to a - * malloc()ed buffer that will get freed by the caller. However, the - * main function transmits the result before freeing the argument - * so it is in fact safe. - */ - res.cookie = arg->cookie; - if (holder == NULL) { - res.stat.stat = nlm_granted; - } else { - res.stat.stat = nlm_denied; - memcpy(&res.stat.nlm_testrply_u.holder, holder, - sizeof(struct nlm_holder)); - res.stat.nlm_testrply_u.holder.l_offset = holder->l_offset; - res.stat.nlm_testrply_u.holder.l_len = holder->l_len; - } - return (&res); -} - -void * -nlm_test_msg_1_svc(arg, rqstp) - nlm_testargs *arg; - struct svc_req *rqstp; -{ - nlm_testres res; - static char dummy; - struct sockaddr *addr; - CLIENT *cli; - int success; - struct timeval timeo; - struct nlm4_lock arg4; - struct nlm4_holder *holder; - - nlmtonlm4(&arg->alock, &arg4); - - if (debug_level) - log_from_addr("nlm_test_msg", rqstp); - - holder = testlock(&arg4, arg->exclusive, 0); - - res.cookie = arg->cookie; - if (holder == NULL) { - res.stat.stat = nlm_granted; - } else { - res.stat.stat = nlm_denied; - memcpy(&res.stat.nlm_testrply_u.holder, holder, - sizeof(struct nlm_holder)); - res.stat.nlm_testrply_u.holder.l_offset = holder->l_offset; - res.stat.nlm_testrply_u.holder.l_len = holder->l_len; - } - - /* - * nlm_test has different result type to the other operations, so - * can't use transmit_result() in this case - */ - addr = (struct sockaddr *)svc_getcaller(rqstp->rq_xprt); - if ((cli = get_client(addr, NLM_VERS)) != NULL) { - timeo.tv_sec = 0; /* No timeout - not expecting response */ - timeo.tv_usec = 0; - - success = clnt_call(cli, NLM_TEST_RES, xdr_nlm_testres, - &res, xdr_void, &dummy, timeo); - - if (debug_level > 2) - syslog(LOG_DEBUG, "clnt_call returns %d", success); - } - return (NULL); -} - -/* nlm_lock ---------------------------------------------------------------- */ -/* - * Purposes: Establish a lock - * Returns: granted, denied or blocked - * Notes: *** grace period support missing - */ -nlm_res * -nlm_lock_1_svc(arg, rqstp) - nlm_lockargs *arg; - struct svc_req *rqstp; -{ - static nlm_res res; - struct nlm4_lockargs arg4; - nlmtonlm4(&arg->alock, &arg4.alock); - arg4.cookie = arg->cookie; - arg4.block = arg->block; - arg4.exclusive = arg->exclusive; - arg4.reclaim = arg->reclaim; - arg4.state = arg->state; - - if (debug_level) - log_from_addr("nlm_lock", rqstp); - - /* copy cookie from arg to result. See comment in nlm_test_1() */ - res.cookie = arg->cookie; - - res.stat.stat = getlock(&arg4, rqstp, LOCK_MON); - return (&res); -} - -void * -nlm_lock_msg_1_svc(arg, rqstp) - nlm_lockargs *arg; - struct svc_req *rqstp; -{ - static nlm_res res; - struct nlm4_lockargs arg4; - - nlmtonlm4(&arg->alock, &arg4.alock); - arg4.cookie = arg->cookie; - arg4.block = arg->block; - arg4.exclusive = arg->exclusive; - arg4.reclaim = arg->reclaim; - arg4.state = arg->state; - - if (debug_level) - log_from_addr("nlm_lock_msg", rqstp); - - res.cookie = arg->cookie; - res.stat.stat = getlock(&arg4, rqstp, LOCK_ASYNC | LOCK_MON); - if (transmit_result(NLM_LOCK_RES, &res, - (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)) < 0) { - /* if res.stat.stat was success/blocked, then unlock/cancel */ - if (res.stat.stat == nlm_granted) - unlock(&arg4.alock, LOCK_V4); - else if (res.stat.stat == nlm_blocked) { - nlm4_cancargs carg; - carg.cookie = arg4.cookie; - carg.block = arg4.block; - carg.exclusive = arg4.exclusive; - carg.alock = arg4.alock; - cancellock(&carg, 0); - } - } - - return (NULL); -} - -/* nlm_cancel -------------------------------------------------------------- */ -/* - * Purpose: Cancel a blocked lock request - * Returns: granted or denied - * Notes: - */ -nlm_res * -nlm_cancel_1_svc(arg, rqstp) - nlm_cancargs *arg; - struct svc_req *rqstp; -{ - static nlm_res res; - struct nlm4_cancargs arg4; - - arg4.cookie = arg->cookie; - arg4.block = arg->block; - arg4.exclusive = arg->exclusive; - nlmtonlm4(&arg->alock, &arg4.alock); - - if (debug_level) - log_from_addr("nlm_cancel", rqstp); - - /* copy cookie from arg to result. See comment in nlm_test_1() */ - res.cookie = arg->cookie; - - res.stat.stat = cancellock(&arg4, 0); - return (&res); -} - -void * -nlm_cancel_msg_1_svc(arg, rqstp) - nlm_cancargs *arg; - struct svc_req *rqstp; -{ - static nlm_res res; - struct nlm4_cancargs arg4; - - arg4.cookie = arg->cookie; - arg4.block = arg->block; - arg4.exclusive = arg->exclusive; - nlmtonlm4(&arg->alock, &arg4.alock); - - if (debug_level) - log_from_addr("nlm_cancel_msg", rqstp); - - res.cookie = arg->cookie; - res.stat.stat = cancellock(&arg4, 0); - if (transmit_result(NLM_CANCEL_RES, &res, - (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)) < 0) { - /* XXX do we need to (un)do anything if this fails? */ - } - return (NULL); -} - -/* nlm_unlock -------------------------------------------------------------- */ -/* - * Purpose: Release an existing lock - * Returns: Always granted, unless during grace period - * Notes: "no such lock" error condition is ignored, as the - * protocol uses unreliable UDP datagrams, and may well - * re-try an unlock that has already succeeded. - */ -nlm_res * -nlm_unlock_1_svc(arg, rqstp) - nlm_unlockargs *arg; - struct svc_req *rqstp; -{ - static nlm_res res; - struct nlm4_lock arg4; - - nlmtonlm4(&arg->alock, &arg4); - - if (debug_level) - log_from_addr("nlm_unlock", rqstp); - - res.stat.stat = unlock(&arg4, 0); - res.cookie = arg->cookie; - - return (&res); -} - -void * -nlm_unlock_msg_1_svc(arg, rqstp) - nlm_unlockargs *arg; - struct svc_req *rqstp; -{ - static nlm_res res; - struct nlm4_lock arg4; - - nlmtonlm4(&arg->alock, &arg4); - - if (debug_level) - log_from_addr("nlm_unlock_msg", rqstp); - - res.stat.stat = unlock(&arg4, 0); - res.cookie = arg->cookie; - - if (transmit_result(NLM_UNLOCK_RES, &res, - (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)) < 0) { - /* XXX do we need to (un)do anything if this fails? */ - } - return (NULL); -} - -/* ------------------------------------------------------------------------- */ -/* - * Client-side pseudo-RPCs for results. Note that for the client there - * are only nlm_xxx_msg() versions of each call, since the 'real RPC' - * version returns the results in the RPC result, and so the client - * does not normally receive incoming RPCs. - * - * The exception to this is nlm_granted(), which is genuinely an RPC - * call from the server to the client - a 'call-back' in normal procedure - * call terms. - */ - -/* nlm_granted ------------------------------------------------------------- */ -/* - * Purpose: Receive notification that formerly blocked lock now granted - * Returns: always success ('granted') - * Notes: - */ -nlm_res * -nlm_granted_1_svc(arg, rqstp) - nlm_testargs *arg; - struct svc_req *rqstp; -{ - static nlm_res res; - nlm4_lock lock4; - int flags; - - if (debug_level) - log_from_addr("nlm_granted", rqstp); - - lock4.fh = arg->alock.fh; - lock4.svid = arg->alock.svid; - lock4.l_offset = arg->alock.l_offset; - lock4.l_len = arg->alock.l_len; - - flags = LOCK_ANSWER_GRANTED; - if (arg->exclusive) - flags |= LOCK_ANSWER_LOCK_EXCL; - - if (lock_answer(NLM_VERS, &arg->cookie, &lock4, flags, nlm_granted)) - res.stat.stat = nlm_denied; - else - res.stat.stat = nlm_granted; - - /* copy cookie from arg to result. See comment in nlm_test_1() */ - res.cookie = arg->cookie; - - return (&res); -} - -void * -nlm_granted_msg_1_svc(arg, rqstp) - nlm_testargs *arg; - struct svc_req *rqstp; -{ - static nlm_res res; - nlm4_lock lock4; - int flags; - - if (debug_level) - log_from_addr("nlm_granted_msg", rqstp); - - lock4.fh = arg->alock.fh; - lock4.svid = arg->alock.svid; - lock4.l_offset = arg->alock.l_offset; - lock4.l_len = arg->alock.l_len; - - flags = LOCK_ANSWER_GRANTED; - if (arg->exclusive) - flags |= LOCK_ANSWER_LOCK_EXCL; - - if (lock_answer(NLM_VERS, &arg->cookie, &lock4, flags, nlm_granted)) - res.stat.stat = nlm_denied; - else - res.stat.stat = nlm_granted; - - res.cookie = arg->cookie; - - if (transmit_result(NLM_GRANTED_RES, &res, - (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)) < 0) { - /* XXX do we need to (un)do anything if this fails? */ - } - return (NULL); -} - -/* nlm_test_res ------------------------------------------------------------ */ -/* - * Purpose: Accept result from earlier nlm_test_msg() call - * Returns: Nothing - */ -void * -nlm_test_res_1_svc(arg, rqstp) - nlm_testres *arg; - struct svc_req *rqstp; -{ - nlm4_lock lock4; - int flags = 0; - - if (debug_level) - log_from_addr("nlm_test_res", rqstp); - - if (arg->stat.stat == nlm_denied) { - lock4.fh.n_len = 0; - lock4.svid = arg->stat.nlm_testrply_u.holder.svid; - lock4.l_offset = arg->stat.nlm_testrply_u.holder.l_offset; - lock4.l_len = arg->stat.nlm_testrply_u.holder.l_len; - if (arg->stat.nlm_testrply_u.holder.exclusive) - flags |= LOCK_ANSWER_LOCK_EXCL; - lock_answer(NLM_VERS, &arg->cookie, &lock4, flags, arg->stat.stat); - } else - lock_answer(NLM_VERS, &arg->cookie, NULL, 0, arg->stat.stat); - - return (NULL); -} - -/* nlm_lock_res ------------------------------------------------------------ */ -/* - * Purpose: Accept result from earlier nlm_lock_msg() call - * Returns: Nothing - */ -void * -nlm_lock_res_1_svc(arg, rqstp) - nlm_res *arg; - struct svc_req *rqstp; -{ - if (debug_level) - log_from_addr("nlm_lock_res", rqstp); - - lock_answer(NLM_VERS, &arg->cookie, NULL, 0, arg->stat.stat); - - return (NULL); -} - -/* nlm_cancel_res ---------------------------------------------------------- */ -/* - * Purpose: Accept result from earlier nlm_cancel_msg() call - * Returns: Nothing - */ -void * -nlm_cancel_res_1_svc(arg, rqstp) - nlm_res *arg; - struct svc_req *rqstp; -{ - if (debug_level) - log_from_addr("nlm_cancel_res", rqstp); - - lock_answer(NLM_VERS, &arg->cookie, NULL, 0, arg->stat.stat); - - return (NULL); -} - -/* nlm_unlock_res ---------------------------------------------------------- */ -/* - * Purpose: Accept result from earlier nlm_unlock_msg() call - * Returns: Nothing - */ -void * -nlm_unlock_res_1_svc(arg, rqstp) - nlm_res *arg; - struct svc_req *rqstp; -{ - if (debug_level) - log_from_addr("nlm_unlock_res", rqstp); - - lock_answer(NLM_VERS, &arg->cookie, NULL, 0, arg->stat.stat); - - return (NULL); -} - -/* nlm_granted_res --------------------------------------------------------- */ -/* - * Purpose: Accept result from earlier nlm_granted_msg() call - * Returns: Nothing - */ -void * -nlm_granted_res_1_svc(arg, rqstp) - nlm_res *arg; - struct svc_req *rqstp; -{ - if (debug_level) - log_from_addr("nlm_granted_res", rqstp); - /* need to undo lock if granted msg wasn't accepted! */ - if (arg->stat.stat != nlm_granted) { - nlm4_res arg4; - arg4.cookie = arg->cookie; - arg4.stat.stat = arg->stat.stat; - granted_failed(&arg4); - } - return (NULL); -} - -/* ------------------------------------------------------------------------- */ -/* - * Calls for PCNFS locking (aka non-monitored locking, no involvement - * of rpc.statd). - * - * These are all genuine RPCs - no nlm_xxx_msg() nonsense here. - */ - -/* nlm_share --------------------------------------------------------------- */ -/* - * Purpose: Establish a DOS-style lock - * Returns: success or failure - * Notes: Blocking locks are not supported - client is expected - * to retry if required. - */ -nlm_shareres * -nlm_share_3_svc(arg, rqstp) - nlm_shareargs *arg; - struct svc_req *rqstp; -{ - static nlm_shareres res; - - if (debug_level) - log_from_addr("nlm_share", rqstp); - - /* copy cookie from arg to result. See comment in nlm_test_1() */ - res.cookie = arg->cookie; - res.sequence = 0; /* X/Open says this field is ignored? */ - - res.stat = getshare(arg, rqstp, 0); - return (&res); -} - -/* nlm_unshare ------------------------------------------------------------ */ -/* - * Purpose: Release a DOS-style lock - * Returns: nlm_granted, unless in grace period - * Notes: - */ -nlm_shareres * -nlm_unshare_3_svc(arg, rqstp) - nlm_shareargs *arg; - struct svc_req *rqstp; -{ - static nlm_shareres res; - - if (debug_level) - log_from_addr("nlm_unshare", rqstp); - - res.cookie = arg->cookie; - res.sequence = 0; /* X/Open says this field is ignored? */ - - res.stat = unshare(arg, rqstp, 0); - return (&res); -} - -/* nlm_nm_lock ------------------------------------------------------------ */ -/* - * Purpose: non-monitored version of nlm_lock() - * Returns: as for nlm_lock() - * Notes: These locks are in the same style as the standard nlm_lock, - * but the rpc.statd should not be called to establish a - * monitor for the client machine, since that machine is - * declared not to be running a rpc.statd, and so would not - * respond to the statd protocol. - */ -nlm_res * -nlm_nm_lock_3_svc(arg, rqstp) - nlm_lockargs *arg; - struct svc_req *rqstp; -{ - static nlm_res res; - struct nlm4_lockargs arg4; - nlmtonlm4(&arg->alock, &arg4.alock); - arg4.cookie = arg->cookie; - arg4.block = arg->block; - arg4.exclusive = arg->exclusive; - arg4.reclaim = arg->reclaim; - arg4.state = arg->state; - - if (debug_level) - log_from_addr("nlm_nm_lock", rqstp); - - /* copy cookie from arg to result. See comment in nlm_test_1() */ - res.cookie = arg->cookie; - - res.stat.stat = getlock(&arg4, rqstp, 0); - return (&res); -} - -/* nlm_free_all ------------------------------------------------------------ */ -/* - * Purpose: Release all locks held by a named client - * Returns: Nothing - * Notes: Potential denial of service security problem here - the - * locks to be released are specified by a host name, independent - * of the address from which the request has arrived. - * Should probably be rejected if the named host has been - * using monitored locks. - */ -void * -nlm_free_all_3_svc(arg, rqstp) - nlm_notify *arg; - struct svc_req *rqstp; -{ - static char dummy; - - if (debug_level) - log_from_addr("nlm_free_all", rqstp); - - /* free all non-monitored locks/shares for specified host */ - do_free_all(arg->name); - - return (&dummy); -} - -/* calls for nlm version 4 (NFSv3) */ -/* nlm_test ---------------------------------------------------------------- */ -/* - * Purpose: Test whether a specified lock would be granted if requested - * Returns: nlm_granted (or error code) - * Notes: - */ -nlm4_testres * -nlm4_test_4_svc(arg, rqstp) - nlm4_testargs *arg; - struct svc_req *rqstp; -{ - static nlm4_testres res; - struct nlm4_holder *holder; - - if (debug_level) - log_from_addr("nlm4_test", rqstp); - if (debug_level > 5) { - syslog(LOG_DEBUG, "Locking arguments:\n"); - log_netobj(&(arg->cookie)); - syslog(LOG_DEBUG, "Alock arguments:\n"); - syslog(LOG_DEBUG, "Caller Name: %s\n",arg->alock.caller_name); - syslog(LOG_DEBUG, "File Handle:\n"); - log_netobj(&(arg->alock.fh)); - syslog(LOG_DEBUG, "Owner Handle:\n"); - log_netobj(&(arg->alock.oh)); - syslog(LOG_DEBUG, "SVID: %d\n", arg->alock.svid); - syslog(LOG_DEBUG, "Lock Offset: %llu\n", - (unsigned long long)arg->alock.l_offset); - syslog(LOG_DEBUG, "Lock Length: %llu\n", - (unsigned long long)arg->alock.l_len); - syslog(LOG_DEBUG, "Exclusive: %s\n", - (arg->exclusive ? "true" : "false")); - } - - holder = testlock(&arg->alock, arg->exclusive, LOCK_V4); - - /* - * Copy the cookie from the argument into the result. Note that this - * is slightly hazardous, as the structure contains a pointer to a - * malloc()ed buffer that will get freed by the caller. However, the - * main function transmits the result before freeing the argument - * so it is in fact safe. - */ - res.cookie = arg->cookie; - if (holder == NULL) { - res.stat.stat = nlm4_granted; - } else { - res.stat.stat = nlm4_denied; - memcpy(&res.stat.nlm4_testrply_u.holder, holder, - sizeof(struct nlm4_holder)); - } - return (&res); -} - -void * -nlm4_test_msg_4_svc(arg, rqstp) - nlm4_testargs *arg; - struct svc_req *rqstp; -{ - nlm4_testres res; - static char dummy; - struct sockaddr *addr; - CLIENT *cli; - int success; - struct timeval timeo; - struct nlm4_holder *holder; - - if (debug_level) - log_from_addr("nlm4_test_msg", rqstp); - - holder = testlock(&arg->alock, arg->exclusive, LOCK_V4); - - res.cookie = arg->cookie; - if (holder == NULL) { - res.stat.stat = nlm4_granted; - } else { - res.stat.stat = nlm4_denied; - memcpy(&res.stat.nlm4_testrply_u.holder, holder, - sizeof(struct nlm4_holder)); - } - - /* - * nlm_test has different result type to the other operations, so - * can't use transmit4_result() in this case - */ - addr = (struct sockaddr *)svc_getcaller(rqstp->rq_xprt); - if ((cli = get_client(addr, NLM_VERS4)) != NULL) { - timeo.tv_sec = 0; /* No timeout - not expecting response */ - timeo.tv_usec = 0; - - success = clnt_call(cli, NLM4_TEST_RES, xdr_nlm4_testres, - &res, xdr_void, &dummy, timeo); - - if (debug_level > 2) - syslog(LOG_DEBUG, "clnt_call returns %d", success); - } - return (NULL); -} - -/* nlm_lock ---------------------------------------------------------------- */ -/* - * Purposes: Establish a lock - * Returns: granted, denied or blocked - * Notes: *** grace period support missing - */ -nlm4_res * -nlm4_lock_4_svc(arg, rqstp) - nlm4_lockargs *arg; - struct svc_req *rqstp; -{ - static nlm4_res res; - - if (debug_level) - log_from_addr("nlm4_lock", rqstp); - if (debug_level > 5) { - syslog(LOG_DEBUG, "Locking arguments:\n"); - log_netobj(&(arg->cookie)); - syslog(LOG_DEBUG, "Alock arguments:\n"); - syslog(LOG_DEBUG, "Caller Name: %s\n",arg->alock.caller_name); - syslog(LOG_DEBUG, "File Handle:\n"); - log_netobj(&(arg->alock.fh)); - syslog(LOG_DEBUG, "Owner Handle:\n"); - log_netobj(&(arg->alock.oh)); - syslog(LOG_DEBUG, "SVID: %d\n", arg->alock.svid); - syslog(LOG_DEBUG, "Lock Offset: %llu\n", - (unsigned long long)arg->alock.l_offset); - syslog(LOG_DEBUG, "Lock Length: %llu\n", - (unsigned long long)arg->alock.l_len); - syslog(LOG_DEBUG, "Block: %s\n", (arg->block ? "true" : "false")); - syslog(LOG_DEBUG, "Exclusive: %s\n", (arg->exclusive ? "true" : "false")); - syslog(LOG_DEBUG, "Reclaim: %s\n", (arg->reclaim ? "true" : "false")); - syslog(LOG_DEBUG, "State num: %d\n", arg->state); - } - - /* copy cookie from arg to result. See comment in nlm_test_4() */ - res.cookie = arg->cookie; - - res.stat.stat = getlock(arg, rqstp, LOCK_MON | LOCK_V4); - return (&res); -} - -void * -nlm4_lock_msg_4_svc(arg, rqstp) - nlm4_lockargs *arg; - struct svc_req *rqstp; -{ - static nlm4_res res; - - if (debug_level) - log_from_addr("nlm4_lock_msg", rqstp); - - res.cookie = arg->cookie; - res.stat.stat = getlock(arg, rqstp, LOCK_MON | LOCK_ASYNC | LOCK_V4); - if (transmit4_result(NLM4_LOCK_RES, &res, - (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)) < 0) { - /* if res.stat.stat was success/blocked, then unlock/cancel */ - if (res.stat.stat == nlm4_granted) - unlock(&arg->alock, LOCK_V4); - else if (res.stat.stat == nlm4_blocked) { - nlm4_cancargs carg; - carg.cookie = arg->cookie; - carg.block = arg->block; - carg.exclusive = arg->exclusive; - carg.alock = arg->alock; - cancellock(&carg, LOCK_V4); - } - } - - return (NULL); -} - -/* nlm_cancel -------------------------------------------------------------- */ -/* - * Purpose: Cancel a blocked lock request - * Returns: granted or denied - * Notes: - */ -nlm4_res * -nlm4_cancel_4_svc(arg, rqstp) - nlm4_cancargs *arg; - struct svc_req *rqstp; -{ - static nlm4_res res; - - if (debug_level) - log_from_addr("nlm4_cancel", rqstp); - - /* copy cookie from arg to result. See comment in nlm_test_1() */ - res.cookie = arg->cookie; - - res.stat.stat = cancellock(arg, LOCK_V4); - return (&res); -} - -void * -nlm4_cancel_msg_4_svc(arg, rqstp) - nlm4_cancargs *arg; - struct svc_req *rqstp; -{ - static nlm4_res res; - - if (debug_level) - log_from_addr("nlm4_cancel_msg", rqstp); - - res.cookie = arg->cookie; - res.stat.stat = cancellock(arg, LOCK_V4); - if (transmit4_result(NLM4_CANCEL_RES, &res, - (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)) < 0) { - /* XXX do we need to (un)do anything if this fails? */ - } - return (NULL); -} - -/* nlm_unlock -------------------------------------------------------------- */ -/* - * Purpose: Release an existing lock - * Returns: Always granted, unless during grace period - * Notes: "no such lock" error condition is ignored, as the - * protocol uses unreliable UDP datagrams, and may well - * re-try an unlock that has already succeeded. - */ -nlm4_res * -nlm4_unlock_4_svc(arg, rqstp) - nlm4_unlockargs *arg; - struct svc_req *rqstp; -{ - static nlm4_res res; - - if (debug_level) - log_from_addr("nlm4_unlock", rqstp); - - res.stat.stat = unlock(&arg->alock, LOCK_V4); - res.cookie = arg->cookie; - - return (&res); -} - -void * -nlm4_unlock_msg_4_svc(arg, rqstp) - nlm4_unlockargs *arg; - struct svc_req *rqstp; -{ - static nlm4_res res; - - if (debug_level) - log_from_addr("nlm4_unlock_msg", rqstp); - - res.stat.stat = unlock(&arg->alock, LOCK_V4); - res.cookie = arg->cookie; - - if (transmit4_result(NLM4_UNLOCK_RES, &res, - (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)) < 0) { - /* XXX do we need to (un)do anything if this fails? */ - } - return (NULL); -} - -/* ------------------------------------------------------------------------- */ -/* - * Client-side pseudo-RPCs for results. Note that for the client there - * are only nlm_xxx_msg() versions of each call, since the 'real RPC' - * version returns the results in the RPC result, and so the client - * does not normally receive incoming RPCs. - * - * The exception to this is nlm_granted(), which is genuinely an RPC - * call from the server to the client - a 'call-back' in normal procedure - * call terms. - */ - -/* nlm_granted ------------------------------------------------------------- */ -/* - * Purpose: Receive notification that formerly blocked lock now granted - * Returns: always success ('granted') - * Notes: - */ -nlm4_res * -nlm4_granted_4_svc(arg, rqstp) - nlm4_testargs *arg; - struct svc_req *rqstp; -{ - static nlm4_res res; - int flags; - - if (debug_level) - log_from_addr("nlm4_granted", rqstp); - - flags = LOCK_ANSWER_GRANTED; - if (arg->exclusive) - flags |= LOCK_ANSWER_LOCK_EXCL; - - if (lock_answer(NLM_VERS4, &arg->cookie, &arg->alock, flags, nlm4_granted)) - res.stat.stat = nlm4_denied; - else - res.stat.stat = nlm4_granted; - - /* copy cookie from arg to result. See comment in nlm_test_1() */ - res.cookie = arg->cookie; - - return (&res); -} - -void * -nlm4_granted_msg_4_svc(arg, rqstp) - nlm4_testargs *arg; - struct svc_req *rqstp; -{ - static nlm4_res res; - int flags; - - if (debug_level) - log_from_addr("nlm4_granted_msg", rqstp); - - flags = LOCK_ANSWER_GRANTED; - if (arg->exclusive) - flags |= LOCK_ANSWER_LOCK_EXCL; - - if (lock_answer(NLM_VERS4, &arg->cookie, &arg->alock, flags, nlm4_granted)) - res.stat.stat = nlm4_denied; - else - res.stat.stat = nlm4_granted; - - res.cookie = arg->cookie; - - if (transmit4_result(NLM4_GRANTED_RES, &res, - (struct sockaddr *)svc_getcaller(rqstp->rq_xprt)) < 0) { - /* XXX do we need to (un)do anything if this fails? */ - } - return (NULL); -} - -/* nlm_test_res ------------------------------------------------------------ */ -/* - * Purpose: Accept result from earlier nlm_test_msg() call - * Returns: Nothing - */ -void * -nlm4_test_res_4_svc(arg, rqstp) - nlm4_testres *arg; - struct svc_req *rqstp; -{ - nlm4_lock lock4; - int flags = 0; - - if (debug_level) - log_from_addr("nlm4_test_res", rqstp); - - if (arg->stat.stat == nlm4_denied) { - lock4.fh.n_len = 0; - lock4.svid = arg->stat.nlm4_testrply_u.holder.svid; - lock4.l_offset = arg->stat.nlm4_testrply_u.holder.l_offset; - lock4.l_len = arg->stat.nlm4_testrply_u.holder.l_len; - if (arg->stat.nlm4_testrply_u.holder.exclusive) - flags |= LOCK_ANSWER_LOCK_EXCL; - lock_answer(NLM_VERS4, &arg->cookie, &lock4, flags, arg->stat.stat); - } else - lock_answer(NLM_VERS4, &arg->cookie, NULL, 0, arg->stat.stat); - - return (NULL); -} - -/* nlm_lock_res ------------------------------------------------------------ */ -/* - * Purpose: Accept result from earlier nlm_lock_msg() call - * Returns: Nothing - */ -void * -nlm4_lock_res_4_svc(arg, rqstp) - nlm4_res *arg; - struct svc_req *rqstp; -{ - if (debug_level) - log_from_addr("nlm4_lock_res", rqstp); - - lock_answer(NLM_VERS4, &arg->cookie, NULL, 0, arg->stat.stat); - - return (NULL); -} - -/* nlm_cancel_res ---------------------------------------------------------- */ -/* - * Purpose: Accept result from earlier nlm_cancel_msg() call - * Returns: Nothing - */ -void * -nlm4_cancel_res_4_svc(arg, rqstp) - nlm4_res *arg; - struct svc_req *rqstp; -{ - if (debug_level) - log_from_addr("nlm4_cancel_res", rqstp); - - lock_answer(NLM_VERS4, &arg->cookie, NULL, 0, arg->stat.stat); - - return (NULL); -} - -/* nlm_unlock_res ---------------------------------------------------------- */ -/* - * Purpose: Accept result from earlier nlm_unlock_msg() call - * Returns: Nothing - */ -void * -nlm4_unlock_res_4_svc(arg, rqstp) - nlm4_res *arg __unused; - struct svc_req *rqstp; -{ - if (debug_level) - log_from_addr("nlm4_unlock_res", rqstp); - - lock_answer(NLM_VERS4, &arg->cookie, NULL, 0, arg->stat.stat); - - return (NULL); -} - -/* nlm_granted_res --------------------------------------------------------- */ -/* - * Purpose: Accept result from earlier nlm_granted_msg() call - * Returns: Nothing - */ -void * -nlm4_granted_res_4_svc(arg, rqstp) - nlm4_res *arg __unused; - struct svc_req *rqstp; -{ - if (debug_level) - log_from_addr("nlm4_granted_res", rqstp); - /* need to undo lock if granted msg wasn't accepted! */ - if (arg->stat.stat != nlm4_granted) - granted_failed(arg); - return (NULL); -} - -/* ------------------------------------------------------------------------- */ -/* - * Calls for PCNFS locking (aka non-monitored locking, no involvement - * of rpc.statd). - * - * These are all genuine RPCs - no nlm_xxx_msg() nonsense here. - */ - -/* nlm_share --------------------------------------------------------------- */ -/* - * Purpose: Establish a DOS-style lock - * Returns: success or failure - * Notes: Blocking locks are not supported - client is expected - * to retry if required. - */ -nlm4_shareres * -nlm4_share_4_svc(arg, rqstp) - nlm4_shareargs *arg; - struct svc_req *rqstp; -{ - static nlm4_shareres res; - - if (debug_level) - log_from_addr("nlm4_share", rqstp); - - res.cookie = arg->cookie; - res.sequence = 0; /* X/Open says this field is ignored? */ - - res.stat = getshare((nlm_shareargs*)arg, rqstp, LOCK_V4); - return (&res); -} - -/* nlm4_unshare ------------------------------------------------------------ */ -/* - * Purpose: Release a DOS-style lock - * Returns: nlm_granted, unless in grace period - * Notes: - */ -nlm4_shareres * -nlm4_unshare_4_svc(arg, rqstp) - nlm4_shareargs *arg; - struct svc_req *rqstp; -{ - static nlm4_shareres res; - - if (debug_level) - log_from_addr("nlm4_unshare", rqstp); - - res.cookie = arg->cookie; - res.sequence = 0; /* X/Open says this field is ignored? */ - - res.stat = unshare((nlm_shareargs*)arg, rqstp, LOCK_V4); - return (&res); -} - -/* nlm4_nm_lock ------------------------------------------------------------ */ -/* - * Purpose: non-monitored version of nlm4_lock() - * Returns: as for nlm4_lock() - * Notes: These locks are in the same style as the standard nlm4_lock, - * but the rpc.statd should not be called to establish a - * monitor for the client machine, since that machine is - * declared not to be running a rpc.statd, and so would not - * respond to the statd protocol. - */ -nlm4_res * -nlm4_nm_lock_4_svc(arg, rqstp) - nlm4_lockargs *arg; - struct svc_req *rqstp; -{ - static nlm4_res res; - - if (debug_level) - log_from_addr("nlm4_nm_lock", rqstp); - - /* copy cookie from arg to result. See comment in nlm_test_4() */ - res.cookie = arg->cookie; - - res.stat.stat = getlock(arg, rqstp, LOCK_V4); - return (&res); -} - -/* nlm4_free_all ------------------------------------------------------------ */ -/* - * Purpose: Release all locks held by a named client - * Returns: Nothing - * Notes: Potential denial of service security problem here - the - * locks to be released are specified by a host name, independent - * of the address from which the request has arrived. - * Should probably be rejected if the named host has been - * using monitored locks. - */ -void * -nlm4_free_all_4_svc(arg, rqstp) - struct nlm4_notify *arg; - struct svc_req *rqstp; -{ - static char dummy; - - if (debug_level) - log_from_addr("nlm4_free_all", rqstp); - - /* free all non-monitored locks/shares for specified host */ - do_free_all(arg->name); - - return (&dummy); -} - -/* nlm_sm_notify --------------------------------------------------------- */ -/* - * Purpose: called by rpc.statd when a monitored host state changes. - * Returns: Nothing - */ -void * -nlm_sm_notify_0_svc(arg, rqstp) - struct nlm_sm_status *arg; - struct svc_req *rqstp __unused; -{ - static char dummy; - notify(arg->mon_name, arg->state); - return (&dummy); -} diff --git a/rpc_lockd.tproj/lockd.c b/rpc_lockd.tproj/lockd.c deleted file mode 100644 index 07a1c90..0000000 --- a/rpc_lockd.tproj/lockd.c +++ /dev/null @@ -1,478 +0,0 @@ -/* $NetBSD: lockd.c,v 1.7 2000/08/12 18:08:44 thorpej Exp $ */ -/* $FreeBSD: src/usr.sbin/rpc.lockd/lockd.c,v 1.13 2002/04/11 07:19:30 alfred Exp $ */ - -/* - * Copyright (c) 1995 - * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed for the FreeBSD project - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#include -#ifndef lint -__RCSID("$NetBSD: lockd.c,v 1.7 2000/08/12 18:08:44 thorpej Exp $"); -#endif - -/* - * main() function for NFS lock daemon. Most of the code in this - * file was generated by running rpcgen /usr/include/rpcsvc/nlm_prot.x. - * - * The actual program logic is in the file lock_proc.c - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include "lockd.h" -#include - -int debug_level = 0; /* 0 = no debugging syslog() calls */ -int _rpcsvcdirty = 0; -int waitkern = 0; /* 1 = wait for kernel to say start */ - -const char *pid_file = NULL; - -int grace_expired; -int nsm_state; -pid_t client_pid = -1; -struct mon mon_host; - -void init_nsm(void); -void nlm_prog_0(struct svc_req *, SVCXPRT *); -void nlm_prog_1(struct svc_req *, SVCXPRT *); -void nlm_prog_3(struct svc_req *, SVCXPRT *); -void nlm_prog_4(struct svc_req *, SVCXPRT *); -void usage(void); - -int claim_pid_file(const char *, int); -void cleanup_pid_file(void); -void handle_sig_cleanup(int); - -void sigalarm_handler(void); -void my_svc_run(void); - -const char *transports[] = { "udp", "tcp", "udp6", "tcp6" }; - -int -main(argc, argv) - int argc; - char **argv; -{ - SVCXPRT *transp; - int ch; - struct sigaction sigalarm; - int grace_period = 30; - struct rlimit rlp; - int mib[6]; - int oldstate; - int oldsize; - int newstate; - - while ((ch = getopt(argc, argv, "d:g:wx:")) != (-1)) { - switch (ch) { - case 'd': - debug_level = atoi(optarg); - if (!debug_level) { - usage(); - /* NOTREACHED */ - } - break; - case 'g': - grace_period = atoi(optarg); - if (!grace_period) { - usage(); - /* NOTREACHED */ - } - break; - case 'w': - waitkern = 1; - break; - case 'x': - host_expire = atoi(optarg); - break; - default: - case '?': - usage(); - /* NOTREACHED */ - } - } - if (geteuid()) { /* This command allowed only to root */ - fprintf(stderr, "Sorry. You are not superuser\n"); - exit(1); - } - - /* - * Note that it is NOT sensible to run this program from inetd - the - * protocol assumes that it will run immediately at boot time. - */ - if (debug_level != 99 && daemon(0, debug_level > 0)) { - err(1, "cannot fork"); - /* NOTREACHED */ - } - - /* Install signal handler to remove any pid file */ - signal(SIGINT, handle_sig_cleanup); - signal(SIGTERM, handle_sig_cleanup); - signal(SIGHUP, handle_sig_cleanup); - signal(SIGQUIT, handle_sig_cleanup); - - - - openlog("rpc.lockd", debug_level == 99 ? LOG_PERROR : 0, LOG_DAEMON); - - mib[0] = CTL_KERN; - mib[1] = KERN_PROCDELAYTERM; - - oldstate = 0; - oldsize = 4; - newstate = 1; - - if (sysctl(mib, 2, &oldstate, &oldsize, &newstate, 4) < 0) { - syslog(LOG_INFO, "cannot mark pid for delayed termination"); - } - - if (claim_pid_file("/var/run/lockd.pid", 0) < 0) { - syslog(LOG_ERR, "cannot claim pid file"); - exit(1); - } - - if (waitkern) { - struct timespec ts; - /* wait for kernel to get first lock request */ - client_kern_wait(); - /* start statd now, in case it isn't already */ - system("rpc.statd"); - /* sleep a little to give statd/portmap a chance to start */ - /* (better to sleep 100ms than to timeout on portmap calls) */ - ts.tv_sec = 0; - ts.tv_nsec = 100*1000*1000; - nanosleep(&ts, NULL); - } - - if (debug_level) - syslog(LOG_INFO, "Starting, debug level %d", debug_level); - else - syslog(LOG_INFO, "Starting"); - - (void)pmap_unset(NLM_PROG, NLM_SM); - (void)pmap_unset(NLM_PROG, NLM_VERS); - (void)pmap_unset(NLM_PROG, NLM_VERSX); - (void)pmap_unset(NLM_PROG, NLM_VERS4); - - transp = svcudp_create(RPC_ANYSOCK); - if (transp == NULL) { - syslog(LOG_ERR, "cannot create udp service"); - exit(1); - } - if (!svc_register(transp, NLM_PROG, NLM_SM, nlm_prog_0, IPPROTO_UDP)) { - syslog(LOG_ERR, "unable to register (NLM_PROG, NLM_SM, udp)"); - exit(1); - } - if (!svc_register(transp, NLM_PROG, NLM_VERS, nlm_prog_1, IPPROTO_UDP)) { - syslog(LOG_ERR, "unable to register (NLM_PROG, NLM_VERS, udp)"); - exit(1); - } - if (!svc_register(transp, NLM_PROG, NLM_VERSX, nlm_prog_3, IPPROTO_UDP)) { - syslog(LOG_ERR, "unable to register (NLM_PROG, NLM_VERSX, udp)"); - exit(1); - } - if (!svc_register(transp, NLM_PROG, NLM_VERS4, nlm_prog_4, IPPROTO_UDP)) { - syslog(LOG_ERR, "unable to register (NLM_PROG, NLM_VERS4, udp)"); - exit(1); - } - - transp = svctcp_create(RPC_ANYSOCK, 0, 0); - if (transp == NULL) { - syslog(LOG_ERR, "cannot create tcp service"); - exit(1); - } - if (!svc_register(transp, NLM_PROG, NLM_SM, nlm_prog_0, IPPROTO_TCP)) { - syslog(LOG_ERR, "unable to register (NLM_PROG, NLM_SM, tcp)"); - exit(1); - } - if (!svc_register(transp, NLM_PROG, NLM_VERS, nlm_prog_1, IPPROTO_TCP)) { - syslog(LOG_ERR, "unable to register (NLM_PROG, NLM_VERS, tcp)"); - exit(1); - } - if (!svc_register(transp, NLM_PROG, NLM_VERSX, nlm_prog_3, IPPROTO_TCP)) { - syslog(LOG_ERR, "unable to register (NLM_PROG, NLM_VERSX, tcp)"); - exit(1); - } - if (!svc_register(transp, NLM_PROG, NLM_VERS4, nlm_prog_4, IPPROTO_TCP)) { - syslog(LOG_ERR, "unable to register (NLM_PROG, NLM_VERS4, tcp)"); - exit(1); - } - - sigalarm.sa_handler = (sig_t) sigalarm_handler; - sigemptyset(&sigalarm.sa_mask); - sigalarm.sa_flags = SA_RESETHAND; /* should only happen once */ - sigalarm.sa_flags |= SA_RESTART; - if (sigaction(SIGALRM, &sigalarm, NULL) != 0) { - syslog(LOG_WARNING, "sigaction(SIGALRM) failed: %s", - strerror(errno)); - exit(1); - } - grace_expired = 0; - alarm(grace_period); - - init_nsm(); - - client_pid = client_request(); - - /* raise our resource limits as far as they can go */ - if (getrlimit(RLIMIT_NOFILE, &rlp)) { - syslog(LOG_WARNING, "getrlimit(RLIMIT_NOFILE) failed: %s", - strerror(errno)); - } else { - rlp.rlim_cur = rlp.rlim_max; - if (setrlimit(RLIMIT_NOFILE, &rlp)) { - syslog(LOG_WARNING, "setrlimit(RLIMIT_NOFILE) failed: %s", - strerror(errno)); - } - } - - my_svc_run(); /* Should never return */ - exit(1); -} - -void -sigalarm_handler(void) -{ - - grace_expired = 1; -} - -void -usage() -{ - errx(1, "usage: rpc.lockd [-d ] [-g ] " - " [-x ] [-w]"); -} - -/* - * init_nsm -- - * Reset the NSM state-of-the-world and acquire its state. - */ -void -init_nsm(void) -{ - enum clnt_stat ret; - my_id id; - sm_stat stat; - char name[] = "NFS NLM"; - char localhost[] = "localhost"; - int attempt = 0; - - /* - * !!! - * The my_id structure isn't used by the SM_UNMON_ALL call, as far - * as I know. Leave it empty for now. - */ - memset(&id, 0, sizeof(id)); - id.my_name = name; - - /* - * !!! - * The statd program must already be registered when lockd runs. - * If we have a problem contacting statd, pause and try again a - * number of times in case statd is just slow in coming up. - */ - do { - ret = callrpc("localhost", SM_PROG, SM_VERS, SM_UNMON_ALL, - xdr_my_id, &id, xdr_sm_stat, &stat); - if (ret) { - syslog(LOG_WARNING, "%lu %s", SM_PROG, clnt_sperrno(ret)); - if (++attempt < 20) { - sleep(attempt); - continue; - } - } - break; - } while (1); - - if (ret != 0) { - syslog(LOG_ERR, "%lu %s", SM_PROG, clnt_sperrno(ret)); - exit(1); - } - - nsm_state = stat.state; - - /* setup constant data for SM_MON calls */ - mon_host.mon_id.my_id.my_name = localhost; - mon_host.mon_id.my_id.my_prog = NLM_PROG; - mon_host.mon_id.my_id.my_vers = NLM_SM; - mon_host.mon_id.my_id.my_proc = NLM_SM_NOTIFY; /* bsdi addition */ -} - -/* - * claim_pid_file - * - * Purpose: take ownership of and store pid in given pid_file - * Returns: 0 on success or -1 on failure - * Notes: force parameter requests that current owner (if any) of - * pid file be terminated. - */ -int -claim_pid_file(const char *name, int force) -{ - int pidfd, rv, retried = 0; - FILE *pidfile; - -try_again: - - /* attempt exclusive open of pid file */ - pidfd = open(name, O_EXCL|O_CREAT|O_WRONLY, - S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); - if (pidfd < 0) { - char buf[16]; - pid_t pid; - if (retried) - return -1; - bzero(buf, 16); - retried = 1; - /* pid file busy, check validity */ - pidfd = open(name, O_RDONLY); - if (pidfd < 0) - goto try_again; - rv = read(pidfd, buf, 15); - close(pidfd); - if (rv <= 0) - goto try_again; - pid = atoi(buf); - if (pid <= 0) - goto try_again; - rv = kill(pid, force ? SIGKILL : 0); - /* if can't signal, assume stale pid file */ - if ((rv < 0) || force) - unlink(name); - goto try_again; - } - pid_file = name; - atexit(cleanup_pid_file); - - pidfile = fdopen(pidfd, "w"); - if (pidfile) { - fchmod(pidfd, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); - fprintf(pidfile, "%d\n", getpid()); - fclose(pidfile); - } else - perror("fdopen"); - close(pidfd); - return 0; -} - -/* - * cleanup_pid_file - * - * Purpose: delete any pid_file that has been claimed - * Returns: Nothing - */ -void -cleanup_pid_file(void) -{ - if (pid_file) { - unlink(pid_file); - pid_file = NULL; - } -} - -/* - * handle_sig_cleanup - * - * Purpose: on signal, kill client child and do pid file cleanup - * Returns: Nothing - */ -void -handle_sig_cleanup(int sig __unused) -{ - if (client_pid != -1) - kill(client_pid, SIGTERM); - cleanup_pid_file(); - exit(1); -} - -void -my_svc_run(void) -{ - fd_set readfds; - struct timeval timeout; - struct timeval now; - int error; - int hashosts = 0; - int tsize = 0; - struct timeval *top; - - - for( ;; ) { - timeout.tv_sec = host_expire + 1; - timeout.tv_usec = 0; - - tsize = getdtablesize(); - bcopy(&svc_fdset, &readfds, sizeof(svc_fdset)); - /* - * If there are any expired hosts then sleep with a - * timeout to expire them. - */ - if (hashosts && (timeout.tv_sec >= 0)) - top = &timeout; - else - top = NULL; - error = select(tsize, &readfds, NULL, NULL, top); - if (error == -1) { - if (errno == EINTR) - continue; - perror("rpc.lockd: my_svc_run: select failed"); - return; - } - gettimeofday(&now, NULL); - currsec = now.tv_sec; - if (error > 0) - svc_getreqset(&readfds); - if (debug_level > 3 && error == 0) - fprintf(stderr, "my_svc_run: select timeout\n"); - hashosts = expire_lock_hosts(); - } -} diff --git a/rpc_lockd.tproj/lockd.h b/rpc_lockd.tproj/lockd.h deleted file mode 100644 index a649c69..0000000 --- a/rpc_lockd.tproj/lockd.h +++ /dev/null @@ -1,51 +0,0 @@ -/* $NetBSD: lockd.h,v 1.2 2000/06/07 14:34:40 bouyer Exp $ */ -/* $FreeBSD: src/usr.sbin/rpc.lockd/lockd.h,v 1.5 2001/11/29 17:36:45 alfred Exp $ */ - -/* - * Copyright (c) 1995 - * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed for the FreeBSD project - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -extern int debug_level; -extern int grace_expired; -void client_kern_wait(void); -pid_t client_request(void); -extern int nsm_state; -extern pid_t client_pid; -extern time_t currsec; -extern int host_expire; - -/* XXX these should be in some system headers */ -typedef u_int32_t rpcvers_t; -int nfsclnt(int, void *); -extern int callrpc(const char *, int, int, int, xdrproc_t, void *, xdrproc_t , void *); -int expire_lock_hosts(void); - diff --git a/rpc_lockd.tproj/lockd_lock.c b/rpc_lockd.tproj/lockd_lock.c deleted file mode 100644 index d0b05ec..0000000 --- a/rpc_lockd.tproj/lockd_lock.c +++ /dev/null @@ -1,3092 +0,0 @@ -/* $NetBSD: lockd_lock.c,v 1.5 2000/11/21 03:47:41 enami Exp $ */ -/* $FreeBSD: src/usr.sbin/rpc.lockd/lockd_lock.c,v 1.10 2002/03/22 19:57:09 alfred Exp $ */ - -/* - * Copyright (c) 2001 Andrew P. Lentvorski, Jr. - * Copyright (c) 2000 Manuel Bouyer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#define LOCKD_DEBUG - -#include -#ifdef LOCKD_DEBUG -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "lockd.h" -#include "lockd_lock.h" - -#define MAXOBJECTSIZE 64 -#define MAXBUFFERSIZE 1024 - -/* - * A set of utilities for managing file locking - * - * XXX: All locks are in a linked list, a better structure should be used - * to improve search/access effeciency. - */ - -/* struct describing a lock */ -struct file_lock { - LIST_ENTRY(file_lock) nfslocklist; - netobj filehandle; /* NFS filehandle */ - struct sockaddr *addr; - struct nlm4_holder client; /* lock holder */ - u_int64_t granted_cookie; - int nsm_status; /* status from the remote lock manager */ - int status; /* lock status, see below */ - int flags; /* lock flags, see lockd_lock.h */ - int blocking; /* blocking lock or not */ - char client_name[SM_MAXSTRLEN]; /* client_name is really variable length and must be last! */ -}; - -LIST_HEAD(nfslocklist_head, file_lock); -struct nfslocklist_head nfslocklist_head = LIST_HEAD_INITIALIZER(nfslocklist_head); - -LIST_HEAD(blockedlocklist_head, file_lock); -struct blockedlocklist_head blockedlocklist_head = LIST_HEAD_INITIALIZER(blockedlocklist_head); - -/* struct describing a share reservation */ -struct file_share { - LIST_ENTRY(file_share) nfssharelist; - netobj oh; /* share holder */ - short mode; - short access; - char client_name[SM_MAXSTRLEN]; /* name is really variable length and must be last! */ -}; -LIST_HEAD(nfssharelist_head, file_share); - -/* Struct describing a file with share reservations */ -struct sharefile { - LIST_ENTRY(sharefile) sharefilelist; - netobj filehandle; /* Local access filehandle */ - int fd; /* file descriptor: remains open until no more shares */ - int refcount; - struct nfssharelist_head sharelist_head; -}; -LIST_HEAD(nfssharefilelist_head, sharefile); -struct nfssharefilelist_head nfssharefilelist_head = LIST_HEAD_INITIALIZER(nfssharefilelist_head); - -/* lock status */ -#define LKST_LOCKED 1 /* lock is locked */ -/* XXX: Is this flag file specific or lock specific? */ -#define LKST_WAITING 2 /* file is already locked by another host */ -#define LKST_PROCESSING 3 /* child is trying to aquire the lock */ -#define LKST_DYING 4 /* must dies when we get news from the child */ - -/* struct describing a monitored host */ -struct host { - TAILQ_ENTRY(host) hostlst; - int refcnt; - time_t lastuse; - struct sockaddr addr; - char *name; /* host name provided by client via caller_name */ - char *revname; /* host name mapped from addr */ -}; -/* list of hosts we monitor */ -TAILQ_HEAD(hostlst_head, host); -struct hostlst_head hostlst_head = TAILQ_HEAD_INITIALIZER(hostlst_head); -struct hostlst_head hostlst_unref = TAILQ_HEAD_INITIALIZER(hostlst_unref); - -int host_expire = 60; /* seconds */ -time_t currsec; -u_int64_t send_granted_cookie = 0; - -/* - * File monitoring handlers - * XXX: These might be able to be removed when kevent support - * is placed into the hardware lock/unlock routines. (ie. - * let the kernel do all the file monitoring) - */ - -/* Struct describing a monitored file */ -struct monfile { - LIST_ENTRY(monfile) monfilelist; - netobj filehandle; /* Local access filehandle */ - int fd; /* file descriptor: remains open until unlock! */ - int refcount; - int exclusive; -}; - -/* List of files we monitor */ -LIST_HEAD(monfilelist_head, monfile); -struct monfilelist_head monfilelist_head = LIST_HEAD_INITIALIZER(monfilelist_head); - -static int debugdelay = 0; - -enum nfslock_status { NFS_GRANTED = 0, NFS_GRANTED_DUPLICATE, - NFS_DENIED, NFS_DENIED_NOLOCK, - NFS_RESERR }; - -enum hwlock_status { HW_GRANTED = 0, HW_GRANTED_DUPLICATE, - HW_DENIED, HW_DENIED_NOLOCK, - HW_STALEFH, HW_READONLY, HW_RESERR }; - -enum partialfilelock_status { PFL_GRANTED=0, PFL_GRANTED_DUPLICATE, PFL_DENIED, - PFL_NFSDENIED, PFL_NFSBLOCKED, PFL_NFSDENIED_NOLOCK, PFL_NFSRESERR, - PFL_HWDENIED, PFL_HWBLOCKED, PFL_HWDENIED_NOLOCK, PFL_HWRESERR, - PFL_HWDENIED_STALEFH, PFL_HWDENIED_READONLY }; - -enum LFLAGS {LEDGE_LEFT, LEDGE_LBOUNDARY, LEDGE_INSIDE, LEDGE_RBOUNDARY, LEDGE_RIGHT}; -enum RFLAGS {REDGE_LEFT, REDGE_LBOUNDARY, REDGE_INSIDE, REDGE_RBOUNDARY, REDGE_RIGHT}; -/* XXX: WARNING! I HAVE OVERLOADED THIS STATUS ENUM! SPLIT IT APART INTO TWO */ -enum split_status {SPL_DISJOINT=0, SPL_LOCK1=1, SPL_LOCK2=2, SPL_CONTAINED=4, SPL_RESERR=8}; - -enum partialfilelock_status lock_partialfilelock(struct file_lock *fl); - -int send_granted(struct file_lock *fl, int opcode); -void siglock(void); -void sigunlock(void); -void destroy_lock_host(struct host *ihp); -static void monitor_lock_host(const char *hostname, const struct sockaddr *addr); - -void copy_nlm4_lock_to_nlm4_holder(const struct nlm4_lock *src, - const bool_t exclusive, struct nlm4_holder *dest); -struct file_lock * allocate_file_lock(const netobj *lockowner, - const netobj *filehandle, const struct sockaddr *addr, - const char *caller_name); -void deallocate_file_lock(struct file_lock *fl); -void fill_file_lock(struct file_lock *fl, - const bool_t exclusive, const int32_t svid, - const u_int64_t offset, const u_int64_t len, - const int state, const int status, const int flags, const int blocking); -int regions_overlap(const u_int64_t start1, const u_int64_t len1, - const u_int64_t start2, const u_int64_t len2);; -enum split_status region_compare(const u_int64_t starte, const u_int64_t lene, - const u_int64_t startu, const u_int64_t lenu, - u_int64_t *start1, u_int64_t *len1, u_int64_t *start2, u_int64_t *len2); -int same_netobj(const netobj *n0, const netobj *n1); -int same_filelock_identity(const struct file_lock *fl0, - const struct file_lock *fl2); - -static void debuglog(char const *fmt, ...); -void dump_static_object(const unsigned char* object, const int sizeof_object, - unsigned char* hbuff, const int sizeof_hbuff, - unsigned char* cbuff, const int sizeof_cbuff); -void dump_netobj(const struct netobj *nobj); -void dump_filelock(const struct file_lock *fl); -struct file_lock * get_lock_matching_unlock(const struct file_lock *fl); -enum nfslock_status test_nfslock(const struct file_lock *fl, - struct file_lock **conflicting_fl); -enum nfslock_status lock_nfslock(struct file_lock *fl); -enum nfslock_status delete_nfslock(struct file_lock *fl); -enum nfslock_status unlock_nfslock(const struct file_lock *fl, - struct file_lock **released_lock, struct file_lock **left_lock, - struct file_lock **right_lock); -enum hwlock_status lock_hwlock(struct file_lock *fl); -enum split_status split_nfslock(const struct file_lock *exist_lock, - const struct file_lock *unlock_lock, struct file_lock **left_lock, - struct file_lock **right_lock); -void add_blockingfilelock(struct file_lock *fl); -enum hwlock_status unlock_hwlock(const struct file_lock *fl); -enum hwlock_status test_hwlock(const struct file_lock *fl, - struct file_lock **conflicting_fl); -void remove_blockingfilelock(struct file_lock *fl); -void clear_blockingfilelock(const char *hostname); -void retry_blockingfilelocklist(netobj *fh); -enum partialfilelock_status unlock_partialfilelock( - const struct file_lock *fl); -void clear_partialfilelock(const char *hostname); -enum partialfilelock_status test_partialfilelock( - const struct file_lock *fl, struct file_lock **conflicting_fl); -enum nlm4_stats do_test(struct file_lock *fl, struct file_lock **conflicting_fl); -enum nlm4_stats do_unlock(struct file_lock *fl); -enum nlm4_stats do_lock(struct file_lock *fl); -void do_clear(const char *hostname); - - -void -debuglog(char const *fmt, ...) -{ - va_list ap; - - if (debug_level < 1) { - return; - } - - sleep(debugdelay); - - va_start(ap, fmt); - vsyslog(LOG_DEBUG, fmt, ap); - va_end(ap); -} - -void -dump_static_object(object, size_object, hbuff, size_hbuff, cbuff, size_cbuff) - const unsigned char *object; - const int size_object; - unsigned char *hbuff; - const int size_hbuff; - unsigned char *cbuff; - const int size_cbuff; -{ - int i, objectsize; - - if (debug_level < 2) { - return; - } - - objectsize = size_object; - - if (objectsize == 0) { - debuglog("object is size 0\n"); - } else { - if (objectsize > MAXOBJECTSIZE) { - debuglog("Object of size %d being clamped" - "to size %d\n", objectsize, MAXOBJECTSIZE); - objectsize = MAXOBJECTSIZE; - } - - if (hbuff != NULL) { - if (size_hbuff < objectsize*2+1) { - debuglog("Hbuff not large enough." - " Increase size\n"); - } else { - for(i=0;i= 32 && *(object+i) <= 127) { - *(cbuff+i) = *(object+i); - } else { - *(cbuff+i) = '.'; - } - } - *(cbuff+i) = '\0'; - } - } -} - -void -dump_netobj(const struct netobj *nobj) -{ - char hbuff[MAXBUFFERSIZE*2]; - char cbuff[MAXBUFFERSIZE]; - - if (debug_level < 2) { - return; - } - - if (nobj == NULL) { - debuglog("Null netobj pointer\n"); - } - else if (nobj->n_len == 0) { - debuglog("Size zero netobj\n"); - } else { - dump_static_object(nobj->n_bytes, nobj->n_len, - hbuff, sizeof(hbuff), cbuff, sizeof(cbuff)); - debuglog("netobj: len: %d data: %s ::: %s\n", - nobj->n_len, hbuff, cbuff); - } -} - -/* #define DUMP_FILELOCK_VERBOSE */ -void -dump_filelock(const struct file_lock *fl) -{ -#ifdef DUMP_FILELOCK_VERBOSE - char hbuff[MAXBUFFERSIZE*2]; - char cbuff[MAXBUFFERSIZE]; -#endif - - if (debug_level < 2) { - return; - } - - if (fl != NULL) { - debuglog("Dumping file lock structure @ %p\n", fl); - -#ifdef DUMP_FILELOCK_VERBOSE - dump_static_object((unsigned char *)&fl->filehandle.n_bytes, - fl->filehandle.n_len, hbuff, sizeof(hbuff), - cbuff, sizeof(cbuff)); - debuglog("Filehandle: %8s ::: %8s\n", hbuff, cbuff); -#endif - - debuglog("Dumping nlm4_holder:\n" - "exc: %x svid: %x offset:len %llx:%llx\n", - fl->client.exclusive, fl->client.svid, - fl->client.l_offset, fl->client.l_len); - -#ifdef DUMP_FILELOCK_VERBOSE - debuglog("Dumping client identity:\n"); - dump_netobj(&fl->client.oh); - - debuglog("nsm: %d status: %d flags: %d locker: %d" - " fd: %d\n", fl->nsm_status, fl->status, - fl->flags, fl->locker, fl->fd); -#endif - } else { - debuglog("NULL file lock structure\n"); - } -} - -void -copy_nlm4_lock_to_nlm4_holder(src, exclusive, dest) - const struct nlm4_lock *src; - const bool_t exclusive; - struct nlm4_holder *dest; -{ - - dest->exclusive = exclusive; - dest->oh.n_len = src->oh.n_len; - dest->oh.n_bytes = src->oh.n_bytes; - dest->svid = src->svid; - dest->l_offset = src->l_offset; - dest->l_len = src->l_len; -} - - -size_t -strnlen(const char *s, size_t len) -{ - size_t n; - - for (n = 0; s[n] != 0 && n < len; n++) - ; - return n; -} - -/* - * allocate_file_lock: Create a lock with the given parameters - */ - -struct file_lock * -allocate_file_lock(const netobj *lockowner, const netobj *filehandle, - const struct sockaddr *addr, const char *caller_name) -{ - struct file_lock *newfl; - size_t n; - - /* Beware of rubbish input! */ - n = strnlen(caller_name, SM_MAXSTRLEN); - if (n == SM_MAXSTRLEN) { - return NULL; - } - - newfl = malloc(sizeof(*newfl) - sizeof(newfl->client_name) + n + 1); - if (newfl == NULL) { - return NULL; - } - bzero(newfl, sizeof(*newfl) - sizeof(newfl->client_name)); - memcpy(newfl->client_name, caller_name, n); - newfl->client_name[n] = 0; - - newfl->client.oh.n_bytes = malloc(lockowner->n_len); - if (newfl->client.oh.n_bytes == NULL) { - free(newfl); - return NULL; - } - newfl->client.oh.n_len = lockowner->n_len; - bcopy(lockowner->n_bytes, newfl->client.oh.n_bytes, lockowner->n_len); - - newfl->filehandle.n_bytes = malloc(filehandle->n_len); - if (newfl->filehandle.n_bytes == NULL) { - free(newfl->client.oh.n_bytes); - free(newfl); - return NULL; - } - newfl->filehandle.n_len = filehandle->n_len; - bcopy(filehandle->n_bytes, newfl->filehandle.n_bytes, filehandle->n_len); - - newfl->addr = malloc(addr->sa_len); - if (newfl->addr == NULL) { - free(newfl->client.oh.n_bytes); - free(newfl); - return NULL; - } - memcpy(newfl->addr, addr, addr->sa_len); - - return newfl; -} - -/* - * file_file_lock: Force creation of a valid file lock - */ -void -fill_file_lock(struct file_lock *fl, - const bool_t exclusive, const int32_t svid, - const u_int64_t offset, const u_int64_t len, - const int state, const int status, const int flags, const int blocking) -{ - fl->client.exclusive = exclusive; - fl->client.svid = svid; - fl->client.l_offset = offset; - fl->client.l_len = len; - - fl->nsm_status = state; - fl->status = status; - fl->flags = flags; - fl->blocking = blocking; -} - -/* - * deallocate_file_lock: Free all storage associated with a file lock - */ -void -deallocate_file_lock(struct file_lock *fl) -{ - free(fl->addr); - free(fl->client.oh.n_bytes); - free(fl->filehandle.n_bytes); - free(fl); -} - -/* - * regions_overlap(): This function examines the two provided regions for - * overlap. - */ -int -regions_overlap(start1, len1, start2, len2) - const u_int64_t start1, len1, start2, len2; -{ - u_int64_t d1,d2,d3,d4; - enum split_status result; - - debuglog("Entering region overlap with vals: %llu:%llu--%llu:%llu\n", - start1, len1, start2, len2); - - result = region_compare(start1, len1, start2, len2, - &d1, &d2, &d3, &d4); - - debuglog("Exiting region overlap with val: %d\n",result); - - if (result == SPL_DISJOINT) { - return 0; - } else { - return 1; - } - - return (result); -} - -/* - * region_compare(): Examine lock regions and split appropriately - * - * XXX: Fix 64 bit overflow problems - * XXX: Check to make sure I got *ALL* the cases. - * XXX: This DESPERATELY needs a regression test. - */ -enum split_status -region_compare(starte, lene, startu, lenu, - start1, len1, start2, len2) - const u_int64_t starte, lene, startu, lenu; - u_int64_t *start1, *len1, *start2, *len2; -{ - /* - * Please pay attention to the sequential exclusions - * of the if statements!!! - */ - enum LFLAGS lflags; - enum RFLAGS rflags; - enum split_status retval; - - retval = SPL_DISJOINT; - - if (lene == 0 && lenu == 0) { - /* Examine left edge of locker */ - if (startu < starte) { - lflags = LEDGE_LEFT; - } else if (startu == starte) { - lflags = LEDGE_LBOUNDARY; - } else { - lflags = LEDGE_INSIDE; - } - - rflags = REDGE_RBOUNDARY; /* Both are infiinite */ - - if (lflags == LEDGE_INSIDE) { - *start1 = starte; - *len1 = startu - starte; - } - - if (lflags == LEDGE_LEFT || lflags == LEDGE_LBOUNDARY) { - retval = SPL_CONTAINED; - } else { - retval = SPL_LOCK1; - } - } else if (lene == 0 && lenu != 0) { - /* Established lock is infinite */ - /* Examine left edge of unlocker */ - if (startu < starte) { - lflags = LEDGE_LEFT; - } else if (startu == starte) { - lflags = LEDGE_LBOUNDARY; - } else if (startu > starte) { - lflags = LEDGE_INSIDE; - } - - /* Examine right edge of unlocker */ - if (startu + lenu < starte) { - /* Right edge of unlocker left of established lock */ - rflags = REDGE_LEFT; - return SPL_DISJOINT; - } else if (startu + lenu == starte) { - /* Right edge of unlocker on start of established lock */ - rflags = REDGE_LBOUNDARY; - return SPL_DISJOINT; - } else { /* Infinifty is right of finity */ - /* Right edge of unlocker inside established lock */ - rflags = REDGE_INSIDE; - } - - if (lflags == LEDGE_INSIDE) { - *start1 = starte; - *len1 = startu - starte; - retval |= SPL_LOCK1; - } - - if (rflags == REDGE_INSIDE) { - /* Create right lock */ - *start2 = startu+lenu; - *len2 = 0; - retval |= SPL_LOCK2; - } - } else if (lene != 0 && lenu == 0) { - /* Unlocker is infinite */ - /* Examine left edge of unlocker */ - if (startu < starte) { - lflags = LEDGE_LEFT; - retval = SPL_CONTAINED; - return retval; - } else if (startu == starte) { - lflags = LEDGE_LBOUNDARY; - retval = SPL_CONTAINED; - return retval; - } else if ((startu > starte) && (startu < starte + lene - 1)) { - lflags = LEDGE_INSIDE; - } else if (startu == starte + lene - 1) { - lflags = LEDGE_RBOUNDARY; - } else { /* startu > starte + lene -1 */ - lflags = LEDGE_RIGHT; - return SPL_DISJOINT; - } - - rflags = REDGE_RIGHT; /* Infinity is right of finity */ - - if (lflags == LEDGE_INSIDE || lflags == LEDGE_RBOUNDARY) { - *start1 = starte; - *len1 = startu - starte; - retval |= SPL_LOCK1; - return retval; - } - - } else { - /* Both locks are finite */ - - /* Examine left edge of unlocker */ - if (startu < starte) { - lflags = LEDGE_LEFT; - } else if (startu == starte) { - lflags = LEDGE_LBOUNDARY; - } else if ((startu > starte) && (startu < starte + lene - 1)) { - lflags = LEDGE_INSIDE; - } else if (startu == starte + lene - 1) { - lflags = LEDGE_RBOUNDARY; - } else { /* startu > starte + lene -1 */ - lflags = LEDGE_RIGHT; - return SPL_DISJOINT; - } - - /* Examine right edge of unlocker */ - if (startu + lenu < starte) { - /* Right edge of unlocker left of established lock */ - rflags = REDGE_LEFT; - return SPL_DISJOINT; - } else if (startu + lenu == starte) { - /* Right edge of unlocker on start of established lock */ - rflags = REDGE_LBOUNDARY; - return SPL_DISJOINT; - } else if (startu + lenu < starte + lene) { - /* Right edge of unlocker inside established lock */ - rflags = REDGE_INSIDE; - } else if (startu + lenu == starte + lene) { - /* Right edge of unlocker on right edge of established lock */ - rflags = REDGE_RBOUNDARY; - } else { /* startu + lenu > starte + lene */ - /* Right edge of unlocker is right of established lock */ - rflags = REDGE_RIGHT; - } - - if (lflags == LEDGE_INSIDE || lflags == LEDGE_RBOUNDARY) { - /* Create left lock */ - *start1 = starte; - *len1 = (startu - starte); - retval |= SPL_LOCK1; - } - - if (rflags == REDGE_INSIDE) { - /* Create right lock */ - *start2 = startu+lenu; - *len2 = starte+lene-(startu+lenu); - retval |= SPL_LOCK2; - } - - if ((lflags == LEDGE_LEFT || lflags == LEDGE_LBOUNDARY) && - (rflags == REDGE_RBOUNDARY || rflags == REDGE_RIGHT)) { - retval = SPL_CONTAINED; - } - } - - return retval; -} - -/* - * same_netobj: Compares the apprpriate bits of a netobj for identity - */ -int -same_netobj(const netobj *n0, const netobj *n1) -{ - int retval; - - retval = 0; - - debuglog("Entering netobj identity check\n"); - - if (n0->n_len == n1->n_len) { - debuglog("Preliminary length check passed\n"); - retval = !bcmp(n0->n_bytes, n1->n_bytes, n0->n_len); - debuglog("netobj %smatch\n", retval ? "" : "mis"); - } - - return (retval); -} - -/* - * same_filelock_identity: Compares the appropriate bits of a file_lock - */ -int -same_filelock_identity(fl0, fl1) - const struct file_lock *fl0, *fl1; -{ - int retval; - - retval = 0; - - debuglog("Checking filelock identity\n"); - - /* - * Check process ids and host information. - */ - retval = (fl0->client.svid == fl1->client.svid && - same_netobj(&(fl0->client.oh), &(fl1->client.oh))); - - debuglog("Exiting checking filelock identity: retval: %d\n",retval); - - return (retval); -} - -/* - * Below here are routines associated with manipulating the NFS - * lock list. - */ - -/* - * get_lock_matching_unlock: Return a lock which matches the given unlock lock - * or NULL otherwise - * XXX: It is a shame that this duplicates so much code from test_nfslock. - */ -struct file_lock * -get_lock_matching_unlock(const struct file_lock *fl) -{ - struct file_lock *ifl; /* Iterator */ - - debuglog("Entering lock_matching_unlock\n"); - debuglog("********Dump of fl*****************\n"); - dump_filelock(fl); - - LIST_FOREACH(ifl, &nfslocklist_head, nfslocklist) { - debuglog("Pointer to file lock: %p\n",ifl); - - debuglog("****Dump of ifl****\n"); - dump_filelock(ifl); - debuglog("*******************\n"); - - /* - * XXX: It is conceivable that someone could use the NLM RPC - * system to directly access filehandles. This may be a - * security hazard as the filehandle code may bypass normal - * file access controls - */ - if (fl->filehandle.n_len != ifl->filehandle.n_len) - continue; - if (bcmp(fl->filehandle.n_bytes, ifl->filehandle.n_bytes, - fl->filehandle.n_len)) - continue; - - debuglog("matching_unlock: Filehandles match, " - "checking regions\n"); - - /* Filehandles match, check for region overlap */ - if (!regions_overlap(fl->client.l_offset, fl->client.l_len, - ifl->client.l_offset, ifl->client.l_len)) - continue; - - debuglog("matching_unlock: Region overlap" - " found %llu : %llu -- %llu : %llu\n", - fl->client.l_offset,fl->client.l_len, - ifl->client.l_offset,ifl->client.l_len); - - /* Regions overlap, check the identity */ - if (!same_filelock_identity(fl,ifl)) - continue; - - debuglog("matching_unlock: Duplicate lock id. Granting\n"); - return (ifl); - } - - debuglog("Exiting lock_matching_unlock\n"); - - return (NULL); -} - -/* - * test_nfslock: check for NFS lock in lock list - * - * This routine makes the following assumptions: - * 1) Nothing will adjust the lock list during a lookup - * - * This routine has an intersting quirk which bit me hard. - * The conflicting_fl is the pointer to the conflicting lock. - * However, to modify the "*pointer* to the conflicting lock" rather - * that the "conflicting lock itself" one must pass in a "pointer to - * the pointer of the conflicting lock". Gross. - */ - -enum nfslock_status -test_nfslock(const struct file_lock *fl, struct file_lock **conflicting_fl) -{ - struct file_lock *ifl; /* Iterator */ - enum nfslock_status retval; - - debuglog("Entering test_nfslock\n"); - - retval = NFS_GRANTED; - (*conflicting_fl) = NULL; - - debuglog("Entering lock search loop\n"); - - debuglog("***********************************\n"); - debuglog("Dumping match filelock\n"); - debuglog("***********************************\n"); - dump_filelock(fl); - debuglog("***********************************\n"); - - LIST_FOREACH(ifl, &nfslocklist_head, nfslocklist) { - if (retval == NFS_DENIED) - break; - - debuglog("Top of lock loop\n"); - debuglog("Pointer to file lock: %p\n",ifl); - - debuglog("***********************************\n"); - debuglog("Dumping test filelock\n"); - debuglog("***********************************\n"); - dump_filelock(ifl); - debuglog("***********************************\n"); - - /* - * XXX: It is conceivable that someone could use the NLM RPC - * system to directly access filehandles. This may be a - * security hazard as the filehandle code may bypass normal - * file access controls - */ - if (fl->filehandle.n_len != ifl->filehandle.n_len) - continue; - if (bcmp(fl->filehandle.n_bytes, ifl->filehandle.n_bytes, - fl->filehandle.n_len)) - continue; - - debuglog("test_nfslock: filehandle match found\n"); - - /* Filehandles match, check for region overlap */ - if (!regions_overlap(fl->client.l_offset, fl->client.l_len, - ifl->client.l_offset, ifl->client.l_len)) - continue; - - debuglog("test_nfslock: Region overlap found" - " %llu : %llu -- %llu : %llu\n", - fl->client.l_offset,fl->client.l_len, - ifl->client.l_offset,ifl->client.l_len); - - /* Regions overlap, check the exclusivity */ - if (!(fl->client.exclusive || ifl->client.exclusive)) - continue; - - debuglog("test_nfslock: Exclusivity failure: %d %d\n", - fl->client.exclusive, - ifl->client.exclusive); - - if (same_filelock_identity(fl,ifl)) { - debuglog("test_nfslock: Duplicate id. Granting\n"); - (*conflicting_fl) = ifl; - retval = NFS_GRANTED_DUPLICATE; - } else { - /* locking attempt fails */ - debuglog("test_nfslock: Lock attempt failed\n"); - debuglog("Desired lock\n"); - dump_filelock(fl); - debuglog("Conflicting lock\n"); - dump_filelock(ifl); - (*conflicting_fl) = ifl; - retval = NFS_DENIED; - } - } - - debuglog("Dumping file locks\n"); - debuglog("Exiting test_nfslock\n"); - - return (retval); -} - -/* - * lock_nfslock: attempt to create a lock in the NFS lock list - * - * This routine tests whether the lock will be granted and then adds - * the entry to the lock list if so. - * - * Argument fl gets modified as its list housekeeping entries get modified - * upon insertion into the NFS lock list - * - * This routine makes several assumptions: - * 1) It is perfectly happy to grant a duplicate lock from the same pid. - * While this seems to be intuitively wrong, it is required for proper - * Posix semantics during unlock. It is absolutely imperative to not - * unlock the main lock before the two child locks are established. Thus, - * one has be be able to create duplicate locks over an existing lock - * 2) It currently accepts duplicate locks from the same id,pid - */ - -enum nfslock_status -lock_nfslock(struct file_lock *fl) -{ - enum nfslock_status retval; - struct file_lock *dummy_fl; - - dummy_fl = NULL; - - debuglog("Entering lock_nfslock...\n"); - - retval = test_nfslock(fl,&dummy_fl); - - if (retval == NFS_GRANTED || retval == NFS_GRANTED_DUPLICATE) { - debuglog("Inserting lock...\n"); - dump_filelock(fl); - LIST_INSERT_HEAD(&nfslocklist_head, fl, nfslocklist); - } - - debuglog("Exiting lock_nfslock...\n"); - - return (retval); -} - -/* - * delete_nfslock: delete an NFS lock list entry - * - * This routine is used to delete a lock out of the NFS lock list - * without regard to status, underlying locks, regions or anything else - * - * Note that this routine *does not deallocate memory* of the lock. - * It just disconnects it from the list. The lock can then be used - * by other routines without fear of trashing the list. - */ - -enum nfslock_status -delete_nfslock(struct file_lock *fl) -{ - - LIST_REMOVE(fl, nfslocklist); - - return (NFS_GRANTED); -} - -enum split_status -split_nfslock(exist_lock, unlock_lock, left_lock, right_lock) - const struct file_lock *exist_lock, *unlock_lock; - struct file_lock **left_lock, **right_lock; -{ - u_int64_t start1, len1, start2, len2; - enum split_status spstatus; - - spstatus = region_compare(exist_lock->client.l_offset, exist_lock->client.l_len, - unlock_lock->client.l_offset, unlock_lock->client.l_len, - &start1, &len1, &start2, &len2); - - if ((spstatus & SPL_LOCK1) != 0) { - *left_lock = allocate_file_lock(&exist_lock->client.oh, &exist_lock->filehandle, exist_lock->addr, exist_lock->client_name); - if (*left_lock == NULL) { - debuglog("Unable to allocate resource for split 1\n"); - return SPL_RESERR; - } - - fill_file_lock(*left_lock, - exist_lock->client.exclusive, exist_lock->client.svid, - start1, len1, - exist_lock->nsm_status, - exist_lock->status, exist_lock->flags, exist_lock->blocking); - } - - if ((spstatus & SPL_LOCK2) != 0) { - *right_lock = allocate_file_lock(&exist_lock->client.oh, &exist_lock->filehandle, exist_lock->addr, exist_lock->client_name); - if (*right_lock == NULL) { - debuglog("Unable to allocate resource for split 1\n"); - if (*left_lock != NULL) { - deallocate_file_lock(*left_lock); - } - return SPL_RESERR; - } - - fill_file_lock(*right_lock, - exist_lock->client.exclusive, exist_lock->client.svid, - start2, len2, - exist_lock->nsm_status, - exist_lock->status, exist_lock->flags, exist_lock->blocking); - } - - return spstatus; -} - -enum nfslock_status -unlock_nfslock(fl, released_lock, left_lock, right_lock) - const struct file_lock *fl; - struct file_lock **released_lock; - struct file_lock **left_lock; - struct file_lock **right_lock; -{ - struct file_lock *mfl; /* Matching file lock */ - enum nfslock_status retval; - enum split_status spstatus; - - debuglog("Entering unlock_nfslock\n"); - - *released_lock = NULL; - *left_lock = NULL; - *right_lock = NULL; - - retval = NFS_DENIED_NOLOCK; - - debuglog("Attempting to match lock...\n"); - mfl = get_lock_matching_unlock(fl); - - if (mfl != NULL) { - debuglog("Unlock matched. Querying for split\n"); - - spstatus = split_nfslock(mfl, fl, left_lock, right_lock); - - debuglog("Split returned %d %p %p %p %p\n",spstatus,mfl,fl,*left_lock,*right_lock); - debuglog("********Split dumps********"); - dump_filelock(mfl); - dump_filelock(fl); - dump_filelock(*left_lock); - dump_filelock(*right_lock); - debuglog("********End Split dumps********"); - - if (spstatus == SPL_RESERR) { - if (*left_lock != NULL) { - deallocate_file_lock(*left_lock); - *left_lock = NULL; - } - - if (*right_lock != NULL) { - deallocate_file_lock(*right_lock); - *right_lock = NULL; - } - - return NFS_RESERR; - } - - /* Insert new locks from split if required */ - if (*left_lock != NULL) { - debuglog("Split left activated\n"); - LIST_INSERT_HEAD(&nfslocklist_head, *left_lock, nfslocklist); - } - - if (*right_lock != NULL) { - debuglog("Split right activated\n"); - LIST_INSERT_HEAD(&nfslocklist_head, *right_lock, nfslocklist); - } - - /* Unlock the lock since it matches identity */ - LIST_REMOVE(mfl, nfslocklist); - *released_lock = mfl; - retval = NFS_GRANTED; - } - - debuglog("Exiting unlock_nfslock\n"); - - return retval; -} - -/* - * Below here are the routines for manipulating the file lock directly - * on the disk hardware itself - */ -enum hwlock_status -lock_hwlock(struct file_lock *fl) -{ - struct monfile *imf,*nmf; - int lflags, flerror; - fhandle_t fh; - - /* Scan to see if filehandle already present */ - LIST_FOREACH(imf, &monfilelist_head, monfilelist) { - if ((fl->filehandle.n_len == imf->filehandle.n_len) && - (bcmp(fl->filehandle.n_bytes, imf->filehandle.n_bytes, - fl->filehandle.n_len) == 0)) { - /* imf is the correct filehandle */ - break; - } - } - - /* - * Filehandle already exists (we control the file) - * *AND* NFS has already cleared the lock for availability - * Grant it and bump the refcount. - */ - if (imf != NULL) { - ++(imf->refcount); - return (HW_GRANTED); - } - - /* No filehandle found, create and go */ - nmf = malloc(sizeof(struct monfile)); - if (nmf == NULL) { - debuglog("hwlock resource allocation failure\n"); - return (HW_RESERR); - } - nmf->filehandle.n_bytes = malloc(fl->filehandle.n_len); - if (nmf->filehandle.n_bytes == NULL) { - debuglog("hwlock resource allocation failure\n"); - free(nmf); - return (HW_RESERR); - } - - if (fl->filehandle.n_len > NFS_MAX_FH_SIZE) { - debuglog("hwlock: bad fh length %d (from %16s): %32s\n", - fl->filehandle.n_len, fl->client_name, strerror(errno)); - free(nmf->filehandle.n_bytes); - free(nmf); - return (HW_STALEFH); - } - fh.fh_len = fl->filehandle.n_len; - bcopy(fl->filehandle.n_bytes, fh.fh_data, fh.fh_len); - - /* XXX: Is O_RDWR always the correct mode? */ - nmf->fd = fhopen(&fh, O_RDWR); - if (nmf->fd < 0) { - debuglog("fhopen failed (from %16s): %32s\n", - fl->client_name, strerror(errno)); - free(nmf->filehandle.n_bytes); - free(nmf); - switch (errno) { - case ESTALE: - return (HW_STALEFH); - case EROFS: - return (HW_READONLY); - default: - return (HW_RESERR); - } - } - - /* File opened correctly, fill the monitor struct */ - nmf->filehandle.n_len = fl->filehandle.n_len; - bcopy(fl->filehandle.n_bytes, nmf->filehandle.n_bytes, fl->filehandle.n_len); - nmf->refcount = 1; - nmf->exclusive = fl->client.exclusive; - - lflags = (nmf->exclusive == 1) ? - (LOCK_EX | LOCK_NB) : (LOCK_SH | LOCK_NB); - - flerror = flock(nmf->fd, lflags); - - if (flerror != 0) { - debuglog("flock failed (from %16s): %32s\n", - fl->client_name, strerror(errno)); - close(nmf->fd); - free(nmf->filehandle.n_bytes); - free(nmf); - switch (errno) { - case EAGAIN: - return (HW_DENIED); - case ESTALE: - return (HW_STALEFH); - case EROFS: - return (HW_READONLY); - default: - return (HW_RESERR); - break; - } - } - - /* File opened and locked */ - LIST_INSERT_HEAD(&monfilelist_head, nmf, monfilelist); - - debuglog("flock succeeded (from %16s)\n", fl->client_name); - return (HW_GRANTED); -} - -enum hwlock_status -unlock_hwlock(const struct file_lock *fl) -{ - struct monfile *imf; - - debuglog("Entering unlock_hwlock\n"); - debuglog("Entering loop interation\n"); - - /* Scan to see if filehandle already present */ - LIST_FOREACH(imf, &monfilelist_head, monfilelist) { - if ((fl->filehandle.n_len == imf->filehandle.n_len) && - (bcmp(fl->filehandle.n_bytes, imf->filehandle.n_bytes, - fl->filehandle.n_len) == 0)) { - /* imf is the correct filehandle */ - break; - } - } - - debuglog("Completed iteration. Proceeding\n"); - - if (imf == NULL) { - /* No lock found */ - debuglog("Exiting unlock_hwlock (HW_DENIED_NOLOCK)\n"); - return (HW_DENIED_NOLOCK); - } - - /* Lock found */ - --imf->refcount; - - if (imf->refcount < 0) { - debuglog("Negative hardware reference count\n"); - } - - if (imf->refcount <= 0) { - close(imf->fd); - LIST_REMOVE(imf, monfilelist); - free(imf->filehandle.n_bytes); - free(imf); - } - debuglog("Exiting unlock_hwlock (HW_GRANTED)\n"); - return (HW_GRANTED); -} - -enum hwlock_status -test_hwlock(fl, conflicting_fl) - const struct file_lock *fl __unused; - struct file_lock **conflicting_fl __unused; -{ - - /* - * XXX: lock tests on hardware are not required until - * true partial file testing is done on the underlying file - */ - return (HW_RESERR); -} - - - -/* - * Below here are routines for manipulating blocked lock requests - * They should only be called from the XXX_partialfilelock routines - * if at all possible - */ - -void -add_blockingfilelock(struct file_lock *fl) -{ - struct file_lock *ifl, *nfl; - - debuglog("Entering add_blockingfilelock\n"); - - /* - * Check for a duplicate lock request. - * If found, deallocate the older request. - */ - ifl = LIST_FIRST(&blockedlocklist_head); - for (; ifl != NULL; ifl = nfl) { - debuglog("Pointer to file lock: %p\n",ifl); - debuglog("****Dump of ifl****\n"); - dump_filelock(ifl); - debuglog("*******************\n"); - - nfl = LIST_NEXT(ifl, nfslocklist); - - if (fl->filehandle.n_len != ifl->filehandle.n_len) - continue; - if (bcmp(fl->filehandle.n_bytes, ifl->filehandle.n_bytes, - fl->filehandle.n_len)) - continue; - - /* Filehandles match, check region */ - if ((fl->client.l_offset != ifl->client.l_offset) || - (fl->client.l_len != ifl->client.l_len)) - continue; - - /* Regions match, check the identity */ - if (!same_filelock_identity(fl,ifl)) - continue; - - debuglog("add_blockingfilelock: removing duplicate lock request.\n"); - remove_blockingfilelock(ifl); - deallocate_file_lock(ifl); - break; - } - - /* - * Clear the blocking flag so that it can be reused without - * adding it to the blocking queue a second time - */ - - fl->blocking = 0; - LIST_INSERT_HEAD(&blockedlocklist_head, fl, nfslocklist); - - debuglog("Exiting add_blockingfilelock\n"); -} - -void -remove_blockingfilelock(struct file_lock *fl) -{ - - debuglog("Entering remove_blockingfilelock\n"); - - LIST_REMOVE(fl, nfslocklist); - - debuglog("Exiting remove_blockingfilelock\n"); -} - -void -clear_blockingfilelock(const char *hostname) -{ - struct file_lock *ifl,*nfl; - - /* - * Normally, LIST_FOREACH is called for, but since - * the current element *is* the iterator, deleting it - * would mess up the iteration. Thus, a next element - * must be used explicitly - */ - - ifl = LIST_FIRST(&blockedlocklist_head); - - while (ifl != NULL) { - nfl = LIST_NEXT(ifl, nfslocklist); - - if (strncmp(hostname, ifl->client_name, SM_MAXSTRLEN) == 0) { - remove_blockingfilelock(ifl); - deallocate_file_lock(ifl); - } - - ifl = nfl; - } -} - -int need_retry_blocked_locks = 0; /* need to call retry_blockingfilelocklist() */ - -void -retry_blockingfilelocklist(netobj *fh) -{ - /* - * If fh is given, then retry just the locks with the - * same filehandle in the blocked list. - * Otherwise, simply retry all locks in the blocked list. - */ - struct file_lock *ifl, *nfl, *pfl; /* Iterator */ - enum partialfilelock_status pflstatus; - int rv; - - debuglog("Entering retry_blockingfilelocklist\n"); - - need_retry_blocked_locks = 0; - - pfl = NULL; - ifl = LIST_FIRST(&blockedlocklist_head); - debuglog("Iterator choice %p\n",ifl); - - while (ifl != NULL) { - /* - * SUBTLE BUG: The next element must be worked out before the - * current element has been moved - */ - nfl = LIST_NEXT(ifl, nfslocklist); - debuglog("Iterator choice %p\n",ifl); - debuglog("Prev iterator choice %p\n",pfl); - debuglog("Next iterator choice %p\n",nfl); - - /* if given a filehandle, only retry locks for the same filehandle */ - if (fh && !same_netobj(fh, &ifl->filehandle)) { - ifl = nfl; - continue; - } - - /* - * SUBTLE BUG: The file_lock must be removed from the - * old list so that it's list pointers get disconnected - * before being allowed to participate in the new list - * which will automatically add it in if necessary. - */ - - LIST_REMOVE(ifl, nfslocklist); - pflstatus = lock_partialfilelock(ifl); - - if (pflstatus == PFL_GRANTED || pflstatus == PFL_GRANTED_DUPLICATE) { - debuglog("Granted blocked lock\n"); - /* lock granted and is now being used */ - rv = send_granted(ifl, 0); - if (rv) { - /* - * Uh oh... the NLM_GRANTED message failed. - * About the only thing we can do is drop the lock. - * Note: this could be bad if the error was only - * transient. Hopefully, if the client is still - * waiting for the lock, they will resend the request. - */ - do_unlock(ifl); - /* ifl is NO LONGER VALID AT THIS POINT */ - } - } else if (pflstatus == PFL_HWDENIED_STALEFH) { - /* - * Uh oh... - * It would be nice if we could inform the client of - * this error. Unfortunately, there's no way to do - * that in the NLM protocol (can't send "granted" - * message with an error and there's no "never going - * to be granted" message). - * - * Since there's no chance of this blocked request ever - * succeeding, we drop the lock request rather than - * needlessly keeping it around just to rot forever in - * the blocked lock list. - * - * Hopefully, if the client is still waiting for the lock, - * they will resend the request (and get an error then). - * - * XXX Note: PFL_HWDENIED_READONLY could potentially - * be handled this way as well, although that would - * only be an issue if a file system changed from - * read-write to read-only out from under a blocked - * lock request, and that's far less likely than a - * file disappearing out from under such a request. - */ - deallocate_file_lock(ifl); - /* ifl is NO LONGER VALID AT THIS POINT */ - } else { - /* Reinsert lock back into same place in blocked list */ - debuglog("Replacing blocked lock\n"); - if (pfl != NULL) - LIST_INSERT_AFTER(pfl, ifl, nfslocklist); - else - /* ifl is the only elem. in the list */ - LIST_INSERT_HEAD(&blockedlocklist_head, ifl, nfslocklist); - } - - if (pflstatus == PFL_GRANTED || pflstatus == PFL_GRANTED_DUPLICATE || - pflstatus == PFL_HWDENIED_STALEFH) { - /* If ifl was permanently removed from the list, (e.g it */ - /* was granted or dropped), pfl should remain where it's at. */ - } else { - /* If ifl was left in the list, (e.g it was reinserted back */ - /* in place), pfl should simply be moved forward to be ifl */ - pfl = ifl; - } - /* Valid increment behavior regardless of state of ifl */ - ifl = nfl; - } - - debuglog("Exiting retry_blockingfilelocklist\n"); -} - -/* - * Below here are routines associated with manipulating all - * aspects of the partial file locking system (list, hardware, etc.) - */ - -/* - * Please note that lock monitoring must be done at this level which - * keeps track of *individual* lock requests on lock and unlock - * - * XXX: Split unlocking is going to make the unlock code miserable - */ - -/* - * lock_partialfilelock: - * - * Argument fl gets modified as its list housekeeping entries get modified - * upon insertion into the NFS lock list - * - * This routine makes several assumptions: - * 1) It (will) pass locks through to flock to lock the entire underlying file - * and then parcel out NFS locks if it gets control of the file. - * This matches the old rpc.lockd file semantics (except where it - * is now more correct). It is the safe solution, but will cause - * overly restrictive blocking if someone is trying to use the - * underlying files without using NFS. This appears to be an - * acceptable tradeoff since most people use standalone NFS servers. - * XXX: The right solution is probably kevent combined with fcntl - * - * 2) Nothing modifies the lock lists between testing and granting - * I have no idea whether this is a useful assumption or not - */ - -enum partialfilelock_status -lock_partialfilelock(struct file_lock *fl) -{ - enum partialfilelock_status retval; - enum nfslock_status lnlstatus; - enum hwlock_status hwstatus; - - debuglog("Entering lock_partialfilelock\n"); - - retval = PFL_DENIED; - - /* - * Execute the NFS lock first, if possible, as it is significantly - * easier and less expensive to undo than the filesystem lock - */ - - lnlstatus = lock_nfslock(fl); - - switch (lnlstatus) { - case NFS_GRANTED: - case NFS_GRANTED_DUPLICATE: - /* - * At this point, the NFS lock is allocated and active. - * Remember to clean it up if the hardware lock fails - */ - hwstatus = lock_hwlock(fl); - - switch (hwstatus) { - case HW_GRANTED: - case HW_GRANTED_DUPLICATE: - debuglog("HW GRANTED\n"); - /* - * XXX: Fixme: Check hwstatus for duplicate when - * true partial file locking and accounting is - * done on the hardware - */ - if (lnlstatus == NFS_GRANTED_DUPLICATE) { - retval = PFL_GRANTED_DUPLICATE; - } else { - retval = PFL_GRANTED; - } - if (fl->flags & LOCK_MON) - monitor_lock_host_by_name(fl->client_name, fl->addr); - break; - case HW_RESERR: - debuglog("HW RESERR\n"); - retval = PFL_HWRESERR; - break; - case HW_DENIED: - debuglog("HW DENIED\n"); - retval = PFL_HWDENIED; - break; - case HW_DENIED_NOLOCK: - debuglog("HW DENIED NOLOCK\n"); - retval = PFL_HWDENIED_NOLOCK; - break; - case HW_STALEFH: - debuglog("HW STALE FH\n"); - retval = PFL_HWDENIED_STALEFH; - break; - case HW_READONLY: - debuglog("HW READONLY\n"); - retval = PFL_HWDENIED_READONLY; - break; - default: - debuglog("Unmatched hwstatus %d\n",hwstatus); - break; - } - - if (retval != PFL_GRANTED && - retval != PFL_GRANTED_DUPLICATE) { - /* Clean up the NFS lock */ - debuglog("Deleting trial NFS lock\n"); - delete_nfslock(fl); - } - break; - case NFS_DENIED: - retval = PFL_NFSDENIED; - break; - case NFS_RESERR: - retval = PFL_NFSRESERR; - default: - debuglog("Unmatched lnlstatus %d\n"); - retval = PFL_NFSDENIED_NOLOCK; - break; - } - - /* - * By the time fl reaches here, it is completely free again on - * failure. The NFS lock done before attempting the - * hardware lock has been backed out - */ - - if (retval == PFL_NFSDENIED || retval == PFL_HWDENIED) { - /* Once last chance to check the lock */ - if (fl->blocking == 1) { - if (retval == PFL_NFSDENIED) { - /* Queue the lock */ - debuglog("BLOCKING LOCK RECEIVED\n"); - retval = PFL_NFSBLOCKED; - add_blockingfilelock(fl); - dump_filelock(fl); - } else { - /* retval is okay as PFL_HWDENIED */ - debuglog("BLOCKING LOCK DENIED IN HARDWARE\n"); - dump_filelock(fl); - } - } else { - /* Leave retval alone, it's already correct */ - debuglog("Lock denied. Non-blocking failure\n"); - dump_filelock(fl); - } - } - - debuglog("Exiting lock_partialfilelock\n"); - - return retval; -} - -/* - * unlock_partialfilelock: - * - * Given a file_lock, unlock all locks which match. - * - * Note that a given lock might have to unlock ITSELF! See - * clear_partialfilelock for example. - */ - -enum partialfilelock_status -unlock_partialfilelock(const struct file_lock *fl) -{ - struct file_lock *lfl,*rfl,*releasedfl,*selffl; - enum partialfilelock_status retval; - enum nfslock_status unlstatus; - enum hwlock_status unlhwstatus, lhwstatus; - - debuglog("Entering unlock_partialfilelock\n"); - - selffl = NULL; - lfl = NULL; - rfl = NULL; - releasedfl = NULL; - retval = PFL_DENIED; - - /* - * There are significant overlap and atomicity issues - * with partially releasing a lock. For example, releasing - * part of an NFS shared lock does *not* always release the - * corresponding part of the file since there is only one - * rpc.lockd UID but multiple users could be requesting it - * from NFS. Also, an unlock request should never allow - * another process to gain a lock on the remaining parts. - * ie. Always apply the new locks before releasing the - * old one - */ - - /* - * Loop is required since multiple little locks - * can be allocated and then deallocated with one - * big unlock. - * - * The loop is required to be here so that the nfs & - * hw subsystems do not need to communicate with one - * one another - */ - - do { - debuglog("Value of releasedfl: %p\n",releasedfl); - /* lfl&rfl are created *AND* placed into the NFS lock list if required */ - unlstatus = unlock_nfslock(fl, &releasedfl, &lfl, &rfl); - debuglog("Value of releasedfl: %p\n",releasedfl); - - - /* XXX: This is grungy. It should be refactored to be cleaner */ - if (lfl != NULL) { - lhwstatus = lock_hwlock(lfl); - if (lhwstatus != HW_GRANTED && - lhwstatus != HW_GRANTED_DUPLICATE) { - debuglog("HW duplicate lock failure for left split\n"); - } - if (lfl->flags & LOCK_MON) - monitor_lock_host_by_name(lfl->client_name, lfl->addr); - } - - if (rfl != NULL) { - lhwstatus = lock_hwlock(rfl); - if (lhwstatus != HW_GRANTED && - lhwstatus != HW_GRANTED_DUPLICATE) { - debuglog("HW duplicate lock failure for right split\n"); - } - if (rfl->flags & LOCK_MON) - monitor_lock_host_by_name(rfl->client_name, rfl->addr); - } - - switch (unlstatus) { - case NFS_GRANTED: - /* Attempt to unlock on the hardware */ - debuglog("NFS unlock granted. Attempting hardware unlock\n"); - - /* This call *MUST NOT* unlock the two newly allocated locks */ - unlhwstatus = unlock_hwlock(fl); - debuglog("HW unlock returned with code %d\n",unlhwstatus); - - switch (unlhwstatus) { - case HW_GRANTED: - debuglog("HW unlock granted\n"); - if (releasedfl->flags & LOCK_MON) - unmonitor_lock_host(releasedfl->client_name); - retval = PFL_GRANTED; - break; - case HW_DENIED_NOLOCK: - /* Huh?!?! This shouldn't happen */ - debuglog("HW unlock denied no lock\n"); - retval = PFL_HWRESERR; - /* Break out of do-while */ - unlstatus = NFS_RESERR; - break; - default: - debuglog("HW unlock failed\n"); - retval = PFL_HWRESERR; - /* Break out of do-while */ - unlstatus = NFS_RESERR; - break; - } - - debuglog("Exiting with status retval: %d\n",retval); - - // XXX sending granted messages before unlock response - // XXX causes unlock response to be corrupted? - // XXX Workaround is to move this to nlm_prot_svc.c - // XXX after the unlock response is sent. - // retry_blockingfilelocklist(); - need_retry_blocked_locks = 1; - break; - case NFS_DENIED_NOLOCK: - retval = PFL_GRANTED; - debuglog("All locks cleaned out\n"); - break; - default: - retval = PFL_NFSRESERR; - debuglog("NFS unlock failure\n"); - dump_filelock(fl); - break; - } - - if (releasedfl != NULL) { - if (fl == releasedfl) { - /* - * XXX: YECHHH!!! Attempt to unlock self succeeded - * but we can't deallocate the space yet. This is what - * happens when you don't write malloc and free together - */ - debuglog("Attempt to unlock self\n"); - selffl = releasedfl; - } else { - /* - * XXX: this deallocation *still* needs to migrate closer - * to the allocation code way up in get_lock or the allocation - * code needs to migrate down (violation of "When you write - * malloc you must write free") - */ - - deallocate_file_lock(releasedfl); - } - } - - } while (unlstatus == NFS_GRANTED); - - if (selffl != NULL) { - /* - * This statement wipes out the incoming file lock (fl) - * in spite of the fact that it is declared const - */ - debuglog("WARNING! Destroying incoming lock pointer\n"); - deallocate_file_lock(selffl); - } - - debuglog("Exiting unlock_partialfilelock\n"); - - return retval; -} - -/* - * clear_partialfilelock - * - * Normally called in response to statd state number change. - * Wipe out all locks held by a host. As a bonus, the act of - * doing so should automatically clear their statd entries and - * unmonitor the host. - */ - -void -clear_partialfilelock(const char *hostname) -{ - struct file_lock *ifl, *nfl; - enum partialfilelock_status pfsret; - struct host *ihp; - - /* - * Check if the name we got from statd is - * actually one reverse-mapped from the client's - * address. If so, use the name provided as - * the caller_name in lock requests instead so that - * we can correctly identify the client's locks. - */ - TAILQ_FOREACH(ihp, &hostlst_head, hostlst) { - if (ihp->revname && strncmp(hostname, ihp->revname, - SM_MAXSTRLEN) == 0) { - hostname = ihp->name; - debuglog("Clearing locks for %s (%s)\n", - hostname, ihp->revname); - break; - } - } - - /* Clear blocking file lock list */ - clear_blockingfilelock(hostname); - - /* do all required unlocks */ - /* Note that unlock can smash the current pointer to a lock */ - - /* - * Normally, LIST_FOREACH is called for, but since - * the current element *is* the iterator, deleting it - * would mess up the iteration. Thus, a next element - * must be used explicitly - */ -restart: - ifl = LIST_FIRST(&nfslocklist_head); - - while (ifl != NULL) { - nfl = LIST_NEXT(ifl, nfslocklist); - - if (strncmp(hostname, ifl->client_name, SM_MAXSTRLEN) == 0) { - /* Unlock destroys ifl out from underneath */ - pfsret = unlock_partialfilelock(ifl); - if (pfsret != PFL_GRANTED) { - /* Uh oh... there was some sort of problem. */ - /* If we restart the loop, we may get */ - /* stuck here forever getting errors. */ - /* So, let's just abort the whole scan. */ - syslog(LOG_WARNING, "lock clearing for %s failed: %d", - hostname, pfsret); - break; - } - /* ifl is NO LONGER VALID AT THIS POINT */ - /* Note: the unlock may deallocate several existing locks. */ - /* Therefore, we need to restart the scanning of the list, */ - /* because nfl could be pointing to a freed lock. */ - goto restart; - } - ifl = nfl; - } -} - -/* - * test_partialfilelock: - */ -enum partialfilelock_status -test_partialfilelock(const struct file_lock *fl, - struct file_lock **conflicting_fl) -{ - enum partialfilelock_status retval; - enum nfslock_status teststatus; - - debuglog("Entering testpartialfilelock...\n"); - - retval = PFL_DENIED; - - teststatus = test_nfslock(fl, conflicting_fl); - debuglog("test_partialfilelock: teststatus %d\n",teststatus); - - if (teststatus == NFS_GRANTED || teststatus == NFS_GRANTED_DUPLICATE) { - /* XXX: Add the underlying filesystem locking code */ - retval = (teststatus == NFS_GRANTED) ? - PFL_GRANTED : PFL_GRANTED_DUPLICATE; - debuglog("Dumping locks...\n"); - dump_filelock(fl); - dump_filelock(*conflicting_fl); - debuglog("Done dumping locks...\n"); - } else { - retval = PFL_NFSDENIED; - debuglog("NFS test denied.\n"); - dump_filelock(fl); - debuglog("Conflicting.\n"); - dump_filelock(*conflicting_fl); - } - - debuglog("Exiting testpartialfilelock...\n"); - - return retval; -} - -/* - * Below here are routines associated with translating the partial file locking - * codes into useful codes to send back to the NFS RPC messaging system - */ - -/* - * These routines translate the (relatively) useful return codes back onto - * the few return codes which the nlm subsystems wishes to trasmit - */ - -enum nlm4_stats -do_test(struct file_lock *fl, struct file_lock **conflicting_fl) -{ - enum partialfilelock_status pfsret; - enum nlm4_stats retval; - - debuglog("Entering do_test...\n"); - - pfsret = test_partialfilelock(fl,conflicting_fl); - - switch (pfsret) { - case PFL_GRANTED: - debuglog("PFL test lock granted\n"); - dump_filelock(fl); - dump_filelock(*conflicting_fl); - retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; - break; - case PFL_GRANTED_DUPLICATE: - debuglog("PFL test lock granted--duplicate id detected\n"); - dump_filelock(fl); - dump_filelock(*conflicting_fl); - debuglog("Clearing conflicting_fl for call semantics\n"); - *conflicting_fl = NULL; - retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; - break; - case PFL_NFSDENIED: - case PFL_HWDENIED: - debuglog("PFL test lock denied\n"); - dump_filelock(fl); - dump_filelock(*conflicting_fl); - retval = (fl->flags & LOCK_V4) ? nlm4_denied : nlm_denied; - break; - case PFL_NFSRESERR: - case PFL_HWRESERR: - debuglog("PFL test lock resource fail\n"); - dump_filelock(fl); - dump_filelock(*conflicting_fl); - retval = (fl->flags & LOCK_V4) ? nlm4_denied_nolocks : nlm_denied_nolocks; - break; - default: - debuglog("PFL test lock *FAILED*\n"); - dump_filelock(fl); - dump_filelock(*conflicting_fl); - retval = (fl->flags & LOCK_V4) ? nlm4_failed : nlm_denied; - break; - } - - debuglog("Exiting do_test...\n"); - - return retval; -} - -/* - * do_lock: Try to acquire a lock - * - * This routine makes a distinction between NLM versions. I am pretty - * convinced that this should be abstracted out and bounced up a level - */ - -enum nlm4_stats -do_lock(struct file_lock *fl) -{ - enum partialfilelock_status pfsret; - enum nlm4_stats retval; - - debuglog("Entering do_lock...\n"); - - pfsret = lock_partialfilelock(fl); - - switch (pfsret) { - case PFL_GRANTED: - debuglog("PFL lock granted"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; - break; - case PFL_GRANTED_DUPLICATE: - debuglog("PFL lock granted--duplicate id detected"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; - break; - case PFL_NFSDENIED: - case PFL_HWDENIED: - debuglog("PFL_NFS lock denied"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_denied : nlm_denied; - break; - case PFL_NFSBLOCKED: - case PFL_HWBLOCKED: - debuglog("PFL_NFS blocking lock denied. Queued.\n"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_blocked : nlm_blocked; - break; - case PFL_NFSRESERR: - case PFL_HWRESERR: - case PFL_NFSDENIED_NOLOCK: - case PFL_HWDENIED_NOLOCK: - debuglog("PFL lock resource alocation fail\n"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_denied_nolocks : nlm_denied_nolocks; - break; - case PFL_HWDENIED_STALEFH: - debuglog("PFL_NFS lock denied STALEFH"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_stale_fh : nlm_denied; - break; - case PFL_HWDENIED_READONLY: - debuglog("PFL_NFS lock denied READONLY"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_rofs : nlm_denied; - break; - default: - debuglog("PFL lock *FAILED*"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_failed : nlm_denied; - break; - } - - debuglog("Exiting do_lock...\n"); - - return retval; -} - -enum nlm4_stats -do_unlock(struct file_lock *fl) -{ - enum partialfilelock_status pfsret; - enum nlm4_stats retval; - - debuglog("Entering do_unlock...\n"); - pfsret = unlock_partialfilelock(fl); - - switch (pfsret) { - case PFL_GRANTED: - debuglog("PFL unlock granted"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; - break; - case PFL_NFSDENIED: - case PFL_HWDENIED: - debuglog("PFL_NFS unlock denied"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_denied : nlm_denied; - break; - case PFL_NFSDENIED_NOLOCK: - case PFL_HWDENIED_NOLOCK: - debuglog("PFL_NFS no lock found\n"); - retval = (fl->flags & LOCK_V4) ? nlm4_granted : nlm_granted; - break; - case PFL_NFSRESERR: - case PFL_HWRESERR: - debuglog("PFL unlock resource failure"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_denied_nolocks : nlm_denied_nolocks; - break; - default: - debuglog("PFL unlock *FAILED*"); - dump_filelock(fl); - retval = (fl->flags & LOCK_V4) ? nlm4_failed : nlm_denied; - break; - } - - debuglog("Exiting do_unlock...\n"); - - return retval; -} - -/* - * do_clear - * - * This routine is non-existent because it doesn't have a return code. - * It is here for completeness in case someone *does* need to do return - * codes later. A decent compiler should optimize this away. - */ - -void -do_clear(const char *hostname) -{ - - clear_partialfilelock(hostname); -} - -/* - * The following routines are all called from the code which the - * RPC layer invokes - */ - -/* - * testlock(): inform the caller if the requested lock would be granted - * - * returns NULL if lock would granted - * returns pointer to a conflicting nlm4_holder if not - */ - -struct nlm4_holder * -testlock(struct nlm4_lock *lock, bool_t exclusive, int flags __unused) -{ - struct file_lock test_fl, *conflicting_fl; - - if (lock->fh.n_len > NFS_MAX_FH_SIZE) { - debuglog("received fhandle size %d, max size %d", - lock->fh.n_len, NFS_MAX_FH_SIZE); - return NULL; - } - - bzero(&test_fl, sizeof(test_fl)); - - test_fl.filehandle.n_len = lock->fh.n_len; - test_fl.filehandle.n_bytes = lock->fh.n_bytes; - copy_nlm4_lock_to_nlm4_holder(lock, exclusive, &test_fl.client); - - siglock(); - do_test(&test_fl, &conflicting_fl); - - if (conflicting_fl == NULL) { - debuglog("No conflicting lock found\n"); - sigunlock(); - return NULL; - } else { - debuglog("Found conflicting lock\n"); - dump_filelock(conflicting_fl); - sigunlock(); - return (&conflicting_fl->client); - } -} - -/* - * getlock: try to aquire the lock. - * If file is already locked and we can sleep, put the lock in the list with - * status LKST_WAITING; it'll be processed later. - * Otherwise try to lock. If we're allowed to block, fork a child which - * will do the blocking lock. - */ - -enum nlm4_stats -getlock(nlm4_lockargs *lckarg, struct svc_req *rqstp, const int flags) -{ - struct file_lock *newfl; - enum nlm4_stats retval; - - debuglog("Entering getlock...\n"); - - if (grace_expired == 0 && lckarg->reclaim == 0) - return (flags & LOCK_V4) ? - nlm4_denied_grace_period : nlm_denied_grace_period; - - if (lckarg->alock.fh.n_len > NFS_MAX_FH_SIZE) { - debuglog("received fhandle size %d, max size %d", - lckarg->alock.fh.n_len, NFS_MAX_FH_SIZE); - return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; - } - - /* allocate new file_lock for this request */ - newfl = allocate_file_lock(&lckarg->alock.oh, &lckarg->alock.fh, - (struct sockaddr *)svc_getcaller(rqstp->rq_xprt), - lckarg->alock.caller_name); - if (newfl == NULL) { - syslog(LOG_NOTICE, "lock allocate failed: %s", strerror(errno)); - /* failed */ - return (flags & LOCK_V4) ? - nlm4_denied_nolocks : nlm_denied_nolocks; - } - - fill_file_lock(newfl, - lckarg->exclusive, lckarg->alock.svid, lckarg->alock.l_offset, - lckarg->alock.l_len, - lckarg->state, 0, flags, lckarg->block); - - /* - * newfl is now fully constructed and deallocate_file_lock - * can now be used to delete it - */ - - siglock(); - debuglog("Pointer to new lock is %p\n",newfl); - - retval = do_lock(newfl); - - debuglog("Pointer to new lock is %p\n",newfl); - sigunlock(); - - switch (retval) - { - case nlm4_granted: - /* case nlm_granted: is the same as nlm4_granted */ - /* do_mon(lckarg->alock.caller_name); */ - break; - case nlm4_blocked: - /* case nlm_blocked: is the same as nlm4_blocked */ - /* do_mon(lckarg->alock.caller_name); */ - break; - default: - deallocate_file_lock(newfl); - break; - } - - debuglog("Exiting getlock...\n"); - - return retval; -} - - -/* unlock a filehandle */ -enum nlm4_stats -unlock(nlm4_lock *lock, const int flags) -{ - struct file_lock fl; - enum nlm4_stats err; - - debuglog("Entering unlock...\n"); - - if (lock->fh.n_len > NFS_MAX_FH_SIZE) { - debuglog("received fhandle size %d, max size %d", - lock->fh.n_len, NFS_MAX_FH_SIZE); - return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; - } - - siglock(); - - bzero(&fl,sizeof(struct file_lock)); - fl.filehandle.n_len = lock->fh.n_len; - fl.filehandle.n_bytes = lock->fh.n_bytes; - - copy_nlm4_lock_to_nlm4_holder(lock, 0, &fl.client); - - err = do_unlock(&fl); - - sigunlock(); - - debuglog("Exiting unlock...\n"); - - return err; -} - -/* cancel a blocked lock request */ -enum nlm4_stats -cancellock(nlm4_cancargs *args, const int flags) -{ - struct file_lock *ifl, *nfl; - enum nlm4_stats err; - - debuglog("Entering cancellock...\n"); - - if (args->alock.fh.n_len > NFS_MAX_FH_SIZE) { - debuglog("received fhandle size %d, max size %d", - args->alock.fh.n_len, NFS_MAX_FH_SIZE); - return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; - } - - siglock(); - - err = (flags & LOCK_V4) ? nlm4_denied : nlm_denied; - - /* - * scan blocked lock list for matching request and remove/destroy - */ - ifl = LIST_FIRST(&blockedlocklist_head); - for ( ; ifl != NULL; ifl = nfl) { - nfl = LIST_NEXT(ifl, nfslocklist); - - /* compare lock fh - filehandle */ - if (!same_netobj(&args->alock.fh, &ifl->filehandle)) - continue; - - /* compare lock caller_name - client_name */ - if (strncmp(args->alock.caller_name, ifl->client_name, SM_MAXSTRLEN)) - continue; - - /* Note: done't compare cookie - client_cookie */ - /* The cookie may be specific to the cancel request */ - /* and not be the same as the one in the original lock request. */ - - /* compare lock oh - client.oh */ - if (!same_netobj(&args->alock.oh, &ifl->client.oh)) - continue; - - /* compare lock svid - client.svid */ - if (args->alock.svid != ifl->client.svid) - continue; - - /* compare lock l_offset - client.l_offset */ - if (args->alock.l_offset != ifl->client.l_offset) - continue; - - /* compare lock l_len - client.l_len */ - if (args->alock.l_len != ifl->client.l_len) - continue; - - /* compare exclusive - client.exclusive */ - if (args->exclusive != ifl->client.exclusive) - continue; - - /* got it */ - remove_blockingfilelock(ifl); - deallocate_file_lock(ifl); - err = (flags & LOCK_V4) ? nlm4_granted : nlm_granted; - break; - } - - sigunlock(); - - debuglog("Exiting cancellock...\n"); - - return err; -} - - -/* - * XXX: The following monitor/unmonitor routines - * have not been extensively tested (ie. no regression - * script exists like for the locking sections) - */ - -/* - * Find a lock host on a queue. If found: - * bump the ref, - * bump the access time, - * dequeue it from the queue it was found on, - * enqueue it at the front of the "in use" queue. - */ -struct host * -get_lock_host(struct hostlst_head *hd, const char *hostname, const struct sockaddr *saddr) -{ - struct host *ihp; - - if (!hostname && !saddr) - return (NULL); - - debuglog("get_lock_host %s\n", hostname ? hostname : "addr"); - TAILQ_FOREACH(ihp, hd, hostlst) { - if (hostname && (strncmp(hostname, ihp->name, SM_MAXSTRLEN) != 0)) - continue; - if (saddr && addrcmp(saddr, &ihp->addr)) - continue; - TAILQ_REMOVE(hd, ihp, hostlst); - /* - * Host is already monitored, so just bump the - * reference count. But don't bump the reference - * count if we're adding additional client-side - * references. Client-side monitors are done by - * address, are never unmonitored, and should only - * take one refcount. Otherwise, repeated calls - * could cause the refcount to wrap. - */ - if (!saddr || !ihp->addr.sa_len) - ++ihp->refcnt; - ihp->lastuse = currsec; - /* Host should only be in the monitor list once */ - TAILQ_INSERT_HEAD(&hostlst_head, ihp, hostlst); - break; - } - debuglog("get_lock_host %s %s\n", - ihp == NULL ? "did not find" : "found", hostname ? hostname : "addr"); - return (ihp); -} - -/* - * monitor_lock_host: monitor lock hosts locally with a ref count and - * inform statd - */ -void -monitor_lock_host_by_name(const char *hostname, const struct sockaddr *saddr) -{ - struct host *ihp; - - debuglog("monitor_lock_host: %s\n", hostname); - ihp = get_lock_host(&hostlst_head, hostname, NULL); - if (ihp == NULL) - ihp = get_lock_host(&hostlst_unref, hostname, NULL); - if (ihp != NULL) { - if (ihp->revname) - debuglog("Monitor_lock_host: %s - %s (cached)\n", - ihp->name, ihp->revname); - else - debuglog("Monitor_lock_host: %s (cached)\n", ihp->name); - return; - } - - monitor_lock_host(hostname, saddr); -} - -void -monitor_lock_host_by_addr(const struct sockaddr *saddr) -{ - struct host *ihp; - struct hostent *hp; - char hostaddr[SM_MAXSTRLEN]; - struct sockaddr_in *sin = (struct sockaddr_in *)saddr; - - if (getnameinfo(saddr, saddr->sa_len, hostaddr, sizeof(hostaddr), - NULL, 0, NI_NUMERICHOST)) { - debuglog("monitor_lock_host: bad address\n"); - return; - } - debuglog("monitor_lock_host: %s\n", hostaddr); - ihp = get_lock_host(&hostlst_head, NULL, saddr); - if (ihp == NULL) - ihp = get_lock_host(&hostlst_unref, NULL, saddr); - if (ihp != NULL) { - debuglog("Monitor_lock_host: %s (cached)\n", ihp->name); - return; - } - - hp = gethostbyaddr((char*)&sin->sin_addr, sizeof(sin->sin_addr), AF_INET); - if (hp) { - monitor_lock_host(hp->h_name, saddr); - } else { - // herror(hostaddr); - monitor_lock_host(hostaddr, saddr); - } -} - -static void -monitor_lock_host(const char *hostname, const struct sockaddr *saddr) -{ - struct host *nhp; - struct hostent *hp = NULL; - struct mon smon; - struct sm_stat_res sres; - int rpcret; - int retrying = 0; - size_t n; - struct sockaddr_in *sin = (struct sockaddr_in *) saddr; - - rpcret = 0; - - /* Host is not yet monitored, add it */ - debuglog("Monitor_lock_host: %s (creating)\n", hostname); - n = strnlen(hostname, SM_MAXSTRLEN); - if (n == SM_MAXSTRLEN) { - debuglog("monitor_lock_host: hostname too long\n"); - return; - } - nhp = (struct host *) malloc(sizeof(struct host)); - if (nhp == NULL) { - debuglog("Unable to allocate entry for statd mon\n"); - return; - } - - /* Allocated new host entry, now fill the fields */ - nhp->name = strdup(hostname); - if (nhp->name == NULL) { - debuglog("Unable to allocate entry name for statd mon\n"); - free(nhp); - return; - } - nhp->revname = NULL; - nhp->refcnt = 1; - nhp->lastuse = currsec; - if (saddr) { - bcopy(saddr, &nhp->addr, saddr->sa_len); - } else { - nhp->addr.sa_len = 0; - } - debuglog("Locally Monitoring host '%s'\n", hostname); - - debuglog("Attempting to tell statd\n"); - - bzero(&smon,sizeof(smon)); - - smon.mon_id.mon_name = nhp->name; - smon.mon_id.my_id.my_name = "localhost\0"; - - smon.mon_id.my_id.my_prog = NLM_PROG; - smon.mon_id.my_id.my_vers = NLM_SM; - smon.mon_id.my_id.my_proc = NLM_SM_NOTIFY; - -retry: - rpcret = callrpc("localhost", SM_PROG, SM_VERS, SM_MON, xdr_mon, - &smon, xdr_sm_stat_res, &sres); - - if (rpcret == 0) { - if (sres.res_stat == stat_fail && !retrying) { - debuglog("Statd call failed\n"); - /* - * It's possible that the hostname provided - * by the client isn't valid. Retry with a - * a hostname reverse-mapped from the client's - * address (if provided) and stash this name - * in the host entry so that we can identify it - * with this name later when we ask statd to - * unmonitor it. - */ - if (saddr) - hp = gethostbyaddr((char *) &sin->sin_addr, - sizeof(sin->sin_addr), AF_INET); - if (hp != NULL && strcmp(nhp->name, hp->h_name) != 0) { - debuglog("Statd retry with '%s'\n", hp->h_name); - smon.mon_id.mon_name = hp->h_name; - nhp->revname = strdup(hp->h_name); - if (nhp->revname == NULL) { - debuglog("No memory for revname\n"); - free(nhp->name); - free(nhp); - return; - } - retrying = 1; - goto retry; - } - } - } else { - debuglog("Rpc call to statd failed with return value: %d\n", - rpcret); - } - - /* - * Insert host in the monitor list, even if statd - * doesn't like it. If the name is unacceptable - * to statd, at least we'll avoid subsequent rejection - * on every lock request. - */ - TAILQ_INSERT_HEAD(&hostlst_head, nhp, hostlst); -} - -/* - * unmonitor_lock_host: clear monitor ref counts and inform statd when gone - */ -void -unmonitor_lock_host(const char *hostname) -{ - struct host *ihp; - - TAILQ_FOREACH(ihp, &hostlst_head, hostlst) { - if (strncmp(hostname, ihp->name, SM_MAXSTRLEN) == 0) { - /* Host is unmonitored, drop refcount */ - --ihp->refcnt; - /* Host should only be in the monitor list once */ - break; - } - } - - if (ihp == NULL) { - debuglog("Could not find host %16s in mon list\n", hostname); - return; - } - - if (ihp->refcnt > 0) - return; - - if (ihp->refcnt < 0) { - debuglog("Negative refcount!: %d\n", ihp->refcnt); - } - - TAILQ_REMOVE(&hostlst_head, ihp, hostlst); - TAILQ_INSERT_HEAD(&hostlst_unref, ihp, hostlst); - if (host_expire <= 0) - destroy_lock_host(ihp); -} - -void -destroy_lock_host(struct host *ihp) -{ - struct mon_id smon_id; - struct sm_stat smstat; - int rpcret; - char *name; - - /* - * If the client was monitored with a hostname obtained from - * its address, then use that instead of the possibly invalid - * hostname provided in caller_name. - */ - name = ihp->revname ? ihp->revname : ihp->name; - debuglog("Attempting to unmonitor host %16s\n", name); - - bzero(&smon_id,sizeof(smon_id)); - smon_id.mon_name = name; - smon_id.my_id.my_name = "localhost"; - smon_id.my_id.my_prog = NLM_PROG; - smon_id.my_id.my_vers = NLM_SM; - smon_id.my_id.my_proc = NLM_SM_NOTIFY; - - rpcret = callrpc("localhost", SM_PROG, SM_VERS, SM_UNMON, xdr_mon_id, - &smon_id, xdr_sm_stat, &smstat); - - if (rpcret != 0) { - debuglog("Rpc call to unmonitor statd failed with " - " return value: %d: %s", rpcret, clnt_sperrno(rpcret)); - } else { - debuglog("Succeeded unmonitoring %16s\n", ihp->name); - } - - TAILQ_REMOVE(&hostlst_unref, ihp, hostlst); - if (ihp->name) - free(ihp->name); - if (ihp->revname) - free(ihp->revname); - free(ihp); -} - -/* - * returns 1 if there are hosts to expire or 0 if there are none. - */ -int -expire_lock_hosts(void) -{ - struct host *ihp; - - debuglog("expire_lock_hosts: called\n"); - for ( ;; ) { - ihp = TAILQ_LAST(&hostlst_unref, hostlst_head); - if (ihp == NULL) - break; - if (host_expire > 0 && ihp->lastuse >= currsec - host_expire) - break; - debuglog("expire_lock_hosts: expiring %s %d %d %d\n", - ihp->name, (int)ihp->lastuse, - (int)currsec, (int)currsec - host_expire); - destroy_lock_host(ihp); - } - return (TAILQ_LAST(&hostlst_unref, hostlst_head) != NULL); -} - -/* - * notify: Clear all locks from a host if statd complains - * - * XXX: This routine has not been thoroughly tested. However, neither - * had the old one been. It used to compare the statd crash state counter - * to the current lock state. The upshot of this was that it basically - * cleared all locks from the specified host 99% of the time (with the - * other 1% being a bug). Consequently, the assumption is that clearing - * all locks from a host when notified by statd is acceptable. - * - * Please note that this routine skips the usual level of redirection - * through a do_* type routine. This introduces a possible level of - * error and might better be written as do_notify and take this one out. - - */ - -void -notify(const char *hostname, const int state) -{ - debuglog("notify from %s, new state %d", hostname, state); - - siglock(); - do_clear(hostname); - sigunlock(); - - debuglog("Leaving notify\n"); -} - -int -send_granted(fl, opcode) - struct file_lock *fl; - int opcode __unused; -{ - CLIENT *cli; - static char dummy; - struct timeval timeo; - enum clnt_stat rv; - static struct nlm_res retval; - static struct nlm4_res retval4; - - debuglog("About to send granted on blocked lock\n"); - - cli = get_client(fl->addr, - (fl->flags & LOCK_V4) ? NLM_VERS4 : NLM_VERS); - if (cli == NULL) { - syslog(LOG_NOTICE, "failed to get CLIENT for %s", - fl->client_name); - /* - * We fail to notify remote that the lock has been granted. - * The client will timeout and retry, the lock will be - * granted at this time. - */ - return -1; - } - timeo.tv_sec = 0; - timeo.tv_usec = (fl->flags & LOCK_ASYNC) ? 0 : 500000; /* 0.5s */ - - fl->granted_cookie = ++send_granted_cookie; - if (!send_granted_cookie) - send_granted_cookie++; - - if (fl->flags & LOCK_V4) { - static nlm4_testargs res; - res.cookie.n_len = sizeof(fl->granted_cookie); - res.cookie.n_bytes = (char*)&fl->granted_cookie; - res.exclusive = fl->client.exclusive; - res.alock.caller_name = fl->client_name; - res.alock.fh.n_len = fl->filehandle.n_len; - res.alock.fh.n_bytes = fl->filehandle.n_bytes; - res.alock.oh = fl->client.oh; - res.alock.svid = fl->client.svid; - res.alock.l_offset = fl->client.l_offset; - res.alock.l_len = fl->client.l_len; - debuglog("sending v4 reply%s", - (fl->flags & LOCK_ASYNC) ? " (async)":""); - if (fl->flags & LOCK_ASYNC) { - rv = clnt_call(cli, NLM4_GRANTED_MSG, - xdr_nlm4_testargs, &res, xdr_void, &dummy, timeo); - } else { - rv = clnt_call(cli, NLM4_GRANTED, - xdr_nlm4_testargs, &res, xdr_nlm4_res, - &retval4, timeo); - } - } else { - static nlm_testargs res; - - res.cookie.n_len = sizeof(fl->granted_cookie); - res.cookie.n_bytes = (char*)&fl->granted_cookie; - res.exclusive = fl->client.exclusive; - res.alock.caller_name = fl->client_name; - res.alock.fh.n_len = fl->filehandle.n_len; - res.alock.fh.n_bytes = fl->filehandle.n_bytes; - res.alock.oh = fl->client.oh; - res.alock.svid = fl->client.svid; - res.alock.l_offset = fl->client.l_offset; - res.alock.l_len = fl->client.l_len; - debuglog("sending v1 reply%s", - (fl->flags & LOCK_ASYNC) ? " (async)":""); - if (fl->flags & LOCK_ASYNC) { - rv = clnt_call(cli, NLM_GRANTED_MSG, - xdr_nlm_testargs, &res, xdr_void, &dummy, timeo); - } else { - rv = clnt_call(cli, NLM_GRANTED, - xdr_nlm_testargs, &res, xdr_nlm_res, - &retval, timeo); - } - } - if (debug_level > 2) - debuglog("clnt_call returns %d(%s) for granted", - rv, clnt_sperrno(rv)); - - if ((rv != RPC_SUCCESS) && - !((fl->flags & LOCK_ASYNC) && (rv == RPC_TIMEDOUT))) - return -1; - return 0; -} - -/* - * granted_failed: remove a granted lock that wasn't successfully - * accepted by the client - */ -void -granted_failed(nlm4_res *arg) -{ - u_int64_t cookie; - struct file_lock *ifl; - - debuglog("Entering granted_failed, status %d\n", arg->stat.stat); - - if (arg->cookie.n_len != sizeof(cookie)) { - debuglog("Exiting granted_failed: bogus cookie size %d\n", - arg->cookie.n_len); - return; - } - bcopy(arg->cookie.n_bytes, &cookie, sizeof(cookie)); - debuglog("granted_failed, cookie 0x%llx\n", cookie); - - LIST_FOREACH(ifl, &nfslocklist_head, nfslocklist) { - debuglog("Pointer to file lock: %p\n",ifl); - - debuglog("****Dump of ifl****\n"); - dump_filelock(ifl); - - if (ifl->granted_cookie != cookie) - continue; - - debuglog("granted_failed: cookie found\n"); - break; - } - - if (ifl) { - do_unlock(ifl); - /* ifl is NO LONGER VALID AT THIS POINT */ - } else { - debuglog("granted_failed: cookie NOT FOUND\n"); - } - - debuglog("Exiting granted_failed\n"); -} - -/* - * getshare: try to acquire a share reservation - */ -enum nlm4_stats -getshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags) -{ - struct sharefile *shrfile; - struct file_share *sh; - size_t n; - - debuglog("Entering getshare...\n"); - - if (grace_expired == 0 && shrarg->reclaim == 0) { - debuglog("getshare denied - grace period\n"); - return (flags & LOCK_V4) ? - nlm4_denied_grace_period : - nlm_denied_grace_period; - } - - if (shrarg->share.fh.n_len > NFS_MAX_FH_SIZE) { - debuglog("received fhandle size %d, max size %d", - shrarg->share.fh.n_len, NFS_MAX_FH_SIZE); - return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; - } - - /* find file in list of share files */ - LIST_FOREACH(shrfile, &nfssharefilelist_head, sharefilelist) { - if ((shrarg->share.fh.n_len == shrfile->filehandle.n_len) && - (bcmp(shrarg->share.fh.n_bytes, shrfile->filehandle.n_bytes, - shrarg->share.fh.n_len) == 0)) { - /* shrfile is the correct file */ - break; - } - } - - /* if share file not found, create a new share file */ - if (!shrfile) { - fhandle_t fh; - int fd; - fh.fh_len = shrarg->share.fh.n_len; - bcopy(shrarg->share.fh.n_bytes, fh.fh_data, fh.fh_len); - fd = fhopen(&fh, O_RDONLY); - if (fd < 0) { - debuglog("fhopen failed (from %16s): %32s\n", - shrarg->share.caller_name, strerror(errno)); - if ((flags & LOCK_V4) == 0) - return nlm_denied; - switch (errno) { - case ESTALE: - return nlm4_stale_fh; - default: - return nlm4_failed; - } - } - shrfile = malloc(sizeof(struct sharefile)); - if (!shrfile) { - debuglog("getshare failed: can't allocate sharefile\n"); - close(fd); - return (flags & LOCK_V4) ? nlm4_denied_nolocks : nlm_denied_nolocks; - } - shrfile->filehandle.n_len = shrarg->share.fh.n_len; - shrfile->filehandle.n_bytes = malloc(shrarg->share.fh.n_len); - if (!shrfile->filehandle.n_bytes) { - debuglog("getshare failed: can't allocate sharefile filehandle\n"); - free(shrfile); - close(fd); - return (flags & LOCK_V4) ? nlm4_denied_nolocks : nlm_denied_nolocks; - } - bcopy(shrarg->share.fh.n_bytes, shrfile->filehandle.n_bytes, - shrarg->share.fh.n_len); - shrfile->fd = fd; - shrfile->refcount = 0; - shrfile->sharelist_head.lh_first = NULL; - LIST_INSERT_HEAD(&nfssharefilelist_head, shrfile, sharefilelist); - } - - /* compare request mode/access to current shares */ - LIST_FOREACH(sh, &shrfile->sharelist_head, nfssharelist) { - /* if request host/owner matches a current share... */ - if ((strncmp(shrarg->share.caller_name, sh->client_name, SM_MAXSTRLEN) == 0) && - same_netobj(&shrarg->share.oh, &sh->oh)) { - /* ...then just update share mode/access */ - sh->mode = shrarg->share.mode; - sh->access = shrarg->share.access; - debuglog("getshare: updated existing share\n"); - return (flags & LOCK_V4) ? nlm4_granted : nlm_granted; - } - if (((shrarg->share.mode & sh->access) != 0) || - ((shrarg->share.access & sh->mode) != 0)) { - /* share request conflicts with existing share */ - debuglog("getshare: conflicts with existing share\n"); - return (flags & LOCK_V4) ? nlm4_denied : nlm_denied; - } - } - - /* create/init new share */ - n = strnlen(shrarg->share.caller_name, SM_MAXSTRLEN); - if (n < SM_MAXSTRLEN) { - sh = malloc(sizeof(*sh) - sizeof(sh->client_name) + n + 1); - } else { - debuglog("getshare failed: hostname too long\n"); - sh = NULL; - } - if (!sh) { - debuglog("getshare failed: can't allocate share\n"); - if (!shrfile->refcount) { - LIST_REMOVE(shrfile, sharefilelist); - close(shrfile->fd); - free(shrfile->filehandle.n_bytes); - free(shrfile); - } - return (flags & LOCK_V4) ? nlm4_denied_nolocks : nlm_denied_nolocks; - } - bzero(sh, sizeof(*sh) - sizeof(sh->client_name)); - sh->oh.n_len = shrarg->share.oh.n_len; - sh->oh.n_bytes = malloc(sh->oh.n_len); - if (!sh->oh.n_bytes) { - debuglog("getshare failed: can't allocate share owner handle\n"); - free(sh); - if (!shrfile->refcount) { - LIST_REMOVE(shrfile, sharefilelist); - close(shrfile->fd); - free(shrfile->filehandle.n_bytes); - free(shrfile); - } - return (flags & LOCK_V4) ? nlm4_denied_nolocks : nlm_denied_nolocks; - } - memcpy(sh->client_name, shrarg->share.caller_name, n); - sh->client_name[n] = 0; - sh->mode = shrarg->share.mode; - sh->access = shrarg->share.access; - - /* insert new share into file's share list */ - LIST_INSERT_HEAD(&shrfile->sharelist_head, sh, nfssharelist); - shrfile->refcount++; - - debuglog("Exiting getshare...\n"); - - return (flags & LOCK_V4) ? nlm4_granted : nlm_granted; -} - - -/* remove a share reservation */ -enum nlm4_stats -unshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags) -{ - struct sharefile *shrfile; - struct file_share *sh; - - debuglog("Entering unshare...\n"); - - if (shrarg->share.fh.n_len > NFS_MAX_FH_SIZE) { - debuglog("received fhandle size %d, max size %d", - shrarg->share.fh.n_len, NFS_MAX_FH_SIZE); - return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; - } - - /* find file in list of share files */ - LIST_FOREACH(shrfile, &nfssharefilelist_head, sharefilelist) { - if ((shrarg->share.fh.n_len == shrfile->filehandle.n_len) && - (bcmp(shrarg->share.fh.n_bytes, shrfile->filehandle.n_bytes, - shrarg->share.fh.n_len) == 0)) { - /* shrfile is the correct file */ - break; - } - } - - /* if share file not found, return success (per spec) */ - if (!shrfile) { - debuglog("unshare: no such share file\n"); - return (flags & LOCK_V4) ? nlm4_granted : nlm_granted; - } - - /* find share */ - LIST_FOREACH(sh, &shrfile->sharelist_head, nfssharelist) { - /* if request host/owner matches a current share... */ - if ((strncmp(shrarg->share.caller_name, sh->client_name, SM_MAXSTRLEN) == 0) && - same_netobj(&shrarg->share.oh, &sh->oh)) - break; - } - - /* if share not found, return success (per spec) */ - if (!sh) { - debuglog("unshare: no such share\n"); - return (flags & LOCK_V4) ? nlm4_granted : nlm_granted; - } - - /* remove share from file and deallocate */ - shrfile->refcount--; - LIST_REMOVE(sh, nfssharelist); - free(sh->oh.n_bytes); - free(sh); - - /* if file has no more shares, deallocate share file */ - if (!shrfile->refcount) { - debuglog("unshare: file has no more shares\n"); - LIST_REMOVE(shrfile, sharefilelist); - close(shrfile->fd); - free(shrfile->filehandle.n_bytes); - free(shrfile); - } - - debuglog("Exiting unshare...\n"); - - return (flags & LOCK_V4) ? nlm4_granted : nlm_granted; -} - -/* - * do_free_all - * - * Wipe out all non-monitored locks and shares held by a host. - */ - -void -do_free_all(const char *hostname) -{ - struct file_lock *ifl, *nfl; - struct sharefile *shrfile, *nshrfile; - struct file_share *ifs, *nfs; - enum partialfilelock_status pfsret; - - /* clear non-monitored blocking file locks */ - ifl = LIST_FIRST(&blockedlocklist_head); - while (ifl != NULL) { - nfl = LIST_NEXT(ifl, nfslocklist); - - if (((ifl->flags & LOCK_MON) == 0) && - (strncmp(hostname, ifl->client_name, SM_MAXSTRLEN) == 0)) { - remove_blockingfilelock(ifl); - deallocate_file_lock(ifl); - } - - ifl = nfl; - } - - /* clear non-monitored file locks */ -restart: - ifl = LIST_FIRST(&nfslocklist_head); - while (ifl != NULL) { - nfl = LIST_NEXT(ifl, nfslocklist); - - if (((ifl->flags & LOCK_MON) == 0) && - (strncmp(hostname, ifl->client_name, SM_MAXSTRLEN) == 0)) { - /* Unlock destroys ifl out from underneath */ - pfsret = unlock_partialfilelock(ifl); - if (pfsret != PFL_GRANTED) { - /* Uh oh... there was some sort of problem. */ - /* If we restart the loop, we may get */ - /* stuck here forever getting errors. */ - /* So, let's just abort the whole scan. */ - syslog(LOG_WARNING, "unmonitored lock clearing for %s failed: %d", - hostname, pfsret); - break; - } - /* ifl is NO LONGER VALID AT THIS POINT */ - /* Note: the unlock may deallocate several existing locks. */ - /* Therefore, we need to restart the scanning of the list, */ - /* because nfl could be pointing to a freed lock. */ - goto restart; - } - - ifl = nfl; - } - - /* clear shares */ - shrfile = LIST_FIRST(&nfssharefilelist_head); - while (shrfile != NULL) { - nshrfile = LIST_NEXT(shrfile, sharefilelist); - - ifs = LIST_FIRST(&shrfile->sharelist_head); - while (ifs != NULL) { - nfs = LIST_NEXT(ifs, nfssharelist); - - if (strncmp(hostname, ifs->client_name, SM_MAXSTRLEN) == 0) { - shrfile->refcount--; - LIST_REMOVE(ifs, nfssharelist); - free(ifs->oh.n_bytes); - free(ifs); - } - - ifs = nfs; - } - - if (!shrfile->refcount) { - LIST_REMOVE(shrfile, sharefilelist); - close(shrfile->fd); - free(shrfile->filehandle.n_bytes); - free(shrfile); - } - - shrfile = nshrfile; - } - -} - - - -/* - * Routines below here have not been modified in the overhaul - */ - -/* - * Are these two routines still required since lockd is not spawning off - * children to service locks anymore? Presumably they were originally - * put in place to prevent a one child from changing the lock list out - * from under another one. - */ - -void -siglock(void) -{ - sigset_t block; - - sigemptyset(&block); - sigaddset(&block, SIGCHLD); - - if (sigprocmask(SIG_BLOCK, &block, NULL) < 0) { - syslog(LOG_WARNING, "siglock failed: %s", strerror(errno)); - } -} - -void -sigunlock(void) -{ - sigset_t block; - - sigemptyset(&block); - sigaddset(&block, SIGCHLD); - - if (sigprocmask(SIG_UNBLOCK, &block, NULL) < 0) { - syslog(LOG_WARNING, "sigunlock failed: %s", strerror(errno)); - } -} - - diff --git a/rpc_lockd.tproj/lockd_lock.h b/rpc_lockd.tproj/lockd_lock.h deleted file mode 100644 index cae679a..0000000 --- a/rpc_lockd.tproj/lockd_lock.h +++ /dev/null @@ -1,41 +0,0 @@ -/* $NetBSD: lockd_lock.h,v 1.2 2000/06/09 14:00:54 fvdl Exp $ */ -/* $FreeBSD: src/usr.sbin/rpc.lockd/lockd_lock.h,v 1.4 2002/03/21 22:52:45 alfred Exp $ */ - -/* Headers and function declarations for file-locking utilities */ - -#ifndef LOCKD_LOCK_H -#define LOCKD_LOCK_H -struct nlm4_holder * testlock(struct nlm4_lock *lock, bool_t exclusive, int flags); -enum nlm4_stats getlock(nlm4_lockargs *lckarg, struct svc_req *rqstp, const int flags); -enum nlm4_stats unlock(nlm4_lock *lock, const int flags); -enum nlm4_stats cancellock(nlm4_cancargs *args, const int flags); -int lock_answer(int version, netobj *netcookie, nlm4_lock *lock, int flags, int result); -enum nlm4_stats getshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags); -enum nlm4_stats unshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags); -void do_free_all(const char *hostname); -void granted_failed(nlm4_res *arg); - -void notify(const char *hostname, const int state); - -void monitor_lock_host_by_name(const char *, const struct sockaddr *); -void monitor_lock_host_by_addr(const struct sockaddr *addr); -void unmonitor_lock_host(const char *hostname); - -/* flags for testlock, getlock & unlock */ -#define LOCK_ASYNC 0x01 /* async version (getlock only) */ -#define LOCK_V4 0x02 /* v4 version */ -#define LOCK_MON 0x04 /* monitored lock (getlock only) */ - -/* flags for lock_answer */ -#define LOCK_ANSWER_GRANTED 0x0001 /* NLM_GRANTED request */ -#define LOCK_ANSWER_LOCK_EXCL 0x0004 /* lock is exclusive */ - -/* callbacks from lock_proc.c */ -int transmit_result(int, nlm_res *, struct sockaddr *); -int transmit4_result(int, nlm4_res *, struct sockaddr *); -CLIENT *get_client(struct sockaddr *, rpcvers_t); -int addrcmp(const struct sockaddr *, const struct sockaddr *); - -extern time_t currsec; - -#endif /* !LOCKD_LOCK_H */ diff --git a/rpc_lockd.tproj/nlm_prot_svc.c b/rpc_lockd.tproj/nlm_prot_svc.c deleted file mode 100644 index 3020788..0000000 --- a/rpc_lockd.tproj/nlm_prot_svc.c +++ /dev/null @@ -1,618 +0,0 @@ -/* - * Please do not edit this file. - * It was generated using rpcgen. - * (and subsequently cleaned up by hand) - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#ifdef __cplusplus -#include -#endif /* __cplusplus */ -#include -#include -#include -#include - -#ifdef __STDC__ -#define SIG_PF void(*)(int) -#endif - -#ifdef DEBUG -#define RPC_SVC_FG -#endif - -// XXX -void retry_blockingfilelocklist(netobj *fh); -extern int need_retry_blocked_locks; /* need to call retry_blockingfilelocklist() */ - -#define _RPCSVC_CLOSEDOWN 120 -#ifndef lint -/*static char sccsid[] = "from: @(#)nlm_prot.x 1.8 87/09/21 Copyr 1987 Sun Micro";*/ -/*static char sccsid[] = "from: * @(#)nlm_prot.x 2.1 88/08/01 4.0 RPCSRC";*/ -static char rcsid[] = "$Id: nlm_prot_svc.c,v 1.5 2004/03/11 23:52:19 lindak Exp $"; -#endif /* not lint */ -extern int _rpcpmstart; /* Started by a port monitor ? */ -extern int _rpcfdtype; /* Whether Stream or Datagram ? */ -extern int _rpcsvcdirty; /* Still serving ? */ - -void nlm_prog_0(struct svc_req *rqstp, SVCXPRT *transp); - -void -nlm_prog_0(struct svc_req *rqstp, SVCXPRT *transp) -{ - union { - struct nlm_sm_status nlm_sm_notify_0_arg; - } argument; - char *result; - xdrproc_t xdr_argument, xdr_result; - char *(*local)(char *, struct svc_req *); - - _rpcsvcdirty = 1; - switch (rqstp->rq_proc) { - case NULLPROC: - (void) svc_sendreply(transp, (xdrproc_t) xdr_void, (char *)NULL); - _rpcsvcdirty = 0; - return; - - case NLM_SM_NOTIFY: - xdr_argument = (xdrproc_t) xdr_nlm_sm_status; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_sm_notify_0_svc; - break; - - default: - svcerr_noproc(transp); - _rpcsvcdirty = 0; - return; - } - (void) memset((char *)&argument, 0, sizeof (argument)); - if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { - svcerr_decode(transp); - _rpcsvcdirty = 0; - return; - } - result = (*local)((char *)&argument, rqstp); - if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { - svcerr_systemerr(transp); - } - if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { - syslog(LOG_ERR, "unable to free arguments"); - exit(1); - } - _rpcsvcdirty = 0; - return; -} - -void nlm_prog_1(struct svc_req *rqstp, SVCXPRT *transp); - -void -nlm_prog_1(struct svc_req *rqstp, SVCXPRT *transp) -{ - union { - struct nlm_testargs nlm_test_1_arg; - struct nlm_lockargs nlm_lock_1_arg; - struct nlm_cancargs nlm_cancel_1_arg; - struct nlm_unlockargs nlm_unlock_1_arg; - struct nlm_testargs nlm_granted_1_arg; - struct nlm_testargs nlm_test_msg_1_arg; - struct nlm_lockargs nlm_lock_msg_1_arg; - struct nlm_cancargs nlm_cancel_msg_1_arg; - struct nlm_unlockargs nlm_unlock_msg_1_arg; - struct nlm_testargs nlm_granted_msg_1_arg; - nlm_testres nlm_test_res_1_arg; - nlm_res nlm_lock_res_1_arg; - nlm_res nlm_cancel_res_1_arg; - nlm_res nlm_unlock_res_1_arg; - nlm_res nlm_granted_res_1_arg; - } argument; - char *result; - xdrproc_t xdr_argument, xdr_result; - char *(*local)(char *, struct svc_req *); - - _rpcsvcdirty = 1; - switch (rqstp->rq_proc) { - case NULLPROC: - (void) svc_sendreply(transp, (xdrproc_t) xdr_void, (char *)NULL); - _rpcsvcdirty = 0; - return; - - case NLM_TEST: - xdr_argument = (xdrproc_t) xdr_nlm_testargs; - xdr_result = (xdrproc_t) xdr_nlm_testres; - local = (char *(*)(char *, struct svc_req *)) nlm_test_1_svc; - break; - - case NLM_LOCK: - xdr_argument = (xdrproc_t) xdr_nlm_lockargs; - xdr_result = (xdrproc_t) xdr_nlm_res; - local = (char *(*)(char *, struct svc_req *)) nlm_lock_1_svc; - break; - - case NLM_CANCEL: - xdr_argument = (xdrproc_t) xdr_nlm_cancargs; - xdr_result = (xdrproc_t) xdr_nlm_res; - local = (char *(*)(char *, struct svc_req *)) nlm_cancel_1_svc; - break; - - case NLM_UNLOCK: - xdr_argument = (xdrproc_t) xdr_nlm_unlockargs; - xdr_result = (xdrproc_t) xdr_nlm_res; - local = (char *(*)(char *, struct svc_req *)) nlm_unlock_1_svc; - break; - - case NLM_GRANTED: - xdr_argument = (xdrproc_t) xdr_nlm_testargs; - xdr_result = (xdrproc_t) xdr_nlm_res; - local = (char *(*)(char *, struct svc_req *)) nlm_granted_1_svc; - break; - - case NLM_TEST_MSG: - xdr_argument = (xdrproc_t) xdr_nlm_testargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_test_msg_1_svc; - break; - - case NLM_LOCK_MSG: - xdr_argument = (xdrproc_t) xdr_nlm_lockargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_lock_msg_1_svc; - break; - - case NLM_CANCEL_MSG: - xdr_argument = (xdrproc_t) xdr_nlm_cancargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_cancel_msg_1_svc; - break; - - case NLM_UNLOCK_MSG: - xdr_argument = (xdrproc_t) xdr_nlm_unlockargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_unlock_msg_1_svc; - break; - - case NLM_GRANTED_MSG: - xdr_argument = (xdrproc_t) xdr_nlm_testargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_granted_msg_1_svc; - break; - - case NLM_TEST_RES: - xdr_argument = (xdrproc_t) xdr_nlm_testres; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_test_res_1_svc; - break; - - case NLM_LOCK_RES: - xdr_argument = (xdrproc_t) xdr_nlm_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_lock_res_1_svc; - break; - - case NLM_CANCEL_RES: - xdr_argument = (xdrproc_t) xdr_nlm_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_cancel_res_1_svc; - break; - - case NLM_UNLOCK_RES: - xdr_argument = (xdrproc_t) xdr_nlm_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_unlock_res_1_svc; - break; - - case NLM_GRANTED_RES: - xdr_argument = (xdrproc_t) xdr_nlm_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_granted_res_1_svc; - break; - - default: - svcerr_noproc(transp); - _rpcsvcdirty = 0; - return; - } - (void) memset((char *)&argument, 0, sizeof (argument)); - if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { - svcerr_decode(transp); - _rpcsvcdirty = 0; - return; - } - result = (*local)((char *)&argument, rqstp); - if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { - svcerr_systemerr(transp); - } - if (need_retry_blocked_locks) { - // XXX sending granted messages before unlock response - // XXX causes unlock response to be corrupted? - // XXX so do this after we send any response - netobj *fh = NULL; - if ((local == (char *(*)(char *, struct svc_req *)) nlm_unlock_1_svc) || - (local == (char *(*)(char *, struct svc_req *)) nlm_unlock_msg_1_svc)) - fh = &argument.nlm_unlock_1_arg.alock.fh; - retry_blockingfilelocklist(fh); - } - if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { - syslog(LOG_ERR, "unable to free arguments"); - exit(1); - } - _rpcsvcdirty = 0; - return; -} - -void nlm_prog_3(struct svc_req *rqstp, SVCXPRT *transp); - -void -nlm_prog_3(struct svc_req *rqstp, SVCXPRT *transp) -{ - union { - struct nlm_testargs nlm_test_3_arg; - struct nlm_lockargs nlm_lock_3_arg; - struct nlm_cancargs nlm_cancel_3_arg; - struct nlm_unlockargs nlm_unlock_3_arg; - struct nlm_testargs nlm_granted_3_arg; - struct nlm_testargs nlm_test_msg_3_arg; - struct nlm_lockargs nlm_lock_msg_3_arg; - struct nlm_cancargs nlm_cancel_msg_3_arg; - struct nlm_unlockargs nlm_unlock_msg_3_arg; - struct nlm_testargs nlm_granted_msg_3_arg; - nlm_testres nlm_test_res_3_arg; - nlm_res nlm_lock_res_3_arg; - nlm_res nlm_cancel_res_3_arg; - nlm_res nlm_unlock_res_3_arg; - nlm_res nlm_granted_res_3_arg; - nlm_shareargs nlm_share_3_arg; - nlm_shareargs nlm_unshare_3_arg; - nlm_lockargs nlm_nm_lock_3_arg; - nlm_notify nlm_free_all_3_arg; - } argument; - char *result; - xdrproc_t xdr_argument, xdr_result; - char *(*local)(char *, struct svc_req *); - - _rpcsvcdirty = 1; - switch (rqstp->rq_proc) { - case NULLPROC: - (void) svc_sendreply(transp, (xdrproc_t) xdr_void, (char *)NULL); - _rpcsvcdirty = 0; - return; - - case NLM_TEST: - xdr_argument = (xdrproc_t) xdr_nlm_testargs; - xdr_result = (xdrproc_t) xdr_nlm_testres; - local = (char *(*)(char *, struct svc_req *)) nlm_test_1_svc; - break; - - case NLM_LOCK: - xdr_argument = (xdrproc_t) xdr_nlm_lockargs; - xdr_result = (xdrproc_t) xdr_nlm_res; - local = (char *(*)(char *, struct svc_req *)) nlm_lock_1_svc; - break; - - case NLM_CANCEL: - xdr_argument = (xdrproc_t) xdr_nlm_cancargs; - xdr_result = (xdrproc_t) xdr_nlm_res; - local = (char *(*)(char *, struct svc_req *)) nlm_cancel_1_svc; - break; - - case NLM_UNLOCK: - xdr_argument = (xdrproc_t) xdr_nlm_unlockargs; - xdr_result = (xdrproc_t) xdr_nlm_res; - local = (char *(*)(char *, struct svc_req *)) nlm_unlock_1_svc; - break; - - case NLM_GRANTED: - xdr_argument = (xdrproc_t) xdr_nlm_testargs; - xdr_result = (xdrproc_t) xdr_nlm_res; - local = (char *(*)(char *, struct svc_req *)) nlm_granted_1_svc; - break; - - case NLM_TEST_MSG: - xdr_argument = (xdrproc_t) xdr_nlm_testargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_test_msg_1_svc; - break; - - case NLM_LOCK_MSG: - xdr_argument = (xdrproc_t) xdr_nlm_lockargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_lock_msg_1_svc; - break; - - case NLM_CANCEL_MSG: - xdr_argument = (xdrproc_t) xdr_nlm_cancargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_cancel_msg_1_svc; - break; - - case NLM_UNLOCK_MSG: - xdr_argument = (xdrproc_t) xdr_nlm_unlockargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_unlock_msg_1_svc; - break; - - case NLM_GRANTED_MSG: - xdr_argument = (xdrproc_t) xdr_nlm_testargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_granted_msg_1_svc; - break; - - case NLM_TEST_RES: - xdr_argument = (xdrproc_t) xdr_nlm_testres; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_test_res_1_svc; - break; - - case NLM_LOCK_RES: - xdr_argument = (xdrproc_t) xdr_nlm_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_lock_res_1_svc; - break; - - case NLM_CANCEL_RES: - xdr_argument = (xdrproc_t) xdr_nlm_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_cancel_res_1_svc; - break; - - case NLM_UNLOCK_RES: - xdr_argument = (xdrproc_t) xdr_nlm_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_unlock_res_1_svc; - break; - - case NLM_GRANTED_RES: - xdr_argument = (xdrproc_t) xdr_nlm_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_granted_res_1_svc; - break; - - case NLM_SHARE: - xdr_argument = (xdrproc_t) xdr_nlm_shareargs; - xdr_result = (xdrproc_t) xdr_nlm_shareres; - local = (char *(*)(char *, struct svc_req *)) nlm_share_3_svc; - break; - - case NLM_UNSHARE: - xdr_argument = (xdrproc_t) xdr_nlm_shareargs; - xdr_result = (xdrproc_t) xdr_nlm_shareres; - local = (char *(*)(char *, struct svc_req *)) nlm_unshare_3_svc; - break; - - case NLM_NM_LOCK: - xdr_argument = (xdrproc_t) xdr_nlm_lockargs; - xdr_result = (xdrproc_t) xdr_nlm_res; - local = (char *(*)(char *, struct svc_req *)) nlm_nm_lock_3_svc; - break; - - case NLM_FREE_ALL: - xdr_argument = (xdrproc_t) xdr_nlm_notify; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm_free_all_3_svc; - break; - - default: - svcerr_noproc(transp); - _rpcsvcdirty = 0; - return; - } - (void) memset((char *)&argument, 0, sizeof (argument)); - if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { - svcerr_decode(transp); - _rpcsvcdirty = 0; - return; - } - result = (*local)((char *)&argument, rqstp); - if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { - svcerr_systemerr(transp); - } - if (need_retry_blocked_locks) { - // XXX sending granted messages before unlock response - // XXX causes unlock response to be corrupted? - // XXX so do this after we send any response - netobj *fh = NULL; - if ((local == (char *(*)(char *, struct svc_req *)) nlm_unlock_1_svc) || - (local == (char *(*)(char *, struct svc_req *)) nlm_unlock_msg_1_svc)) - fh = &argument.nlm_unlock_3_arg.alock.fh; - retry_blockingfilelocklist(fh); - } - if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { - syslog(LOG_ERR, "unable to free arguments"); - exit(1); - } - _rpcsvcdirty = 0; - return; -} - -void nlm_prog_4(struct svc_req *rqstp, SVCXPRT *transp); - -void -nlm_prog_4(struct svc_req *rqstp, SVCXPRT *transp) -{ - union { - nlm4_testargs nlm4_test_4_arg; - nlm4_lockargs nlm4_lock_4_arg; - nlm4_cancargs nlm4_cancel_4_arg; - nlm4_unlockargs nlm4_unlock_4_arg; - nlm4_testargs nlm4_granted_4_arg; - nlm4_testargs nlm4_test_msg_4_arg; - nlm4_lockargs nlm4_lock_msg_4_arg; - nlm4_cancargs nlm4_cancel_msg_4_arg; - nlm4_unlockargs nlm4_unlock_msg_4_arg; - nlm4_testargs nlm4_granted_msg_4_arg; - nlm4_testres nlm4_test_res_4_arg; - nlm4_res nlm4_lock_res_4_arg; - nlm4_res nlm4_cancel_res_4_arg; - nlm4_res nlm4_unlock_res_4_arg; - nlm4_res nlm4_granted_res_4_arg; - nlm4_shareargs nlm4_share_4_arg; - nlm4_shareargs nlm4_unshare_4_arg; - nlm4_lockargs nlm4_nm_lock_4_arg; - nlm4_notify nlm4_free_all_4_arg; - } argument; - char *result; - xdrproc_t xdr_argument, xdr_result; - char *(*local)(char *, struct svc_req *); - - _rpcsvcdirty = 1; - switch (rqstp->rq_proc) { - case NULLPROC: - (void) svc_sendreply(transp, (xdrproc_t) xdr_void, (char *)NULL); - _rpcsvcdirty = 0; - return; - - case NLM4_TEST: - xdr_argument = (xdrproc_t) xdr_nlm4_testargs; - xdr_result = (xdrproc_t) xdr_nlm4_testres; - local = (char *(*)(char *, struct svc_req *)) nlm4_test_4_svc; - break; - - case NLM4_LOCK: - xdr_argument = (xdrproc_t) xdr_nlm4_lockargs; - xdr_result = (xdrproc_t) xdr_nlm4_res; - local = (char *(*)(char *, struct svc_req *)) nlm4_lock_4_svc; - break; - - case NLM4_CANCEL: - xdr_argument = (xdrproc_t) xdr_nlm4_cancargs; - xdr_result = (xdrproc_t) xdr_nlm4_res; - local = (char *(*)(char *, struct svc_req *)) nlm4_cancel_4_svc; - break; - - case NLM4_UNLOCK: - xdr_argument = (xdrproc_t) xdr_nlm4_unlockargs; - xdr_result = (xdrproc_t) xdr_nlm4_res; - local = (char *(*)(char *, struct svc_req *)) nlm4_unlock_4_svc; - break; - - case NLM4_GRANTED: - xdr_argument = (xdrproc_t) xdr_nlm4_testargs; - xdr_result = (xdrproc_t) xdr_nlm4_res; - local = (char *(*)(char *, struct svc_req *)) nlm4_granted_4_svc; - break; - - case NLM4_TEST_MSG: - xdr_argument = (xdrproc_t) xdr_nlm4_testargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_test_msg_4_svc; - break; - - case NLM4_LOCK_MSG: - xdr_argument = (xdrproc_t) xdr_nlm4_lockargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_lock_msg_4_svc; - break; - - case NLM4_CANCEL_MSG: - xdr_argument = (xdrproc_t) xdr_nlm4_cancargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_cancel_msg_4_svc; - break; - - case NLM4_UNLOCK_MSG: - xdr_argument = (xdrproc_t) xdr_nlm4_unlockargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_unlock_msg_4_svc; - break; - - case NLM4_GRANTED_MSG: - xdr_argument = (xdrproc_t) xdr_nlm4_testargs; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_granted_msg_4_svc; - break; - - case NLM4_TEST_RES: - xdr_argument = (xdrproc_t) xdr_nlm4_testres; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_test_res_4_svc; - break; - - case NLM4_LOCK_RES: - xdr_argument = (xdrproc_t) xdr_nlm4_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_lock_res_4_svc; - break; - - case NLM4_CANCEL_RES: - xdr_argument = (xdrproc_t) xdr_nlm4_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_cancel_res_4_svc; - break; - - case NLM4_UNLOCK_RES: - xdr_argument = (xdrproc_t) xdr_nlm4_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_unlock_res_4_svc; - break; - - case NLM4_GRANTED_RES: - xdr_argument = (xdrproc_t) xdr_nlm4_res; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_granted_res_4_svc; - break; - - case NLM4_SHARE: - xdr_argument = (xdrproc_t) xdr_nlm4_shareargs; - xdr_result = (xdrproc_t) xdr_nlm4_shareres; - local = (char *(*)(char *, struct svc_req *)) nlm4_share_4_svc; - break; - - case NLM4_UNSHARE: - xdr_argument = (xdrproc_t) xdr_nlm4_shareargs; - xdr_result = (xdrproc_t) xdr_nlm4_shareres; - local = (char *(*)(char *, struct svc_req *)) nlm4_unshare_4_svc; - break; - - case NLM4_NM_LOCK: - xdr_argument = (xdrproc_t) xdr_nlm4_lockargs; - xdr_result = (xdrproc_t) xdr_nlm4_res; - local = (char *(*)(char *, struct svc_req *)) nlm4_nm_lock_4_svc; - break; - - case NLM4_FREE_ALL: - xdr_argument = (xdrproc_t) xdr_nlm4_notify; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) nlm4_free_all_4_svc; - break; - - default: - svcerr_noproc(transp); - _rpcsvcdirty = 0; - return; - } - (void) memset((char *)&argument, 0, sizeof (argument)); - if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { - svcerr_decode(transp); - _rpcsvcdirty = 0; - return; - } - result = (*local)((char *)&argument, rqstp); - if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { - svcerr_systemerr(transp); - } - if (need_retry_blocked_locks) { - // XXX sending granted messages before unlock response - // XXX causes unlock response to be corrupted? - // XXX so do this after we send any response - netobj *fh = NULL; - if ((local == (char *(*)(char *, struct svc_req *)) nlm4_unlock_4_svc) || - (local == (char *(*)(char *, struct svc_req *)) nlm4_unlock_msg_4_svc)) - fh = &argument.nlm4_unlock_4_arg.alock.fh; - retry_blockingfilelocklist(fh); - } - if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { - syslog(LOG_ERR, "unable to free arguments"); - exit(1); - } - _rpcsvcdirty = 0; - return; -} diff --git a/rpc_lockd.tproj/nlm_prot_xdr.c b/rpc_lockd.tproj/nlm_prot_xdr.c deleted file mode 100644 index 2dd561c..0000000 --- a/rpc_lockd.tproj/nlm_prot_xdr.c +++ /dev/null @@ -1,524 +0,0 @@ -/* - * Please do not edit this file. - * It was generated using rpcgen. - */ - -#include -#ifndef lint -/*static char sccsid[] = "from: @(#)nlm_prot.x 1.8 87/09/21 Copyr 1987 Sun Micro";*/ -/*static char sccsid[] = "from: * @(#)nlm_prot.x 2.1 88/08/01 4.0 RPCSRC";*/ -static char rcsid[] = "$Id: nlm_prot_xdr.c,v 1.2 2002/09/27 05:04:03 lindak Exp $"; -#endif /* not lint */ - -#if 1 -/* XXX until we get real int32/64 xdr funcs */ - -#define xdr_int32_t xdr_int -#define xdr_u_int32_t xdr_u_int - -/* - * XDR 64-bit integers - */ -bool_t -xdr_int64_t(xdrs, llp) - XDR *xdrs; - int64_t *llp; -{ - u_long ul[2]; - - switch (xdrs->x_op) { - case XDR_ENCODE: - ul[0] = (u_long) ((u_int64_t) * llp >> 32) & 0xffffffff; - ul[1] = (u_long) ((u_int64_t) * llp) & 0xffffffff; - if (XDR_PUTLONG(xdrs, (long *) &ul[0]) == FALSE) - return (FALSE); - return (XDR_PUTLONG(xdrs, (long *) &ul[1])); - case XDR_DECODE: - if (XDR_GETLONG(xdrs, (long *) &ul[0]) == FALSE) - return (FALSE); - if (XDR_GETLONG(xdrs, (long *) &ul[1]) == FALSE) - return (FALSE); - *llp = (int64_t) - (((u_int64_t) ul[0] << 32) | ((u_int64_t) ul[1])); - return (TRUE); - case XDR_FREE: - return (TRUE); - } - /* NOTREACHED */ - return (FALSE); -} - - -/* - * XDR unsigned 64-bit integers - */ -bool_t -xdr_u_int64_t(xdrs, ullp) - XDR *xdrs; - u_int64_t *ullp; -{ - u_long ul[2]; - - switch (xdrs->x_op) { - case XDR_ENCODE: - ul[0] = (u_long) (*ullp >> 32) & 0xffffffff; - ul[1] = (u_long) (*ullp) & 0xffffffff; - if (XDR_PUTLONG(xdrs, (long *) &ul[0]) == FALSE) - return (FALSE); - return (XDR_PUTLONG(xdrs, (long *) &ul[1])); - case XDR_DECODE: - if (XDR_GETLONG(xdrs, (long *) &ul[0]) == FALSE) - return (FALSE); - if (XDR_GETLONG(xdrs, (long *) &ul[1]) == FALSE) - return (FALSE); - *ullp = (u_int64_t) - (((u_int64_t) ul[0] << 32) | ((u_int64_t) ul[1])); - return (TRUE); - case XDR_FREE: - return (TRUE); - } - /* NOTREACHED */ - return (FALSE); -} -#endif - -bool_t -xdr_nlm_stats(XDR *xdrs, nlm_stats *objp) -{ - - if (!xdr_enum(xdrs, (enum_t *)objp)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_holder(XDR *xdrs, nlm_holder *objp) -{ - - if (!xdr_bool(xdrs, &objp->exclusive)) - return (FALSE); - if (!xdr_int(xdrs, &objp->svid)) - return (FALSE); - if (!xdr_netobj(xdrs, &objp->oh)) - return (FALSE); - if (!xdr_u_int(xdrs, &objp->l_offset)) - return (FALSE); - if (!xdr_u_int(xdrs, &objp->l_len)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_testrply(XDR *xdrs, nlm_testrply *objp) -{ - - if (!xdr_nlm_stats(xdrs, &objp->stat)) - return (FALSE); - switch (objp->stat) { - case nlm_denied: - if (!xdr_nlm_holder(xdrs, &objp->nlm_testrply_u.holder)) - return (FALSE); - break; - default: - break; - } - return (TRUE); -} - -bool_t -xdr_nlm_stat(XDR *xdrs, nlm_stat *objp) -{ - - if (!xdr_nlm_stats(xdrs, &objp->stat)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_res(XDR *xdrs, nlm_res *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_nlm_stat(xdrs, &objp->stat)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_testres(XDR *xdrs, nlm_testres *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_nlm_testrply(xdrs, &objp->stat)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_lock(XDR *xdrs, nlm_lock *objp) -{ - - if (!xdr_string(xdrs, &objp->caller_name, LM_MAXSTRLEN)) - return (FALSE); - if (!xdr_netobj(xdrs, &objp->fh)) - return (FALSE); - if (!xdr_netobj(xdrs, &objp->oh)) - return (FALSE); - if (!xdr_int(xdrs, &objp->svid)) - return (FALSE); - if (!xdr_u_int(xdrs, &objp->l_offset)) - return (FALSE); - if (!xdr_u_int(xdrs, &objp->l_len)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_lockargs(XDR *xdrs, nlm_lockargs *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->block)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->exclusive)) - return (FALSE); - if (!xdr_nlm_lock(xdrs, &objp->alock)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->reclaim)) - return (FALSE); - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_cancargs(XDR *xdrs, nlm_cancargs *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->block)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->exclusive)) - return (FALSE); - if (!xdr_nlm_lock(xdrs, &objp->alock)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_testargs(XDR *xdrs, nlm_testargs *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->exclusive)) - return (FALSE); - if (!xdr_nlm_lock(xdrs, &objp->alock)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_unlockargs(XDR *xdrs, nlm_unlockargs *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_nlm_lock(xdrs, &objp->alock)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_fsh_mode(XDR *xdrs, fsh_mode *objp) -{ - - if (!xdr_enum(xdrs, (enum_t *)objp)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_fsh_access(XDR *xdrs, fsh_access *objp) -{ - - if (!xdr_enum(xdrs, (enum_t *)objp)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_share(XDR *xdrs, nlm_share *objp) -{ - - if (!xdr_string(xdrs, &objp->caller_name, LM_MAXSTRLEN)) - return (FALSE); - if (!xdr_netobj(xdrs, &objp->fh)) - return (FALSE); - if (!xdr_netobj(xdrs, &objp->oh)) - return (FALSE); - if (!xdr_fsh_mode(xdrs, &objp->mode)) - return (FALSE); - if (!xdr_fsh_access(xdrs, &objp->access)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_shareargs(XDR *xdrs, nlm_shareargs *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_nlm_share(xdrs, &objp->share)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->reclaim)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_shareres(XDR *xdrs, nlm_shareres *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_nlm_stats(xdrs, &objp->stat)) - return (FALSE); - if (!xdr_int(xdrs, &objp->sequence)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_notify(XDR *xdrs, nlm_notify *objp) -{ - - if (!xdr_string(xdrs, &objp->name, MAXNAMELEN)) - return (FALSE); - if (!xdr_long(xdrs, &objp->state)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_stats(XDR *xdrs, nlm4_stats *objp) -{ - - if (!xdr_enum(xdrs, (enum_t *)objp)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_stat(XDR *xdrs, nlm4_stat *objp) -{ - - if (!xdr_nlm4_stats(xdrs, &objp->stat)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_holder(XDR *xdrs, nlm4_holder *objp) -{ - - if (!xdr_bool(xdrs, &objp->exclusive)) - return (FALSE); - if (!xdr_u_int32_t(xdrs, &objp->svid)) - return (FALSE); - if (!xdr_netobj(xdrs, &objp->oh)) - return (FALSE); - if (!xdr_u_int64_t(xdrs, &objp->l_offset)) - return (FALSE); - if (!xdr_u_int64_t(xdrs, &objp->l_len)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_lock(XDR *xdrs, nlm4_lock *objp) -{ - - if (!xdr_string(xdrs, &objp->caller_name, MAXNAMELEN)) - return (FALSE); - if (!xdr_netobj(xdrs, &objp->fh)) - return (FALSE); - if (!xdr_netobj(xdrs, &objp->oh)) - return (FALSE); - if (!xdr_u_int32_t(xdrs, &objp->svid)) - return (FALSE); - if (!xdr_u_int64_t(xdrs, &objp->l_offset)) - return (FALSE); - if (!xdr_u_int64_t(xdrs, &objp->l_len)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_share(XDR *xdrs, nlm4_share *objp) -{ - - if (!xdr_string(xdrs, &objp->caller_name, MAXNAMELEN)) - return (FALSE); - if (!xdr_netobj(xdrs, &objp->fh)) - return (FALSE); - if (!xdr_netobj(xdrs, &objp->oh)) - return (FALSE); - if (!xdr_fsh_mode(xdrs, &objp->mode)) - return (FALSE); - if (!xdr_fsh_access(xdrs, &objp->access)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_testrply(XDR *xdrs, nlm4_testrply *objp) -{ - - if (!xdr_nlm4_stats(xdrs, &objp->stat)) - return (FALSE); - switch (objp->stat) { - case nlm_denied: - if (!xdr_nlm4_holder(xdrs, &objp->nlm4_testrply_u.holder)) - return (FALSE); - break; - default: - break; - } - return (TRUE); -} - -bool_t -xdr_nlm4_testres(XDR *xdrs, nlm4_testres *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_nlm4_testrply(xdrs, &objp->stat)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_testargs(XDR *xdrs, nlm4_testargs *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->exclusive)) - return (FALSE); - if (!xdr_nlm4_lock(xdrs, &objp->alock)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_res(XDR *xdrs, nlm4_res *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_nlm4_stat(xdrs, &objp->stat)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_lockargs(XDR *xdrs, nlm4_lockargs *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->block)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->exclusive)) - return (FALSE); - if (!xdr_nlm4_lock(xdrs, &objp->alock)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->reclaim)) - return (FALSE); - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_cancargs(XDR *xdrs, nlm4_cancargs *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->block)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->exclusive)) - return (FALSE); - if (!xdr_nlm4_lock(xdrs, &objp->alock)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_unlockargs(XDR *xdrs, nlm4_unlockargs *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_nlm4_lock(xdrs, &objp->alock)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_shareargs(XDR *xdrs, nlm4_shareargs *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_nlm4_share(xdrs, &objp->share)) - return (FALSE); - if (!xdr_bool(xdrs, &objp->reclaim)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_shareres(XDR *xdrs, nlm4_shareres *objp) -{ - - if (!xdr_netobj(xdrs, &objp->cookie)) - return (FALSE); - if (!xdr_nlm4_stats(xdrs, &objp->stat)) - return (FALSE); - if (!xdr_int(xdrs, &objp->sequence)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm_sm_status(XDR *xdrs, nlm_sm_status *objp) -{ - - if (!xdr_string(xdrs, &objp->mon_name, LM_MAXSTRLEN)) - return (FALSE); - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - if (!xdr_opaque(xdrs, objp->priv, 16)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_nlm4_notify(XDR *xdrs, nlm4_notify *objp) -{ - - if (!xdr_string(xdrs, &objp->name, MAXNAMELEN)) - return (FALSE); - if (!xdr_int32_t(xdrs, &objp->state)) - return (FALSE); - return (TRUE); -} diff --git a/rpc_lockd.tproj/rpc.lockd.8 b/rpc_lockd.tproj/rpc.lockd.8 deleted file mode 100644 index 191bbec..0000000 --- a/rpc_lockd.tproj/rpc.lockd.8 +++ /dev/null @@ -1,146 +0,0 @@ -.\" $NetBSD: rpc.lockd.8,v 1.5 2000/06/09 18:51:47 cgd Exp $ -.\" $FreeBSD: src/usr.sbin/rpc.lockd/rpc.lockd.8,v 1.14 2002/07/14 14:45:36 charnier Exp $ -.\" -.\" Copyright (c) 1995 A.R.Gordon, andrew.gordon@net-tel.co.uk -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" -.Dd September 24, 1995 -.Dt RPC.LOCKD 8 -.Os -.Sh NAME -.Nm rpc.lockd -.Nd NFS file locking daemon -.Sh SYNOPSIS -.Nm -.Op Fl d Ar debug_level -.Op Fl g Ar grace period -.Op Fl x Ar statd cache period -.Sh DESCRIPTION -The -.Nm -utility provides monitored and unmonitored file and record locking services -in an NFS environment. -To monitor the status of hosts requesting locks, -the locking daemon typically operates in conjunction -with -.Xr rpc.statd 8 . -.Pp -Options and operands available for -.Nm : -.Bl -tag -width indent -.It Fl d -The -.Fl d -option causes debugging information to be written to syslog, recording -all RPC transactions to the daemon. -These messages are logged with level -.Dv LOG_DEBUG -and facility -.Dv LOG_DAEMON . -Specifying a -.Ar debug_level -of 1 results -in the generation of one log line per protocol operation. -Higher -debug levels can be specified, causing display of operation arguments -and internal operations of the daemon. -.It Fl g -The -.Fl g -option allow to specify the -.Ar grace period , -in seconds. -During the grace period -.Nm -only accepts requests from hosts which are reinitialising locks which -existed before the server restart. -Default is 30 seconds. -.It Fl w -The -.Fl w -option tells -.Nm -to wait until the first client locking request is made before starting the -locking daemon(s). This may be used on NFS clients to defer starting the -NFS locking daemons until it is known that they will be needed. (Note: -.Xr rpc.statd 8 -will also be started if it isn't already running) -.It Fl x -The -.Fl x -option tells rpc.lockd how long to cache state records for contacting -client -.Xr rpc.statd 8 -implementations. Setting it to zero will disable the cache which will -make lock and unlock requests from a single client more expensive because -of additional interaction with the client's statd. The default cache time -is 60 seconds. -.El -.Pp -Error conditions are logged to syslog, irrespective of the debug level, -using log level -.Dv LOG_ERR -and facility -.Dv LOG_DAEMON . -.Pp -The -.Nm -utility must NOT be invoked by -.Xr inetd 8 -because the protocol assumes that the daemon will run from system start time. -Instead, it should be configured in -.Xr rc.conf 5 -to run at system startup. -.Sh FILES -.Bl -tag -width /usr/include/rpcsvc/nlm_prot.x -compact -.It Pa /usr/include/rpcsvc/nlm_prot.x -RPC protocol specification for the network lock manager protocol. -.El -.Sh SEE ALSO -.Xr syslog 3 , -.Xr rc.conf 5 , -.Xr rpc.statd 8 -.Sh BUGS -The current implementation serialises locks requests that could be shared. -.Sh STANDARDS -The implementation is based on the specification in -.Rs -.%B "X/Open CAE Specification C218" -.%T "Protocols for X/Open PC Interworking: XNFS, Issue 4" -.%O ISBN 1 872630 66 9 -.Re -.Sh HISTORY -A version of -.Nm -appeared in -.Tn SunOS -4. diff --git a/rpc_lockd.tproj/sm_inter_xdr.c b/rpc_lockd.tproj/sm_inter_xdr.c deleted file mode 100644 index d2cd7d5..0000000 --- a/rpc_lockd.tproj/sm_inter_xdr.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Please do not edit this file. - * It was generated using rpcgen. - */ - -#include -#ifndef lint -/*static char sccsid[] = "from: @(#)sm_inter.x 1.7 87/06/24 Copyr 1987 Sun Micro";*/ -/*static char sccsid[] = "from: @(#)sm_inter.x 2.2 88/08/01 4.0 RPCSRC";*/ -static char rcsid[] = "$Id: sm_inter_xdr.c,v 1.2 2002/09/27 05:04:06 lindak Exp $"; -#endif /* not lint */ - -bool_t -xdr_sm_name(XDR *xdrs, sm_name *objp) -{ - - if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_my_id(XDR *xdrs, my_id *objp) -{ - - if (!xdr_string(xdrs, &objp->my_name, SM_MAXSTRLEN)) - return (FALSE); - if (!xdr_int(xdrs, &objp->my_prog)) - return (FALSE); - if (!xdr_int(xdrs, &objp->my_vers)) - return (FALSE); - if (!xdr_int(xdrs, &objp->my_proc)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_mon_id(XDR *xdrs, mon_id *objp) -{ - - if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) - return (FALSE); - if (!xdr_my_id(xdrs, &objp->my_id)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_mon(XDR *xdrs, mon *objp) -{ - - if (!xdr_mon_id(xdrs, &objp->mon_id)) - return (FALSE); - if (!xdr_opaque(xdrs, objp->priv, 16)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_stat_chge(XDR *xdrs, stat_chge *objp) -{ - - if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) - return (FALSE); - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_sm_stat(XDR *xdrs, sm_stat *objp) -{ - - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_sm_res(XDR *xdrs, sm_res *objp) -{ - - if (!xdr_enum(xdrs, (enum_t *)objp)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_sm_stat_res(XDR *xdrs, sm_stat_res *objp) -{ - - if (!xdr_sm_res(xdrs, &objp->res_stat)) - return (FALSE); - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_sm_status(XDR *xdrs, sm_status *objp) -{ - - if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) - return (FALSE); - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - if (!xdr_opaque(xdrs, objp->priv, 16)) - return (FALSE); - return (TRUE); -} diff --git a/rpc_lockd.tproj/test.c b/rpc_lockd.tproj/test.c deleted file mode 100644 index b15cf45..0000000 --- a/rpc_lockd.tproj/test.c +++ /dev/null @@ -1,365 +0,0 @@ -/* $NetBSD: test.c,v 1.2 1997/10/18 04:01:21 lukem Exp $ */ - -#include -#include -#include -#ifndef lint -#if 0 -static char sccsid[] = "from: @(#)nlm_prot.x 1.8 87/09/21 Copyr 1987 Sun Micro"; -static char sccsid[] = "from: * @(#)nlm_prot.x 2.1 88/08/01 4.0 RPCSRC"; -#else -__RCSID("$NetBSD: test.c,v 1.2 1997/10/18 04:01:21 lukem Exp $"); -static const char rcsid[] = "$FreeBSD: src/usr.sbin/rpc.lockd/test.c,v 1.5 2001/03/19 12:50:09 alfred Exp $"; -#endif -#endif /* not lint */ - -/* Default timeout can be changed using clnt_control() */ -static struct timeval TIMEOUT = { 0, 0 }; - -nlm_testres * -nlm_test_1(argp, clnt) - struct nlm_testargs *argp; - CLIENT *clnt; -{ - static nlm_testres res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_TEST, xdr_nlm_testargs, argp, xdr_nlm_testres, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -nlm_res * -nlm_lock_1(argp, clnt) - struct nlm_lockargs *argp; - CLIENT *clnt; -{ - enum clnt_stat st; - static nlm_res res; - - bzero((char *)&res, sizeof(res)); - if (st = clnt_call(clnt, NLM_LOCK, xdr_nlm_lockargs, argp, xdr_nlm_res, &res, TIMEOUT) != RPC_SUCCESS) { - printf("clnt_call returns %d\n", st); - clnt_perror(clnt, "humbug"); - return (NULL); - } - return (&res); -} - - -nlm_res * -nlm_cancel_1(argp, clnt) - struct nlm_cancargs *argp; - CLIENT *clnt; -{ - static nlm_res res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_CANCEL, xdr_nlm_cancargs, argp, xdr_nlm_res, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -nlm_res * -nlm_unlock_1(argp, clnt) - struct nlm_unlockargs *argp; - CLIENT *clnt; -{ - static nlm_res res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_UNLOCK, xdr_nlm_unlockargs, argp, xdr_nlm_res, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -nlm_res * -nlm_granted_1(argp, clnt) - struct nlm_testargs *argp; - CLIENT *clnt; -{ - static nlm_res res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_GRANTED, xdr_nlm_testargs, argp, xdr_nlm_res, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -void * -nlm_test_msg_1(argp, clnt) - struct nlm_testargs *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_TEST_MSG, xdr_nlm_testargs, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -void * -nlm_lock_msg_1(argp, clnt) - struct nlm_lockargs *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_LOCK_MSG, xdr_nlm_lockargs, argp, xdr_void, NULL, TIMEOUT) != RPC_SUCCESS) { - clnt_perror(clnt, "nlm_lock_msg_1"); - return (NULL); - } - return ((void *)&res); -} - - -void * -nlm_cancel_msg_1(argp, clnt) - struct nlm_cancargs *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_CANCEL_MSG, xdr_nlm_cancargs, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -void * -nlm_unlock_msg_1(argp, clnt) - struct nlm_unlockargs *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_UNLOCK_MSG, xdr_nlm_unlockargs, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -void * -nlm_granted_msg_1(argp, clnt) - struct nlm_testargs *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_GRANTED_MSG, xdr_nlm_testargs, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -void * -nlm_test_res_1(argp, clnt) - nlm_testres *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_TEST_RES, xdr_nlm_testres, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -void * -nlm_lock_res_1(argp, clnt) - nlm_res *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_LOCK_RES, xdr_nlm_res, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -void * -nlm_cancel_res_1(argp, clnt) - nlm_res *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_CANCEL_RES, xdr_nlm_res, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -void * -nlm_unlock_res_1(argp, clnt) - nlm_res *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_UNLOCK_RES, xdr_nlm_res, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -void * -nlm_granted_res_1(argp, clnt) - nlm_res *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_GRANTED_RES, xdr_nlm_res, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -nlm_shareres * -nlm_share_3(argp, clnt) - nlm_shareargs *argp; - CLIENT *clnt; -{ - static nlm_shareres res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_SHARE, xdr_nlm_shareargs, argp, xdr_nlm_shareres, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -nlm_shareres * -nlm_unshare_3(argp, clnt) - nlm_shareargs *argp; - CLIENT *clnt; -{ - static nlm_shareres res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_UNSHARE, xdr_nlm_shareargs, argp, xdr_nlm_shareres, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -nlm_res * -nlm_nm_lock_3(argp, clnt) - nlm_lockargs *argp; - CLIENT *clnt; -{ - static nlm_res res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_NM_LOCK, xdr_nlm_lockargs, argp, xdr_nlm_res, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -void * -nlm_free_all_3(argp, clnt) - nlm_notify *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, NLM_FREE_ALL, xdr_nlm_notify, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -int main(int argc, char **argv) -{ - CLIENT *cli; - nlm_res res_block; - nlm_res *out; - nlm_lockargs arg; - struct timeval tim; - - printf("Creating client for host %s\n", argv[1]); - cli = clnt_create(argv[1], NLM_PROG, NLM_VERS, "udp"); - if (!cli) { - errx(1, "Failed to create client\n"); - /* NOTREACHED */ - } - clnt_control(cli, CLGET_TIMEOUT, &tim); - printf("Default timeout was %d.%d\n", tim.tv_sec, tim.tv_usec); - tim.tv_usec = -1; - tim.tv_sec = -1; - clnt_control(cli, CLSET_TIMEOUT, &tim); - clnt_control(cli, CLGET_TIMEOUT, &tim); - printf("timeout now %d.%d\n", tim.tv_sec, tim.tv_usec); - - - arg.cookie.n_len = 4; - arg.cookie.n_bytes = "hello"; - arg.block = 0; - arg.exclusive = 0; - arg.reclaim = 0; - arg.state = 0x1234; - arg.alock.caller_name = "localhost"; - arg.alock.fh.n_len = 32; - arg.alock.fh.n_bytes = "\x04\x04\x02\x00\x01\x00\x00\x00\x0c\x00\x00\x00\xff\xff\xff\xd0\x16\x00\x00\x5b\x7c\xff\xff\xff\xec\x2f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x19\x54\xef\xbf\xd7\x94"; - arg.alock.oh.n_len = 8; - arg.alock.oh.n_bytes = "\x00\x00\x02\xff\xff\xff\xd3"; - arg.alock.svid = 0x5678; - arg.alock.l_offset = 0; - arg.alock.l_len = 100; - - res_block.stat.stat = nlm_granted; - res_block.cookie.n_bytes = "hello"; - res_block.cookie.n_len = 5; - -#if 0 - if (nlm_lock_res_1(&res_block, cli)) - printf("Success!\n"); - else - printf("Fail\n"); -#else - if (out = nlm_lock_msg_1(&arg, cli)) { - printf("Success!\n"); - printf("out->stat = %d", out->stat); - } else { - printf("Fail\n"); - } -#endif - - return 0; -} diff --git a/rpc_statd.tproj/Makefile b/rpc_statd.tproj/Makefile deleted file mode 100644 index 9aaf140..0000000 --- a/rpc_statd.tproj/Makefile +++ /dev/null @@ -1,46 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rpc.statd - -PROJECTVERSION = 2.6 -PROJECT_TYPE = Tool -LANGUAGE = English - -HFILES = statd.h - -CFILES = file.c procs.c statd.c sm_inter_svc.c sm_inter_xdr.c - -OTHERSRCS = Makefile.dist Makefile.preamble Makefile Makefile.postamble\ - test.c rpc.statd.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -WINDOWS_INSTALLDIR = /usr/sbin -PDO_UNIX_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - -PB_CFLAGS = - - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rpc_statd.tproj/Makefile.dist b/rpc_statd.tproj/Makefile.dist deleted file mode 100644 index ac81b07..0000000 --- a/rpc_statd.tproj/Makefile.dist +++ /dev/null @@ -1,29 +0,0 @@ -# $FreeBSD: src/usr.sbin/rpc.statd/Makefile,v 1.14 2002/07/11 18:45:14 alfred Exp $ - -PROG= rpc.statd -MAN= rpc.statd.8 -SRCS= file.c sm_inter_svc.c sm_inter.h statd.c procs.c - -CFLAGS+= -I. - -DPADD= ${LIBRPCSVC} -LDADD= -lrpcsvc - -CLEANFILES= sm_inter_svc.c sm_inter.h - -RPCSRC= ${DESTDIR}/usr/include/rpcsvc/sm_inter.x -RPCGEN= rpcgen -L -C - -WARNS?= 4 -NO_WERROR= 1 - -sm_inter_svc.c: ${RPCSRC} - ${RPCGEN} -m -o ${.TARGET} ${RPCSRC} - -sm_inter.h: ${RPCSRC} - ${RPCGEN} -h -o ${.TARGET} ${RPCSRC} - -test: test.c - cc -o test test.c -lrpcsvc - -.include diff --git a/rpc_statd.tproj/Makefile.postamble b/rpc_statd.tproj/Makefile.postamble deleted file mode 100644 index 4f50419..0000000 --- a/rpc_statd.tproj/Makefile.postamble +++ /dev/null @@ -1,3 +0,0 @@ -install-man-page: - install -d $(DSTROOT)/usr/share/man/man8 - install -c -m 644 rpc.statd.8 $(DSTROOT)/usr/share/man/man8/rpc.statd.8 diff --git a/rpc_statd.tproj/Makefile.preamble b/rpc_statd.tproj/Makefile.preamble deleted file mode 100644 index 263ad05..0000000 --- a/rpc_statd.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include -AFTER_INSTALL += install-man-page diff --git a/rpc_statd.tproj/PB.project b/rpc_statd.tproj/PB.project deleted file mode 100644 index e2d6e32..0000000 --- a/rpc_statd.tproj/PB.project +++ /dev/null @@ -1,36 +0,0 @@ -{ - BUILDDIR = ""; - BUILDTOOL = /bin/gnumake; - FILESTABLE = { - C_FILES = (); - H_FILES = ( statd.h ); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = ( - file.c, - procs.c, - statd.c, - sm_inter_svc.c, - sm_inter_xdr.c - ); - OTHER_SOURCES = ( - Makefile.dist, - Makefile.preamble, - Makefile, - Makefile.postamble, - test.c, - rpc.statd.8 - ); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - COMPILEROPTIONS = ""; - LINKEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/sbin; - PDO_UNIX_INSTALLDIR = /usr/sbin; - PROJECTNAME = rpc.statd; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.6; - WINDOWS_INSTALLDIR = /usr/sbin; -} diff --git a/rpc_statd.tproj/file.c b/rpc_statd.tproj/file.c deleted file mode 100644 index f8d94c7..0000000 --- a/rpc_statd.tproj/file.c +++ /dev/null @@ -1,335 +0,0 @@ -/* - * Copyright (c) 1995 - * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed for the FreeBSD project - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include /* For mmap() */ -#include -#include -#include - -#include "statd.h" - -FileLayout *status_info; /* Pointer to the mmap()ed status file */ -static int status_fd; /* File descriptor for the open file */ -static off_t status_file_len; /* Current on-disc length of file */ - -/* sync_file --------------------------------------------------------------- */ -/* - Purpose: Packaged call of msync() to flush changes to mmap()ed file - Returns: Nothing. Errors to syslog. -*/ - -void sync_file(void) -{ - if (msync((void *)status_info, status_file_len, MS_SYNC) < 0 && - msync((void *)status_info, status_file_len, MS_SYNC) < 0) - { - syslog(LOG_ERR, "msync() failed: %s", strerror(errno)); - } -} - -/* find_host -------------------------------------------------------------- */ -/* - Purpose: Find the entry in the status file for a given host - Returns: Pointer to that entry in the mmap() region, or NULL. - Notes: Also creates entries if requested. - Failure to create also returns NULL. -*/ - -HostInfo *find_host(char *hostname, int create) -{ - HostInfo *hp; - HostInfo *spare_slot = NULL; - HostInfo *result = NULL; - int i; - - for (i = 0, hp = status_info->hosts; i < status_info->noOfHosts; i++, hp++) - { - if (!strncasecmp(hostname, hp->hostname, SM_MAXSTRLEN)) - { - result = hp; - break; - } - if (!spare_slot && !hp->monList && !hp->notifyReqd) - spare_slot = hp; - } - - /* Return if entry found, or if not asked to create one. */ - if (result || !create) return (result); - - /* Now create an entry, using the spare slot if one was found or */ - /* adding to the end of the list otherwise, extending file if reqd */ - if (!spare_slot) - { - off_t desired_size; - spare_slot = &status_info->hosts[status_info->noOfHosts]; - desired_size = ((char*)spare_slot - (char*)status_info) + sizeof(HostInfo); - if (desired_size > status_file_len) - { - /* Extend file by writing 1 byte of junk at the desired end pos */ - lseek(status_fd, desired_size - 1, SEEK_SET); - i = write(status_fd, &i, 1); - if (i < 1) - { - syslog(LOG_ERR, "Unable to extend status file"); - return (NULL); - } - status_file_len = desired_size; - } - status_info->noOfHosts++; - } - - /* Initialise the spare slot that has been found/created */ - /* Note that we do not msync(), since the caller is presumed to be */ - /* about to modify the entry further */ - memset(spare_slot, 0, sizeof(HostInfo)); - strncpy(spare_slot->hostname, hostname, SM_MAXSTRLEN); - return (spare_slot); -} - -/* init_file -------------------------------------------------------------- */ -/* - Purpose: Open file, create if necessary, initialise it. - Returns: Nothing - exits on error - Notes: Called before process becomes daemon, hence logs to - stderr rather than syslog. - Opens the file, then mmap()s it for ease of access. - Also performs initial clean-up of the file, zeroing - monitor list pointers, setting the notifyReqd flag in - all hosts that had a monitor list, and incrementing - the state number to the next even value. -*/ - -void init_file(const char *filename) -{ - int new_file = FALSE; - char buf[HEADER_LEN]; - int i; - - /* try to open existing file - if not present, create one */ - status_fd = open(filename, O_RDWR); - if ((status_fd < 0) && (errno == ENOENT)) - { - status_fd = open(filename, O_RDWR | O_CREAT, 0644); - new_file = TRUE; - } - if (status_fd < 0) - errx(1, "unable to open status file %s", filename); - - /* File now open. mmap() it, with a generous size to allow for */ - /* later growth, where we will extend the file but not re-map it. */ - status_info = (FileLayout *) - mmap(NULL, 0x10000000, PROT_READ | PROT_WRITE, MAP_SHARED, status_fd, 0); - - if (status_info == (FileLayout *) MAP_FAILED) - warn("unable to mmap() status file"); - - status_file_len = lseek(status_fd, 0L, SEEK_END); - - /* If the file was not newly created, validate the contents, and if */ - /* defective, re-create from scratch. */ - if (!new_file) - { - if ((status_file_len < HEADER_LEN) || (status_file_len - < (HEADER_LEN + sizeof(HostInfo) * status_info->noOfHosts)) ) - { - warnx("status file is corrupt"); - new_file = TRUE; - } - } - - /* Initialisation of a new, empty file. */ - if (new_file) - { - memset(buf, 0, sizeof(buf)); - lseek(status_fd, 0L, SEEK_SET); - write(status_fd, buf, HEADER_LEN); - status_file_len = HEADER_LEN; - } - else - { - /* Clean-up of existing file - monitored hosts will have a pointer */ - /* to a list of clients, which refers to memory in the previous */ - /* incarnation of the program and so are meaningless now. These */ - /* pointers are zeroed and the fact that the host was previously */ - /* monitored is recorded by setting the notifyReqd flag, which will */ - /* in due course cause a SM_NOTIFY to be sent. */ - /* Note that if we crash twice in quick succession, some hosts may */ - /* already have notifyReqd set, where we didn't manage to notify */ - /* them before the second crash occurred. */ - for (i = 0; i < status_info->noOfHosts; i++) - { - HostInfo *this_host = &status_info->hosts[i]; - - if (this_host->monList) - { - this_host->notifyReqd = TRUE; - this_host->monList = NULL; - } - } - /* Select the next higher even number for the state counter */ - status_info->ourState = (status_info->ourState + 2) & 0xfffffffe; - status_info->ourState++; - } - sync_file(); -} - -/* notify_one_host --------------------------------------------------------- */ -/* - Purpose: Perform SM_NOTIFY procedure at specified host - Returns: TRUE if success, FALSE if failed. -*/ - -static int notify_one_host(char *hostname) -{ - struct timeval timeout = { 20, 0 }; /* 20 secs timeout */ - CLIENT *cli; - char dummy; - stat_chge arg; - char our_hostname[SM_MAXSTRLEN+1]; - - gethostname(our_hostname, sizeof(our_hostname)); - our_hostname[SM_MAXSTRLEN] = '\0'; - arg.mon_name = our_hostname; - arg.state = status_info->ourState; - - if (debug) syslog (LOG_DEBUG, "Sending SM_NOTIFY to host %s from %s", hostname, our_hostname); - - cli = clnt_create(hostname, SM_PROG, SM_VERS, "udp"); - if (!cli) - { - syslog(LOG_ERR, "Failed to contact host %s%s", hostname, - clnt_spcreateerror("")); - return (FALSE); - } - - if (clnt_call(cli, SM_NOTIFY, xdr_stat_chge, &arg, xdr_void, &dummy, timeout) - != RPC_SUCCESS) - { - syslog(LOG_ERR, "Failed to contact rpc.statd at host %s", hostname); - clnt_destroy(cli); - return (FALSE); - } - - clnt_destroy(cli); - return (TRUE); -} - -/* notify_hosts ------------------------------------------------------------ */ -/* - Purpose: Send SM_NOTIFY to all hosts marked as requiring it - Returns: Nothing, immediately - forks a process to do the work. - Notes: Does nothing if there are no monitored hosts. - Called after all the initialisation has been done - - logs to syslog. -*/ - -void notify_hosts(void) -{ - int i; - int attempts; - int work_to_do = FALSE; - HostInfo *hp; - pid_t pid; - - /* First check if there is in fact any work to do. */ - for (i = status_info->noOfHosts, hp = status_info->hosts; i ; i--, hp++) - { - if (hp->notifyReqd) - { - work_to_do = TRUE; - break; - } - } - - if (!work_to_do) return; /* No work found */ - - pid = fork(); - if (pid == -1) - { - syslog(LOG_ERR, "Unable to fork notify process - %s", strerror(errno)); - return; - } - if (pid) return; - - if (claim_pid_file("/var/run/statd.notify.pid", 1) < 0) - errx(1, "unable to claim notify pid file"); - - /* Here in the child process. We continue until all the hosts marked */ - /* as requiring notification have been duly notified. */ - /* If one of the initial attempts fails, we sleep for a while and */ - /* have another go. This is necessary because when we have crashed, */ - /* (eg. a power outage) it is quite possible that we won't be able to */ - /* contact all monitored hosts immediately on restart, either because */ - /* they crashed too and take longer to come up (in which case the */ - /* notification isn't really required), or more importantly if some */ - /* router etc. needed to reach the monitored host has not come back */ - /* up yet. In this case, we will be a bit late in re-establishing */ - /* locks (after the grace period) but that is the best we can do. */ - /* We try 10 times at 5 sec intervals, 10 more times at 1 minute */ - /* intervals, then 24 more times at hourly intervals, finally */ - /* giving up altogether if the host hasn't come back to life after */ - /* 24 hours. */ - - for (attempts = 0; attempts < 44; attempts++) - { - work_to_do = FALSE; /* Unless anything fails */ - for (i = status_info->noOfHosts, hp = status_info->hosts; i ; i--, hp++) - { - if (hp->notifyReqd) - { - if (notify_one_host(hp->hostname)) - { - hp->notifyReqd = FALSE; - sync_file(); - } - else work_to_do = TRUE; - } - } - if (!work_to_do) break; - if (attempts < 10) sleep(5); - else if (attempts < 20) sleep(60); - else sleep(60*60); - } - exit(0); -} - - diff --git a/rpc_statd.tproj/procs.c b/rpc_statd.tproj/procs.c deleted file mode 100644 index c564094..0000000 --- a/rpc_statd.tproj/procs.c +++ /dev/null @@ -1,448 +0,0 @@ -/* - * Copyright (c) 1995 - * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed for the FreeBSD project - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#ifndef lint -static const char rcsid[] = - "$FreeBSD$"; -#endif /* not lint */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include /* for getaddrinfo() */ -#include -#include -#include -#include - -#include "statd.h" - -/* sm_check_hostname -------------------------------------------------------- */ -/* - * Purpose: Check `mon_name' member of sm_name struct to ensure that the array - * consists only of printable characters. - * - * Returns: TRUE if hostname is good. FALSE if hostname contains binary or - * otherwise non-printable characters. - * - * Notes: Will syslog(3) to warn of corrupt hostname. - */ - -int sm_check_hostname(struct svc_req *req, char *arg) -{ - int len, dstlen, ret; - struct sockaddr_in *claddr; - char *dst; - - len = strlen(arg); - dstlen = (4 * len) + 1; - dst = malloc(dstlen); - claddr = svc_getcaller(req->rq_xprt); - ret = 1; - - if (claddr == NULL || dst == NULL) - { - ret = 0; - } - else if (strvis(dst, arg, VIS_WHITE) != len) - { - syslog(LOG_ERR, - "sm_stat: client %s hostname %s contained invalid characters.", - inet_ntoa(claddr->sin_addr), - dst); - ret = 0; - } - free(dst); - return (ret); -} - -/* sm_stat_1 --------------------------------------------------------------- */ -/* - Purpose: RPC call to enquire if a host can be monitored - Returns: TRUE for any hostname that can be looked up to give - an address. -*/ - -struct sm_stat_res *sm_stat_1_svc(sm_name *arg, struct svc_req *req) -{ - static sm_stat_res res; - struct addrinfo *ai; - struct sockaddr_in *claddr; - static int err; - - err = 1; - if ((err = sm_check_hostname(req, arg->mon_name)) == 0) - { - res.res_stat = stat_fail; - } - if (err != 0) - { - if (debug) - syslog(LOG_DEBUG, "stat called for host %s", arg->mon_name); - if (getaddrinfo(arg->mon_name, NULL, NULL, &ai) == 0) { - res.res_stat = stat_succ; - freeaddrinfo(ai); - } - else - { - claddr = svc_getcaller(req->rq_xprt); - syslog(LOG_ERR, "invalid hostname to sm_stat from %s: %s", - inet_ntoa(claddr->sin_addr), arg->mon_name); - res.res_stat = stat_fail; - } - } - res.state = status_info->ourState; - return (&res); -} - -/* sm_mon_1 ---------------------------------------------------------------- */ -/* - Purpose: RPC procedure to establish a monitor request - Returns: Success, unless lack of resources prevents - the necessary structures from being set up - to record the request, or if the hostname is not - valid (as judged by getaddrinfo()) -*/ - -struct sm_stat_res *sm_mon_1_svc(mon *arg, struct svc_req *req) -{ - static sm_stat_res res; - HostInfo *hp; - static int err; - MonList *lp; - struct addrinfo *ai; - - if ((err = sm_check_hostname(req, arg->mon_id.mon_name)) == 0) - { - res.res_stat = stat_fail; - } - - if (err != 0) - { - if (debug) - { - syslog(LOG_DEBUG, "monitor request for host %s", arg->mon_id.mon_name); - syslog(LOG_DEBUG, "recall host: %s prog: %d ver: %d proc: %d", - arg->mon_id.mon_name, - arg->mon_id.my_id.my_prog, arg->mon_id.my_id.my_vers, - arg->mon_id.my_id.my_proc); - } - res.res_stat = stat_fail; /* Assume fail until set otherwise */ - res.state = status_info->ourState; - - /* Find existing host entry, or create one if not found */ - /* If find_host() fails, it will have logged the error already. */ - if (getaddrinfo(arg->mon_id.mon_name, NULL, NULL, &ai) != 0) - { - syslog(LOG_ERR, "Invalid hostname to sm_mon: %s", arg->mon_id.mon_name); - return (&res); - } - freeaddrinfo(ai); - if ((hp = find_host(arg->mon_id.mon_name, TRUE))) - { - lp = (MonList *)malloc(sizeof(MonList)); - if (!lp) - { - syslog(LOG_ERR, "Out of memory"); - } - else - { - strncpy(lp->notifyHost, arg->mon_id.my_id.my_name, SM_MAXSTRLEN); - lp->notifyProg = arg->mon_id.my_id.my_prog; - lp->notifyVers = arg->mon_id.my_id.my_vers; - lp->notifyProc = arg->mon_id.my_id.my_proc; - memcpy(lp->notifyData, arg->priv, sizeof(lp->notifyData)); - - lp->next = hp->monList; - hp->monList = lp; - sync_file(); - - res.res_stat = stat_succ; /* Report success */ - } - } - } - return (&res); -} - -/* do_unmon ---------------------------------------------------------------- */ -/* - Purpose: Remove a monitor request from a host - Returns: TRUE if found, FALSE if not found. - Notes: Common code from sm_unmon_1_svc and sm_unmon_all_1_svc - In the unlikely event of more than one identical monitor - request, all are removed. -*/ - -static int do_unmon(HostInfo *hp, my_id *idp) -{ - MonList *lp, *next; - MonList *last = NULL; - int result = FALSE; - - lp = hp->monList; - while (lp) - { - if (!strncasecmp(idp->my_name, lp->notifyHost, SM_MAXSTRLEN) - && (idp->my_prog == lp->notifyProg) && (idp->my_proc == lp->notifyProc) - && (idp->my_vers == lp->notifyVers)) - { - /* found one. Unhook from chain and free. */ - next = lp->next; - if (last) last->next = next; - else hp->monList = next; - free(lp); - lp = next; - result = TRUE; - } - else - { - last = lp; - lp = lp->next; - } - } - return (result); -} - -/* sm_unmon_1 -------------------------------------------------------------- */ -/* - Purpose: RPC procedure to release a monitor request. - Returns: Local machine's status number - Notes: The supplied mon_id should match the value passed in an - earlier call to sm_mon_1 -*/ - -struct sm_stat *sm_unmon_1_svc(mon_id *arg, struct svc_req *req __unused) -{ - static sm_stat res; - HostInfo *hp; - - if (debug) - { - syslog(LOG_DEBUG, "un-monitor request for host %s", arg->mon_name); - syslog(LOG_DEBUG, "recall host: %s prog: %d ver: %d proc: %d", - arg->mon_name, - arg->my_id.my_prog, arg->my_id.my_vers, arg->my_id.my_proc); - } - - if ((hp = find_host(arg->mon_name, FALSE))) - { - if (do_unmon(hp, &arg->my_id)) sync_file(); - else - { - syslog(LOG_ERR, "unmon request from %s, no matching monitor", - arg->my_id.my_name); - } - } - else syslog(LOG_ERR, "unmon request from %s for unknown host %s", - arg->my_id.my_name, arg->mon_name); - - res.state = status_info->ourState; - - return (&res); -} - -/* sm_unmon_all_1 ---------------------------------------------------------- */ -/* - Purpose: RPC procedure to release monitor requests. - Returns: Local machine's status number - Notes: Releases all monitor requests (if any) from the specified - host and program number. -*/ - -struct sm_stat *sm_unmon_all_1_svc(my_id *arg, struct svc_req *req __unused) -{ - static sm_stat res; - HostInfo *hp; - int i; - - if (debug) - { - syslog(LOG_DEBUG, "unmon_all for host: %s prog: %d ver: %d proc: %d", - arg->my_name, arg->my_prog, arg->my_vers, arg->my_proc); - } - - for (i = status_info->noOfHosts, hp = status_info->hosts; i; i--, hp++) - { - do_unmon(hp, arg); - } - sync_file(); - - res.state = status_info->ourState; - - return (&res); -} - -/* sm_simu_crash_1 --------------------------------------------------------- */ -/* - Purpose: RPC procedure to simulate a crash - Returns: Nothing - Notes: Standardised mechanism for debug purposes - The specification says that we should drop all of our - status information (apart from the list of monitored hosts - on disc). However, this would confuse the rpc.lockd - which would be unaware that all of its monitor requests - had been silently junked. Hence we in fact retain all - current requests and simply increment the status counter - and inform all hosts on the monitor list. -*/ - -void *sm_simu_crash_1_svc(void *v __unused, struct svc_req *req __unused) -{ - static char dummy; - int work_to_do = FALSE; - HostInfo *hp; - int i; - - if (debug) syslog(LOG_DEBUG, "simu_crash called!!"); - - /* Simulate crash by setting notify-required flag on all monitored */ - /* hosts, and incrementing our status number. notify_hosts() is */ - /* then called to fork a process to do the notifications. */ - - for (i = status_info->noOfHosts, hp = status_info->hosts; i ; i--, hp++) - { - if (hp->monList) - { - work_to_do = TRUE; - hp->notifyReqd = TRUE; - } - } - status_info->ourState += 2; /* always even numbers if not crashed */ - - if (work_to_do) notify_hosts(); - - return (&dummy); -} - -/* sm_notify_1 ------------------------------------------------------------- */ -/* - Purpose: RPC procedure notifying local statd of the crash of another - Returns: Nothing - Notes: There is danger of deadlock, since it is quite likely that - the client procedure that we call will in turn call us - to remove or adjust the monitor request. - We therefore fork() a process to do the notifications. - Note that the main HostInfo structure is in a mmap() - region and so will be shared with the child, but the - monList pointed to by the HostInfo is in normal memory. - Hence if we read the monList before forking, we are - protected from the parent servicing other requests - that modify the list. -*/ - -void *sm_notify_1_svc(stat_chge *arg, struct svc_req *req __unused) -{ - struct timeval timeout = { 20, 0 }; /* 20 secs timeout */ - CLIENT *cli; - static char dummy; - sm_status tx_arg; /* arg sent to callback procedure */ - MonList *lp; - HostInfo *hp; - pid_t pid; - - if (debug) syslog(LOG_DEBUG, "notify from host %s, new state %d", - arg->mon_name, arg->state); - - hp = find_host(arg->mon_name, FALSE); - if (!hp) - { - /* - * Hmmm... We've never heard of this host. - * It's possible the host just didn't give us the right hostname. - * Let's try the IP address the request came from and any hostnames it has. - */ - struct sockaddr_in *claddr; - if ((claddr = svc_getcaller(req->rq_xprt))) { - struct hostent *he; - he = gethostbyaddr((char*)&claddr->sin_addr, sizeof(claddr->sin_addr), AF_INET); - if (he) { - char **np = he->h_aliases; - hp = find_host(he->h_name, FALSE); - while (!hp && *np) { - hp = find_host(*np, FALSE); - if (!hp) - np++; - } - } - if (hp) - syslog(LOG_DEBUG, "Notification from host %s found as %s", - arg->mon_name, hp->hostname); - } - if (!hp) { - /* Never heard of this host - why is it notifying us? */ - syslog(LOG_DEBUG, "Unsolicited notification from host %s", arg->mon_name); - return (&dummy); - } - } - lp = hp->monList; - if (!lp) return (&dummy); /* We know this host, but have no */ - /* outstanding requests. */ - pid = fork(); - if (pid == -1) - { - syslog(LOG_ERR, "Unable to fork notify process - %s", strerror(errno)); - return (NULL); /* no answer, the client will retry */ - } - if (pid) return (&dummy); /* Parent returns */ - - while (lp) - { - tx_arg.mon_name = hp->hostname; - tx_arg.state = arg->state; - memcpy(tx_arg.priv, lp->notifyData, sizeof(tx_arg.priv)); - cli = clnt_create(lp->notifyHost, lp->notifyProg, lp->notifyVers, "udp"); - if (!cli) - { - syslog(LOG_ERR, "Failed to contact host %s%s", lp->notifyHost, - clnt_spcreateerror("")); - } - else - { - if (clnt_call(cli, lp->notifyProc, xdr_sm_status, &tx_arg, xdr_void, - &dummy, timeout) != RPC_SUCCESS) - { - syslog(LOG_ERR, "Failed to call rpc.statd client at host %s", - lp->notifyHost); - } - clnt_destroy(cli); - } - lp = lp->next; - } - - exit (0); /* Child quits */ -} diff --git a/rpc_statd.tproj/rpc.statd.8 b/rpc_statd.tproj/rpc.statd.8 deleted file mode 100644 index 10adc5a..0000000 --- a/rpc_statd.tproj/rpc.statd.8 +++ /dev/null @@ -1,112 +0,0 @@ -.\" -*- nroff -*- -.\" -.\" Copyright (c) 1995 A.R.Gordon, andrew.gordon@net-tel.co.uk -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $FreeBSD$ -.\" -.Dd September 19, 1995 -.Dt RPC.STATD 8 -.Os -.Sh NAME -.Nm rpc.statd -.Nd host status monitoring daemon -.Sh SYNOPSIS -.Nm -.Op Fl d -.Sh DESCRIPTION -The -.Nm -utility -is a daemon which co-operates with -.Nm -daemons on other hosts to provide -a status monitoring service. The daemon accepts requests from -programs running on the local host (typically, -.Xr rpc.lockd 8 , -the NFS file locking daemon) to monitor the status of specified -hosts. If a monitored host crashes and restarts, the remote daemon will -notify the local daemon, which in turn will notify the local program(s) -which requested the monitoring service. Conversely, if this host crashes -and re-starts, when the -.Nm -re-starts, it will notify all of the hosts which were being monitored -at the time of the crash. -.Pp -The following option is available: -.Bl -tag -width indent -.It Fl d -Cause debugging information to be written to syslog, recording -all RPC transactions to the daemon. These messages are logged with level -LOG_DEBUG and facility LOG_DAEMON. Error conditions are logged irrespective -of this option, using level LOG_ERR. -.It Fl n -Just send SM_NOTIFY messages to notify any hosts of a restart. -Do not start daemon. -.El -.Pp -The -.Nm -utility must NOT be invoked by -.Xr inetd 8 -because the protocol assumes that the daemon will run from system start time. -Instead, it should be run from -.Xr rc 8 -after the network has been started. -.Sh FILES -.Bl -tag -width /usr/include/rpcsvc/sm_inter.x -compact -.It Pa /var/db/statd.status -non-volatile record of currently monitored hosts. -.It Pa /usr/include/rpcsvc/sm_inter.x -RPC protocol specification used by local applications to register monitoring requests. -.El -.Sh SEE ALSO -.Xr syslog 3 , -.Xr rc 8 , -.Xr rpc.lockd 8 -.Sh BUGS -There is no means for the daemon to tell when a monitored host has -disappeared permanently (eg. catastrophic hardware failure), as opposed -to transient failure of the host or an intermediate router. At present, -it will re-try notification attempts at frequent intervals for 10 minutes, -then hourly, and finally gives up after 24 hours. -.Pp -The protocol requires that symmetric monitor requests are made to both -the local and remote daemon in order to establish a monitored relationship. -This is convenient for the NFS locking protocol, but probably reduces the -usefulness of the monitoring system for other applications. -.Pp -The current implementation uses more than 1Kbyte per monitored host in -the status file (and also in VM). This may be inefficient for NFS servers -with large numbers of clients. -.Sh STANDARDS -The implementation is based on the specification in X/Open CAE Specification -C218, "Protocols for X/Open PC Interworking: XNFS, Issue 4", ISBN 1 872630 66 9 diff --git a/rpc_statd.tproj/sm_inter_svc.c b/rpc_statd.tproj/sm_inter_svc.c deleted file mode 100644 index 201921f..0000000 --- a/rpc_statd.tproj/sm_inter_svc.c +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Please do not edit this file. - * It was generated using rpcgen. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#ifdef __cplusplus -#include -#endif /* __cplusplus */ -#include -#include -#include -#include - -#ifdef __STDC__ -#define SIG_PF void(*)(int) -#endif - -#ifdef DEBUG -#define RPC_SVC_FG -#endif - -#define _RPCSVC_CLOSEDOWN 120 -#ifndef lint -/*static char sccsid[] = "from: @(#)sm_inter.x 1.7 87/06/24 Copyr 1987 Sun Micro";*/ -/*static char sccsid[] = "from: @(#)sm_inter.x 2.2 88/08/01 4.0 RPCSRC";*/ -static char rcsid[] = "$Id: sm_inter_svc.c,v 1.2 2002/09/27 05:04:10 lindak Exp $"; -#endif /* not lint */ - -void sm_prog_1(struct svc_req *rqstp, SVCXPRT *transp); - -void -sm_prog_1(struct svc_req *rqstp, SVCXPRT *transp) -{ - union { - struct sm_name sm_stat_1_arg; - struct mon sm_mon_1_arg; - struct mon_id sm_unmon_1_arg; - struct my_id sm_unmon_all_1_arg; - struct stat_chge sm_notify_1_arg; - } argument; - char *result; - xdrproc_t xdr_argument, xdr_result; - char *(*local)(char *, struct svc_req *); - - switch (rqstp->rq_proc) { - case NULLPROC: - (void) svc_sendreply(transp, (xdrproc_t) xdr_void, (char *)NULL); - return; - - case SM_STAT: - xdr_argument = (xdrproc_t) xdr_sm_name; - xdr_result = (xdrproc_t) xdr_sm_stat_res; - local = (char *(*)(char *, struct svc_req *)) sm_stat_1_svc; - break; - - case SM_MON: - xdr_argument = (xdrproc_t) xdr_mon; - xdr_result = (xdrproc_t) xdr_sm_stat_res; - local = (char *(*)(char *, struct svc_req *)) sm_mon_1_svc; - break; - - case SM_UNMON: - xdr_argument = (xdrproc_t) xdr_mon_id; - xdr_result = (xdrproc_t) xdr_sm_stat; - local = (char *(*)(char *, struct svc_req *)) sm_unmon_1_svc; - break; - - case SM_UNMON_ALL: - xdr_argument = (xdrproc_t) xdr_my_id; - xdr_result = (xdrproc_t) xdr_sm_stat; - local = (char *(*)(char *, struct svc_req *)) sm_unmon_all_1_svc; - break; - - case SM_SIMU_CRASH: - xdr_argument = (xdrproc_t) xdr_void; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) sm_simu_crash_1_svc; - break; - - case SM_NOTIFY: - xdr_argument = (xdrproc_t) xdr_stat_chge; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) sm_notify_1_svc; - break; - - default: - svcerr_noproc(transp); - return; - } - (void) memset((char *)&argument, 0, sizeof (argument)); - if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { - svcerr_decode(transp); - return; - } - result = (*local)((char *)&argument, rqstp); - if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { - svcerr_systemerr(transp); - } - if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { - syslog(LOG_ERR, "unable to free arguments"); - exit(1); - } - return; -} diff --git a/rpc_statd.tproj/sm_inter_xdr.c b/rpc_statd.tproj/sm_inter_xdr.c deleted file mode 100644 index b9b887b..0000000 --- a/rpc_statd.tproj/sm_inter_xdr.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Please do not edit this file. - * It was generated using rpcgen. - */ - -#include -#ifndef lint -/*static char sccsid[] = "from: @(#)sm_inter.x 1.7 87/06/24 Copyr 1987 Sun Micro";*/ -/*static char sccsid[] = "from: @(#)sm_inter.x 2.2 88/08/01 4.0 RPCSRC";*/ -static char rcsid[] = "$Id: sm_inter_xdr.c,v 1.2 2002/09/27 05:04:10 lindak Exp $"; -#endif /* not lint */ - -bool_t -xdr_sm_name(XDR *xdrs, sm_name *objp) -{ - - if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_my_id(XDR *xdrs, my_id *objp) -{ - - if (!xdr_string(xdrs, &objp->my_name, SM_MAXSTRLEN)) - return (FALSE); - if (!xdr_int(xdrs, &objp->my_prog)) - return (FALSE); - if (!xdr_int(xdrs, &objp->my_vers)) - return (FALSE); - if (!xdr_int(xdrs, &objp->my_proc)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_mon_id(XDR *xdrs, mon_id *objp) -{ - - if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) - return (FALSE); - if (!xdr_my_id(xdrs, &objp->my_id)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_mon(XDR *xdrs, mon *objp) -{ - - if (!xdr_mon_id(xdrs, &objp->mon_id)) - return (FALSE); - if (!xdr_opaque(xdrs, objp->priv, 16)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_stat_chge(XDR *xdrs, stat_chge *objp) -{ - - if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) - return (FALSE); - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_sm_stat(XDR *xdrs, sm_stat *objp) -{ - - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_sm_res(XDR *xdrs, sm_res *objp) -{ - - if (!xdr_enum(xdrs, (enum_t *)objp)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_sm_stat_res(XDR *xdrs, sm_stat_res *objp) -{ - - if (!xdr_sm_res(xdrs, &objp->res_stat)) - return (FALSE); - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - return (TRUE); -} - -bool_t -xdr_sm_status(XDR *xdrs, sm_status *objp) -{ - - if (!xdr_string(xdrs, &objp->mon_name, SM_MAXSTRLEN)) - return (FALSE); - if (!xdr_int(xdrs, &objp->state)) - return (FALSE); - if (!xdr_opaque(xdrs, objp->priv, 16)) - return (FALSE); - return (TRUE); -} diff --git a/rpc_statd.tproj/statd.c b/rpc_statd.tproj/statd.c deleted file mode 100644 index 4527568..0000000 --- a/rpc_statd.tproj/statd.c +++ /dev/null @@ -1,277 +0,0 @@ -/* - * Copyright (c) 1995 - * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed for the FreeBSD project - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#ifndef lint -static const char rcsid[] = - "$FreeBSD$"; -#endif /* not lint */ - -/* main() function for status monitor daemon. Some of the code in this */ -/* file was generated by running rpcgen /usr/include/rpcsvc/sm_inter.x */ -/* The actual program logic is in the file procs.c */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "statd.h" - -int debug = 0; /* Controls syslog() calls for debug messages */ -int notify_only = 0; /* only send SM_NOTIFY messages */ -const char *pid_file = NULL; /* name of any pid file that has been claimed */ - -extern void sm_prog_1(struct svc_req *rqstp, SVCXPRT *transp); -static void handle_sigchld(int sig); -static void handle_sig_cleanup(int sig); -static void cleanup_pid_file(void); -static void usage(void); - -int -main(int argc, char **argv) -{ - SVCXPRT *transp; - struct sigaction sa; - int c; - int mib[6]; - int oldstate; - int oldsize; - int newstate; - - - while ((c = getopt(argc, argv, "dn")) != EOF) - switch (c) { - case 'd': - debug = 1; - break; - case 'n': - notify_only = 1; - break; - default: - usage(); - } - - /* Install signal handler to remove any pid file */ - signal(SIGINT, handle_sig_cleanup); - signal(SIGTERM, handle_sig_cleanup); - signal(SIGHUP, handle_sig_cleanup); - signal(SIGQUIT, handle_sig_cleanup); - - init_file("/var/db/statd.status"); - - openlog("rpc.statd", 0, LOG_DAEMON); - - if (notify_only) { - notify_hosts(); - exit(0); - } - - /* Note that it is NOT sensible to run this program from inetd - the */ - /* protocol assumes that it will run immediately at boot time. */ - daemon(0, 0); - - mib[0] = CTL_KERN; - mib[1] = KERN_PROCDELAYTERM; - - oldstate = 0; - oldsize = 4; - newstate = 1; - - if (sysctl(mib, 2, &oldstate, &oldsize, &newstate, 4) < 0) { - syslog(LOG_INFO, "cannot mark pid for delayed termination"); - } - - - if (claim_pid_file("/var/run/statd.pid", 0) < 0) - errx(1, "rpc.statd already running"); - - (void)pmap_unset(SM_PROG, SM_VERS); - - transp = svcudp_create(RPC_ANYSOCK); - if (transp == NULL) - errx(1, "cannot create udp service"); - if (!svc_register(transp, SM_PROG, SM_VERS, sm_prog_1, IPPROTO_UDP)) - errx(1, "unable to register (SM_PROG, SM_VERS, udp)"); - - transp = svctcp_create(RPC_ANYSOCK, 0, 0); - if (transp == NULL) - errx(1, "cannot create tcp service"); - if (!svc_register(transp, SM_PROG, SM_VERS, sm_prog_1, IPPROTO_TCP)) - errx(1, "unable to register (SM_PROG, SM_VERS, tcp)"); - - if (debug) syslog(LOG_INFO, "Starting - debug enabled"); - else syslog(LOG_INFO, "Starting"); - - /* Install signal handler to collect exit status of child processes */ - sa.sa_handler = handle_sigchld; - sigemptyset(&sa.sa_mask); - sigaddset(&sa.sa_mask, SIGCHLD); - sa.sa_flags = SA_RESTART; - sigaction(SIGCHLD, &sa, NULL); - - /* Initialisation now complete - start operating */ - notify_hosts(); /* Forks a process (if necessary) to do the */ - /* SM_NOTIFY calls, which may be slow. */ - - svc_run(); /* Should never return */ - exit(1); -} - -static void -usage() -{ - fprintf(stderr, "usage: rpc.statd [-dn]\n"); - exit(1); -} - -/* handle_sigchld ---------------------------------------------------------- */ -/* - Purpose: Catch SIGCHLD and collect process status - Returns: Nothing. - Notes: No special action required, other than to collect the - process status and hence allow the child to die: - we only use child processes for asynchronous transmission - of SM_NOTIFY to other systems, so it is normal for the - children to exit when they have done their work. -*/ - -static void handle_sigchld(int sig __unused) -{ - int pid, status; - pid = wait4(-1, &status, WNOHANG, (struct rusage*)0); - if (!pid) syslog(LOG_ERR, "Phantom SIGCHLD??"); - else if (status == 0) - { - if (debug) syslog(LOG_DEBUG, "Child %d exited OK", pid); - } - else syslog(LOG_ERR, "Child %d failed with status %d", pid, - WEXITSTATUS(status)); -} - - -/* claim_pid_file ---------------------------------------------------------- */ -/* - Purpose: take ownership of and store pid in given pid_file - Returns: 0 on success or -1 on failure - Notes: force parameter requests that current owner (if any) of - pid file be terminated. -*/ - -int -claim_pid_file(const char *name, int force) -{ - int pidfd, rv, retried = 0; - FILE *pidfile; - -try_again: - - /* attempt exclusive open of pid file */ - pidfd = open(name, O_EXCL|O_CREAT|O_WRONLY, - S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); - if (pidfd < 0) { - char buf[16]; - pid_t pid; - if (retried) - return -1; - bzero(buf, 16); - retried = 1; - /* pid file busy, check validity */ - pidfd = open(name, O_RDONLY); - if (pidfd < 0) - goto try_again; - rv = read(pidfd, buf, 15); - close(pidfd); - if (rv <= 0) - goto try_again; - pid = atoi(buf); - if (pid <= 0) - goto try_again; - rv = kill(pid, force ? SIGKILL : 0); - /* if can't signal, assume stale pid file */ - if ((rv < 0) || force) - unlink(name); - goto try_again; - } - pid_file = name; - atexit(cleanup_pid_file); - - pidfile = fdopen(pidfd, "w"); - if (pidfile) { - fchmod(pidfd, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); - fprintf(pidfile, "%d\n", getpid()); - fclose(pidfile); - } else - perror("fdopen"); - close(pidfd); - return 0; -} - - -/* cleanup_pid_file -------------------------------------------------------- */ -/* - Purpose: delete any pid_file that has been claimed - Returns: Nothing -*/ - -void -cleanup_pid_file(void) -{ - if (pid_file) { - unlink(pid_file); - pid_file = NULL; - } -} - - -/* handle_sig_cleanup ------------------------------------------------------ */ -/* - Purpose: call pid file cleanup function on signal - Returns: Nothing -*/ - -static void -handle_sig_cleanup(int sig __unused) -{ - cleanup_pid_file(); - exit(1); -} - diff --git a/rpc_statd.tproj/statd.h b/rpc_statd.tproj/statd.h deleted file mode 100644 index 002de8a..0000000 --- a/rpc_statd.tproj/statd.h +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 1995 - * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed for the FreeBSD project - * 4. Neither the name of the author nor the names of any co-contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - - - -#include - -/* ------------------------------------------------------------------------- */ -/* - Data structures for recording monitored hosts - - The information held by the status monitor comprises a list of hosts - that we have been asked to monitor, and, associated with each monitored - host, one or more clients to be called back if the monitored host crashes. - - The list of monitored hosts must be retained over a crash, so that upon - re-boot we can call the SM_NOTIFY procedure in all those hosts so as to - cause them to start recovery processing. On the other hand, the client - call-backs are not required to be preserved: they are assumed (in the - protocol design) to be local processes which will have crashed when - we did, and so are discarded on restart. - - We handle this by keeping the list of monitored hosts in a file - (/var/statd.state) which is mmap()ed and whose format is described - by the typedef FileLayout. The lists of client callbacks are chained - off this structure, but are held in normal memory and so will be - lost after a re-boot. Hence the actual values of MonList * pointers - in the copy on disc have no significance, but their NULL/non-NULL - status indicates whether this host is actually being monitored or if it - is an empty slot in the file. -*/ - -typedef struct MonList_s -{ - struct MonList_s *next; /* Next in list or NULL */ - char notifyHost[SM_MAXSTRLEN + 1]; /* Host to notify */ - int notifyProg; /* RPC program number to call */ - int notifyVers; /* version number */ - int notifyProc; /* procedure number */ - unsigned char notifyData[16]; /* Opaque data from caller */ -} MonList; - -typedef struct -{ - char hostname[SM_MAXSTRLEN + 1]; /* Name of monitored host */ - int notifyReqd; /* TRUE if we've crashed and not yet */ - /* informed the monitored host */ - MonList *monList; /* List of clients to inform if we */ - /* hear that the monitored host has */ - /* crashed, NULL if no longer monitored */ -} HostInfo; - - -/* Overall file layout. */ - -typedef struct -{ - int ourState; /* State number as defined in statd protocol */ - int noOfHosts; /* Number of elements in hosts[] */ - char reserved[248]; /* Reserved for future use */ - HostInfo hosts[1]; /* vector of monitored hosts */ -} FileLayout; - -#define HEADER_LEN (sizeof(FileLayout) - sizeof(HostInfo)) - -/* ------------------------------------------------------------------------- */ - -/* Global variables */ - -extern FileLayout *status_info; /* The mmap()ed status file */ - -extern int debug; /* =1 to enable diagnostics to syslog */ -extern int notify_only; /* only send SM_NOTIFY messages */ -extern const char *pid_file; /* name of PID file */ - -/* Function prototypes */ - -extern int claim_pid_file(const char *name, int force); -extern HostInfo *find_host(char * /*hostname*/, int /*create*/); -extern void init_file(const char * /*filename*/); -extern void notify_hosts(void); -extern void sync_file(void); -extern int sm_check_hostname(struct svc_req *req, char *arg); - -#ifndef __unused -#define __unused -#endif diff --git a/rpc_statd.tproj/test.c b/rpc_statd.tproj/test.c deleted file mode 100644 index 6df1501..0000000 --- a/rpc_statd.tproj/test.c +++ /dev/null @@ -1,144 +0,0 @@ - -#ifndef lint -static const char rcsid[] = - "$FreeBSD$"; -#endif /* not lint */ - -#include -#include -#include - - -/* Default timeout can be changed using clnt_control() */ -static struct timeval TIMEOUT = { 25, 0 }; - -struct sm_stat_res * -sm_stat_1(argp, clnt) - struct sm_name *argp; - CLIENT *clnt; -{ - static struct sm_stat_res res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, SM_STAT, xdr_sm_name, argp, xdr_sm_stat_res, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -struct sm_stat_res * -sm_mon_1(argp, clnt) - struct mon *argp; - CLIENT *clnt; -{ - static struct sm_stat_res res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, SM_MON, xdr_mon, argp, xdr_sm_stat_res, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -struct sm_stat * -sm_unmon_1(argp, clnt) - struct mon_id *argp; - CLIENT *clnt; -{ - static struct sm_stat res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, SM_UNMON, xdr_mon_id, argp, xdr_sm_stat, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -struct sm_stat * -sm_unmon_all_1(argp, clnt) - struct my_id *argp; - CLIENT *clnt; -{ - static struct sm_stat res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, SM_UNMON_ALL, xdr_my_id, argp, xdr_sm_stat, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&res); -} - - -void * -sm_simu_crash_1(argp, clnt) - void *argp; - CLIENT *clnt; -{ - static char res; - - bzero((char *)&res, sizeof(res)); - if (clnt_call(clnt, SM_SIMU_CRASH, xdr_void, argp, xdr_void, &res, TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return ((void *)&res); -} - - -int main(int argc, char **argv) -{ - CLIENT *cli; - char dummy; - void *out; - struct mon mon; - - if (argc < 2) - { - fprintf(stderr, "usage: test | crash\n"); - fprintf(stderr, "always talks to statd at localhost\n"); - exit(1); - } - - printf("Creating client for localhost\n" ); - cli = clnt_create("localhost", SM_PROG, SM_VERS, "udp"); - if (!cli) - { - printf("Failed to create client\n"); - exit(1); - } - - mon.mon_id.mon_name = argv[1]; - mon.mon_id.my_id.my_name = argv[1]; - mon.mon_id.my_id.my_prog = SM_PROG; - mon.mon_id.my_id.my_vers = SM_VERS; - mon.mon_id.my_id.my_proc = 1; /* have it call sm_stat() !!! */ - - if (strcmp(argv[1], "crash")) - { - /* Hostname given */ - struct sm_stat_res *res; - if (res = sm_mon_1(&mon, cli)) - { - printf("Success!\n"); - } - else - { - printf("Fail\n"); - } - } - else - { - if (out = sm_simu_crash_1(&dummy, cli)) - { - printf("Success!\n"); - } - else - { - printf("Fail\n"); - } - } - - return 0; -} diff --git a/rpc_yppasswdd.tproj/Makefile b/rpc_yppasswdd.tproj/Makefile deleted file mode 100644 index 9c1a49e..0000000 --- a/rpc_yppasswdd.tproj/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rpc.yppasswdd - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = yppasswd.h - -CFILES = passwd.c rpc.yppasswdd.c yppasswdd_mkpw.c yppasswdd_proc.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble\ - rpc.yppasswdd.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/libexec -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rpc_yppasswdd.tproj/Makefile.postamble b/rpc_yppasswdd.tproj/Makefile.postamble deleted file mode 100644 index 509e7f5..0000000 --- a/rpc_yppasswdd.tproj/Makefile.postamble +++ /dev/null @@ -1,101 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S -STRIPFLAGS = - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# diff --git a/rpc_yppasswdd.tproj/Makefile.preamble b/rpc_yppasswdd.tproj/Makefile.preamble deleted file mode 100644 index 83f25c7..0000000 --- a/rpc_yppasswdd.tproj/Makefile.preamble +++ /dev/null @@ -1,123 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. <> -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSION: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO diff --git a/rpc_yppasswdd.tproj/PB.project b/rpc_yppasswdd.tproj/PB.project deleted file mode 100644 index 4e3a617..0000000 --- a/rpc_yppasswdd.tproj/PB.project +++ /dev/null @@ -1,27 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (yppasswd.h); - OTHER_LIBS = (); - OTHER_LINKED = (passwd.c, rpc.yppasswdd.c, yppasswdd_mkpw.c, yppasswdd_proc.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, rpc.yppasswdd.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/libexec; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = rpc.yppasswdd; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/rpc_yppasswdd.tproj/passwd.c b/rpc_yppasswdd.tproj/passwd.c deleted file mode 100644 index a5d9982..0000000 --- a/rpc_yppasswdd.tproj/passwd.c +++ /dev/null @@ -1,461 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $NetBSD: passwd.c,v 1.11 1997/12/31 05:47:15 thorpej Exp $ */ - -/* - * Copyright (c) 1987, 1993, 1994, 1995 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#if defined(LIBC_SCCS) && !defined(lint) -__RCSID("$NetBSD: passwd.c,v 1.11 1997/12/31 05:47:15 thorpej Exp $"); -#endif /* LIBC_SCCS and not lint */ - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -static void pw_cont __P((int sig)); -static int pw_equal __P((char *buf, struct passwd *old_pw)); - -int -pw_lock(retries) - int retries; -{ - int i, fd; - mode_t old_mode; - - /* Acquire the lock file. */ - old_mode = umask(0); - fd = open(_PATH_MASTERPASSWD_LOCK, O_WRONLY|O_CREAT|O_EXCL, 0600); - for (i = 0; i < retries && fd < 0 && errno == EEXIST; i++) { - sleep(1); - fd = open(_PATH_MASTERPASSWD_LOCK, O_WRONLY|O_CREAT|O_EXCL, - 0600); - } - umask(old_mode); - return(fd); -} - -int -pw_mkdb() -{ - int pstat; - pid_t pid; - struct stat sb; - - /* A zero length passwd file is never ok */ - if (stat(_PATH_MASTERPASSWD_LOCK, &sb) == 0) { - if (sb.st_size == 0) { - warnx("%s is zero length", _PATH_MASTERPASSWD_LOCK); - return (-1); - } - } - - pid = vfork(); - if (pid == 0) { - execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", - _PATH_MASTERPASSWD_LOCK, NULL); - _exit(1); - } - pid = waitpid(pid, &pstat, 0); - if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0) - return(-1); - return(0); -} - -int -pw_abort() -{ - return(unlink(_PATH_MASTERPASSWD_LOCK)); -} - -/* Everything below this point is intended for the convenience of programs - * which allow a user to interactively edit the passwd file. Errors in the - * routines below will cause the process to abort. */ - -static pid_t editpid = -1; - -static void -pw_cont(sig) - int sig; -{ - - if (editpid != -1) - kill(editpid, sig); -} - -void -pw_init() -{ - struct rlimit rlim; - - /* Unlimited resource limits. */ - rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY; - (void)setrlimit(RLIMIT_CPU, &rlim); - (void)setrlimit(RLIMIT_FSIZE, &rlim); - (void)setrlimit(RLIMIT_STACK, &rlim); - (void)setrlimit(RLIMIT_DATA, &rlim); - (void)setrlimit(RLIMIT_RSS, &rlim); - - /* Don't drop core (not really necessary, but GP's). */ - rlim.rlim_cur = rlim.rlim_max = 0; - (void)setrlimit(RLIMIT_CORE, &rlim); - - /* Turn off signals. */ - (void)signal(SIGALRM, SIG_IGN); - (void)signal(SIGHUP, SIG_IGN); - (void)signal(SIGINT, SIG_IGN); - (void)signal(SIGPIPE, SIG_IGN); - (void)signal(SIGQUIT, SIG_IGN); - (void)signal(SIGTERM, SIG_IGN); - (void)signal(SIGCONT, pw_cont); -} - -void -pw_edit(notsetuid, filename) - int notsetuid; - const char *filename; -{ - int i, xargc, pstat; - char *p, *editor; - char **xargv; -#ifdef __GNUC__ - (void) &editor; -#endif - - if (filename == NULL) - filename = _PATH_MASTERPASSWD_LOCK; - if ((editor = getenv("EDITOR")) == NULL) - editor = strdup(_PATH_VI); - else - editor = strdup(editor); - if ((p = strrchr(editor, '/'))) - ++p; - else - p = editor; - - /* Scan editor string, count spaces, allocate arg vector. */ - for (i = 0, xargc = 0; p[i] != '\0'; i++) { - if (isspace(p[i])) { - while (isspace(p[i++])) - /* skip white space */ ; - if (p[i] == '\0') - break; - xargc++; - } - } - - /* argv[0] + + filename + NULL */ - xargv = (char **)malloc(sizeof(char *) * (xargc + 3)); - if (xargv == NULL) - pw_error("malloc failed", 1, 1); - - i = 0; - xargv[i++] = p; - for (; *p != '\0'; p++) { - if (isspace(*p)) { - while(isspace(*p)) - *p++ = '\0'; /* blast whitespace */ - if (*p == '\0') - break; - xargv[i++] = p; - } - } - - xargv[i++] = (char *)filename; - xargv[i] = NULL; - - if (!(editpid = vfork())) { - if (notsetuid) { - setgid(getgid()); - setuid(getuid()); - } - execvp(editor, xargv); - _exit(1); - } - for (;;) { - editpid = waitpid(editpid, (int *)&pstat, WUNTRACED); - if (editpid == -1) - pw_error(editor, 1, 1); - else if (WIFSTOPPED(pstat)) - raise(WSTOPSIG(pstat)); - else if (WIFEXITED(pstat) && WEXITSTATUS(pstat) == 0) - break; - else - pw_error(editor, 1, 1); - } - editpid = -1; - free(editor); - free(xargv); -} - -void -pw_prompt() -{ - int c; - - (void)printf("re-edit the password file? [y]: "); - (void)fflush(stdout); - c = getchar(); - if (c != EOF && c != '\n') - while (getchar() != '\n'); - if (c == 'n') - pw_error(NULL, 0, 0); -} - -/* for use in pw_copy(). Compare a pw entry to a pw struct. */ -static int -pw_equal (buf, pw) - char *buf; - struct passwd *pw; -{ - struct passwd buf_pw; - int len = strlen (buf); - if (buf[len-1] == '\n') - buf[len-1] = '\0'; - if (!pw_scan(buf, &buf_pw, NULL)) - return 0; - return !strcmp(pw->pw_name, buf_pw.pw_name) - && pw->pw_uid == buf_pw.pw_uid - && pw->pw_gid == buf_pw.pw_gid - && !strcmp(pw->pw_class, buf_pw.pw_class) - && (long)pw->pw_change == (long)buf_pw.pw_change - && (long)pw->pw_expire == (long)buf_pw.pw_expire - && !strcmp(pw->pw_gecos, buf_pw.pw_gecos) - && !strcmp(pw->pw_dir, buf_pw.pw_dir) - && !strcmp(pw->pw_shell, buf_pw.pw_shell); -} - -void -pw_copy(ffd, tfd, pw, old_pw) - int ffd, tfd; - struct passwd *pw, *old_pw; -{ - FILE *from, *to; - int done; - char *p, buf[8192]; - - if (!(from = fdopen(ffd, "r"))) - pw_error(_PATH_MASTERPASSWD, 1, 1); - if (!(to = fdopen(tfd, "w"))) - pw_error(_PATH_MASTERPASSWD_LOCK, 1, 1); - - for (done = 0; fgets(buf, sizeof(buf), from);) { - if (!strchr(buf, '\n')) { - warnx("%s: line too long", _PATH_MASTERPASSWD); - pw_error(NULL, 0, 1); - } - if (done) { - (void)fprintf(to, "%s", buf); - if (ferror(to)) - goto err; - continue; - } - if (buf[0] == '#') { - /* skip comments for Rhapsody. */ - continue; - } - if (!(p = strchr(buf, ':'))) { - warnx("%s: corrupted entry", _PATH_MASTERPASSWD); - pw_error(NULL, 0, 1); - } - *p = '\0'; - if (strcmp(buf, pw->pw_name)) { - *p = ':'; - (void)fprintf(to, "%s", buf); - if (ferror(to)) - goto err; - continue; - } - *p = ':'; - if (old_pw && !pw_equal(buf, old_pw)) { - warnx("%s: entry inconsistent", - _PATH_MASTERPASSWD); - pw_error(NULL, 0, 1); - } - (void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n", - pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, - pw->pw_class, (long)pw->pw_change, (long)pw->pw_expire, - pw->pw_gecos, pw->pw_dir, pw->pw_shell); - done = 1; - if (ferror(to)) - goto err; - } - /* Only append a new entry if real uid is root! */ - if (!done) - if (getuid() == 0) - (void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n", - pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, - pw->pw_class, (long)pw->pw_change, - (long)pw->pw_expire, pw->pw_gecos, pw->pw_dir, - pw->pw_shell); - else - warnx("%s: changes not made, no such entry", - _PATH_MASTERPASSWD); - - if (ferror(to)) -err: pw_error(NULL, 1, 1); - (void)fclose(to); -} - -int -pw_scan(bp, pw, flags) - char *bp; - struct passwd *pw; - int *flags; -{ - unsigned long id; - int root; - char *p, *sh, *ep; - - if (flags != (int *)NULL) - *flags = 0; - - if (!(pw->pw_name = strsep(&bp, ":"))) /* login */ - goto fmt; - root = !strcmp(pw->pw_name, "root"); - - if (!(pw->pw_passwd = strsep(&bp, ":"))) /* passwd */ - goto fmt; - - if (!(p = strsep(&bp, ":"))) /* uid */ - goto fmt; - id = strtoul(p, &ep, 10); - if (root && id) { - warnx("root uid should be 0"); - return (0); - } - if (id > UID_MAX || *ep != '\0') { - warnx("invalid uid '%s'", p); - return (0); - } - pw->pw_uid = (uid_t)id; - if ((*p == '\0') && (flags != (int *)NULL)) - *flags |= _PASSWORD_NOUID; - - if (!(p = strsep(&bp, ":"))) /* gid */ - goto fmt; - id = strtoul(p, &ep, 10); - if (id > GID_MAX || *ep != '\0') { - warnx("invalid gid '%s'", p); - return (0); - } - pw->pw_gid = (gid_t)id; - if ((*p == '\0') && (flags != (int *)NULL)) - *flags |= _PASSWORD_NOGID; - - pw->pw_class = strsep(&bp, ":"); /* class */ - if (!(p = strsep(&bp, ":"))) /* change */ - goto fmt; - pw->pw_change = atol(p); - if ((*p == '\0') && (flags != (int *)NULL)) - *flags |= _PASSWORD_NOCHG; - if (!(p = strsep(&bp, ":"))) /* expire */ - goto fmt; - pw->pw_expire = atol(p); - if ((*p == '\0') && (flags != (int *)NULL)) - *flags |= _PASSWORD_NOEXP; - pw->pw_gecos = strsep(&bp, ":"); /* gecos */ - pw->pw_dir = strsep(&bp, ":"); /* directory */ - if (!(pw->pw_shell = strsep(&bp, ":"))) /* shell */ - goto fmt; - - p = pw->pw_shell; - if (root && *p) /* empty == /bin/sh */ - for (setusershell();;) { - if (!(sh = getusershell())) { - warnx("warning, unknown root shell"); - break; - } - if (!strcmp(p, sh)) - break; - } - - if ((p = strsep(&bp, ":"))) { /* too many */ -fmt: warnx("corrupted entry"); - return (0); - } - - return (1); -} - -void -pw_error(name, err, eval) - const char *name; - int err, eval; -{ - if (err) - warn(name); - - warnx("%s: unchanged", _PATH_MASTERPASSWD); - pw_abort(); - exit(eval); -} - diff --git a/rpc_yppasswdd.tproj/rpc.yppasswdd.8 b/rpc_yppasswdd.tproj/rpc.yppasswdd.8 deleted file mode 100644 index 8cda3b5..0000000 --- a/rpc_yppasswdd.tproj/rpc.yppasswdd.8 +++ /dev/null @@ -1,97 +0,0 @@ -.\" $OpenBSD: rpc.yppasswdd.8,v 1.7 1997/08/19 07:00:50 niklas Exp $ -.\" -.\" Copyright (c) 1994 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Mats O Jansson -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" -.Dd July 3, 1994 -.Dt RPC.YPPASSWDD 8 -.Os -.Sh NAME -.Nm rpc.yppasswdd -.Nd YP update password file daemon -.Sh SYNOPSIS -.Nm rpc.yppasswdd -.Op Fl d Ar directory -.Op Fl noshell -.Op Fl nogecos -.Op Fl nopw -.Op Fl m Ar arg1 arg2 ... -.Sh DESCRIPTION -.Nm rpc.yppasswdd -must be running on the YP master server to allow users to change information -in the password file. If the user needs to change his password this is -normally done with a program called -.Nm yppasswd . -This program doesn't exist in OpenBSD but is integrated into -.Xr passwd 1 . -.Nm passwd -will automatically determine which password database should -be modified. -To force a change of a YP password when a local one also exists, use -.Nm passwd -y . -.Pp -Other user information can be changed with -.Xr chpass 1 . -.Pp -If the file -.Nm /var/yp/yppasswdd.log -exists then messages will be written to the file. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl d Ar directory -Use the specified directory to get at the password-related files instead -of /etc. -.It Fl noshell -Don't allow changes of the shell field in the passwd file. -.It Fl nogecos -Don't allow changes of the gecos field in the passwd file. -.It Fl nopw -Don't allow changes of the password in the passwd file. -.It Fl m Ar arg1 arg2 ... -Don't use -.Ar /var/yp/securenet . -Use another file with another file format. For futher information see -man page for -.Ar ypserv.acl . -.El -.Sh FILES -.Bl -tag -width /var/yp/yppasswdd.log -compact -.It Pa /var/yp/yppasswdd.log -.It Pa /etc/passwd -.It Pa /etc/master.passwd -.El -.Sh SEE ALSO -.Xr yp 8 , -.Xr ypserv.acl 5 , -.Xr securenet 5 , -.Xr ypbind 1 -.Sh AUTHOR -Mats O Jansson diff --git a/rpc_yppasswdd.tproj/rpc.yppasswdd.c b/rpc_yppasswdd.tproj/rpc.yppasswdd.c deleted file mode 100644 index 1a88517..0000000 --- a/rpc_yppasswdd.tproj/rpc.yppasswdd.c +++ /dev/null @@ -1,208 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: rpc.yppasswdd.c,v 1.9 1997/08/19 07:00:51 niklas Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: rpc.yppasswdd.c,v 1.9 1997/08/19 07:00:51 niklas Exp $"; -#endif - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include - -#include "yppasswd.h" - -static void yppasswddprog_1(); -void sig_child(); - -int noshell, nogecos, nopw, domake; -char make_arg[1024] = "make"; -char *progname = "yppasswdd"; -char *tempname; -int debug = 0; - -void -usage() -{ - fprintf(stderr, "%s%s", - "usage: rpc.yppasswdd ", - "[-d] [-noshell] [-nogecos] [-nopw] [-m arg1 arg2 ... ]\n"); - exit(1); -} - -int -main(argc, argv) - int argc; - char *argv[]; -{ - SVCXPRT *transp; - int i = 1; - - while (i < argc) { - if (argv[i][0] == '-') { - if (strcmp("-noshell", argv[i]) == 0) { - noshell = 1; - } else if (strcmp("-nogecos", argv[i]) == 0) { - nogecos = 1; - } else if (strcmp("-nopw", argv[i]) == 0) { - nopw = 1; - } else if (strcmp("-m", argv[i]) == 0) { - domake = 1; - while (i < argc) { - strcat(make_arg, " "); - strcat(make_arg, argv[i]); - i++; - } - } else if (strcmp("-d", argv[i]) == 0) { - debug = 1; - } else - usage(); - i++; - } else - usage(); - } - - if (debug == 0) { - (void) daemon(0, 0); - } - chdir("/etc"); - -/* - freopen("/dev/null", "r", stdin); - freopen("/var/yp/stderr", "w", stderr); - freopen("/var/yp/stdout", "w", stdout); -*/ - (void) pmap_unset(YPPASSWDPROG, YPPASSWDVERS); - - (void) signal(SIGCHLD, sig_child); - - transp = svcudp_create(RPC_ANYSOCK); - if (transp == NULL) { - (void) fprintf(stderr, "cannot create udp service.\n"); - exit(1); - } - if (!svc_register(transp, YPPASSWDPROG, YPPASSWDVERS, yppasswddprog_1, - IPPROTO_UDP)) { - fprintf(stderr, "unable to register YPPASSWDPROG, YPPASSWDVERS, udp\n"); - exit(1); - } - transp = svctcp_create(RPC_ANYSOCK, 0, 0); - if (transp == NULL) { - (void) fprintf(stderr, "cannot create tcp service.\n"); - exit(1); - } - if (!svc_register(transp, YPPASSWDPROG, YPPASSWDVERS, yppasswddprog_1, - IPPROTO_TCP)) { - fprintf(stderr, "unable to register YPPASSWDPROG, YPPASSWDVERS, tcp\n"); - exit(1); - } - svc_run(); - (void) fprintf(stderr, "svc_run returned\n"); - exit(1); -} - -static void -yppasswddprog_1(rqstp, transp) - struct svc_req *rqstp; - SVCXPRT *transp; -{ - union { - yppasswd yppasswdproc_update_1_arg; - } argument; - char *result; - bool_t(*xdr_argument) (), (*xdr_result) (); - char *(*local) (); - - switch (rqstp->rq_proc) { - case NULLPROC: - (void) svc_sendreply(transp, xdr_void, (char *) NULL); - return; - case YPPASSWDPROC_UPDATE: - xdr_argument = xdr_yppasswd; - xdr_result = xdr_int; - local = (char *(*) ()) yppasswdproc_update_1_svc; - break; - default: - svcerr_noproc(transp); - return; - } - bzero((char *) &argument, sizeof(argument)); - if (!svc_getargs(transp, xdr_argument, (caddr_t) & argument)) { - svcerr_decode(transp); - return; - } - result = (*local) (&argument, rqstp, transp); -} - -void -sig_child() -{ - int save_errno = errno; - - while (wait3((int *) NULL, WNOHANG, (struct rusage *) NULL) > 0) - ; - errno = save_errno; -} diff --git a/rpc_yppasswdd.tproj/yppasswd.h b/rpc_yppasswdd.tproj/yppasswd.h deleted file mode 100644 index 5592e87..0000000 --- a/rpc_yppasswdd.tproj/yppasswd.h +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yppasswd.h,v 1.4 1997/08/19 07:00:51 niklas Exp $*/ - -/* - * Copyright (c) 1995 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#ifndef _YPPASSWD_H_RPCGEN -#define _YPPASSWD_H_RPCGEN - -struct x_passwd { - char *pw_name; - char *pw_passwd; - int pw_uid; - int pw_gid; - char *pw_gecos; - char *pw_dir; - char *pw_shell; -}; -typedef struct x_passwd x_passwd; -#ifdef __cplusplus -extern "C" bool_t xdr_x_passwd(XDR *, x_passwd*); -#elif defined(__STDC__) -extern bool_t xdr_x_passwd(XDR *, x_passwd*); -#else /* Old Style C */ -bool_t xdr_x_passwd(); -#endif /* Old Style C */ - - -struct yppasswd { - char *oldpass; - x_passwd newpw; -}; -typedef struct yppasswd yppasswd; -#ifdef __cplusplus -extern "C" bool_t xdr_yppasswd(XDR *, yppasswd*); -#elif defined(__STDC__) -extern bool_t xdr_yppasswd(XDR *, yppasswd*); -#else /* Old Style C */ -bool_t xdr_yppasswd(); -#endif /* Old Style C */ - - -#define YPPASSWDPROG ((u_long)100009) -#define YPPASSWDVERS ((u_long)1) - -#ifdef __cplusplus -#define YPPASSWDPROC_UPDATE ((u_long)1) -extern "C" int * yppasswdproc_update_1(yppasswd *, CLIENT *); -extern "C" int * yppasswdproc_update_1_svc(yppasswd *, struct svc_req *, SVCXPRT *); - -#elif defined(__STDC__) -#define YPPASSWDPROC_UPDATE ((u_long)1) -extern int * yppasswdproc_update_1(yppasswd *, CLIENT *); -extern int * yppasswdproc_update_1_svc(yppasswd *, struct svc_req *, SVCXPRT *); - -#else /* Old Style C */ -#define YPPASSWDPROC_UPDATE ((u_long)1) -extern int * yppasswdproc_update_1(); -extern int * yppasswdproc_update_1_svc(); -#endif /* Old Style C */ - -#endif /* !_YPPASSWD_H_RPCGEN */ diff --git a/rpc_yppasswdd.tproj/yppasswdd_mkpw.c b/rpc_yppasswdd.tproj/yppasswdd_mkpw.c deleted file mode 100644 index 6904c44..0000000 --- a/rpc_yppasswdd.tproj/yppasswdd_mkpw.c +++ /dev/null @@ -1,321 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yppasswdd_mkpw.c,v 1.16 1997/11/17 23:56:20 gene Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: yppasswdd_mkpw.c,v 1.16 1997/11/17 23:56:20 gene Exp $"; -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -extern int noshell; -extern int nogecos; -extern int nopw; -extern int make; -extern char make_arg[]; - -static void _pw_copy(int, int, struct passwd *); - -/* This is imported from OpenBSD's libutil because it's argument - * incompatible with NetBSD's. However, the NetBSD libutil is - * at least what the prototypes suggest is in System.framework, - * even though I can't find the code. I assume it will be there - * eventually. We need to use NetBSD's because it works with the - * pwd_mkdb binary that's shipped with Rhapsody. This is an area - * where OpenBSD diverges; however, we wanted to keep the OpenBSD - * rpc.yppasswdd because the rest of our YP code is from OpenBSD. - * What a mess. - */ -static void -_pw_copy(ffd, tfd, pw) - int ffd, tfd; - struct passwd *pw; -{ - FILE *from, *to; - int done; - char *p, buf[8192]; - - if (!(from = fdopen(ffd, "r"))) - pw_error(_PATH_MASTERPASSWD, 1, 1); - if (!(to = fdopen(tfd, "w"))) - pw_error(_PATH_MASTERPASSWD_LOCK, 1, 1); - - for (done = 0; fgets(buf, sizeof(buf), from);) { - if (!strchr(buf, '\n')) { - warnx("%s: line too long", _PATH_MASTERPASSWD); - pw_error(NULL, 0, 1); - } - if (done) { - (void)fprintf(to, "%s", buf); - if (ferror(to)) - goto err; - continue; - } - if (!(p = strchr(buf, ':'))) { - warnx("%s: corrupted entry", _PATH_MASTERPASSWD); - pw_error(NULL, 0, 1); - } - *p = '\0'; - if (strcmp(buf, pw->pw_name)) { - *p = ':'; - (void)fprintf(to, "%s", buf); - if (ferror(to)) - goto err; - continue; - } - (void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n", - pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, - pw->pw_class, pw->pw_change, pw->pw_expire, pw->pw_gecos, - pw->pw_dir, pw->pw_shell); - done = 1; - if (ferror(to)) - goto err; - } - if (!done) - (void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n", - pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, - pw->pw_class, pw->pw_change, pw->pw_expire, pw->pw_gecos, - pw->pw_dir, pw->pw_shell); - - if (ferror(to)) -err: - pw_error(NULL, 0, 1); - (void)fclose(to); -} - - -int -badchars(base) - char *base; -{ - int ampr = 0; - char *s; - - for (s = base; *s; s++) { - if (*s == '&') - ampr++; - if (!isprint(*s)) - return 1; - if (strchr(":\n\t\r", *s)) - return 1; - } - if (ampr > 10) - return 1; - return 0; -} - -int -subst(s, from, to) - char *s; - char from, to; -{ - int n = 0; - - while (*s) { - if (*s == from) { - *s = to; - n++; - } - s++; - } - return (n); -} - -int -make_passwd(argp) - yppasswd *argp; -{ - struct passwd pw; - int pfd, tfd; - char buf[10], *bp = NULL, *p, *t; - int n; - ssize_t cnt; - size_t resid; - struct stat st; - - pw_init(); - pfd = open(_PATH_MASTERPASSWD, O_RDONLY); - if (pfd < 0) - goto fail; - if (fstat(pfd, &st)) - goto fail; - p = bp = malloc((resid = st.st_size) + 1); - do { - cnt = read(pfd, p, resid); - if (cnt < 0) - goto fail; - p += cnt; - resid -= cnt; - } while (resid > 0); - close(pfd); - pfd = -1; - *p = '\0'; /* Buf oflow prevention */ - - p = bp; - subst(p, '\n', '\0'); - for (n = 1; p < bp + st.st_size; n++, p = t) { - t = strchr(p, '\0') + 1; - /* Rhapsody allows the passwd file to have comments in it. */ - if (p[0] == '#') { - continue; - } - cnt = subst(p, ':', '\0'); - if (cnt != 9) { - syslog(LOG_WARNING, "bad entry at line %d of %s", n, - _PATH_MASTERPASSWD); - continue; - } - - if (strcmp(p, argp->newpw.pw_name) == 0) - break; - } - if (p >= bp + st.st_size) - goto fail; - -#define EXPAND(e) e = p; while (*p++); - EXPAND(pw.pw_name); - EXPAND(pw.pw_passwd); - pw.pw_uid = atoi(p); EXPAND(t); - pw.pw_gid = atoi(p); EXPAND(t); - EXPAND(pw.pw_class); - pw.pw_change = (time_t)atol(p); EXPAND(t); - pw.pw_expire = (time_t)atol(p); EXPAND(t); - EXPAND(pw.pw_gecos); - EXPAND(pw.pw_dir); - EXPAND(pw.pw_shell); - - /* crypt() is broken under Rhapsody. It doesn't deal with - * empty keys or salts like other Unices. - */ - if (pw.pw_passwd[0] != '\0' && argp->oldpass != NULL && argp->oldpass[0] != '\0') { - if (strcmp(crypt(argp->oldpass, pw.pw_passwd), pw.pw_passwd) != 0) - goto fail; - } - - if (!nopw && badchars(argp->newpw.pw_passwd)) - goto fail; - if (!nogecos && badchars(argp->newpw.pw_gecos)) - goto fail; - if (!nogecos && badchars(argp->newpw.pw_shell)) - goto fail; - - /* - * Get the new password. Reset passwd change time to zero; when - * classes are implemented, go and get the "offset" value for this - * class and reset the timer. - */ - if (!nopw) { - pw.pw_passwd = argp->newpw.pw_passwd; - pw.pw_change = 0; - } - if (!nogecos) - pw.pw_gecos = argp->newpw.pw_gecos; - if (!noshell) - pw.pw_shell = argp->newpw.pw_shell; - - for (n = 0, p = pw.pw_gecos; *p; p++) - if (*p == '&') - n = n + strlen(pw.pw_name) - 1; - if (strlen(pw.pw_name) + 1 + strlen(pw.pw_passwd) + 1 + - strlen((sprintf(buf, "%d", pw.pw_uid), buf)) + 1 + - strlen((sprintf(buf, "%d", pw.pw_gid), buf)) + 1 + - strlen(pw.pw_gecos) + n + 1 + strlen(pw.pw_dir) + 1 + - strlen(pw.pw_shell) >= 1023) - goto fail; - - pfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0); - if (pfd < 0) { - syslog(LOG_ERR, "cannot open %s", _PATH_MASTERPASSWD); - goto fail; - } - - tfd = pw_lock(0); - if (tfd < 0) - goto fail; - - _pw_copy(pfd, tfd, &pw); - pw_mkdb(); - free(bp); - - if (fork() == 0) { - chdir("/var/yp"); - (void)umask(022); - system(make_arg); - exit(0); - } - return (0); - -fail: - if (bp) - free(bp); - if (pfd >= 0) - close(pfd); - return (1); -} diff --git a/rpc_yppasswdd.tproj/yppasswdd_proc.c b/rpc_yppasswdd.tproj/yppasswdd_proc.c deleted file mode 100644 index 2053263..0000000 --- a/rpc_yppasswdd.tproj/yppasswdd_proc.c +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yppasswdd_proc.c,v 1.5 1997/08/19 07:00:52 niklas Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: yppasswdd_proc.c,v 1.5 1997/08/19 07:00:52 niklas Exp $"; -#endif - -#include -#include -#include -#include - -#include "yppasswd.h" - -int make_passwd __P((yppasswd *)); - -int * -yppasswdproc_update_1_svc(argp, rqstp, transp) - yppasswd *argp; - struct svc_req *rqstp; - SVCXPRT *transp; -{ - static int res; - - bzero((char *)&res, sizeof(res)); - res = make_passwd(argp); - - if (!svc_sendreply(transp, xdr_int, (char *)&res)) - svcerr_systemerr(transp); - - if (!svc_freeargs(transp, xdr_yppasswd, (caddr_t) argp)) { - (void)fprintf(stderr, "unable to free arguments\n"); - exit(1); - } - return ((void *)&res); -} diff --git a/rpcinfo.tproj/Makefile b/rpcinfo.tproj/Makefile deleted file mode 100644 index 808dfe4..0000000 --- a/rpcinfo.tproj/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rpcinfo - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = rpcinfo.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble m.template\ - h.template - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /usr/bin -PDO_UNIX_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rpcinfo.tproj/Makefile.postamble b/rpcinfo.tproj/Makefile.postamble deleted file mode 100644 index 7ede358..0000000 --- a/rpcinfo.tproj/Makefile.postamble +++ /dev/null @@ -1,111 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# ENGLISH - boolean flag set iff $(LANGUAGE) = "English" -# JAPANESE - boolean flag set iff $(LANGUAGE) = "Japanese" -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder that output Makefile -# APPICON - application icon file -# DOCICONS - dock icon files -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A -#COMPATIBILITY_PROJECT_VERSION = 1 - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wall -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root # User/group ownership -#INSTALL_AS_GROUP = wheel # (probably want to set both of these) -#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S # for .a archives -#DYNAMIC_STRIP_OPTS = -S # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. - diff --git a/rpcinfo.tproj/Makefile.preamble b/rpcinfo.tproj/Makefile.preamble deleted file mode 100644 index 30aa1b5..0000000 --- a/rpcinfo.tproj/Makefile.preamble +++ /dev/null @@ -1,119 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set all three of these if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the specified dir on the -# specified public header files with the specified additional flags. Don't put -# $(DSTROOT) in PUBLIC_HEADER_DIR; this is done for you. -PUBLIC_HEADER_DIR = -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# A virtual root directory (other than /) to be prepended to the $(INSTALLDIR) -# passed from ProjectBuilder. -DSTROOT = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - -INSTALLDIR = /usr/sbin diff --git a/rpcinfo.tproj/PB.project b/rpcinfo.tproj/PB.project deleted file mode 100644 index 00a575f..0000000 --- a/rpcinfo.tproj/PB.project +++ /dev/null @@ -1,45 +0,0 @@ -{ - APPCLASS = NSApplication; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (); - LIBRARYSEARCH = (); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (rpcinfo.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, m.template, h.template); - PRECOMPILED_HEADERS = (); - PROJECT_HEADERS = (); - PUBLIC_HEADERS = (); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_MAINNIB = rpcinfo; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_MAINNIB = rpcinfo; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = rpcinfo; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_MAINNIB = rpcinfo; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/rpcinfo.tproj/h.template b/rpcinfo.tproj/h.template deleted file mode 100644 index 5dcbc5d..0000000 --- a/rpcinfo.tproj/h.template +++ /dev/null @@ -1,9 +0,0 @@ -$$ -/* $FILENAME$ created by $USERNAME$ on $DATE$ */ - -@interface $FILENAMESANSEXTENSION$ : Object -{ - -} - -@end diff --git a/rpcinfo.tproj/m.template b/rpcinfo.tproj/m.template deleted file mode 100644 index 1216fe5..0000000 --- a/rpcinfo.tproj/m.template +++ /dev/null @@ -1,18 +0,0 @@ -$$ Lines starting with $$ are not inserted into newly created files -$$ The following substitutions are made: -$$ -$$ $FILENAME$ e.g. foo.m -$$ $FILENAMESANSEXTENSION$ e.g. foo -$$ $DIRECTORY$ e.g. /tmp/MyNewApp -$$ $PROJECTNAME$ e.g. MyNewApp -$$ $SUBPROJECTNAME$ e.g. TheGoodPart.subproj -$$ $USERNAME$ e.g. mwagner -$$ $DATE$ e.g. Jan-1-1994 -$$ -/* $FILENAME$ created by $USERNAME$ on $DATE$ */ - -#import "$FILENAMESANSEXTENSION$.h" - -@implementation $FILENAMESANSEXTENSION$ - -@end diff --git a/rpcinfo.tproj/rpcinfo.c b/rpcinfo.tproj/rpcinfo.c deleted file mode 100644 index 3315bda..0000000 --- a/rpcinfo.tproj/rpcinfo.c +++ /dev/null @@ -1,690 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* @(#)rpcinfo.c 2.2 88/08/11 4.0 RPCSRC */ -#ifndef lint -static char sccsid[] = "@(#)rpcinfo.c 1.22 87/08/12 SMI"; -#endif - -/* - * Copyright (C) 1986, Sun Microsystems, Inc. - */ - -/* - * rpcinfo: ping a particular rpc program - * or dump the portmapper - */ - -/* - * Sun RPC is a product of Sun Microsystems, Inc. and is provided for - * unrestricted use provided that this legend is included on all tape - * media and as a part of the software program in whole or part. Users - * may copy or modify Sun RPC without charge, but are not authorized - * to license or distribute it to anyone else except as part of a product or - * program developed by the user. - * - * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE - * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR - * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * - * Sun RPC is provided with no support and without any obligation on the - * part of Sun Microsystems, Inc. to assist in its use, correction, - * modification or enhancement. - * - * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE - * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC - * OR ANY PART THEREOF. - * - * In no event will Sun Microsystems, Inc. be liable for any lost revenue - * or profits or other special, indirect and consequential damages, even if - * Sun has been advised of the possibility of such damages. - * - * Sun Microsystems, Inc. - * 2550 Garcia Avenue - * Mountain View, California 94043 - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define MAXHOSTLEN 256 - -#define MIN_VERS ((u_long) 0) -#define MAX_VERS ((u_long) 4294967295L) - -static void udpping(/*u_short portflag, int argc, char **argv*/); -static void tcpping(/*u_short portflag, int argc, char **argv*/); -static int pstatus(/*CLIENT *client, u_long prognum, u_long vers*/); -static void pmapdump(/*int argc, char **argv*/); -static bool_t reply_proc(/*void *res, struct sockaddr_in *who*/); -static void brdcst(/*int argc, char **argv*/); -static void deletereg(/* int argc, char **argv */) ; -static void usage(/*void*/); -static u_long getprognum(/*char *arg*/); -static u_long getvers(/*char *arg*/); -static void get_inet_address(/*struct sockaddr_in *addr, char *host*/); -extern u_long inet_addr(); /* in 4.2BSD, arpa/inet.h called that a in_addr */ -extern char *inet_ntoa(); - -/* - * Functions to be performed. - */ -#define NONE 0 /* no function */ -#define PMAPDUMP 1 /* dump portmapper registrations */ -#define TCPPING 2 /* ping TCP service */ -#define UDPPING 3 /* ping UDP service */ -#define BRDCST 4 /* ping broadcast UDP service */ -#define DELETES 5 /* delete registration for the service */ - -int -main(argc, argv) - int argc; - char **argv; -{ - register int c; - extern char *optarg; - extern int optind; - int errflg; - int function; - u_short portnum; - - function = NONE; - portnum = 0; - errflg = 0; - while ((c = getopt(argc, argv, "ptubdn:")) != EOF) { - switch (c) { - - case 'p': - if (function != NONE) - errflg = 1; - else - function = PMAPDUMP; - break; - - case 't': - if (function != NONE) - errflg = 1; - else - function = TCPPING; - break; - - case 'u': - if (function != NONE) - errflg = 1; - else - function = UDPPING; - break; - - case 'b': - if (function != NONE) - errflg = 1; - else - function = BRDCST; - break; - - case 'n': - portnum = (u_short) atoi(optarg); /* hope we don't get bogus # */ - break; - - case 'd': - if (function != NONE) - errflg = 1; - else - function = DELETES; - break; - - case '?': - errflg = 1; - } - } - - if (errflg || function == NONE) { - usage(); - return (1); - } - - switch (function) { - - case PMAPDUMP: - if (portnum != 0) { - usage(); - return (1); - } - pmapdump(argc - optind, argv + optind); - break; - - case UDPPING: - udpping(portnum, argc - optind, argv + optind); - break; - - case TCPPING: - tcpping(portnum, argc - optind, argv + optind); - break; - - case BRDCST: - if (portnum != 0) { - usage(); - return (1); - } - brdcst(argc - optind, argv + optind); - break; - - case DELETES: - deletereg(argc - optind, argv + optind); - break; - } - - return (0); -} - -static void -udpping(portnum, argc, argv) - u_short portnum; - int argc; - char **argv; -{ - struct timeval to; - struct sockaddr_in addr; - enum clnt_stat rpc_stat; - CLIENT *client; - u_long prognum, vers, minvers, maxvers; - int sock = RPC_ANYSOCK; - struct rpc_err rpcerr; - int failure; - - if (argc < 2 || argc > 3) { - usage(); - exit(1); - } - prognum = getprognum(argv[1]); - get_inet_address(&addr, argv[0]); - /* Open the socket here so it will survive calls to clnt_destroy */ - sock = socket( AF_INET, SOCK_DGRAM, IPPROTO_UDP); - if (sock < 0) { - perror("rpcinfo: socket"); - exit(1); - } - failure = 0; - if (argc == 2) { - /* - * A call to version 0 should fail with a program/version - * mismatch, and give us the range of versions supported. - */ - addr.sin_port = htons(portnum); - to.tv_sec = 5; - to.tv_usec = 0; - if ((client = clntudp_create(&addr, prognum, (u_long)0, - to, &sock)) == NULL) { - clnt_pcreateerror("rpcinfo"); - printf("program %lu is not available\n", - prognum); - exit(1); - } - to.tv_sec = 10; - to.tv_usec = 0; - rpc_stat = clnt_call(client, NULLPROC, xdr_void, (char *)NULL, - xdr_void, (char *)NULL, to); - if (rpc_stat == RPC_PROGVERSMISMATCH) { - clnt_geterr(client, &rpcerr); - minvers = rpcerr.re_vers.low; - maxvers = rpcerr.re_vers.high; - } else if (rpc_stat == RPC_SUCCESS) { - /* - * Oh dear, it DOES support version 0. - * Let's try version MAX_VERS. - */ - addr.sin_port = htons(portnum); - to.tv_sec = 5; - to.tv_usec = 0; - if ((client = clntudp_create(&addr, prognum, MAX_VERS, - to, &sock)) == NULL) { - clnt_pcreateerror("rpcinfo"); - printf("program %lu version %lu is not available\n", - prognum, MAX_VERS); - exit(1); - } - to.tv_sec = 10; - to.tv_usec = 0; - rpc_stat = clnt_call(client, NULLPROC, xdr_void, - (char *)NULL, xdr_void, (char *)NULL, to); - if (rpc_stat == RPC_PROGVERSMISMATCH) { - clnt_geterr(client, &rpcerr); - minvers = rpcerr.re_vers.low; - maxvers = rpcerr.re_vers.high; - } else if (rpc_stat == RPC_SUCCESS) { - /* - * It also supports version MAX_VERS. - * Looks like we have a wise guy. - * OK, we give them information on all - * 4 billion versions they support... - */ - minvers = 0; - maxvers = MAX_VERS; - } else { - (void) pstatus(client, prognum, MAX_VERS); - exit(1); - } - } else { - (void) pstatus(client, prognum, (u_long)0); - exit(1); - } - clnt_destroy(client); - for (vers = minvers; vers <= maxvers; vers++) { - addr.sin_port = htons(portnum); - to.tv_sec = 5; - to.tv_usec = 0; - if ((client = clntudp_create(&addr, prognum, vers, - to, &sock)) == NULL) { - clnt_pcreateerror("rpcinfo"); - printf("program %lu version %lu is not available\n", - prognum, vers); - exit(1); - } - to.tv_sec = 10; - to.tv_usec = 0; - rpc_stat = clnt_call(client, NULLPROC, xdr_void, - (char *)NULL, xdr_void, (char *)NULL, to); - if (pstatus(client, prognum, vers) < 0) - failure = 1; - clnt_destroy(client); - } - } - else { - vers = getvers(argv[2]); - addr.sin_port = htons(portnum); - to.tv_sec = 5; - to.tv_usec = 0; - if ((client = clntudp_create(&addr, prognum, vers, - to, &sock)) == NULL) { - clnt_pcreateerror("rpcinfo"); - printf("program %lu version %lu is not available\n", - prognum, vers); - exit(1); - } - to.tv_sec = 10; - to.tv_usec = 0; - rpc_stat = clnt_call(client, 0, xdr_void, (char *)NULL, - xdr_void, (char *)NULL, to); - if (pstatus(client, prognum, vers) < 0) - failure = 1; - } - (void) close(sock); /* Close it up again */ - if (failure) - exit(1); -} - -static void -tcpping(portnum, argc, argv) - u_short portnum; - int argc; - char **argv; -{ - struct timeval to; - struct sockaddr_in addr; - enum clnt_stat rpc_stat; - CLIENT *client; - u_long prognum, vers, minvers, maxvers; - int sock = RPC_ANYSOCK; - struct rpc_err rpcerr; - int failure; - - if (argc < 2 || argc > 3) { - usage(); - exit(1); - } - prognum = getprognum(argv[1]); - get_inet_address(&addr, argv[0]); - failure = 0; - if (argc == 2) { - /* - * A call to version 0 should fail with a program/version - * mismatch, and give us the range of versions supported. - */ - addr.sin_port = htons(portnum); - if ((client = clnttcp_create(&addr, prognum, MIN_VERS, - &sock, 0, 0)) == NULL) { - clnt_pcreateerror("rpcinfo"); - printf("program %lu is not available\n", - prognum); - exit(1); - } - to.tv_sec = 10; - to.tv_usec = 0; - rpc_stat = clnt_call(client, NULLPROC, xdr_void, (char *)NULL, - xdr_void, (char *)NULL, to); - if (rpc_stat == RPC_PROGVERSMISMATCH) { - clnt_geterr(client, &rpcerr); - minvers = rpcerr.re_vers.low; - maxvers = rpcerr.re_vers.high; - } else if (rpc_stat == RPC_SUCCESS) { - /* - * Oh dear, it DOES support version 0. - * Let's try version MAX_VERS. - */ - addr.sin_port = htons(portnum); - if ((client = clnttcp_create(&addr, prognum, MAX_VERS, - &sock, 0, 0)) == NULL) { - clnt_pcreateerror("rpcinfo"); - printf("program %lu version %lu is not available\n", - prognum, MAX_VERS); - exit(1); - } - to.tv_sec = 10; - to.tv_usec = 0; - rpc_stat = clnt_call(client, NULLPROC, xdr_void, - (char *)NULL, xdr_void, (char *)NULL, to); - if (rpc_stat == RPC_PROGVERSMISMATCH) { - clnt_geterr(client, &rpcerr); - minvers = rpcerr.re_vers.low; - maxvers = rpcerr.re_vers.high; - } else if (rpc_stat == RPC_SUCCESS) { - /* - * It also supports version MAX_VERS. - * Looks like we have a wise guy. - * OK, we give them information on all - * 4 billion versions they support... - */ - minvers = 0; - maxvers = MAX_VERS; - } else { - (void) pstatus(client, prognum, MAX_VERS); - exit(1); - } - } else { - (void) pstatus(client, prognum, MIN_VERS); - exit(1); - } - clnt_destroy(client); - (void) close(sock); - sock = RPC_ANYSOCK; /* Re-initialize it for later */ - for (vers = minvers; vers <= maxvers; vers++) { - addr.sin_port = htons(portnum); - if ((client = clnttcp_create(&addr, prognum, vers, - &sock, 0, 0)) == NULL) { - clnt_pcreateerror("rpcinfo"); - printf("program %lu version %lu is not available\n", - prognum, vers); - exit(1); - } - to.tv_usec = 0; - to.tv_sec = 10; - rpc_stat = clnt_call(client, 0, xdr_void, (char *)NULL, - xdr_void, (char *)NULL, to); - if (pstatus(client, prognum, vers) < 0) - failure = 1; - clnt_destroy(client); - (void) close(sock); - sock = RPC_ANYSOCK; - } - } - else { - vers = getvers(argv[2]); - addr.sin_port = htons(portnum); - if ((client = clnttcp_create(&addr, prognum, vers, &sock, - 0, 0)) == NULL) { - clnt_pcreateerror("rpcinfo"); - printf("program %lu version %lu is not available\n", - prognum, vers); - exit(1); - } - to.tv_usec = 0; - to.tv_sec = 10; - rpc_stat = clnt_call(client, 0, xdr_void, (char *)NULL, - xdr_void, (char *)NULL, to); - if (pstatus(client, prognum, vers) < 0) - failure = 1; - } - if (failure) - exit(1); -} - -/* - * This routine should take a pointer to an "rpc_err" structure, rather than - * a pointer to a CLIENT structure, but "clnt_perror" takes a pointer to - * a CLIENT structure rather than a pointer to an "rpc_err" structure. - * As such, we have to keep the CLIENT structure around in order to print - * a good error message. - */ -static int -pstatus(client, prognum, vers) - register CLIENT *client; - u_long prognum; - u_long vers; -{ - struct rpc_err rpcerr; - - clnt_geterr(client, &rpcerr); - if (rpcerr.re_status != RPC_SUCCESS) { - clnt_perror(client, "rpcinfo"); - printf("program %lu version %lu is not available\n", - prognum, vers); - return (-1); - } else { - printf("program %lu version %lu ready and waiting\n", - prognum, vers); - return (0); - } -} - -static void -pmapdump(argc, argv) - int argc; - char **argv; -{ - struct sockaddr_in server_addr; - register struct hostent *hp; - struct pmaplist *head = NULL; - int socket = RPC_ANYSOCK; - struct timeval minutetimeout; - register CLIENT *client; - struct rpcent *rpc; - - if (argc > 1) { - usage(); - exit(1); - } - if (argc == 1) - get_inet_address(&server_addr, argv[0]); - else { - bzero((char *)&server_addr, sizeof server_addr); - server_addr.sin_family = AF_INET; - if ((hp = gethostbyname("localhost")) != NULL) - bcopy(hp->h_addr, (caddr_t)&server_addr.sin_addr, - hp->h_length); - else - server_addr.sin_addr.s_addr = inet_addr("0.0.0.0"); - } - minutetimeout.tv_sec = 60; - minutetimeout.tv_usec = 0; - server_addr.sin_port = htons(PMAPPORT); - if ((client = clnttcp_create(&server_addr, PMAPPROG, - PMAPVERS, &socket, 50, 500)) == NULL) { - clnt_pcreateerror("rpcinfo: can't contact portmapper"); - exit(1); - } - if (clnt_call(client, PMAPPROC_DUMP, xdr_void, NULL, - xdr_pmaplist, &head, minutetimeout) != RPC_SUCCESS) { - fprintf(stderr, "rpcinfo: can't contact portmapper: "); - clnt_perror(client, "rpcinfo"); - exit(1); - } - if (head == NULL) { - printf("No remote programs registered.\n"); - } else { - printf(" program vers proto port\n"); - for (; head != NULL; head = head->pml_next) { - printf("%10ld%5ld", - head->pml_map.pm_prog, - head->pml_map.pm_vers); - if (head->pml_map.pm_prot == IPPROTO_UDP) - printf("%6s", "udp"); - else if (head->pml_map.pm_prot == IPPROTO_TCP) - printf("%6s", "tcp"); - else - printf("%6ld", head->pml_map.pm_prot); - printf("%7ld", head->pml_map.pm_port); - rpc = getrpcbynumber(head->pml_map.pm_prog); - if (rpc) - printf(" %s\n", rpc->r_name); - else - printf("\n"); - } - } -} - -/* - * reply_proc collects replies from the broadcast. - * to get a unique list of responses the output of rpcinfo should - * be piped through sort(1) and then uniq(1). - */ - -/*ARGSUSED*/ -static bool_t -reply_proc(res, who) - void *res; /* Nothing comes back */ - struct sockaddr_in *who; /* Who sent us the reply */ -{ - register struct hostent *hp; - - hp = gethostbyaddr((char *) &who->sin_addr, sizeof who->sin_addr, - AF_INET); - printf("%s %s\n", inet_ntoa(who->sin_addr), - (hp == NULL) ? "(unknown)" : hp->h_name); - return(FALSE); -} - -static void -brdcst(argc, argv) - int argc; - char **argv; -{ - enum clnt_stat rpc_stat; - u_long prognum, vers; - - if (argc != 2) { - usage(); - exit(1); - } - prognum = getprognum(argv[0]); - vers = getvers(argv[1]); - rpc_stat = clnt_broadcast(prognum, vers, NULLPROC, xdr_void, - (char *)NULL, xdr_void, (char *)NULL, reply_proc); - if ((rpc_stat != RPC_SUCCESS) && (rpc_stat != RPC_TIMEDOUT)) { - fprintf(stderr, "rpcinfo: broadcast failed: %s\n", - clnt_sperrno(rpc_stat)); - exit(1); - } - exit(0); -} - -static void -deletereg(argc, argv) - int argc; - char **argv; -{ u_long prog_num, version_num ; - - if (argc != 2) { - usage() ; - exit(1) ; - } - if (getuid()) { /* This command allowed only to root */ - fprintf(stderr, "Sorry. You are not root\n") ; - exit(1) ; - } - prog_num = getprognum(argv[0]); - version_num = getvers(argv[1]); - if ((pmap_unset(prog_num, version_num)) == 0) { - fprintf(stderr, "rpcinfo: Could not delete registration for prog %s version %s\n", - argv[0], argv[1]) ; - exit(1) ; - } -} - -static void -usage() -{ - fprintf(stderr, "Usage: rpcinfo [ -n portnum ] -u host prognum [ versnum ]\n"); - fprintf(stderr, " rpcinfo [ -n portnum ] -t host prognum [ versnum ]\n"); - fprintf(stderr, " rpcinfo -p [ host ]\n"); - fprintf(stderr, " rpcinfo -b prognum versnum\n"); - fprintf(stderr, " rpcinfo -d prognum versnum\n") ; -} - -static u_long -getprognum(arg) - char *arg; -{ - register struct rpcent *rpc; - register u_long prognum; - - if (isalpha(*arg)) { - rpc = getrpcbyname(arg); - if (rpc == NULL) { - fprintf(stderr, "rpcinfo: %s is unknown service\n", - arg); - exit(1); - } - prognum = rpc->r_number; - } else { - prognum = (u_long) atoi(arg); - } - - return (prognum); -} - -static u_long -getvers(arg) - char *arg; -{ - register u_long vers; - - vers = (int) atoi(arg); - return (vers); -} - -static void -get_inet_address(addr, host) - struct sockaddr_in *addr; - char *host; -{ - register struct hostent *hp; - - bzero((char *)addr, sizeof *addr); - addr->sin_addr.s_addr = (u_long) inet_addr(host); - if (addr->sin_addr.s_addr == -1 || addr->sin_addr.s_addr == 0) { - if ((hp = gethostbyname(host)) == NULL) { - fprintf(stderr, "rpcinfo: %s is unknown host\n", host); - exit(1); - } - bcopy(hp->h_addr, (char *)&addr->sin_addr, hp->h_length); - } - addr->sin_family = AF_INET; -} diff --git a/rsh.tproj/Makefile b/rsh.tproj/Makefile deleted file mode 100644 index fcb81ac..0000000 --- a/rsh.tproj/Makefile +++ /dev/null @@ -1,50 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rsh - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = - -CFILES = rsh.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble rsh.1 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /usr/bin -PDO_UNIX_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rsh.tproj/Makefile.postamble b/rsh.tproj/Makefile.postamble deleted file mode 100644 index 8e11482..0000000 --- a/rsh.tproj/Makefile.postamble +++ /dev/null @@ -1,7 +0,0 @@ -VPATH += :../rlogin.tproj -INSTALL_PERMISSIONS = 4555 - -after_install:: - $(CHFLAGS) schg $(DSTROOT)$(INSTALLDIR)/$(NAME) - install -d $(DSTROOT)/usr/share/man/man1 - install -c -m 444 rsh.1 $(DSTROOT)/usr/share/man/man1/rsh.1 diff --git a/rsh.tproj/Makefile.preamble b/rsh.tproj/Makefile.preamble deleted file mode 100644 index 3fec41b..0000000 --- a/rsh.tproj/Makefile.preamble +++ /dev/null @@ -1,5 +0,0 @@ -#RLOGIN_CFILES = krcmd.c des_rw.c -#OTHER_OFILES = $(RLOGIN_CFILES:.c=.o) -OTHER_GENERATED_OFILES = $(VERS_OFILE) -OTHER_CFLAGS = -D_PATH_RLOGIN=\"/usr/bin/rlogin\" --include ../Makefile.include diff --git a/rsh.tproj/PB.project b/rsh.tproj/PB.project deleted file mode 100644 index 33594fc..0000000 --- a/rsh.tproj/PB.project +++ /dev/null @@ -1,30 +0,0 @@ -{ - APPCLASS = NSApplication; - FILESTABLE = { - CLASSES = (); - FRAMEWORKS = (); - H_FILES = (pathnames.h); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (rsh.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, rsh.1); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_MAINNIB = rsh; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_INSTALLDIR = /usr/bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_MAINNIB = rsh; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = rsh; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_INSTALLDIR = /usr/bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_MAINNIB = rsh; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/rsh.tproj/rsh.1 b/rsh.tproj/rsh.1 deleted file mode 100644 index 2144cba..0000000 --- a/rsh.tproj/rsh.1 +++ /dev/null @@ -1,174 +0,0 @@ -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rsh.1 8.1 (Berkeley) 6/6/93 -.\" $FreeBSD: src/usr.bin/rsh/rsh.1,v 1.17 2002/04/20 12:16:41 charnier Exp $ -.\" -.Dd June 6, 1993 -.Dt RSH 1 -.Os -.Sh NAME -.Nm rsh -.Nd remote shell -.Sh SYNOPSIS -.Nm -.Op Fl 46dn -.Op Fl t Ar timeout -.Op Fl l Ar username -.Ar host -.Op command -.Sh DESCRIPTION -The -.Nm -utility executes -.Ar command -on -.Ar host . -.Pp -The -.Nm -utility copies its standard input to the remote command, the standard -output of the remote command to its standard output, and the -standard error of the remote command to its standard error. -Interrupt, quit and terminate signals are propagated to the remote -command; -.Nm -normally terminates when the remote command does. -The options are as follows: -.Bl -tag -width flag -.It Fl 4 -Use IPv4 addresses only. -.It Fl 6 -Use IPv6 addresses only. -.It Fl d -Turn on socket debugging (using -.Xr setsockopt 2 ) -on the -.Tn TCP -sockets used for communication with the remote host. -.It Fl l Ar username -Allow the remote -.Ar username -to be specified. -By default, the remote username is the same as the local username. -.It Fl n -Redirect input from the special device -.Pa /dev/null -(see the -.Sx BUGS -section of this manual page). -.It Fl t Ar timeout -Allow a -.Ar timeout -to be specified (in seconds). If no -data is sent or received in this time, -.Nm -will exit. -.El -.Pp -If no -.Ar command -is specified, you will be logged in on the remote host using -.Xr rlogin 1 . -.Pp -Shell metacharacters which are not quoted are interpreted on local machine, -while quoted metacharacters are interpreted on the remote machine. -For example, the command -.Pp -.Dl rsh otherhost cat remotefile >> localfile -.Pp -appends the remote file -.Ar remotefile -to the local file -.Ar localfile , -while -.Pp -.Dl rsh otherhost cat remotefile \&">>\&" other_remotefile -.Pp -appends -.Ar remotefile -to -.Ar other_remotefile . -.\" .Pp -.\" Many sites specify a large number of host names as commands in the -.\" directory /usr/hosts. -.\" If this directory is included in your search path, you can use the -.\" shorthand ``host command'' for the longer form ``rsh host command''. -.Sh FILES -.Bl -tag -width /etc/hosts -compact -.It Pa /etc/hosts -.It Pa /etc/auth.conf -.El -.Sh SEE ALSO -.Xr rlogin 1 , -.Xr setsockopt 2 , -.Xr rcmd 3 , -.Xr ruserok 3 , -.Xr auth.conf 5 , -.Xr hosts 5 , -.Xr hosts.equiv 5 , -.Xr rlogind 8 , -.Xr rshd 8 -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . -.Sh BUGS -If you are using -.Xr csh 1 -and put a -.Nm -in the background without redirecting its input away from the terminal, -it will block even if no reads are posted by the remote command. -If no input is desired you should redirect the input of -.Nm -to -.Pa /dev/null -using the -.Fl n -option. -.Pp -You cannot run an interactive command -(like -.Xr rogue 6 -or -.Xr vi 1 ) -using -.Nm ; -use -.Xr rlogin 1 -instead. -.Pp -Stop signals stop the local -.Nm -process only; this is arguably wrong, but currently hard to fix for reasons -too complicated to explain here. diff --git a/rsh.tproj/rsh.c b/rsh.tproj/rsh.c deleted file mode 100644 index 7bb4033..0000000 --- a/rsh.tproj/rsh.c +++ /dev/null @@ -1,373 +0,0 @@ -/*- - * Copyright (c) 1983, 1990, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * Copyright (c) 2002 Networks Associates Technology, Inc. - * All rights reserved. - * - * Portions of this software were developed for the FreeBSD Project by - * ThinkSec AS and NAI Labs, the Security Research Division of Network - * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 - * ("CBOSS"), as part of the DARPA CHATS research program. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static const char copyright[] = -"@(#) Copyright (c) 1983, 1990, 1993, 1994\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -static const char sccsid[] = "From: @(#)rsh.c 8.3 (Berkeley) 4/6/94"; -#endif /* not lint */ - -#include - -#include -#include -#include -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/* - * rsh - remote shell - */ -int rfd2; - -int family = PF_UNSPEC; -char rlogin[] = "rlogin"; - -void connect_timeout(int); -char *copyargs(char * const *); -void sendsig(int); -void talk(int, long, pid_t, int, int); -void usage(void); - -int -main(int argc, char *argv[]) -{ - struct passwd const *pw; - struct servent const *sp; - long omask; - int argoff, asrsh, ch, dflag, nflag, one, rem; - pid_t pid = 0; - uid_t uid; - char *args, *host, *p, *user; - int timeout = 0; - - argoff = asrsh = dflag = nflag = 0; - one = 1; - host = user = NULL; - - /* if called as something other than "rsh", use it as the host name */ - if ((p = strrchr(argv[0], '/'))) - ++p; - else - p = argv[0]; - if (strcmp(p, "rsh")) - host = p; - else - asrsh = 1; - - /* handle "rsh host flags" */ - if (!host && argc > 2 && argv[1][0] != '-') { - host = argv[1]; - argoff = 1; - } - -#define OPTIONS "468KLde:l:nt:w" - while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1) - switch(ch) { - case '4': - family = PF_INET; - break; - - case '6': - family = PF_INET6; - break; - - case 'L': /* -8Lew are ignored to allow rlogin aliases */ - case 'e': - case 'w': - case '8': - break; - case 'd': - dflag = 1; - break; - case 'l': - user = optarg; - break; - case 'n': - nflag = 1; - break; - case 't': - timeout = atoi(optarg); - break; - case '?': - default: - usage(); - } - optind += argoff; - - /* if haven't gotten a host yet, do so */ - if (!host && !(host = argv[optind++])) - usage(); - - /* if no further arguments, must have been called as rlogin. */ - if (!argv[optind]) { - if (asrsh) - *argv = rlogin; - execv(_PATH_RLOGIN, argv); - err(1, "can't exec %s", _PATH_RLOGIN); - } - - argc -= optind; - argv += optind; - - if (!(pw = getpwuid(uid = getuid()))) - errx(1, "unknown user id"); - if (!user) - user = pw->pw_name; - - args = copyargs(argv); - - sp = NULL; - if (sp == NULL) - sp = getservbyname("shell", "tcp"); - if (sp == NULL) - errx(1, "shell/tcp: unknown service"); - - if (timeout) { - signal(SIGALRM, connect_timeout); - alarm(timeout); - } - rem = rcmd_af(&host, sp->s_port, pw->pw_name, user, args, &rfd2, - family); - if (timeout) { - signal(SIGALRM, SIG_DFL); - alarm(0); - } - - if (rem < 0) - exit(1); - - if (rfd2 < 0) - errx(1, "can't establish stderr"); - if (dflag) { - if (setsockopt(rem, SOL_SOCKET, SO_DEBUG, &one, - sizeof(one)) < 0) - warn("setsockopt"); - if (setsockopt(rfd2, SOL_SOCKET, SO_DEBUG, &one, - sizeof(one)) < 0) - warn("setsockopt"); - } - - (void)setuid(uid); - omask = sigblock(sigmask(SIGINT)|sigmask(SIGQUIT)|sigmask(SIGTERM)); - if (signal(SIGINT, SIG_IGN) != SIG_IGN) - (void)signal(SIGINT, sendsig); - if (signal(SIGQUIT, SIG_IGN) != SIG_IGN) - (void)signal(SIGQUIT, sendsig); - if (signal(SIGTERM, SIG_IGN) != SIG_IGN) - (void)signal(SIGTERM, sendsig); - - if (!nflag) { - pid = fork(); - if (pid < 0) - err(1, "fork"); - } - else - (void)shutdown(rem, 1); - - (void)ioctl(rfd2, FIONBIO, &one); - (void)ioctl(rem, FIONBIO, &one); - - talk(nflag, omask, pid, rem, timeout); - - if (!nflag) - (void)kill(pid, SIGKILL); - exit(0); -} - -void -talk(int nflag, long omask, pid_t pid, int rem, int timeout) -{ - int cc, wc; - fd_set readfrom, ready, rembits; - char buf[BUFSIZ]; - const char *bp; - struct timeval tvtimeout; - int nfds, srval; - - if (!nflag && pid == 0) { - (void)close(rfd2); - -reread: errno = 0; - if ((cc = read(0, buf, sizeof buf)) <= 0) - goto done; - bp = buf; - -rewrite: - if (rem >= FD_SETSIZE) - errx(1, "descriptor too big"); - FD_ZERO(&rembits); - FD_SET(rem, &rembits); - nfds = rem + 1; - if (select(nfds, 0, &rembits, 0, 0) < 0) { - if (errno != EINTR) - err(1, "select"); - goto rewrite; - } - if (!FD_ISSET(rem, &rembits)) - goto rewrite; - wc = write(rem, bp, cc); - if (wc < 0) { - if (errno == EWOULDBLOCK) - goto rewrite; - goto done; - } - bp += wc; - cc -= wc; - if (cc == 0) - goto reread; - goto rewrite; -done: - (void)shutdown(rem, 1); - exit(0); - } - - tvtimeout.tv_sec = timeout; - tvtimeout.tv_usec = 0; - - (void)sigsetmask(omask); - if (rfd2 >= FD_SETSIZE || rem >= FD_SETSIZE) - errx(1, "descriptor too big"); - FD_ZERO(&readfrom); - FD_SET(rfd2, &readfrom); - FD_SET(rem, &readfrom); - nfds = MAX(rfd2+1, rem+1); - do { - ready = readfrom; - if (timeout) { - srval = select(nfds, &ready, 0, 0, &tvtimeout); - } else { - srval = select(nfds, &ready, 0, 0, 0); - } - - if (srval < 0) { - if (errno != EINTR) - err(1, "select"); - continue; - } - if (srval == 0) - errx(1, "timeout reached (%d seconds)\n", timeout); - if (FD_ISSET(rfd2, &ready)) { - errno = 0; - cc = read(rfd2, buf, sizeof buf); - if (cc <= 0) { - if (errno != EWOULDBLOCK) - FD_CLR(rfd2, &readfrom); - } else - (void)write(STDERR_FILENO, buf, cc); - } - if (FD_ISSET(rem, &ready)) { - errno = 0; - cc = read(rem, buf, sizeof buf); - if (cc <= 0) { - if (errno != EWOULDBLOCK) - FD_CLR(rem, &readfrom); - } else - (void)write(STDOUT_FILENO, buf, cc); - } - } while (FD_ISSET(rfd2, &readfrom) || FD_ISSET(rem, &readfrom)); -} - -void -connect_timeout(int sig) -{ - char message[] = "timeout reached before connection completed.\n"; - - write(STDERR_FILENO, message, sizeof(message) - 1); - _exit(1); -} - -void -sendsig(int sig) -{ - char signo; - - signo = sig; - (void)write(rfd2, &signo, 1); -} - -char * -copyargs(char * const *argv) -{ - int cc; - char *args, *p; - char * const *ap; - - cc = 0; - for (ap = argv; *ap; ++ap) - cc += strlen(*ap) + 1; - if (!(args = malloc((u_int)cc))) - err(1, NULL); - for (p = args, ap = argv; *ap; ++ap) { - (void)strcpy(p, *ap); - for (p = strcpy(p, *ap); *p; ++p); - if (ap[1]) - *p++ = ' '; - } - return (args); -} - -void -usage(void) -{ - - (void)fprintf(stderr, - "usage: rsh [-46] [-nd] [-l login] [-t timeout] host [command]\n"); - exit(1); -} diff --git a/rshd.tproj/Makefile b/rshd.tproj/Makefile deleted file mode 100644 index 8b293c0..0000000 --- a/rshd.tproj/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rshd - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = rshd.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble rshd.8 shell.plist - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/libexec -WINDOWS_INSTALLDIR = /usr/libexec -PDO_UNIX_INSTALLDIR = /usr/libexec -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rshd.tproj/Makefile.postamble b/rshd.tproj/Makefile.postamble deleted file mode 100644 index b1f0957..0000000 --- a/rshd.tproj/Makefile.postamble +++ /dev/null @@ -1,118 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# ENGLISH - boolean flag set iff $(LANGUAGE) = "English" -# JAPANESE - boolean flag set iff $(LANGUAGE) = "Japanese" -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder that output Makefile -# APPICON - application icon file -# DOCICONS - dock icon files -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A -#COMPATIBILITY_PROJECT_VERSION = 1 - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wall -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root # User/group ownership -#INSTALL_AS_GROUP = wheel # (probably want to set both of these) -#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S # for .a archives -#DYNAMIC_STRIP_OPTS = -S # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. - -VPATH += :../rlogin.tproj - -after_install: - install -d $(DSTROOT)/usr/share/man/man8 - install -c -m 444 rshd.8 $(DSTROOT)/usr/share/man/man8/rshd.8 - mkdir -p "$(DSTROOT)/System/Library/LaunchDaemons" - cp shell.plist "$(DSTROOT)/System/Library/LaunchDaemons/" diff --git a/rshd.tproj/Makefile.preamble b/rshd.tproj/Makefile.preamble deleted file mode 100644 index 6301c77..0000000 --- a/rshd.tproj/Makefile.preamble +++ /dev/null @@ -1,119 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set all three of these if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the specified dir on the -# specified public header files with the specified additional flags. Don't put -# $(DSTROOT) in PUBLIC_HEADER_DIR; this is done for you. -PUBLIC_HEADER_DIR = -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# A virtual root directory (other than /) to be prepended to the $(INSTALLDIR) -# passed from ProjectBuilder. -DSTROOT = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - -OTHER_OFILES = des_rw.o - --include ../Makefile.include diff --git a/rshd.tproj/PB.project b/rshd.tproj/PB.project deleted file mode 100644 index 1252083..0000000 --- a/rshd.tproj/PB.project +++ /dev/null @@ -1,42 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (rshd.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, rshd.8); - PRECOMPILED_HEADERS = (); - PROJECT_HEADERS = (); - PUBLIC_HEADERS = (); - SUBPROJECTS = (); - }; - GENERATEMAIN = YES; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_DOCUMENTEXTENSIONS = (); - NEXTSTEP_INSTALLDIR = /usr/libexec; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/libexec; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = rshd; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/libexec; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/rshd.tproj/rshd.8 b/rshd.tproj/rshd.8 deleted file mode 100644 index 82e1991..0000000 --- a/rshd.tproj/rshd.8 +++ /dev/null @@ -1,209 +0,0 @@ -.\" Copyright (c) 1983, 1989, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rshd.8 8.1 (Berkeley) 6/4/93 -.\" -.Dd June 4, 1993 -.Dt RSHD 8 -.Os BSD 4.2 -.Sh NAME -.Nm rshd -.Nd remote shell server -.Sh SYNOPSIS -.Nm rshd -.Op Fl alnL -.Sh DESCRIPTION -The -.Nm rshd -server -is the server for the -.Xr rcmd 3 -routine and, consequently, for the -.Xr rsh 1 -program. The server provides remote execution facilities -with authentication based on privileged port numbers from trusted hosts. -.Pp -The -.Nm rshd -server -listens for service requests at the port indicated in -the ``cmd'' service specification; see -.Xr services 5 . -When a service request is received the following protocol -is initiated: -.Bl -enum -.It -The server checks the client's source port. -If the port is not in the range 512-1023, the server -aborts the connection. -.It -The server reads characters from the socket up -to a null (`\e0') byte. The resultant string is -interpreted as an -.Tn ASCII -number, base 10. -.It -If the number received in step 2 is non-zero, -it is interpreted as the port number of a secondary -stream to be used for the -.Em stderr . -A second connection is then created to the specified -port on the client's machine. The source port of this -second connection is also in the range 512-1023. -.It -The server checks the client's source address -and requests the corresponding host name (see -.Xr gethostbyaddr 3 , -.Xr hosts 5 -and -.Xr named 8 ) . -If the hostname cannot be determined, -the dot-notation representation of the host address is used. -If the hostname is in the same domain as the server (according to -the last two components of the domain name), -or if the -.Fl a -option is given, -the addresses for the hostname are requested, -verifying that the name and address correspond. -If address verification fails, the connection is aborted -with the message, ``Host address mismatch.'' -.It -A null terminated user name of at most 16 characters -is retrieved on the initial socket. This user name -is interpreted as the user identity on the -.Em client Ns 's -machine. -.It -A null terminated user name of at most 16 characters -is retrieved on the initial socket. This user name -is interpreted as a user identity to use on the -.Sy server Ns 's -machine. -.It -A null terminated command to be passed to a -shell is retrieved on the initial socket. The length of -the command is limited by the upper bound on the size of -the system's argument list. -.It -.Nm Rshd -then validates the user using -.Xr ruserok 3 , -which uses the file -.Pa /etc/hosts.equiv -and the -.Pa .rhosts -file found in the user's home directory. The -.Fl l -option prevents -.Xr ruserok 3 -from doing any validation based on the user's ``.rhosts'' file, -unless the user is the superuser. -.It -If the file -.Pa /etc/nologin -exists and the user is not the superuser, -the connection is closed. -.It -A null byte is returned on the initial socket -and the command line is passed to the normal login -shell of the user. The -shell inherits the network connections established -by -.Nm rshd . -.El -.Pp -Transport-level keepalive messages are enabled unless the -.Fl n -option is present. -The use of keepalive messages allows sessions to be timed out -if the client crashes or becomes unreachable. -.Pp -The -.Fl L -option causes all successful accesses to be logged to -.Xr syslogd 8 -as -.Li auth.info -messages. -.Sh DIAGNOSTICS -Except for the last one listed below, -all diagnostic messages -are returned on the initial socket, -after which any network connections are closed. -An error is indicated by a leading byte with a value of -1 (0 is returned in step 10 above upon successful completion -of all the steps prior to the execution of the login shell). -.Bl -tag -width indent -.It Sy Locuser too long. -The name of the user on the client's machine is -longer than 16 characters. -.It Sy Ruser too long. -The name of the user on the remote machine is -longer than 16 characters. -.It Sy Command too long . -The command line passed exceeds the size of the argument -list (as configured into the system). -.It Sy Login incorrect. -No password file entry for the user name existed. -.It Sy Remote directory. -The -.Xr chdir -command to the home directory failed. -.It Sy Permission denied. -The authentication procedure described above failed. -.It Sy Can't make pipe. -The pipe needed for the -.Em stderr , -wasn't created. -.It Sy Can't fork; try again. -A -.Xr fork -by the server failed. -.It Sy : ... -The user's login shell could not be started. This message is returned -on the connection associated with the -.Em stderr , -and is not preceded by a flag byte. -.El -.Sh SEE ALSO -.Xr rsh 1 , -.Xr rcmd 3 , -.Xr ruserok 3 -.Sh BUGS -The authentication procedure used here assumes the integrity -of each client machine and the connecting medium. This is -insecure, but is useful in an ``open'' environment. -.Pp -A facility to allow all data exchanges to be encrypted should be -present. -.Pp -A more extensible protocol (such as Telnet) should be used. diff --git a/rshd.tproj/rshd.c b/rshd.tproj/rshd.c deleted file mode 100644 index 7e8d10c..0000000 --- a/rshd.tproj/rshd.c +++ /dev/null @@ -1,809 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1988, 1989, 1992, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1988, 1989, 1992, 1993, 1994\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -static char sccsid[] = "@(#)rshd.c 8.2 (Berkeley) 4/6/94"; -#endif /* not lint */ - -/* - * remote shell server: - * [port]\0 - * remuser\0 - * locuser\0 - * command\0 - * data - */ -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -int keepalive = 1; -int check_all; -int log_success; /* If TRUE, log all successful accesses */ -int sent_null; - -void doit __P((struct sockaddr_in *)); -void error __P((const char *, ...)); -void getstr __P((char *, int, char *)); -int local_domain __P((char *)); -char *topdomain __P((char *)); -void usage __P((void)); - -#ifdef KERBEROS -#include -#include -#define VERSION_SIZE 9 -#define SECURE_MESSAGE "This rsh session is using DES encryption for all transmissions.\r\n" -#define OPTIONS "alnkvxL" -char authbuf[sizeof(AUTH_DAT)]; -char tickbuf[sizeof(KTEXT_ST)]; -int doencrypt, use_kerberos, vacuous; -Key_schedule schedule; -#else -#define OPTIONS "alnL" -#endif - -int -main(argc, argv) - int argc; - char *argv[]; -{ - extern int __check_rhosts_file; - struct linger linger; - int ch, on = 1, fromlen; - struct sockaddr_in from; - - openlog("rshd", LOG_PID | LOG_ODELAY, LOG_DAEMON); - - opterr = 0; - while ((ch = getopt(argc, argv, OPTIONS)) != EOF) - switch (ch) { - case 'a': - check_all = 1; - break; - case 'l': - __check_rhosts_file = 0; - break; - case 'n': - keepalive = 0; - break; -#ifdef KERBEROS - case 'k': - use_kerberos = 1; - break; - - case 'v': - vacuous = 1; - break; - -#ifdef CRYPT - case 'x': - doencrypt = 1; - break; -#endif -#endif - case 'L': - log_success = 1; - break; - case '?': - default: - usage(); - break; - } - - argc -= optind; - argv += optind; - -#ifdef KERBEROS - if (use_kerberos && vacuous) { - syslog(LOG_ERR, "only one of -k and -v allowed"); - exit(2); - } -#ifdef CRYPT - if (doencrypt && !use_kerberos) { - syslog(LOG_ERR, "-k is required for -x"); - exit(2); - } -#endif -#endif - - fromlen = sizeof (from); - if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) { - syslog(LOG_ERR, "getpeername: %m"); - _exit(1); - } - if (keepalive && - setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (char *)&on, - sizeof(on)) < 0) - syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); - linger.l_onoff = 1; - linger.l_linger = 60; /* XXX */ - if (setsockopt(0, SOL_SOCKET, SO_LINGER, (char *)&linger, - sizeof (linger)) < 0) - syslog(LOG_WARNING, "setsockopt (SO_LINGER): %m"); - doit(&from); - /* NOTREACHED */ -} - -char username[20] = "USER="; -char homedir[64] = "HOME="; -char shell[64] = "SHELL="; -char path[100] = "PATH="; -char *envinit[] = - {homedir, shell, path, username, 0}; -#ifdef __APPLE__ -extern -#endif -char **environ; - -void -doit(fromp) - struct sockaddr_in *fromp; -{ - extern char *__rcmd_errstr; /* syslog hook from libc/net/rcmd.c. */ - struct hostent *hp; - struct passwd *pwd; - u_short port; - fd_set ready, readfrom; - int cc, nfd, pv[2], pid, s; - int one = 1; - char *hostname, *errorstr, *errorhost; - char *cp, sig, buf[BUFSIZ]; - char cmdbuf[NCARGS+1], locuser[16], remuser[16]; - char remotehost[2 * MAXHOSTNAMELEN + 1]; - -#ifdef KERBEROS - AUTH_DAT *kdata = (AUTH_DAT *) NULL; - KTEXT ticket = (KTEXT) NULL; - char instance[INST_SZ], version[VERSION_SIZE]; - struct sockaddr_in fromaddr; - int rc; - long authopts; - int pv1[2], pv2[2]; - fd_set wready, writeto; - - fromaddr = *fromp; -#endif - - (void) signal(SIGINT, SIG_DFL); - (void) signal(SIGQUIT, SIG_DFL); - (void) signal(SIGTERM, SIG_DFL); -#ifdef DEBUG - { int t = open(_PATH_TTY, 2); - if (t >= 0) { - ioctl(t, TIOCNOTTY, (char *)0); - (void) close(t); - } - } -#endif - fromp->sin_port = ntohs((u_short)fromp->sin_port); - if (fromp->sin_family != AF_INET) { - syslog(LOG_ERR, "malformed \"from\" address (af %d)", - fromp->sin_family); - exit(1); - } -#ifdef IP_OPTIONS - { - u_char optbuf[BUFSIZ/3], *cp; - char lbuf[BUFSIZ], *lp; - int optsize = sizeof(optbuf), ipproto; - struct protoent *ip; - - if ((ip = getprotobyname("ip")) != NULL) - ipproto = ip->p_proto; - else - ipproto = IPPROTO_IP; - if (!getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, &optsize) && - optsize != 0) { - lp = lbuf; - for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3) - sprintf(lp, " %2.2x", *cp); - syslog(LOG_NOTICE, - "Connection received from %s using IP options (ignored):%s", - inet_ntoa(fromp->sin_addr), lbuf); - if (setsockopt(0, ipproto, IP_OPTIONS, - (char *)NULL, optsize) != 0) { - syslog(LOG_ERR, "setsockopt IP_OPTIONS NULL: %m"); - exit(1); - } - } - } -#endif - -#ifdef KERBEROS - if (!use_kerberos) -#endif - if (fromp->sin_port >= IPPORT_RESERVED || - fromp->sin_port < IPPORT_RESERVED/2) { - syslog(LOG_NOTICE|LOG_AUTH, - "Connection from %s on illegal port %u", - inet_ntoa(fromp->sin_addr), - fromp->sin_port); - exit(1); - } - - (void) alarm(60); - port = 0; - for (;;) { - char c; - if ((cc = read(STDIN_FILENO, &c, 1)) != 1) { - if (cc < 0) - syslog(LOG_NOTICE, "read: %m"); - shutdown(0, 1+1); - exit(1); - } - if (c== 0) - break; - port = port * 10 + c - '0'; - } - - (void) alarm(0); - if (port != 0) { - int lport = IPPORT_RESERVED - 1; - s = rresvport(&lport); - if (s < 0) { - syslog(LOG_ERR, "can't get stderr port: %m"); - exit(1); - } -#ifdef KERBEROS - if (!use_kerberos) -#endif - if (port >= IPPORT_RESERVED) { - syslog(LOG_ERR, "2nd port not reserved"); - exit(1); - } - fromp->sin_port = htons(port); - if (connect(s, (struct sockaddr *)fromp, sizeof (*fromp)) < 0) { - syslog(LOG_INFO, "connect second port %d: %m", port); - exit(1); - } - } - -#ifdef KERBEROS - if (vacuous) { - error("rshd: remote host requires Kerberos authentication\n"); - exit(1); - } -#endif - -#ifdef notdef - /* from inetd, socket is already on 0, 1, 2 */ - dup2(f, 0); - dup2(f, 1); - dup2(f, 2); -#endif - errorstr = NULL; - hp = gethostbyaddr((char *)&fromp->sin_addr, sizeof (struct in_addr), - fromp->sin_family); - if (hp) { - /* - * If name returned by gethostbyaddr is in our domain, - * attempt to verify that we haven't been fooled by someone - * in a remote net; look up the name and check that this - * address corresponds to the name. - */ - hostname = hp->h_name; -#ifdef KERBEROS - if (!use_kerberos) -#endif - if (check_all || local_domain(hp->h_name)) { - strncpy(remotehost, hp->h_name, sizeof(remotehost) - 1); - remotehost[sizeof(remotehost) - 1] = 0; - errorhost = remotehost; - hp = gethostbyname(remotehost); - if (hp == NULL) { - syslog(LOG_INFO, - "Couldn't look up address for %s", - remotehost); - errorstr = - "Couldn't look up address for your host (%s)\n"; - hostname = inet_ntoa(fromp->sin_addr); - } else for (; ; hp->h_addr_list++) { - if (hp->h_addr_list[0] == NULL) { - syslog(LOG_NOTICE, - "Host addr %s not listed for host %s", - inet_ntoa(fromp->sin_addr), - hp->h_name); - errorstr = - "Host address mismatch for %s\n"; - hostname = inet_ntoa(fromp->sin_addr); - break; - } - if (!bcmp(hp->h_addr_list[0], - (caddr_t)&fromp->sin_addr, - sizeof(fromp->sin_addr))) { - hostname = hp->h_name; - break; - } - } - } - } else - errorhost = hostname = inet_ntoa(fromp->sin_addr); - -#ifdef KERBEROS - if (use_kerberos) { - kdata = (AUTH_DAT *) authbuf; - ticket = (KTEXT) tickbuf; - authopts = 0L; - strcpy(instance, "*"); - version[VERSION_SIZE - 1] = '\0'; -#ifdef CRYPT - if (doencrypt) { - struct sockaddr_in local_addr; - rc = sizeof(local_addr); - if (getsockname(0, (struct sockaddr *)&local_addr, - &rc) < 0) { - syslog(LOG_ERR, "getsockname: %m"); - error("rshd: getsockname: %m"); - exit(1); - } - authopts = KOPT_DO_MUTUAL; - rc = krb_recvauth(authopts, 0, ticket, - "rcmd", instance, &fromaddr, - &local_addr, kdata, "", schedule, - version); - des_set_key(kdata->session, schedule); - } else -#endif - rc = krb_recvauth(authopts, 0, ticket, "rcmd", - instance, &fromaddr, - (struct sockaddr_in *) 0, - kdata, "", (bit_64 *) 0, version); - if (rc != KSUCCESS) { - error("Kerberos authentication failure: %s\n", - krb_err_txt[rc]); - exit(1); - } - } else -#endif - getstr(remuser, sizeof(remuser), "remuser"); - - getstr(locuser, sizeof(locuser), "locuser"); - getstr(cmdbuf, sizeof(cmdbuf), "command"); - setpwent(); - pwd = getpwnam(locuser); - if (pwd == NULL) { - syslog(LOG_INFO|LOG_AUTH, - "%s@%s as %s: unknown login. cmd='%.80s'", - remuser, hostname, locuser, cmdbuf); - if (errorstr == NULL) - errorstr = "Login incorrect.\n"; - goto fail; - } - if (chdir(pwd->pw_dir) < 0) { - (void) chdir("/"); -#ifdef notdef - syslog(LOG_INFO|LOG_AUTH, - "%s@%s as %s: no home directory. cmd='%.80s'", - remuser, hostname, locuser, cmdbuf); - error("No remote directory.\n"); - exit(1); -#endif - } - -#ifdef KERBEROS - if (use_kerberos) { - if (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0') { - if (kuserok(kdata, locuser) != 0) { - syslog(LOG_INFO|LOG_AUTH, - "Kerberos rsh denied to %s.%s@%s", - kdata->pname, kdata->pinst, kdata->prealm); - error("Permission denied.\n"); - exit(1); - } - } - } else -#endif - - if (errorstr || - pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' && - iruserok(fromp->sin_addr.s_addr, pwd->pw_uid == 0, - remuser, locuser) < 0) { - if (__rcmd_errstr) - syslog(LOG_INFO|LOG_AUTH, - "%s@%s as %s: permission denied (%s). cmd='%.80s'", - remuser, hostname, locuser, __rcmd_errstr, - cmdbuf); - else - syslog(LOG_INFO|LOG_AUTH, - "%s@%s as %s: permission denied. cmd='%.80s'", - remuser, hostname, locuser, cmdbuf); -fail: - if (errorstr == NULL) - errorstr = "Permission denied.\n"; - error(errorstr, errorhost); - exit(1); - } - - if (pwd->pw_uid && !access(_PATH_NOLOGIN, F_OK)) { - error("Logins currently disabled.\n"); - exit(1); - } - - (void) write(STDERR_FILENO, "\0", 1); - sent_null = 1; - - if (port) { - if (pipe(pv) < 0) { - error("Can't make pipe.\n"); - exit(1); - } -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) { - if (pipe(pv1) < 0) { - error("Can't make 2nd pipe.\n"); - exit(1); - } - if (pipe(pv2) < 0) { - error("Can't make 3rd pipe.\n"); - exit(1); - } - } -#endif -#endif - pid = fork(); - if (pid == -1) { - error("Can't fork; try again.\n"); - exit(1); - } - if (pid) { -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) { - static char msg[] = SECURE_MESSAGE; - (void) close(pv1[1]); - (void) close(pv2[1]); - des_write(s, msg, sizeof(msg) - 1); - - } else -#endif -#endif - { - (void) close(0); - (void) close(1); - } - (void) close(2); - (void) close(pv[1]); - - FD_ZERO(&readfrom); - FD_SET(s, &readfrom); - FD_SET(pv[0], &readfrom); - if (pv[0] > s) - nfd = pv[0]; - else - nfd = s; -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) { - FD_ZERO(&writeto); - FD_SET(pv2[0], &writeto); - FD_SET(pv1[0], &readfrom); - - nfd = MAX(nfd, pv2[0]); - nfd = MAX(nfd, pv1[0]); - } else -#endif -#endif - ioctl(pv[0], FIONBIO, (char *)&one); - - /* should set s nbio! */ - nfd++; - do { - ready = readfrom; -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) { - wready = writeto; - if (select(nfd, &ready, - &wready, (fd_set *) 0, - (struct timeval *) 0) < 0) - break; - } else -#endif -#endif - if (select(nfd, &ready, (fd_set *)0, - (fd_set *)0, (struct timeval *)0) < 0) - break; - if (FD_ISSET(s, &ready)) { - int ret; -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) - ret = des_read(s, &sig, 1); - else -#endif -#endif - ret = read(s, &sig, 1); - if (ret <= 0) - FD_CLR(s, &readfrom); - else - killpg(pid, sig); - } - if (FD_ISSET(pv[0], &ready)) { - errno = 0; - cc = read(pv[0], buf, sizeof(buf)); - if (cc <= 0) { - shutdown(s, 1+1); - FD_CLR(pv[0], &readfrom); - } else { -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) - (void) - des_write(s, buf, cc); - else -#endif -#endif - (void) - write(s, buf, cc); - } - } -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt && FD_ISSET(pv1[0], &ready)) { - errno = 0; - cc = read(pv1[0], buf, sizeof(buf)); - if (cc <= 0) { - shutdown(pv1[0], 1+1); - FD_CLR(pv1[0], &readfrom); - } else - (void) des_write(STDOUT_FILENO, - buf, cc); - } - - if (doencrypt && FD_ISSET(pv2[0], &wready)) { - errno = 0; - cc = des_read(STDIN_FILENO, - buf, sizeof(buf)); - if (cc <= 0) { - shutdown(pv2[0], 1+1); - FD_CLR(pv2[0], &writeto); - } else - (void) write(pv2[0], buf, cc); - } -#endif -#endif - - } while (FD_ISSET(s, &readfrom) || -#ifdef CRYPT -#ifdef KERBEROS - (doencrypt && FD_ISSET(pv1[0], &readfrom)) || -#endif -#endif - FD_ISSET(pv[0], &readfrom)); - exit(0); - } - setpgrp(0, getpid()); - (void) close(s); - (void) close(pv[0]); -#ifdef CRYPT -#ifdef KERBEROS - if (doencrypt) { - close(pv1[0]); close(pv2[0]); - dup2(pv1[1], 1); - dup2(pv2[1], 0); - close(pv1[1]); - close(pv2[1]); - } -#endif -#endif - dup2(pv[1], 2); - close(pv[1]); - } - if (*pwd->pw_shell == '\0') - pwd->pw_shell = _PATH_BSHELL; -#if BSD > 43 - if (setlogin(pwd->pw_name) < 0) - syslog(LOG_ERR, "setlogin() failed: %m"); -#endif - (void) setgid((gid_t)pwd->pw_gid); - initgroups(pwd->pw_name, pwd->pw_gid); - (void) setuid((uid_t)pwd->pw_uid); - environ = envinit; - strncat(homedir, pwd->pw_dir, sizeof(homedir)-6); - strcat(path, _PATH_DEFPATH); - strncat(shell, pwd->pw_shell, sizeof(shell)-7); - strncat(username, pwd->pw_name, sizeof(username)-6); - cp = strrchr(pwd->pw_shell, '/'); - if (cp) - cp++; - else - cp = pwd->pw_shell; - endpwent(); - if (log_success || pwd->pw_uid == 0) { -#ifdef KERBEROS - if (use_kerberos) - syslog(LOG_INFO|LOG_AUTH, - "Kerberos shell from %s.%s@%s on %s as %s, cmd='%.80s'", - kdata->pname, kdata->pinst, kdata->prealm, - hostname, locuser, cmdbuf); - else -#endif - syslog(LOG_INFO|LOG_AUTH, "%s@%s as %s: cmd='%.80s'", - remuser, hostname, locuser, cmdbuf); - } - execl(pwd->pw_shell, cp, "-c", cmdbuf, 0); - perror(pwd->pw_shell); - exit(1); -} - -/* - * Report error to client. Note: can't be used until second socket has - * connected to client, or older clients will hang waiting for that - * connection first. - */ -#if __STDC__ -#include -#else -#include -#endif - -void -#if __STDC__ -error(const char *fmt, ...) -#else -error(fmt, va_alist) - char *fmt; - va_dcl -#endif -{ - va_list ap; - int len; - char *bp, buf[BUFSIZ]; -#if __STDC__ - va_start(ap, fmt); -#else - va_start(ap); -#endif - bp = buf; - if (sent_null == 0) { - *bp++ = 1; - len = 1; - } else - len = 0; - (void)vsnprintf(bp, sizeof(buf) - 1, fmt, ap); - (void)write(STDERR_FILENO, buf, len + strlen(bp)); -} - -void -getstr(buf, cnt, err) - char *buf, *err; - int cnt; -{ - char c; - - do { - if (read(STDIN_FILENO, &c, 1) != 1) - exit(1); - *buf++ = c; - if (--cnt == 0) { - error("%s too long\n", err); - exit(1); - } - } while (c != 0); -} - -/* - * Check whether host h is in our local domain, - * defined as sharing the last two components of the domain part, - * or the entire domain part if the local domain has only one component. - * If either name is unqualified (contains no '.'), - * assume that the host is local, as it will be - * interpreted as such. - */ -int -local_domain(h) - char *h; -{ - char localhost[MAXHOSTNAMELEN]; - char *p1, *p2; - - localhost[0] = 0; - (void) gethostname(localhost, sizeof(localhost)); - p1 = topdomain(localhost); - p2 = topdomain(h); - if (p1 == NULL || p2 == NULL || !strcasecmp(p1, p2)) - return (1); - return (0); -} - -char * -topdomain(h) - char *h; -{ - char *p, *maybe = NULL; - int dots = 0; - - for (p = h + strlen(h); p >= h; p--) { - if (*p == '.') { - if (++dots == 2) - return (p); - maybe = p; - } - } - return (maybe); -} - -void -usage() -{ - - syslog(LOG_ERR, "usage: rshd [-%s]", OPTIONS); - exit(2); -} diff --git a/rshd.tproj/shell.plist b/rshd.tproj/shell.plist deleted file mode 100644 index 0417b13..0000000 --- a/rshd.tproj/shell.plist +++ /dev/null @@ -1,27 +0,0 @@ - - - - - Disabled - - Label - com.apple.rshd - ProgramArguments - - /usr/libexec/rshd - - inetdCompatibility - - Wait - - - Sockets - - Listeners - - SockServiceName - shell - - - - diff --git a/rtadvd.tproj/Makefile.preamble b/rtadvd.tproj/Makefile.preamble index f35d314..b4b15c0 100644 --- a/rtadvd.tproj/Makefile.preamble +++ b/rtadvd.tproj/Makefile.preamble @@ -1,4 +1,5 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include +OTHER_CFLAGS += -mdynamic-no-pic LOCAL_CFLAGS= -DINET6 -DHAVE_GETIFADDRS AFTER_INSTALL += install-man-page install-config-files diff --git a/rtadvd.tproj/config.c b/rtadvd.tproj/config.c index bdcf5b7..098f161 100644 --- a/rtadvd.tproj/config.c +++ b/rtadvd.tproj/config.c @@ -60,7 +60,7 @@ #include #include #include -#if defined(__NetBSD__) || defined(__OpenBSD__) +#if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) #include #endif #include @@ -599,7 +599,7 @@ get_prefix(struct rainfo *rai) while (p < ep) *p++ = 0x00; - if (!inet_ntop(AF_INET6, &pp->prefix, ntopbuf, + if (!inet_ntop(AF_INET6, &pp->prefix, (char *)ntopbuf, sizeof(ntopbuf))) { syslog(LOG_ERR, "<%s> inet_ntop failed", __FUNCTION__); exit(1); @@ -671,7 +671,7 @@ add_prefix(struct rainfo *rai, struct in6_prefixreq *ipr) syslog(LOG_DEBUG, "<%s> new prefix %s/%d was added on %s", __FUNCTION__, inet_ntop(AF_INET6, &ipr->ipr_prefix.sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), ipr->ipr_plen, rai->ifname); /* free the previous packet */ @@ -703,7 +703,7 @@ delete_prefix(struct rainfo *rai, struct prefix *prefix) remque(prefix); syslog(LOG_DEBUG, "<%s> prefix %s/%d was deleted on %s", __FUNCTION__, inet_ntop(AF_INET6, &prefix->prefix, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), prefix->prefixlen, rai->ifname); free(prefix); rai->pfxs--; @@ -742,7 +742,7 @@ init_prefix(struct in6_prefixreq *ipr) syslog(LOG_WARNING, "<%s> Added prefix(%s)'s origin %d is" "lower than PR_ORIG_RR(router renumbering)." "This should not happen if I am router", __FUNCTION__, - inet_ntop(AF_INET6, &ipr->ipr_prefix.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &ipr->ipr_prefix.sin6_addr, (char *)ntopbuf, sizeof(ntopbuf)), ipr->ipr_origin); close(s); return 1; @@ -831,7 +831,7 @@ make_packet(struct rainfo *rainfo) free(rainfo->ra_data); rainfo->ra_data = NULL; } - rainfo->ra_data = buf; + rainfo->ra_data = (u_char *)buf; /* XXX: what if packlen > 576? */ rainfo->ra_datalen = packlen; diff --git a/rtadvd.tproj/if.c b/rtadvd.tproj/if.c index ba5c5f0..2c7ffd7 100644 --- a/rtadvd.tproj/if.c +++ b/rtadvd.tproj/if.c @@ -102,16 +102,14 @@ if_nametosdl(char *name) size_t len; struct if_msghdr *ifm; struct sockaddr *sa, *rti_info[RTAX_MAX]; - struct sockaddr_dl *sdl = NULL, *ret_sdl; + struct sockaddr_dl *sdl = NULL, *ret_sdl = NULL; if (sysctl(mib, 6, NULL, &len, NULL, 0) < 0) return(NULL); if ((buf = malloc(len)) == NULL) return(NULL); - if (sysctl(mib, 6, buf, &len, NULL, 0) < 0) { - free(buf); - return(NULL); - } + if (sysctl(mib, 6, buf, &len, NULL, 0) < 0) + goto end; lim = buf + len; for (next = buf; next < lim; next += ifm->ifm_msglen) { @@ -135,14 +133,16 @@ if_nametosdl(char *name) } if (next == lim) { /* search failed */ - free(buf); - return(NULL); + goto end; } if ((ret_sdl = malloc(sdl->sdl_len)) == NULL) - return(NULL); + goto end; memcpy((caddr_t)ret_sdl, (caddr_t)sdl, sdl->sdl_len); - return(ret_sdl); + +end: + free(buf); + return (ret_sdl); } int diff --git a/rtadvd.tproj/rrenum.c b/rtadvd.tproj/rrenum.c index a33670b..2428927 100644 --- a/rtadvd.tproj/rrenum.c +++ b/rtadvd.tproj/rrenum.c @@ -247,7 +247,7 @@ do_pco(struct icmp6_router_renum *rr, int len, struct rr_pco_match *rpm) int ifindex = 0; struct in6_rrenumreq irr; - if ((rr_pco_check(len, rpm) != NULL)) + if ((rr_pco_check(len, rpm) != 0)) return 1; if (s == -1 && (s = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { @@ -355,7 +355,7 @@ rr_command_check(int len, struct icmp6_router_renum *rr, struct in6_addr *from, !IN6_IS_ADDR_MC_SITELOCAL(dst)) { syslog(LOG_ERR, "<%s> dst mcast addr %s is illegal", __FUNCTION__, - inet_ntop(AF_INET6, dst, ntopbuf, INET6_ADDRSTRLEN)); + inet_ntop(AF_INET6, dst, (char *)ntopbuf, INET6_ADDRSTRLEN)); return 1; } @@ -364,7 +364,7 @@ rr_command_check(int len, struct icmp6_router_renum *rr, struct in6_addr *from, syslog(LOG_WARNING, "<%s> rcvd old seqnum %d from %s", __FUNCTION__, (u_int32_t)ntohl(rr->rr_seqnum), - inet_ntop(AF_INET6, from, ntopbuf, INET6_ADDRSTRLEN)); + inet_ntop(AF_INET6, from, (char *)ntopbuf, INET6_ADDRSTRLEN)); return 1; } if (rro.rro_seqnum == rr->rr_seqnum && @@ -374,7 +374,7 @@ rr_command_check(int len, struct icmp6_router_renum *rr, struct in6_addr *from, syslog(LOG_WARNING, "<%s> rcvd duped segnum %d from %s", __FUNCTION__, rr->rr_segnum, - inet_ntop(AF_INET6, from, ntopbuf, + inet_ntop(AF_INET6, from, (char *)ntopbuf, INET6_ADDRSTRLEN)); return 0; } @@ -428,9 +428,9 @@ rr_input(int len, struct icmp6_router_renum *rr, struct in6_pktinfo *pi, "<%s> RR received from %s to %s on %s", __FUNCTION__, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf[0], INET6_ADDRSTRLEN), - inet_ntop(AF_INET6, &dst, ntopbuf[1], INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + (char *)ntopbuf[0], INET6_ADDRSTRLEN), + inet_ntop(AF_INET6, &dst, (char *)ntopbuf[1], INET6_ADDRSTRLEN), + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); /* packet validation based on Section 4.1 of RFC2894 */ if (len < sizeof(struct icmp6_router_renum)) { @@ -438,9 +438,9 @@ rr_input(int len, struct icmp6_router_renum *rr, struct in6_pktinfo *pi, "<%s>: RR short message (size %d) from %s to %s on %s", __FUNCTION__, len, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf[0], INET6_ADDRSTRLEN), - inet_ntop(AF_INET6, &dst, ntopbuf[1], INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + (char *)ntopbuf[0], INET6_ADDRSTRLEN), + inet_ntop(AF_INET6, &dst, (char *)ntopbuf[1], INET6_ADDRSTRLEN), + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } @@ -458,10 +458,10 @@ rr_input(int len, struct icmp6_router_renum *rr, struct in6_pktinfo *pi, "<%s>: RR message with invalid destination (%s) " "from %s on %s", __FUNCTION__, - inet_ntop(AF_INET6, &dst, ntopbuf[0], INET6_ADDRSTRLEN), + inet_ntop(AF_INET6, &dst, (char *)ntopbuf[0], INET6_ADDRSTRLEN), inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf[1], INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + (char *)ntopbuf[1], INET6_ADDRSTRLEN), + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } diff --git a/rtadvd.tproj/rtadvd.c b/rtadvd.tproj/rtadvd.c index 0397394..0a454d8 100644 --- a/rtadvd.tproj/rtadvd.c +++ b/rtadvd.tproj/rtadvd.c @@ -171,7 +171,7 @@ main(argc, argv) #undef OPTIONS switch(ch) { case 'c': - conffile = optarg; + conffile = (u_char *)optarg; break; case 'd': dflag = 1; @@ -419,7 +419,7 @@ rtmsg_input() syslog(LOG_DEBUG, "<%s:%d> unknown rtmsg %d on %s", __FUNCTION__, __LINE__, type, - if_indextoname(ifindex, ifname)); + if_indextoname(ifindex, (char *)ifname)); } continue; } @@ -430,7 +430,7 @@ rtmsg_input() "<%s> route changed on " "non advertising interface(%s)", __FUNCTION__, - if_indextoname(ifindex, ifname)); + if_indextoname(ifindex, (char *)ifname)); } continue; } @@ -528,7 +528,7 @@ rtmsg_input() syslog(LOG_DEBUG, "<%s:%d> unknown rtmsg %d on %s", __FUNCTION__, __LINE__, type, - if_indextoname(ifindex, ifname)); + if_indextoname(ifindex, (char *)ifname)); } return; } @@ -621,7 +621,7 @@ rtadvd_input() syslog(LOG_INFO, "<%s> received data on a disabled interface (%s)", __FUNCTION__, - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } @@ -658,9 +658,9 @@ rtadvd_input() "<%s> RS with invalid hop limit(%d) " "received from %s on %s", __FUNCTION__, *hlimp, - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } if (icp->icmp6_code) { @@ -668,9 +668,9 @@ rtadvd_input() "<%s> RS with invalid ICMP6 code(%d) " "received from %s on %s", __FUNCTION__, icp->icmp6_code, - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } if (i < sizeof(struct nd_router_solicit)) { @@ -678,9 +678,9 @@ rtadvd_input() "<%s> RS from %s on %s does not have enough " "length (len = %d)", __FUNCTION__, - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf), i); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf), i); return; } rs_input(i, (struct nd_router_solicit *)icp, pi, &from); @@ -695,9 +695,9 @@ rtadvd_input() "<%s> RA with invalid hop limit(%d) " "received from %s on %s", __FUNCTION__, *hlimp, - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } if (icp->icmp6_code) { @@ -705,9 +705,9 @@ rtadvd_input() "<%s> RA with invalid ICMP6 code(%d) " "received from %s on %s", __FUNCTION__, icp->icmp6_code, - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } if (i < sizeof(struct nd_router_advert)) { @@ -715,9 +715,9 @@ rtadvd_input() "<%s> RA from %s on %s does not have enough " "length (len = %d)", __FUNCTION__, - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf), i); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf), i); return; } ra_input(i, (struct nd_router_advert *)icp, pi, &from); @@ -761,8 +761,8 @@ rs_input(int len, struct nd_router_solicit *rs, "<%s> RS received from %s on %s", __FUNCTION__, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + (char *)ntopbuf, INET6_ADDRSTRLEN), + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); /* ND option check */ memset(&ndopts, 0, sizeof(ndopts)); @@ -773,8 +773,8 @@ rs_input(int len, struct nd_router_solicit *rs, "<%s> ND option check failed for an RS from %s on %s", __FUNCTION__, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + (char *)ntopbuf, INET6_ADDRSTRLEN), + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } @@ -789,7 +789,7 @@ rs_input(int len, struct nd_router_solicit *rs, "<%s> RS from unspecified src on %s has a link-layer" " address option", __FUNCTION__, - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); goto done; } @@ -803,7 +803,7 @@ rs_input(int len, struct nd_router_solicit *rs, syslog(LOG_INFO, "<%s> RS received on non advertising interface(%s)", __FUNCTION__, - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); goto done; } @@ -895,8 +895,8 @@ ra_input(int len, struct nd_router_advert *ra, "<%s> RA received from %s on %s", __FUNCTION__, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + (char *)ntopbuf, INET6_ADDRSTRLEN), + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); /* ND option check */ memset(&ndopts, 0, sizeof(ndopts)); @@ -908,8 +908,8 @@ ra_input(int len, struct nd_router_advert *ra, "<%s> ND option check failed for an RA from %s on %s", __FUNCTION__, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + (char *)ntopbuf, INET6_ADDRSTRLEN), + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } @@ -922,8 +922,8 @@ ra_input(int len, struct nd_router_advert *ra, " interface(%s)", __FUNCTION__, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + (char *)ntopbuf, INET6_ADDRSTRLEN), + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); goto done; } rai->rainput++; /* increment statistics */ @@ -938,7 +938,7 @@ ra_input(int len, struct nd_router_advert *ra, rai->ifname, ra->nd_ra_curhoplimit, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), rai->hoplimit); inconsistent++; } @@ -952,7 +952,7 @@ ra_input(int len, struct nd_router_advert *ra, rai->ifname, on_off[!rai->managedflg], inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), on_off[rai->managedflg]); inconsistent++; } @@ -966,7 +966,7 @@ ra_input(int len, struct nd_router_advert *ra, rai->ifname, on_off[!rai->otherflg], inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), on_off[rai->otherflg]); inconsistent++; } @@ -981,7 +981,7 @@ ra_input(int len, struct nd_router_advert *ra, rai->ifname, reachabletime, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), rai->reachabletime); inconsistent++; } @@ -996,7 +996,7 @@ ra_input(int len, struct nd_router_advert *ra, rai->ifname, retranstimer, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), rai->retranstimer); inconsistent++; } @@ -1010,7 +1010,7 @@ ra_input(int len, struct nd_router_advert *ra, __FUNCTION__, rai->ifname, mtu, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), rai->linkmtu); inconsistent++; } @@ -1064,10 +1064,10 @@ prefix_check(struct nd_opt_prefix_info *pinfo, "from %s on %s", __FUNCTION__, inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix, - prefixbuf, INET6_ADDRSTRLEN), + (char *)prefixbuf, INET6_ADDRSTRLEN), pinfo->nd_opt_pi_prefix_len, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), rai->ifname); } @@ -1077,10 +1077,10 @@ prefix_check(struct nd_opt_prefix_info *pinfo, "<%s> prefix %s/%d from %s on %s is not in our list", __FUNCTION__, inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix, - prefixbuf, INET6_ADDRSTRLEN), + (char *)prefixbuf, INET6_ADDRSTRLEN), pinfo->nd_opt_pi_prefix_len, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), rai->ifname); return(0); } @@ -1105,11 +1105,11 @@ prefix_check(struct nd_opt_prefix_info *pinfo, " %d from %s, %ld from us", __FUNCTION__, inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix, - prefixbuf, INET6_ADDRSTRLEN), + (char *)prefixbuf, INET6_ADDRSTRLEN), pinfo->nd_opt_pi_prefix_len, rai->ifname, preferred_time, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), pp->pltimeexpire); inconsistent++; } @@ -1121,11 +1121,11 @@ prefix_check(struct nd_opt_prefix_info *pinfo, " %d from %s, %d from us", __FUNCTION__, inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix, - prefixbuf, INET6_ADDRSTRLEN), + (char *)prefixbuf, INET6_ADDRSTRLEN), pinfo->nd_opt_pi_prefix_len, rai->ifname, preferred_time, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), pp->preflifetime); } @@ -1142,11 +1142,11 @@ prefix_check(struct nd_opt_prefix_info *pinfo, " %d from %s, %ld from us", __FUNCTION__, inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix, - prefixbuf, INET6_ADDRSTRLEN), + (char *)prefixbuf, INET6_ADDRSTRLEN), pinfo->nd_opt_pi_prefix_len, rai->ifname, preferred_time, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), pp->vltimeexpire); inconsistent++; } @@ -1158,11 +1158,11 @@ prefix_check(struct nd_opt_prefix_info *pinfo, " %d from %s, %d from us", __FUNCTION__, inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix, - prefixbuf, INET6_ADDRSTRLEN), + (char *)prefixbuf, INET6_ADDRSTRLEN), pinfo->nd_opt_pi_prefix_len, rai->ifname, valid_time, inet_ntop(AF_INET6, &from->sin6_addr, - ntopbuf, INET6_ADDRSTRLEN), + (char *)ntopbuf, INET6_ADDRSTRLEN), pp->validlifetime); inconsistent++; } diff --git a/rtadvd.tproj/timer.c b/rtadvd.tproj/timer.c index edfef55..4cce63b 100644 --- a/rtadvd.tproj/timer.c +++ b/rtadvd.tproj/timer.c @@ -37,7 +37,7 @@ #include #include #include -#if defined(__NetBSD__) || defined(__OpenBSD__) +#if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) #include #endif #include "timer.h" diff --git a/rtsol.tproj/Makefile.preamble b/rtsol.tproj/Makefile.preamble index 9b598d0..6bb1d17 100644 --- a/rtsol.tproj/Makefile.preamble +++ b/rtsol.tproj/Makefile.preamble @@ -1,4 +1,5 @@ OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include +OTHER_CFLAGS += -mdynamic-no-pic LOCAL_CFLAGS= -DINET6 -DHAVE_GETIFADDRS AFTER_INSTALL += install-man-page install-daemon diff --git a/rtsol.tproj/probe.c b/rtsol.tproj/probe.c index 61ddb63..75d3177 100644 --- a/rtsol.tproj/probe.c +++ b/rtsol.tproj/probe.c @@ -129,7 +129,7 @@ defrouter_probe(int ifindex) "non-linklocal address(%s)", inet_ntop(AF_INET6, &dr.defrouter[i].rtaddr, - ntopbuf, INET6_ADDRSTRLEN)); + (char *)ntopbuf, INET6_ADDRSTRLEN)); continue; /* ignore the address */ } sendprobe(&dr.defrouter[i].rtaddr, @@ -180,12 +180,12 @@ sendprobe(struct in6_addr *addr, int ifindex) } warnmsg(LOG_DEBUG, __FUNCTION__, "probe a router %s on %s", - inet_ntop(AF_INET6, addr, ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(ifindex, ifnamebuf)); + inet_ntop(AF_INET6, addr, (char *)ntopbuf, INET6_ADDRSTRLEN), + if_indextoname(ifindex, (char *)ifnamebuf)); if (sendmsg(probesock, &sndmhdr, 0)) warnmsg(LOG_ERR, __FUNCTION__, "sendmsg on %s: %s", - if_indextoname(ifindex, ifnamebuf), strerror(errno)); + if_indextoname(ifindex, (char *)ifnamebuf), strerror(errno)); return; } diff --git a/rtsol.tproj/rtsock.c b/rtsol.tproj/rtsock.c index 15348c4..35193f9 100644 --- a/rtsol.tproj/rtsock.c +++ b/rtsol.tproj/rtsock.c @@ -76,7 +76,7 @@ static struct { { RTM_IFANNOUNCE, sizeof(struct if_announcemsghdr), rtsock_input_ifannounce }, #endif - { 0, NULL }, + { 0, 0UL, NULL }, }; int diff --git a/rtsol.tproj/rtsol.c b/rtsol.tproj/rtsol.c index 753eed7..e1b9bff 100644 --- a/rtsol.tproj/rtsol.c +++ b/rtsol.tproj/rtsol.c @@ -277,18 +277,18 @@ rtsol_input(int s) if (icp->icmp6_type != ND_ROUTER_ADVERT) { warnmsg(LOG_ERR, __FUNCTION__, "invalid icmp type(%d) from %s on %s", icp->icmp6_type, - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } if (icp->icmp6_code != 0) { warnmsg(LOG_ERR, __FUNCTION__, "invalid icmp code(%d) from %s on %s", icp->icmp6_code, - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } @@ -296,18 +296,18 @@ rtsol_input(int s) warnmsg(LOG_NOTICE, __FUNCTION__, "invalid RA with hop limit(%d) from %s on %s", *hlimp, - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } if (pi && !IN6_IS_ADDR_LINKLOCAL(&from.sin6_addr)) { warnmsg(LOG_NOTICE, __FUNCTION__, "invalid RA with non link-local source from %s on %s", - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } @@ -316,15 +316,15 @@ rtsol_input(int s) if ((ifi = find_ifinfo(pi->ipi6_ifindex)) == NULL) { warnmsg(LOG_NOTICE, __FUNCTION__, "received RA from %s on an unexpeced IF(%s)", - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), - if_indextoname(pi->ipi6_ifindex, ifnamebuf)); + if_indextoname(pi->ipi6_ifindex, (char *)ifnamebuf)); return; } warnmsg(LOG_DEBUG, __FUNCTION__, "received RA from %s on %s, state is %d", - inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, + inet_ntop(AF_INET6, &from.sin6_addr, (char *)ntopbuf, INET6_ADDRSTRLEN), ifi->ifname, ifi->state); diff --git a/rtsol.tproj/rtsold.c b/rtsol.tproj/rtsold.c index 37f0f8b..6ccc84d 100644 --- a/rtsol.tproj/rtsold.c +++ b/rtsol.tproj/rtsold.c @@ -448,7 +448,7 @@ make_packet(struct ifinfo *ifinfo) "memory allocation failed for %s", ifinfo->ifname); return(-1); } - ifinfo->rs_data = buf; + ifinfo->rs_data = (u_char *)buf; /* fill in the message */ rs = (struct nd_router_solicit *)buf; diff --git a/ruptime.tproj/Makefile b/ruptime.tproj/Makefile deleted file mode 100644 index 09c2040..0000000 --- a/ruptime.tproj/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = ruptime - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = ruptime.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble m.template\ - h.template ruptime.1 Makefile.dist - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/ruptime.tproj/Makefile.dist b/ruptime.tproj/Makefile.dist deleted file mode 100644 index 57f1e15..0000000 --- a/ruptime.tproj/Makefile.dist +++ /dev/null @@ -1,5 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 6/6/93 - -PROG= ruptime - -.include diff --git a/ruptime.tproj/Makefile.postamble b/ruptime.tproj/Makefile.postamble deleted file mode 100644 index 8b2ef6a..0000000 --- a/ruptime.tproj/Makefile.postamble +++ /dev/null @@ -1,127 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder project (NS3.X = 1.1, NS4.0 = 2.0) -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES - # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A - # This should be incremented as your API changes. -#COMPATIBILITY_PROJECT_VERSION = 1 - # This should be incremented as your API grows. -#CURRENT_PROJECT_VERSION = 1 - # Defaults to using the "vers_string" hack. - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wmost -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S - # for .a archives -#DYNAMIC_STRIP_OPTS = -S - # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -# Note: on MS Windows, executables, have an extension, so rules and dependencies -# for generated tools should use $(EXECUTABLE_EXT) on the end. - -after_install: - install -d $(DSTROOT)/usr/share/man/man1 - install -c -m 444 ruptime.1 $(DSTROOT)/usr/share/man/man1/ruptime.1 diff --git a/ruptime.tproj/Makefile.preamble b/ruptime.tproj/Makefile.preamble deleted file mode 100644 index 74ce95a..0000000 --- a/ruptime.tproj/Makefile.preamble +++ /dev/null @@ -1,130 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# If you do not want any headers exported before compilations begin, -# uncomment the following line. This can be a big time saver. -#SKIP_EXPORTING_HEADERS = YES - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set these two macros if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the public header directory -# on the specified public header files with the specified additional flags. -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -# Set this for library projects if you want to publish header files. If your -# app or tool project exports headers Don't -# include $(DSTROOT); this is added for you automatically. -PUBLIC_HEADER_DIR = -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Set this for dynamic library projects on platforms where code which references -# a dynamic library must link against an import library (i.e., Windows NT) -# Don't include $(DSTROOT); this is added for you automatically. -IMPORT_LIBRARY_DIR = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Uncomment this to produce a static archive-style (.a) library -#LIBRARY_STYLE = STATIC - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = -# .x files that should have rpcgen run on them -RPCFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - diff --git a/ruptime.tproj/PB.project b/ruptime.tproj/PB.project deleted file mode 100644 index f086f24..0000000 --- a/ruptime.tproj/PB.project +++ /dev/null @@ -1,35 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (); - OTHER_LINKED = (ruptime.c); - OTHER_SOURCES = ( - Makefile.preamble, - Makefile, - Makefile.postamble, - m.template, - h.template, - ruptime.1, - Makefile.dist - ); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = ruptime; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/ruptime.tproj/h.template b/ruptime.tproj/h.template deleted file mode 100644 index f3c1b04..0000000 --- a/ruptime.tproj/h.template +++ /dev/null @@ -1,11 +0,0 @@ -$$ -/* $FILENAME$ created by $USERNAME$ on $DATE$ */ - -#import - -@interface $FILENAMESANSEXTENSION$ : NSObject -{ - -} - -@end diff --git a/ruptime.tproj/m.template b/ruptime.tproj/m.template deleted file mode 100644 index 1216fe5..0000000 --- a/ruptime.tproj/m.template +++ /dev/null @@ -1,18 +0,0 @@ -$$ Lines starting with $$ are not inserted into newly created files -$$ The following substitutions are made: -$$ -$$ $FILENAME$ e.g. foo.m -$$ $FILENAMESANSEXTENSION$ e.g. foo -$$ $DIRECTORY$ e.g. /tmp/MyNewApp -$$ $PROJECTNAME$ e.g. MyNewApp -$$ $SUBPROJECTNAME$ e.g. TheGoodPart.subproj -$$ $USERNAME$ e.g. mwagner -$$ $DATE$ e.g. Jan-1-1994 -$$ -/* $FILENAME$ created by $USERNAME$ on $DATE$ */ - -#import "$FILENAMESANSEXTENSION$.h" - -@implementation $FILENAMESANSEXTENSION$ - -@end diff --git a/ruptime.tproj/ruptime.1 b/ruptime.tproj/ruptime.1 deleted file mode 100644 index b3b0af8..0000000 --- a/ruptime.tproj/ruptime.1 +++ /dev/null @@ -1,81 +0,0 @@ -.\" Copyright (c) 1983, 1990, 1993, 1994 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)ruptime.1 8.2 (Berkeley) 4/5/94 -.\" -.Dd April 5, 1994 -.Dt RUPTIME 1 -.Os BSD 4.2 -.Sh NAME -.Nm ruptime -.Nd show host status of local machines -.Sh SYNOPSIS -.Nm ruptime -.Op Fl alrtu -.Sh DESCRIPTION -.Nm Ruptime -gives a status line like -.Ar uptime -for each machine on the local network; these are formed from packets -broadcast by each host on the network once a minute. -.Pp -Machines for which no status report has been received for 11 -minutes are shown as being down. -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl a -Users idle an hour or more are not counted unless the -.Fl a -flag is given. -.It Fl l -Sort by load average. -.It Fl r -Reverses the sort order. -.It Fl t -Sort by uptime. -.It Fl u -Sort by number of users. -.El -.Pp -The default listing is sorted by host name. -.Sh FILES -.Bl -tag -width /var/rwho/whod.* -compact -.It Pa /var/rwho/whod.* -data files -.El -.Sh SEE ALSO -.Xr rwho 1 -.Xr uptime 1 -.Sh HISTORY -.Nm Ruptime -appeared in -.Bx 4.2 . diff --git a/ruptime.tproj/ruptime.c b/ruptime.tproj/ruptime.c deleted file mode 100644 index e6cb457..0000000 --- a/ruptime.tproj/ruptime.c +++ /dev/null @@ -1,301 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1983, 1993, 1994\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -struct hs { - struct whod *hs_wd; - int hs_nusers; -} *hs; -struct whod awhod; - -#define ISDOWN(h) (now - (h)->hs_wd->wd_recvtime > 11 * 60) -#define WHDRSIZE (sizeof (awhod) - sizeof (awhod.wd_we)) - -size_t nhosts; -time_t now; -int rflg = 1; - -int hscmp __P((const void *, const void *)); -char *interval __P((time_t, char *)); -int lcmp __P((const void *, const void *)); -void morehosts __P((void)); -int tcmp __P((const void *, const void *)); -int ucmp __P((const void *, const void *)); -void usage __P((void)); - -int -main(argc, argv) - int argc; - char **argv; -{ - extern int optind; - struct dirent *dp; - struct hs *hsp; - struct whod *wd; - struct whoent *we; - DIR *dirp; - size_t hspace; - int aflg, cc, ch, fd, i, maxloadav; - char buf[sizeof(struct whod)]; - int (*cmp) __P((const void *, const void *)); - - aflg = 0; - cmp = hscmp; - while ((ch = getopt(argc, argv, "alrut")) != EOF) - switch (ch) { - case 'a': - aflg = 1; - break; - case 'l': - cmp = lcmp; - break; - case 'r': - rflg = -1; - break; - case 't': - cmp = tcmp; - break; - case 'u': - cmp = ucmp; - break; - default: - usage(); - } - argc -= optind; - argv += optind; - - if (argc != 0) - usage(); - - if (chdir(_PATH_RWHODIR) || (dirp = opendir(".")) == NULL) - err(1, "%s", _PATH_RWHODIR); - - maxloadav = -1; - for (nhosts = hspace = 0; (dp = readdir(dirp)) != NULL;) { - if (dp->d_ino == 0 || strncmp(dp->d_name, "whod.", 5)) - continue; - if ((fd = open(dp->d_name, O_RDONLY, 0)) < 0) { - warn("%s", dp->d_name); - continue; - } - cc = read(fd, buf, sizeof(struct whod)); - (void)close(fd); - - if (cc < WHDRSIZE) - continue; - if (nhosts == hspace) { - if ((hs = - realloc(hs, (hspace += 40) * sizeof(*hs))) == NULL) - err(1, NULL); - hsp = hs + nhosts; - } - - if ((hsp->hs_wd = malloc((size_t)WHDRSIZE)) == NULL) - err(1, NULL); - memmove(hsp->hs_wd, buf, (size_t)WHDRSIZE); - - for (wd = (struct whod *)buf, i = 0; i < 2; ++i) - if (wd->wd_loadav[i] > maxloadav) - maxloadav = wd->wd_loadav[i]; - - for (hsp->hs_nusers = 0, - we = (struct whoent *)(buf + cc); --we >= wd->wd_we;) - if (aflg || we->we_idle < 3600) - ++hsp->hs_nusers; - ++hsp; - ++nhosts; - } - if (nhosts == 0) - errx(0, "no hosts in %s.", _PATH_RWHODIR); - - (void)time(&now); - qsort(hs, nhosts, sizeof(hs[0]), cmp); - for (i = 0; i < nhosts; i++) { - hsp = &hs[i]; - if (ISDOWN(hsp)) { - (void)printf("%-12.12s%s\n", hsp->hs_wd->wd_hostname, - interval(now - hsp->hs_wd->wd_recvtime, "down")); - continue; - } - (void)printf( - "%-12.12s%s, %4d user%s load %*.2f, %*.2f, %*.2f\n", - hsp->hs_wd->wd_hostname, - interval((time_t)hsp->hs_wd->wd_sendtime - - (time_t)hsp->hs_wd->wd_boottime, " up"), - hsp->hs_nusers, - hsp->hs_nusers == 1 ? ", " : "s,", - maxloadav >= 1000 ? 5 : 4, - hsp->hs_wd->wd_loadav[0] / 100.0, - maxloadav >= 1000 ? 5 : 4, - hsp->hs_wd->wd_loadav[1] / 100.0, - maxloadav >= 1000 ? 5 : 4, - hsp->hs_wd->wd_loadav[2] / 100.0); - } - exit(0); -} - -char * -interval(tval, updown) - time_t tval; - char *updown; -{ - static char resbuf[32]; - int days, hours, minutes; - - if (tval < 0 || tval > DAYSPERNYEAR * SECSPERDAY) { - (void)snprintf(resbuf, sizeof(resbuf), " %s ??:??", updown); - return (resbuf); - } - /* round to minutes. */ - minutes = (tval + (SECSPERMIN - 1)) / SECSPERMIN; - hours = minutes / MINSPERHOUR; - minutes %= MINSPERHOUR; - days = hours / HOURSPERDAY; - hours %= HOURSPERDAY; - if (days) - (void)snprintf(resbuf, sizeof(resbuf), - "%s %2d+%02d:%02d", updown, days, hours, minutes); - else - (void)snprintf(resbuf, sizeof(resbuf), - "%s %2d:%02d", updown, hours, minutes); - return (resbuf); -} - -#define HS(a) ((struct hs *)(a)) - -/* Alphabetical comparison. */ -int -hscmp(a1, a2) - const void *a1, *a2; -{ - return (rflg * - strcmp(HS(a1)->hs_wd->wd_hostname, HS(a2)->hs_wd->wd_hostname)); -} - -/* Load average comparison. */ -int -lcmp(a1, a2) - const void *a1, *a2; -{ - if (ISDOWN(HS(a1))) - if (ISDOWN(HS(a2))) - return (tcmp(a1, a2)); - else - return (rflg); - else if (ISDOWN(HS(a2))) - return (-rflg); - else - return (rflg * - (HS(a2)->hs_wd->wd_loadav[0] - HS(a1)->hs_wd->wd_loadav[0])); -} - -/* Number of users comparison. */ -int -ucmp(a1, a2) - const void *a1, *a2; -{ - if (ISDOWN(HS(a1))) - if (ISDOWN(HS(a2))) - return (tcmp(a1, a2)); - else - return (rflg); - else if (ISDOWN(HS(a2))) - return (-rflg); - else - return (rflg * (HS(a2)->hs_nusers - HS(a1)->hs_nusers)); -} - -/* Uptime comparison. */ -int -tcmp(a1, a2) - const void *a1, *a2; -{ - return (rflg * ( - (ISDOWN(HS(a2)) ? HS(a2)->hs_wd->wd_recvtime - now - : HS(a2)->hs_wd->wd_sendtime - HS(a2)->hs_wd->wd_boottime) - - - (ISDOWN(HS(a1)) ? HS(a1)->hs_wd->wd_recvtime - now - : HS(a1)->hs_wd->wd_sendtime - HS(a1)->hs_wd->wd_boottime) - )); -} - -void -usage() -{ - (void)fprintf(stderr, "usage: ruptime [-alrut]\n"); - exit(1); -} diff --git a/rwho.tproj/Makefile b/rwho.tproj/Makefile deleted file mode 100644 index ac0d8cb..0000000 --- a/rwho.tproj/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rwho - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = rwho.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble rwho.1\ - Makefile.dist - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rwho.tproj/Makefile.dist b/rwho.tproj/Makefile.dist deleted file mode 100644 index 328aa38..0000000 --- a/rwho.tproj/Makefile.dist +++ /dev/null @@ -1,5 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 6/6/93 - -PROG= rwho - -.include diff --git a/rwho.tproj/Makefile.postamble b/rwho.tproj/Makefile.postamble deleted file mode 100644 index 80bc0aa..0000000 --- a/rwho.tproj/Makefile.postamble +++ /dev/null @@ -1,127 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder project (NS3.X = 1.1, NS4.0 = 2.0) -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES - # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A - # This should be incremented as your API changes. -#COMPATIBILITY_PROJECT_VERSION = 1 - # This should be incremented as your API grows. -#CURRENT_PROJECT_VERSION = 1 - # Defaults to using the "vers_string" hack. - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wmost -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S - # for .a archives -#DYNAMIC_STRIP_OPTS = -S - # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -# Note: on MS Windows, executables, have an extension, so rules and dependencies -# for generated tools should use $(EXECUTABLE_EXT) on the end. - -after_install: - install -d $(DSTROOT)/usr/share/man/man1 - install -c -m 444 rwho.1 $(DSTROOT)/usr/share/man/man1/rwho.1 diff --git a/rwho.tproj/Makefile.preamble b/rwho.tproj/Makefile.preamble deleted file mode 100644 index 74ce95a..0000000 --- a/rwho.tproj/Makefile.preamble +++ /dev/null @@ -1,130 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# If you do not want any headers exported before compilations begin, -# uncomment the following line. This can be a big time saver. -#SKIP_EXPORTING_HEADERS = YES - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set these two macros if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the public header directory -# on the specified public header files with the specified additional flags. -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -# Set this for library projects if you want to publish header files. If your -# app or tool project exports headers Don't -# include $(DSTROOT); this is added for you automatically. -PUBLIC_HEADER_DIR = -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Set this for dynamic library projects on platforms where code which references -# a dynamic library must link against an import library (i.e., Windows NT) -# Don't include $(DSTROOT); this is added for you automatically. -IMPORT_LIBRARY_DIR = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Uncomment this to produce a static archive-style (.a) library -#LIBRARY_STYLE = STATIC - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = -# .x files that should have rpcgen run on them -RPCFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - diff --git a/rwho.tproj/PB.project b/rwho.tproj/PB.project deleted file mode 100644 index 8a18feb..0000000 --- a/rwho.tproj/PB.project +++ /dev/null @@ -1,27 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (); - OTHER_LINKED = (rwho.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, rwho.1, Makefile.dist); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = rwho; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/rwho.tproj/rwho.1 b/rwho.tproj/rwho.1 deleted file mode 100644 index f039b01..0000000 --- a/rwho.tproj/rwho.1 +++ /dev/null @@ -1,80 +0,0 @@ -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rwho.1 8.1 (Berkeley) 6/6/93 -.\" -.Dd June 6, 1993 -.Dt RWHO 1 -.Os BSD 4.2 -.Sh NAME -.Nm rwho -.Nd who is logged in on local machines -.Sh SYNOPSIS -.Nm rwho -.Op Fl a -.Sh DESCRIPTION -The -.Nm rwho -command produces output similar to -.Xr who , -but for all machines on the local network. -If no report has been -received from a machine for 5 minutes then -.Nm rwho -assumes the machine is down, and does not report users last known -to be logged into that machine. -.Pp -If a users hasn't typed to the system for a minute or more, then -.Nm rwho -reports this idle time. If a user hasn't typed to the system for -an hour or more, then -the user will be omitted from the output of -.Nm rwho -unless the -.Fl a -flag is given. -.Sh FILES -.Bl -tag -width /var/rwho/rhowd.* -compact -.It Pa /var/rwho/whod.* -information about other machines -.El -.Sh SEE ALSO -.Xr ruptime 1 , -.Xr rwhod 8 -.Sh HISTORY -The -.Nm rwho -command -appeared in -.Bx 4.3 . -.Sh BUGS -This is unwieldy when the number of machines -on the local net is large. diff --git a/rwho.tproj/rwho.c b/rwho.tproj/rwho.c deleted file mode 100644 index 815f13a..0000000 --- a/rwho.tproj/rwho.c +++ /dev/null @@ -1,204 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1983, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#include -#include -#include -#include -#include - -DIR *dirp; - -struct whod wd; -int utmpcmp(); -#define NUSERS 1000 -struct myutmp { - char myhost[MAXHOSTNAMELEN]; - int myidle; - struct outmp myutmp; -} myutmp[NUSERS]; -int nusers; - -#define WHDRSIZE (sizeof (wd) - sizeof (wd.wd_we)) -/* - * this macro should be shared with ruptime. - */ -#define down(w,now) ((now) - (w)->wd_recvtime > 11 * 60) - -char *ctime(), *strcpy(); -time_t now; -int aflg; - -main(argc, argv) - int argc; - char **argv; -{ - extern char *optarg; - extern int optind; - int ch; - struct direct *dp; - int cc, width; - register struct whod *w = &wd; - register struct whoent *we; - register struct myutmp *mp; - int f, n, i; - time_t time(); - - while ((ch = getopt(argc, argv, "a")) != EOF) - switch((char)ch) { - case 'a': - aflg = 1; - break; - case '?': - default: - fprintf(stderr, "usage: rwho [-a]\n"); - exit(1); - } - if (chdir(_PATH_RWHODIR) || (dirp = opendir(".")) == NULL) { - perror(_PATH_RWHODIR); - exit(1); - } - mp = myutmp; - (void)time(&now); - while (dp = readdir(dirp)) { - if (dp->d_ino == 0 || strncmp(dp->d_name, "whod.", 5)) - continue; - f = open(dp->d_name, O_RDONLY); - if (f < 0) - continue; - cc = read(f, (char *)&wd, sizeof (struct whod)); - if (cc < WHDRSIZE) { - (void) close(f); - continue; - } - if (down(w,now)) { - (void) close(f); - continue; - } - cc -= WHDRSIZE; - we = w->wd_we; - for (n = cc / sizeof (struct whoent); n > 0; n--) { - if (aflg == 0 && we->we_idle >= 60*60) { - we++; - continue; - } - if (nusers >= NUSERS) { - printf("too many users\n"); - exit(1); - } - mp->myutmp = we->we_utmp; mp->myidle = we->we_idle; - (void) strcpy(mp->myhost, w->wd_hostname); - nusers++; we++; mp++; - } - (void) close(f); - } - qsort((char *)myutmp, nusers, sizeof (struct myutmp), utmpcmp); - mp = myutmp; - width = 0; - for (i = 0; i < nusers; i++) { - int j = strlen(mp->myhost) + 1 + strlen(mp->myutmp.out_line); - if (j > width) - width = j; - mp++; - } - mp = myutmp; - for (i = 0; i < nusers; i++) { - char buf[BUFSIZ]; - (void)sprintf(buf, "%s:%s", mp->myhost, mp->myutmp.out_line); - printf("%-8.8s %-*s %.12s", - mp->myutmp.out_name, - width, - buf, - ctime((time_t *)&mp->myutmp.out_time)+4); - mp->myidle /= 60; - if (mp->myidle) { - if (aflg) { - if (mp->myidle >= 100*60) - mp->myidle = 100*60 - 1; - if (mp->myidle >= 60) - printf(" %2d", mp->myidle / 60); - else - printf(" "); - } else - printf(" "); - printf(":%02d", mp->myidle % 60); - } - printf("\n"); - mp++; - } - exit(0); -} - -utmpcmp(u1, u2) - struct myutmp *u1, *u2; -{ - int rc; - - rc = strncmp(u1->myutmp.out_name, u2->myutmp.out_name, 8); - if (rc) - return (rc); - rc = strncmp(u1->myhost, u2->myhost, 8); - if (rc) - return (rc); - return (strncmp(u1->myutmp.out_line, u2->myutmp.out_line, 8)); -} diff --git a/rwhod.tproj/Makefile b/rwhod.tproj/Makefile deleted file mode 100644 index fc4f54b..0000000 --- a/rwhod.tproj/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = rwhod - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = rwhod.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble rwhod.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -WINDOWS_INSTALLDIR = /usr/sbin -PDO_UNIX_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/rwhod.tproj/Makefile.postamble b/rwhod.tproj/Makefile.postamble deleted file mode 100644 index f5bd05c..0000000 --- a/rwhod.tproj/Makefile.postamble +++ /dev/null @@ -1,114 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of top-level app-wrapper (e.g., Webster.app) -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# ENGLISH - boolean flag set iff $(LANGUAGE) = "English" -# JAPANESE - boolean flag set iff $(LANGUAGE) = "Japanese" -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder that output Makefile -# APPICON - application icon file -# DOCICONS - dock icon files -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target - - -# Change defaults assumed by the standard app makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Add Makefile.preamble, Makefile.postamble, and Makefile.dependencies here if -# you would like changes to them to invalidate previous builds. The project -# depends on $(MAKEFILES) so that changes to Makefiles will trigger a re-build. -#MAKEFILES = Makefile - -# Optimization flag passed to compiler: -#OPTIMIZATION_CFLAG = -O - -# Flags always passed to compiler: -#COMMON_CFLAGS = $(PROJECT_SPECIFIC_CFLAGS) -g -Wall - -# Flags passed to compiler in normal 'app' compiles: -#NORMAL_CFLAGS = $(COMMON_CFLAGS) $(OPTIMIZATION_CFLAG) - -# Flags passed to compiler in 'debug' compiles: -#DEBUG_CFLAGS = $(COMMON_CFLAGS) -DDEBUG - -# Flags passed to compiler in 'profile' compiles -#PROFILE_CFLAGS = $(COMMON_CFLAGS) -pg $(OPTIMIZATION_CFLAG) -DPROFILE - -# Flags passed to yacc -#YFLAGS = -d - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root # User to chown app to -#INSTALL_AS_GROUP = wheel # Group to chgrp app to -#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this - -# Options to strip for bundles, apps with bundles, and apps without bundles, -# respectively. -#RELOCATABLE_STRIP_OPTS = -x -u -#DYLD_APP_STRIP_OPTS = -A -n -#APP_STRIP_OPTS = -#TOOL_STRIP_OPTS = -#LIBRARY_STRIP_OPTS = -x -S # Note: -S strips debugging symbols -# (Note: APP_STRIP_OPTS and TOOL_STRIP_OPTS default to empty, but -# developers doing their own dynamic loading should set this to -# $(DYLD_APP_STRIP_OPTS)). -STRIPFLAGS = - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Typical -# user-defined rules are before_install and after_install (please don't -# redefine things like install or app, as they are owned by the top-level -# Makefile API), which are rules that get invoked before and after the install -# target runs. Such rules should be specified with the '::' syntax rather than -# a single colon. - -after_install: - install -d $(DSTROOT)/usr/share/man/man8 - install -c -m 444 rwhod.8 $(DSTROOT)/usr/share/man/man8/rwhod.8 diff --git a/rwhod.tproj/Makefile.preamble b/rwhod.tproj/Makefile.preamble deleted file mode 100644 index 2c9003c..0000000 --- a/rwhod.tproj/Makefile.preamble +++ /dev/null @@ -1,113 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags here. To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = - -BUNDLELDFLAGS = # use iff project is a bundle -PALETTELDFLAGS = # use iff project is a palette - -## Specify which headers in this project should be published to the outside -## world in a flat header directory given in PUBLIC_HEADER_DIR (which will be -## prepended by DSTROOT, below. Any subset of these public headers can be -## precompiled automatically after installation, with extra user-defined flags. -PUBLIC_HEADER_DIR = -PUBLIC_HEADERS = -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -## Configure what is linked in at each level here. Libraries are only used in -## the final 'app' linking step. Final 'app' linking is only done via the -## 'app', 'debug', and 'profile' targets when they are invoked for -## the top-level app. - -# Additional relocatables to be linked in at this level -OTHER_OFILES = -# Additional libs to link apps against ('app' target) -#OTHER_LIBS = -# Additional libs to link apps against ('debug' target) -OTHER_DEBUG_LIBS = -# Additional libs to link apps against ('profile' target) -OTHER_PROF_LIBS = - -# More 'app' libraries when $(JAPANESE) = "YES" -OTHER_JAPANESE_LIBS = -# More 'debug' libraries when $(JAPANESE) = "YES" -OTHER_JAPANESE_DEBUG_LIBS = -# More 'profile' libs when $(JAPANESE) = "YES" -OTHER_JAPANESE_PROF_LIBS = - -# If this is a bundle, and you *know* the enclosing application will not -# be linking with a library which you require in your bundle code, then -# mention it here so that it gets linked into the bundle. Note that this -# is wasteful but sometimes necessary. -BUNDLE_LIBS = - -## Configure how things get built here. Additional dependencies, sourcefiles, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = -# Precompiled headers to be built before any compilation occurs (e.g., draw.p) -PRECOMPS = - -# Targets to be built before installation -OTHER_INSTALL_DEPENDS = - -# A virtual root directory (other than /) to be prepended to the $(INSTALLDIR) -# passed from ProjectBuilder. -DSTROOT = - -# Set the following to "YES" if you want the old behavior of recursively -# cleaning all nested subprojects during 'make clean'. -CLEAN_ALL_SUBPROJECTS = - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include diff --git a/rwhod.tproj/PB.project b/rwhod.tproj/PB.project deleted file mode 100644 index 9329dd8..0000000 --- a/rwhod.tproj/PB.project +++ /dev/null @@ -1,41 +0,0 @@ -{ - DOCICONFILES = (); - FILESTABLE = { - C_FILES = (); - H_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (rwhod.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, rwhod.8); - PRECOMPILED_HEADERS = (); - PROJECT_HEADERS = (); - PUBLIC_HEADERS = (); - SUBPROJECTS = (); - }; - GENERATEMAIN = YES; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/sbin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = rwhod; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/sbin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/rwhod.tproj/rwhod.8 b/rwhod.tproj/rwhod.8 deleted file mode 100644 index 4b8492e..0000000 --- a/rwhod.tproj/rwhod.8 +++ /dev/null @@ -1,146 +0,0 @@ -.\" Copyright (c) 1983, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rwhod.8 8.2 (Berkeley) 12/11/93 -.\" -.Dd December 11, 1993 -.Dt RWHOD 8 -.Os BSD 4.2 -.Sh NAME -.Nm rwhod -.Nd system status server -.Sh SYNOPSIS -.Nm rwhod -.Sh DESCRIPTION -.Nm Rwhod -is the server which maintains the database used by the -.Xr rwho 1 -and -.Xr ruptime 1 -programs. Its operation is predicated on the ability to -.Em broadcast -messages on a network. -.Pp -.Nm Rwhod -operates as both a producer and consumer of status information. -As a producer of information it periodically -queries the state of the system and constructs -status messages which are broadcast on a network. -As a consumer of information, it listens for other -.Nm rwhod -servers' status messages, validating them, then recording -them in a collection of files located in the directory -.Pa /var/rwho . -.Pp -The server transmits and receives messages at the port indicated -in the ``rwho'' service specification; see -.Xr services 5 . -The messages sent and received, are of the form: -.Bd -literal -offset indent -struct outmp { - char out_line[8]; /* tty name */ - char out_name[8]; /* user id */ - long out_time; /* time on */ -}; - -struct whod { - char wd_vers; - char wd_type; - char wd_fill[2]; - int wd_sendtime; - int wd_recvtime; - char wd_hostname[32]; - int wd_loadav[3]; - int wd_boottime; - struct whoent { - struct outmp we_utmp; - int we_idle; - } wd_we[1024 / sizeof (struct whoent)]; -}; -.Ed -.Pp -All fields are converted to network byte order prior to -transmission. The load averages are as calculated by the -.Xr w 1 -program, and represent load averages over the 5, 10, and 15 minute -intervals prior to a server's transmission; they are multiplied by 100 -for representation in an integer. The host name -included is that returned by the -.Xr gethostname 2 -system call, with any trailing domain name omitted. -The array at the end of the message contains information about -the users logged in to the sending machine. This information -includes the contents of the -.Xr utmp 5 -entry for each non-idle terminal line and a value indicating the -time in seconds since a character was last received on the terminal line. -.Pp -Messages received by the -.Xr rwho -server are discarded unless they originated at an -.Xr rwho -server's port. In addition, if the host's name, as specified -in the message, contains any unprintable -.Tn ASCII -characters, the -message is discarded. Valid messages received by -.Nm rwhod -are placed in files named -.Pa whod.hostname -in the directory -.Pa /var/rwho . -These files contain only the most recent message, in the -format described above. -.Pp -Status messages are generated approximately once every -3 minutes. -.Nm Rwhod -performs an -.Xr nlist 3 -on -.Pa /vmunix -every 30 minutes to guard against -the possibility that this file is not the system -image currently operating. -.Sh SEE ALSO -.Xr rwho 1 , -.Xr ruptime 1 -.Sh BUGS -There should be a way to relay status information between networks. -Status information should be sent only upon request rather than continuously. -People often interpret the server dying -or network communication failures -as a machine going down. -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . diff --git a/rwhod.tproj/rwhod.c b/rwhod.tproj/rwhod.c deleted file mode 100644 index cbff644..0000000 --- a/rwhod.tproj/rwhod.c +++ /dev/null @@ -1,569 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1983, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -static char sccsid[] = "@(#)rwhod.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/* - * Alarm interval. Don't forget to change the down time check in ruptime - * if this is changed. - */ -#define AL_INTERVAL (3 * 60) - -char myname[MAXHOSTNAMELEN]; - -/* - * We communicate with each neighbor in a list constructed at the time we're - * started up. Neighbors are currently directly connected via a hardware - * interface. - */ -struct neighbor { - struct neighbor *n_next; - char *n_name; /* interface name */ - struct sockaddr *n_addr; /* who to send to */ - int n_addrlen; /* size of address */ - int n_flags; /* should forward?, interface flags */ -}; - -struct neighbor *neighbors; -struct whod mywd; -struct servent *sp; -int s, utmpf; - -#define WHDRSIZE (sizeof(mywd) - sizeof(mywd.wd_we)) - -int configure __P((int)); -void getboottime __P((int)); -void onalrm __P((int)); -void quit __P((char *)); -void rt_xaddrs __P((caddr_t, caddr_t, struct rt_addrinfo *)); -int verify __P((char *)); -#ifdef DEBUG -char *interval __P((int, char *)); -void Sendto __P((int, char *, int, int, char *, int)); -#define sendto Sendto -#endif - -int -main(argc, argv) - int argc; - char argv[]; -{ - struct sockaddr_in from; - struct stat st; - char path[64]; - int on = 1; - char *cp; - struct sockaddr_in sin; - - if (getuid()) { - fprintf(stderr, "rwhod: not super user\n"); - exit(1); - } - sp = getservbyname("who", "udp"); - if (sp == NULL) { - fprintf(stderr, "rwhod: udp/who: unknown service\n"); - exit(1); - } -#ifndef DEBUG - daemon(1, 0); -#endif - if (chdir(_PATH_RWHODIR) < 0) { - (void)fprintf(stderr, "rwhod: %s: %s\n", - _PATH_RWHODIR, strerror(errno)); - exit(1); - } - (void) signal(SIGHUP, getboottime); - openlog("rwhod", LOG_PID, LOG_DAEMON); - /* - * Establish host name as returned by system. - */ - if (gethostname(myname, sizeof(myname) - 1) < 0) { - syslog(LOG_ERR, "gethostname: %m"); - exit(1); - } - if ((cp = index(myname, '.')) != NULL) - *cp = '\0'; - strncpy(mywd.wd_hostname, myname, sizeof(myname) - 1); - utmpf = open(_PATH_UTMP, O_RDONLY|O_CREAT, 0644); - if (utmpf < 0) { - syslog(LOG_ERR, "%s: %m", _PATH_UTMP); - exit(1); - } - getboottime(0); - if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { - syslog(LOG_ERR, "socket: %m"); - exit(1); - } - if (setsockopt(s, SOL_SOCKET, SO_BROADCAST, &on, sizeof(on)) < 0) { - syslog(LOG_ERR, "setsockopt SO_BROADCAST: %m"); - exit(1); - } - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - sin.sin_port = sp->s_port; - if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) < 0) { - syslog(LOG_ERR, "bind: %m"); - exit(1); - } - if (!configure(s)) - exit(1); - signal(SIGALRM, onalrm); - onalrm(0); - for (;;) { - struct whod wd; - int cc, whod, len = sizeof(from); - - cc = recvfrom(s, (char *)&wd, sizeof(struct whod), 0, - (struct sockaddr *)&from, &len); - if (cc <= 0) { - if (cc < 0 && errno != EINTR) - syslog(LOG_WARNING, "recv: %m"); - continue; - } - if (from.sin_port != sp->s_port) { - syslog(LOG_WARNING, "%d: bad source port from %s", - ntohs(from.sin_port), inet_ntoa(from.sin_addr)); - continue; - } - if (cc < WHDRSIZE) { - syslog(LOG_WARNING, "short packet from %s", - inet_ntoa(from.sin_addr)); - continue; - } - - if (wd.wd_vers != WHODVERSION) - continue; - if (wd.wd_type != WHODTYPE_STATUS) - continue; - if (!verify(wd.wd_hostname)) { - syslog(LOG_WARNING, "malformed host name from %s", - inet_ntoa(from.sin_addr)); - continue; - } - (void) sprintf(path, "whod.%s", wd.wd_hostname); - /* - * Rather than truncating and growing the file each time, - * use ftruncate if size is less than previous size. - */ - whod = open(path, O_WRONLY | O_CREAT, 0644); - if (whod < 0) { - syslog(LOG_WARNING, "%s: %m", path); - continue; - } -#if ENDIAN != BIG_ENDIAN - { - int i, n = (cc - WHDRSIZE)/sizeof(struct whoent); - struct whoent *we; - - /* undo header byte swapping before writing to file */ - wd.wd_sendtime = ntohl(wd.wd_sendtime); - for (i = 0; i < 3; i++) - wd.wd_loadav[i] = ntohl(wd.wd_loadav[i]); - wd.wd_boottime = ntohl(wd.wd_boottime); - we = wd.wd_we; - for (i = 0; i < n; i++) { - we->we_idle = ntohl(we->we_idle); - we->we_utmp.out_time = - ntohl(we->we_utmp.out_time); - we++; - } - } -#endif - (void) time((time_t *)&wd.wd_recvtime); - (void) write(whod, (char *)&wd, cc); - if (fstat(whod, &st) < 0 || st.st_size > cc) - ftruncate(whod, cc); - (void) close(whod); - } -} - -/* - * Check out host name for unprintables - * and other funnies before allowing a file - * to be created. Sorry, but blanks aren't allowed. - */ -int -verify(name) - register char *name; -{ - register int size = 0; - - while (*name) { - if (!isascii(*name) || !(isalnum(*name) || ispunct(*name))) - return (0); - name++, size++; - } - return (size > 0); -} - -int utmptime; -int utmpent; -int utmpsize = 0; -struct utmp *utmp; -int alarmcount; - -void -onalrm(signo) - int signo; -{ - register struct neighbor *np; - register struct whoent *we = mywd.wd_we, *wlast; - register int i; - struct stat stb; - double avenrun[3]; - time_t now; - int cc; - - now = time(NULL); - if (alarmcount % 10 == 0) - getboottime(0); - alarmcount++; - (void) fstat(utmpf, &stb); - if ((stb.st_mtime != utmptime) || (stb.st_size > utmpsize)) { - utmptime = stb.st_mtime; - if (stb.st_size > utmpsize) { - utmpsize = stb.st_size + 10 * sizeof(struct utmp); - if (utmp) - utmp = (struct utmp *)realloc(utmp, utmpsize); - else - utmp = (struct utmp *)malloc(utmpsize); - if (! utmp) { - fprintf(stderr, "rwhod: malloc failed\n"); - utmpsize = 0; - goto done; - } - } - (void) lseek(utmpf, (off_t)0, L_SET); - cc = read(utmpf, (char *)utmp, stb.st_size); - if (cc < 0) { - fprintf(stderr, "rwhod: %s: %s\n", - _PATH_UTMP, strerror(errno)); - goto done; - } - wlast = &mywd.wd_we[1024 / sizeof(struct whoent) - 1]; - utmpent = cc / sizeof(struct utmp); - for (i = 0; i < utmpent; i++) - if (utmp[i].ut_name[0]) { - memcpy(we->we_utmp.out_line, utmp[i].ut_line, - sizeof(utmp[i].ut_line)); - memcpy(we->we_utmp.out_name, utmp[i].ut_name, - sizeof(utmp[i].ut_name)); - we->we_utmp.out_time = htonl(utmp[i].ut_time); - if (we >= wlast) - break; - we++; - } - utmpent = we - mywd.wd_we; - } - - /* - * The test on utmpent looks silly---after all, if no one is - * logged on, why worry about efficiency?---but is useful on - * (e.g.) compute servers. - */ - if (utmpent && chdir(_PATH_DEV)) { - syslog(LOG_ERR, "chdir(%s): %m", _PATH_DEV); - exit(1); - } - we = mywd.wd_we; - for (i = 0; i < utmpent; i++) { - if (stat(we->we_utmp.out_line, &stb) >= 0) - we->we_idle = htonl(now - stb.st_atime); - we++; - } - (void)getloadavg(avenrun, sizeof(avenrun)/sizeof(avenrun[0])); - for (i = 0; i < 3; i++) - mywd.wd_loadav[i] = htonl((u_long)(avenrun[i] * 100)); - cc = (char *)we - (char *)&mywd; - mywd.wd_sendtime = htonl(time(0)); - mywd.wd_vers = WHODVERSION; - mywd.wd_type = WHODTYPE_STATUS; - for (np = neighbors; np != NULL; np = np->n_next) - (void)sendto(s, (char *)&mywd, cc, 0, - np->n_addr, np->n_addrlen); - if (utmpent && chdir(_PATH_RWHODIR)) { - syslog(LOG_ERR, "chdir(%s): %m", _PATH_RWHODIR); - exit(1); - } -done: - (void) alarm(AL_INTERVAL); -} - -void -getboottime(signo) - int signo; -{ - int mib[2]; - size_t size; - struct timeval tm; - - mib[0] = CTL_KERN; - mib[1] = KERN_BOOTTIME; - size = sizeof(tm); - if (sysctl(mib, 2, &tm, &size, NULL, 0) == -1) { - syslog(LOG_ERR, "cannot get boottime: %m"); - exit(1); - } - mywd.wd_boottime = htonl(tm.tv_sec); -} - -void -quit(msg) - char *msg; -{ - syslog(LOG_ERR, msg); - exit(1); -} - -#define ROUNDUP(a) \ - ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) -#define ADVANCE(x, n) (x += ROUNDUP((n)->sa_len)) - -void -rt_xaddrs(cp, cplim, rtinfo) - register caddr_t cp, cplim; - register struct rt_addrinfo *rtinfo; -{ - register struct sockaddr *sa; - register int i; - - memset(rtinfo->rti_info, 0, sizeof(rtinfo->rti_info)); - for (i = 0; (i < RTAX_MAX) && (cp < cplim); i++) { - if ((rtinfo->rti_addrs & (1 << i)) == 0) - continue; - rtinfo->rti_info[i] = sa = (struct sockaddr *)cp; - ADVANCE(cp, sa); - } -} - -/* - * Figure out device configuration and select - * networks which deserve status information. - */ -int -configure(s) - int s; -{ - register struct neighbor *np; - register struct if_msghdr *ifm; - register struct ifa_msghdr *ifam; - struct sockaddr_dl *sdl; - size_t needed; - int mib[6], flags = 0, len; - char *buf, *lim, *next; - struct rt_addrinfo info; - - mib[0] = CTL_NET; - mib[1] = PF_ROUTE; - mib[2] = 0; - mib[3] = AF_INET; - mib[4] = NET_RT_IFLIST; - mib[5] = 0; - if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0) - quit("route-sysctl-estimate"); - if ((buf = malloc(needed)) == NULL) - quit("malloc"); - if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) - quit("actual retrieval of interface table"); - lim = buf + needed; - - sdl = NULL; /* XXX just to keep gcc -Wall happy */ - for (next = buf; next < lim; next += ifm->ifm_msglen) { - ifm = (struct if_msghdr *)next; - if (ifm->ifm_type == RTM_IFINFO) { - sdl = (struct sockaddr_dl *)(ifm + 1); - flags = ifm->ifm_flags; - continue; - } - if ((flags & IFF_UP) == 0 || - (flags & (IFF_BROADCAST|IFF_POINTOPOINT)) == 0) - continue; - if (ifm->ifm_type != RTM_NEWADDR) - quit("out of sync parsing NET_RT_IFLIST"); - ifam = (struct ifa_msghdr *)ifm; - info.rti_addrs = ifam->ifam_addrs; - rt_xaddrs((char *)(ifam + 1), ifam->ifam_msglen + (char *)ifam, - &info); - /* gag, wish we could get rid of Internet dependencies */ -#define dstaddr info.rti_info[RTAX_BRD] -#define IPADDR_SA(x) ((struct sockaddr_in *)(x))->sin_addr.s_addr -#define PORT_SA(x) ((struct sockaddr_in *)(x))->sin_port - if (dstaddr == 0 || dstaddr->sa_family != AF_INET) - continue; - PORT_SA(dstaddr) = sp->s_port; - for (np = neighbors; np != NULL; np = np->n_next) - if (memcmp(sdl->sdl_data, np->n_name, - sdl->sdl_nlen) == 0 && - IPADDR_SA(np->n_addr) == IPADDR_SA(dstaddr)) - break; - if (np != NULL) - continue; - len = sizeof(*np) + dstaddr->sa_len + sdl->sdl_nlen + 1; - np = (struct neighbor *)malloc(len); - if (np == NULL) - quit("malloc of neighbor structure"); - memset(np, 0, len); - np->n_flags = flags; - np->n_addr = (struct sockaddr *)(np + 1); - np->n_addrlen = dstaddr->sa_len; - np->n_name = np->n_addrlen + (char *)np->n_addr; - np->n_next = neighbors; - neighbors = np; - memcpy((char *)np->n_addr, (char *)dstaddr, np->n_addrlen); - memcpy(np->n_name, sdl->sdl_data, sdl->sdl_nlen); - } - free(buf); - return (1); -} - -#ifdef DEBUG -void -Sendto(s, buf, cc, flags, to, tolen) - int s; - char *buf; - int cc, flags; - char *to; - int tolen; -{ - register struct whod *w = (struct whod *)buf; - register struct whoent *we; - struct sockaddr_in *sin = (struct sockaddr_in *)to; - - printf("sendto %x.%d\n", ntohl(sin->sin_addr), ntohs(sin->sin_port)); - printf("hostname %s %s\n", w->wd_hostname, - interval(ntohl(w->wd_sendtime) - ntohl(w->wd_boottime), " up")); - printf("load %4.2f, %4.2f, %4.2f\n", - ntohl(w->wd_loadav[0]) / 100.0, ntohl(w->wd_loadav[1]) / 100.0, - ntohl(w->wd_loadav[2]) / 100.0); - cc -= WHDRSIZE; - for (we = w->wd_we, cc /= sizeof(struct whoent); cc > 0; cc--, we++) { - time_t t = ntohl(we->we_utmp.out_time); - printf("%-8.8s %s:%s %.12s", - we->we_utmp.out_name, - w->wd_hostname, we->we_utmp.out_line, - ctime(&t)+4); - we->we_idle = ntohl(we->we_idle) / 60; - if (we->we_idle) { - if (we->we_idle >= 100*60) - we->we_idle = 100*60 - 1; - if (we->we_idle >= 60) - printf(" %2d", we->we_idle / 60); - else - printf(" "); - printf(":%02d", we->we_idle % 60); - } - printf("\n"); - } -} - -char * -interval(time, updown) - int time; - char *updown; -{ - static char resbuf[32]; - int days, hours, minutes; - - if (time < 0 || time > 3*30*24*60*60) { - (void) sprintf(resbuf, " %s ??:??", updown); - return (resbuf); - } - minutes = (time + 59) / 60; /* round to minutes */ - hours = minutes / 60; minutes %= 60; - days = hours / 24; hours %= 24; - if (days) - (void) sprintf(resbuf, "%s %2d+%02d:%02d", - updown, days, hours, minutes); - else - (void) sprintf(resbuf, "%s %2d:%02d", - updown, hours, minutes); - return (resbuf); -} -#endif diff --git a/setkey.tproj/Makefile b/setkey.tproj/Makefile deleted file mode 100644 index fbb7ae5..0000000 --- a/setkey.tproj/Makefile +++ /dev/null @@ -1,53 +0,0 @@ -# -# Generated by the Apple Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = setkey - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = vchar.h ipsec_strerror.h key_debug.h libpfkey.h - -OTHERLINKED = libpfkey.h parse.y token.l - -CFILES = key_debug.c pfkey.c pfkey_dump.c setkey.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble setkey.8 - -OTHERLINKEDOFILES = parse.o token.o - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -WINDOWS_INSTALLDIR = /Library/Executables -PDO_UNIX_INSTALLDIR = /bin -LIBS = -lipsec -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - -HEADER_PATHS =\ - -I$(NEXT_ROOT)$(SYSTEM_LIBRARY_DIR)/Frameworks/System.framework/PrivateHeaders/ - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(JDKBINDIR)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/setkey.tproj/Makefile.postamble b/setkey.tproj/Makefile.postamble deleted file mode 100644 index 5d9d699..0000000 --- a/setkey.tproj/Makefile.postamble +++ /dev/null @@ -1,103 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGES: langages in which the project is written (default "English") -# English_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -install-man-page: - install -d "$(DSTROOT)/usr/share/man/man8" - install -c -m 644 setkey.8 "$(DSTROOT)/usr/share/man/man8/setkey.8" diff --git a/setkey.tproj/Makefile.preamble b/setkey.tproj/Makefile.preamble deleted file mode 100644 index be4a6ee..0000000 --- a/setkey.tproj/Makefile.preamble +++ /dev/null @@ -1,140 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex -LOCAL_CFLAGS=-g -DIPSEC_DEBUG -DINET6 -DYY_NO_INPUT -I. -LOCAL_YFLAGS=-d - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -AFTER_INSTALL += install-man-page - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. For library projects you should -# set this to something like /Developer/Headers/$(NAME). Do not set -# this variable for framework projects unless you do not want the -# header files included in the framework. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. This defaults to -# DYNAMIC. -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSIONS: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -# Uncomment to suppress generation of a KeyValueCoding index when installing -# frameworks (This index is used by WOB and IB to determine keys available -# for an object). Set to YES by default. -# PREINDEX_FRAMEWORK = NO - -# Change this definition to install projects somewhere other than the -# standard locations. NEXT_ROOT defaults to "C:/Apple" on Windows systems -# and "" on other systems. -DSTROOT = $(HOME) diff --git a/setkey.tproj/PB.project b/setkey.tproj/PB.project deleted file mode 100644 index 50f2fe5..0000000 --- a/setkey.tproj/PB.project +++ /dev/null @@ -1,27 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (vchar.h, ipsec_strerror.h, key_debug.h, libpfkey.h); - OTHER_LIBS = (ipsec); - OTHER_LINKED = (key_debug.c, parse.y, pfkey.c, pfkey_dump.c, setkey.c, token.l); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, setkey.8); - }; - LANGUAGE = English; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_INSTALLDIR = /bin; - PDO_UNIX_JAVA_COMPILER = "$(JDKBINDIR)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = setkey; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_INSTALLDIR = /Library/Executables; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/setkey.tproj/ipsec_strerror.h b/setkey.tproj/ipsec_strerror.h deleted file mode 100644 index da87324..0000000 --- a/setkey.tproj/ipsec_strerror.h +++ /dev/null @@ -1,63 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/ipsec_strerror.h,v 1.1.2.2 2001/07/03 11:01:14 ume Exp $ */ -/* $KAME: ipsec_strerror.h,v 1.8 2000/07/30 00:45:12 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -extern int __ipsec_errcode; -extern void __ipsec_set_strerror __P((const char *)); - -#define EIPSEC_NO_ERROR 0 /*success*/ -#define EIPSEC_NOT_SUPPORTED 1 /*not supported*/ -#define EIPSEC_INVAL_ARGUMENT 2 /*invalid argument*/ -#define EIPSEC_INVAL_SADBMSG 3 /*invalid sadb message*/ -#define EIPSEC_INVAL_VERSION 4 /*invalid version*/ -#define EIPSEC_INVAL_POLICY 5 /*invalid security policy*/ -#define EIPSEC_INVAL_ADDRESS 6 /*invalid address specification*/ -#define EIPSEC_INVAL_PROTO 7 /*invalid ipsec protocol*/ -#define EIPSEC_INVAL_MODE 8 /*Invalid ipsec mode*/ -#define EIPSEC_INVAL_LEVEL 9 /*invalid ipsec level*/ -#define EIPSEC_INVAL_SATYPE 10 /*invalid SA type*/ -#define EIPSEC_INVAL_MSGTYPE 11 /*invalid message type*/ -#define EIPSEC_INVAL_EXTTYPE 12 /*invalid extension type*/ -#define EIPSEC_INVAL_ALGS 13 /*Invalid algorithm type*/ -#define EIPSEC_INVAL_KEYLEN 14 /*invalid key length*/ -#define EIPSEC_INVAL_FAMILY 15 /*invalid address family*/ -#define EIPSEC_INVAL_PREFIXLEN 16 /*SPI range violation*/ -#define EIPSEC_INVAL_DIR 17 /*Invalid direciton*/ -#define EIPSEC_INVAL_SPI 18 /*invalid prefixlen*/ -#define EIPSEC_NO_PROTO 19 /*no protocol specified*/ -#define EIPSEC_NO_ALGS 20 /*No algorithm specified*/ -#define EIPSEC_NO_BUFS 21 /*no buffers available*/ -#define EIPSEC_DO_GET_SUPP_LIST 22 /*must get supported algorithm first*/ -#define EIPSEC_PROTO_MISMATCH 23 /*protocol mismatch*/ -#define EIPSEC_FAMILY_MISMATCH 24 /*family mismatch*/ -#define EIPSEC_FEW_ARGUMENTS 25 /*Too few arguments*/ -#define EIPSEC_SYSTEM_ERROR 26 /*system error*/ -#define EIPSEC_MAX 27 /*unknown error*/ diff --git a/setkey.tproj/key_debug.c b/setkey.tproj/key_debug.c deleted file mode 100644 index 7ace6be..0000000 --- a/setkey.tproj/key_debug.c +++ /dev/null @@ -1,751 +0,0 @@ -/* $FreeBSD: src/sys/netkey/key_debug.c,v 1.10.2.2 2001/07/03 11:01:59 ume Exp $ */ -/* $KAME: key_debug.c,v 1.25 2000/07/24 13:23:12 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef _KERNEL -#include "opt_inet.h" -#include "opt_inet6.h" -#include "opt_ipsec.h" -#endif - -#include -#include -#ifdef _KERNEL -#include -#include -#include -#endif -#include - -#include - -#include -#include - -#include -#include - -#ifndef _KERNEL -#include -#include -#include -#endif /* !_KERNEL */ - -#if !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG)) - -static void kdebug_sadb_prop __P((struct sadb_ext *)); -static void kdebug_sadb_identity __P((struct sadb_ext *)); -static void kdebug_sadb_supported __P((struct sadb_ext *)); -static void kdebug_sadb_lifetime __P((struct sadb_ext *)); -static void kdebug_sadb_sa __P((struct sadb_ext *)); -static void kdebug_sadb_address __P((struct sadb_ext *)); -static void kdebug_sadb_key __P((struct sadb_ext *)); -static void kdebug_sadb_x_sa2 __P((struct sadb_ext *)); - -#ifdef _KERNEL -static void kdebug_secreplay __P((struct secreplay *)); -#endif - -#ifndef _KERNEL -#define panic(param) { printf(param); exit(-1); } -#endif - -/* NOTE: host byte order */ - -/* %%%: about struct sadb_msg */ -void -kdebug_sadb(base) - struct sadb_msg *base; -{ - struct sadb_ext *ext; - int tlen, extlen; - - /* sanity check */ - if (base == NULL) - panic("kdebug_sadb: NULL pointer was passed.\n"); - - printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n", - base->sadb_msg_version, base->sadb_msg_type, - base->sadb_msg_errno, base->sadb_msg_satype); - printf(" len=%u reserved=%u seq=%u pid=%u\n", - base->sadb_msg_len, base->sadb_msg_reserved, - base->sadb_msg_seq, base->sadb_msg_pid); - - tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg); - ext = (struct sadb_ext *)((caddr_t)base + sizeof(struct sadb_msg)); - - while (tlen > 0) { - printf("sadb_ext{ len=%u type=%u }\n", - ext->sadb_ext_len, ext->sadb_ext_type); - - if (ext->sadb_ext_len == 0) { - printf("kdebug_sadb: invalid ext_len=0 was passed.\n"); - return; - } - if (ext->sadb_ext_len > tlen) { - printf("kdebug_sadb: ext_len exceeds end of buffer.\n"); - return; - } - - switch (ext->sadb_ext_type) { - case SADB_EXT_SA: - kdebug_sadb_sa(ext); - break; - case SADB_EXT_LIFETIME_CURRENT: - case SADB_EXT_LIFETIME_HARD: - case SADB_EXT_LIFETIME_SOFT: - kdebug_sadb_lifetime(ext); - break; - case SADB_EXT_ADDRESS_SRC: - case SADB_EXT_ADDRESS_DST: - case SADB_EXT_ADDRESS_PROXY: - kdebug_sadb_address(ext); - break; - case SADB_EXT_KEY_AUTH: - case SADB_EXT_KEY_ENCRYPT: - kdebug_sadb_key(ext); - break; - case SADB_EXT_IDENTITY_SRC: - case SADB_EXT_IDENTITY_DST: - kdebug_sadb_identity(ext); - break; - case SADB_EXT_SENSITIVITY: - break; - case SADB_EXT_PROPOSAL: - kdebug_sadb_prop(ext); - break; - case SADB_EXT_SUPPORTED_AUTH: - case SADB_EXT_SUPPORTED_ENCRYPT: - kdebug_sadb_supported(ext); - break; - case SADB_EXT_SPIRANGE: - case SADB_X_EXT_KMPRIVATE: - break; - case SADB_X_EXT_POLICY: - kdebug_sadb_x_policy(ext); - break; - case SADB_X_EXT_SA2: - kdebug_sadb_x_sa2(ext); - break; - default: - printf("kdebug_sadb: invalid ext_type %u was passed.\n", - ext->sadb_ext_type); - return; - } - - extlen = PFKEY_UNUNIT64(ext->sadb_ext_len); - tlen -= extlen; - ext = (struct sadb_ext *)((caddr_t)ext + extlen); - } - - return; -} - -static void -kdebug_sadb_prop(ext) - struct sadb_ext *ext; -{ - struct sadb_prop *prop = (struct sadb_prop *)ext; - struct sadb_comb *comb; - int len; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_prop: NULL pointer was passed.\n"); - - len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop)) - / sizeof(*comb); - comb = (struct sadb_comb *)(prop + 1); - printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay); - - while (len--) { - printf("sadb_comb{ auth=%u encrypt=%u " - "flags=0x%04x reserved=0x%08x\n", - comb->sadb_comb_auth, comb->sadb_comb_encrypt, - comb->sadb_comb_flags, comb->sadb_comb_reserved); - - printf(" auth_minbits=%u auth_maxbits=%u " - "encrypt_minbits=%u encrypt_maxbits=%u\n", - comb->sadb_comb_auth_minbits, - comb->sadb_comb_auth_maxbits, - comb->sadb_comb_encrypt_minbits, - comb->sadb_comb_encrypt_maxbits); - - printf(" soft_alloc=%u hard_alloc=%u " - "soft_bytes=%lu hard_bytes=%lu\n", - comb->sadb_comb_soft_allocations, - comb->sadb_comb_hard_allocations, - (unsigned long)comb->sadb_comb_soft_bytes, - (unsigned long)comb->sadb_comb_hard_bytes); - - printf(" soft_alloc=%lu hard_alloc=%lu " - "soft_bytes=%lu hard_bytes=%lu }\n", - (unsigned long)comb->sadb_comb_soft_addtime, - (unsigned long)comb->sadb_comb_hard_addtime, - (unsigned long)comb->sadb_comb_soft_usetime, - (unsigned long)comb->sadb_comb_hard_usetime); - comb++; - } - printf("}\n"); - - return; -} - -static void -kdebug_sadb_identity(ext) - struct sadb_ext *ext; -{ - struct sadb_ident *id = (struct sadb_ident *)ext; - int len; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_identity: NULL pointer was passed.\n"); - - len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id); - printf("sadb_ident_%s{", - id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst"); - switch (id->sadb_ident_type) { - default: - printf(" type=%d id=%lu", - id->sadb_ident_type, (u_long)id->sadb_ident_id); - if (len) { -#ifdef _KERNEL - ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/ -#else - char *p, *ep; - printf("\n str=\""); - p = (char *)(id + 1); - ep = p + len; - for (/*nothing*/; *p && p < ep; p++) { - if (isprint(*p)) - printf("%c", *p & 0xff); - else - printf("\\%03o", *p & 0xff); - } -#endif - printf("\""); - } - break; - } - - printf(" }\n"); - - return; -} - -static void -kdebug_sadb_supported(ext) - struct sadb_ext *ext; -{ - struct sadb_supported *sup = (struct sadb_supported *)ext; - struct sadb_alg *alg; - int len; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_supported: NULL pointer was passed.\n"); - - len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup)) - / sizeof(*alg); - alg = (struct sadb_alg *)(sup + 1); - printf("sadb_sup{\n"); - while (len--) { - printf(" { id=%d ivlen=%d min=%d max=%d }\n", - alg->sadb_alg_id, alg->sadb_alg_ivlen, - alg->sadb_alg_minbits, alg->sadb_alg_maxbits); - alg++; - } - printf("}\n"); - - return; -} - -static void -kdebug_sadb_lifetime(ext) - struct sadb_ext *ext; -{ - struct sadb_lifetime *lft = (struct sadb_lifetime *)ext; - - /* sanity check */ - if (ext == NULL) - printf("kdebug_sadb_lifetime: NULL pointer was passed.\n"); - - printf("sadb_lifetime{ alloc=%u, bytes=%u\n", - lft->sadb_lifetime_allocations, - (u_int32_t)lft->sadb_lifetime_bytes); - printf(" addtime=%u, usetime=%u }\n", - (u_int32_t)lft->sadb_lifetime_addtime, - (u_int32_t)lft->sadb_lifetime_usetime); - - return; -} - -static void -kdebug_sadb_sa(ext) - struct sadb_ext *ext; -{ - struct sadb_sa *sa = (struct sadb_sa *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_sa: NULL pointer was passed.\n"); - - printf("sadb_sa{ spi=%u replay=%u state=%u\n", - (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay, - sa->sadb_sa_state); - printf(" auth=%u encrypt=%u flags=0x%08x }\n", - sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags); - - return; -} - -static void -kdebug_sadb_address(ext) - struct sadb_ext *ext; -{ - struct sadb_address *addr = (struct sadb_address *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_address: NULL pointer was passed.\n"); - - printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n", - addr->sadb_address_proto, addr->sadb_address_prefixlen, - ((u_char *)&addr->sadb_address_reserved)[0], - ((u_char *)&addr->sadb_address_reserved)[1]); - - kdebug_sockaddr((struct sockaddr *)((caddr_t)ext + sizeof(*addr))); - - return; -} - -static void -kdebug_sadb_key(ext) - struct sadb_ext *ext; -{ - struct sadb_key *key = (struct sadb_key *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_key: NULL pointer was passed.\n"); - - printf("sadb_key{ bits=%u reserved=%u\n", - key->sadb_key_bits, key->sadb_key_reserved); - printf(" key="); - - /* sanity check 2 */ - if ((key->sadb_key_bits >> 3) > - (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) { - printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n", - key->sadb_key_bits >> 3, - (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key)); - } - - ipsec_hexdump((caddr_t)key + sizeof(struct sadb_key), - key->sadb_key_bits >> 3); - printf(" }\n"); - return; -} - -static void -kdebug_sadb_x_sa2(ext) - struct sadb_ext *ext; -{ - struct sadb_x_sa2 *sa2 = (struct sadb_x_sa2 *)ext; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n"); - - printf("sadb_x_sa2{ mode=%u reqid=%u\n", - sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid); - printf(" reserved1=%u reserved2=%u reserved3=%u }\n", - sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved1, - sa2->sadb_x_sa2_reserved1); - - return; -} - -void -kdebug_sadb_x_policy(ext) - struct sadb_ext *ext; -{ - struct sadb_x_policy *xpl = (struct sadb_x_policy *)ext; - struct sockaddr *addr; - - /* sanity check */ - if (ext == NULL) - panic("kdebug_sadb_x_policy: NULL pointer was passed.\n"); - - printf("sadb_x_policy{ type=%u dir=%u id=%x }\n", - xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir, - xpl->sadb_x_policy_id); - - if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) { - int tlen; - struct sadb_x_ipsecrequest *xisr; - - tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl); - xisr = (struct sadb_x_ipsecrequest *)(xpl + 1); - - while (tlen > 0) { - printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n", - xisr->sadb_x_ipsecrequest_len, - xisr->sadb_x_ipsecrequest_proto, - xisr->sadb_x_ipsecrequest_mode, - xisr->sadb_x_ipsecrequest_level, - xisr->sadb_x_ipsecrequest_reqid); - - if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { - addr = (struct sockaddr *)(xisr + 1); - kdebug_sockaddr(addr); - addr = (struct sockaddr *)((caddr_t)addr - + addr->sa_len); - kdebug_sockaddr(addr); - } - - printf(" }\n"); - - /* prevent infinite loop */ - if (xisr->sadb_x_ipsecrequest_len <= 0) { - printf("kdebug_sadb_x_policy: wrong policy struct.\n"); - return; - } - /* prevent overflow */ - if (xisr->sadb_x_ipsecrequest_len > tlen) { - printf("invalid ipsec policy length\n"); - return; - } - - tlen -= xisr->sadb_x_ipsecrequest_len; - - xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr - + xisr->sadb_x_ipsecrequest_len); - } - - if (tlen != 0) - panic("kdebug_sadb_x_policy: wrong policy struct.\n"); - } - - return; -} - -#ifdef _KERNEL -/* %%%: about SPD and SAD */ -void -kdebug_secpolicy(sp) - struct secpolicy *sp; -{ - /* sanity check */ - if (sp == NULL) - panic("kdebug_secpolicy: NULL pointer was passed.\n"); - - printf("secpolicy{ refcnt=%u state=%u policy=%u\n", - sp->refcnt, sp->state, sp->policy); - - kdebug_secpolicyindex(&sp->spidx); - - switch (sp->policy) { - case IPSEC_POLICY_DISCARD: - printf(" type=discard }\n"); - break; - case IPSEC_POLICY_NONE: - printf(" type=none }\n"); - break; - case IPSEC_POLICY_IPSEC: - { - struct ipsecrequest *isr; - for (isr = sp->req; isr != NULL; isr = isr->next) { - - printf(" level=%u\n", isr->level); - kdebug_secasindex(&isr->saidx); - - if (isr->sav != NULL) - kdebug_secasv(isr->sav); - } - printf(" }\n"); - } - break; - case IPSEC_POLICY_BYPASS: - printf(" type=bypass }\n"); - break; - case IPSEC_POLICY_ENTRUST: - printf(" type=entrust }\n"); - break; - default: - printf("kdebug_secpolicy: Invalid policy found. %d\n", - sp->policy); - break; - } - - return; -} - -void -kdebug_secpolicyindex(spidx) - struct secpolicyindex *spidx; -{ - /* sanity check */ - if (spidx == NULL) - panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); - - printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n", - spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto); - - ipsec_hexdump((caddr_t)&spidx->src, - ((struct sockaddr *)&spidx->src)->sa_len); - printf("\n"); - ipsec_hexdump((caddr_t)&spidx->dst, - ((struct sockaddr *)&spidx->dst)->sa_len); - printf("}\n"); - - return; -} - -void -kdebug_secasindex(saidx) - struct secasindex *saidx; -{ - /* sanity check */ - if (saidx == NULL) - panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); - - printf("secasindex{ mode=%u proto=%u\n", - saidx->mode, saidx->proto); - - ipsec_hexdump((caddr_t)&saidx->src, - ((struct sockaddr *)&saidx->src)->sa_len); - printf("\n"); - ipsec_hexdump((caddr_t)&saidx->dst, - ((struct sockaddr *)&saidx->dst)->sa_len); - printf("\n"); - - return; -} - -void -kdebug_secasv(sav) - struct secasvar *sav; -{ - /* sanity check */ - if (sav == NULL) - panic("kdebug_secasv: NULL pointer was passed.\n"); - - printf("secas{"); - kdebug_secasindex(&sav->sah->saidx); - - printf(" refcnt=%u state=%u auth=%u enc=%u\n", - sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc); - printf(" spi=%u flags=%u\n", - (u_int32_t)ntohl(sav->spi), sav->flags); - - if (sav->key_auth != NULL) - kdebug_sadb_key((struct sadb_ext *)sav->key_auth); - if (sav->key_enc != NULL) - kdebug_sadb_key((struct sadb_ext *)sav->key_enc); - if (sav->iv != NULL) { - printf(" iv="); - ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8); - printf("\n"); - } - - if (sav->replay != NULL) - kdebug_secreplay(sav->replay); - if (sav->lft_c != NULL) - kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c); - if (sav->lft_h != NULL) - kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h); - if (sav->lft_s != NULL) - kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s); - -#if notyet - /* XXX: misc[123] ? */ -#endif - - return; -} - -static void -kdebug_secreplay(rpl) - struct secreplay *rpl; -{ - int len, l; - - /* sanity check */ - if (rpl == NULL) - panic("kdebug_secreplay: NULL pointer was passed.\n"); - - printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u", - rpl->count, rpl->wsize, rpl->seq, rpl->lastseq); - - if (rpl->bitmap == NULL) { - printf(" }\n"); - return; - } - - printf("\n bitmap { "); - - for (len = 0; len < rpl->wsize; len++) { - for (l = 7; l >= 0; l--) - printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0); - } - printf(" }\n"); - - return; -} - -void -kdebug_mbufhdr(m) - struct mbuf *m; -{ - /* sanity check */ - if (m == NULL) - return; - - printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p " - "m_len:%d m_type:0x%02x m_flags:0x%02x }\n", - m, m->m_next, m->m_nextpkt, m->m_data, - m->m_len, m->m_type, m->m_flags); - - if (m->m_flags & M_PKTHDR) { - printf(" m_pkthdr{ len:%d rcvif:%p }\n", - m->m_pkthdr.len, m->m_pkthdr.rcvif); - } - - if (m->m_flags & M_EXT) { - printf(" m_ext{ ext_buf:%p ext_free:%p " - "ext_size:%u ext_ref:%p }\n", - m->m_ext.ext_buf, m->m_ext.ext_free, - m->m_ext.ext_size, m->m_ext.ext_ref); - } - - return; -} - -void -kdebug_mbuf(m0) - struct mbuf *m0; -{ - struct mbuf *m = m0; - int i, j; - - for (j = 0; m; m = m->m_next) { - kdebug_mbufhdr(m); - printf(" m_data:\n"); - for (i = 0; i < m->m_len; i++) { - if (i && i % 32 == 0) - printf("\n"); - if (i % 4 == 0) - printf(" "); - printf("%02x", mtod(m, u_char *)[i]); - j++; - } - printf("\n"); - } - - return; -} -#endif /* _KERNEL */ - -void -kdebug_sockaddr(addr) - struct sockaddr *addr; -{ - struct sockaddr_in *sin; -#ifdef INET6 - struct sockaddr_in6 *sin6; -#endif - - /* sanity check */ - if (addr == NULL) - panic("kdebug_sockaddr: NULL pointer was passed.\n"); - - /* NOTE: We deal with port number as host byte order. */ - printf("sockaddr{ len=%u family=%u", addr->sa_len, addr->sa_family); - - switch (addr->sa_family) { - case AF_INET: - sin = (struct sockaddr_in *)addr; - printf(" port=%u\n", ntohs(sin->sin_port)); - ipsec_hexdump((caddr_t)&sin->sin_addr, sizeof(sin->sin_addr)); - break; -#ifdef INET6 - case AF_INET6: - sin6 = (struct sockaddr_in6 *)addr; - printf(" port=%u\n", ntohs(sin6->sin6_port)); - printf(" flowinfo=0x%08x, scope_id=0x%08x\n", - sin6->sin6_flowinfo, sin6->sin6_scope_id); - ipsec_hexdump((caddr_t)&sin6->sin6_addr, - sizeof(sin6->sin6_addr)); - break; -#endif - } - - printf(" }\n"); - - return; -} - -void -ipsec_bindump(buf, len) - caddr_t buf; - int len; -{ - int i; - - for (i = 0; i < len; i++) - printf("%c", (unsigned char)buf[i]); - - return; -} - - -void -ipsec_hexdump(buf, len) - caddr_t buf; - int len; -{ - int i; - - for (i = 0; i < len; i++) { - if (i != 0 && i % 32 == 0) printf("\n"); - if (i % 4 == 0) printf(" "); - printf("%02x", (unsigned char)buf[i]); - } -#if 0 - if (i % 32 != 0) printf("\n"); -#endif - - return; -} - -#endif /* !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG)) */ diff --git a/setkey.tproj/key_debug.h b/setkey.tproj/key_debug.h deleted file mode 100644 index 7620da5..0000000 --- a/setkey.tproj/key_debug.h +++ /dev/null @@ -1,95 +0,0 @@ -/* $FreeBSD: src/sys/netkey/key_debug.h,v 1.5.2.2 2001/07/03 11:01:59 ume Exp $ */ -/* $KAME: key_debug.h,v 1.7 2000/07/04 04:08:16 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _NETKEY_KEY_DEBUG_H_ -#define _NETKEY_KEY_DEBUG_H_ - -#if !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG)) - -/* debug flags */ -#define KEYDEBUG_STAMP 0x00000001 /* path */ -#define KEYDEBUG_DATA 0x00000002 /* data */ -#define KEYDEBUG_DUMP 0x00000004 /* dump */ - -#define KEYDEBUG_KEY 0x00000010 /* key processing */ -#define KEYDEBUG_ALG 0x00000020 /* ciph & auth algorithm */ -#define KEYDEBUG_IPSEC 0x00000040 /* ipsec processing */ - -#define KEYDEBUG_KEY_STAMP (KEYDEBUG_KEY | KEYDEBUG_STAMP) -#define KEYDEBUG_KEY_DATA (KEYDEBUG_KEY | KEYDEBUG_DATA) -#define KEYDEBUG_KEY_DUMP (KEYDEBUG_KEY | KEYDEBUG_DUMP) -#define KEYDEBUG_ALG_STAMP (KEYDEBUG_ALG | KEYDEBUG_STAMP) -#define KEYDEBUG_ALG_DATA (KEYDEBUG_ALG | KEYDEBUG_DATA) -#define KEYDEBUG_ALG_DUMP (KEYDEBUG_ALG | KEYDEBUG_DUMP) -#define KEYDEBUG_IPSEC_STAMP (KEYDEBUG_IPSEC | KEYDEBUG_STAMP) -#define KEYDEBUG_IPSEC_DATA (KEYDEBUG_IPSEC | KEYDEBUG_DATA) -#define KEYDEBUG_IPSEC_DUMP (KEYDEBUG_IPSEC | KEYDEBUG_DUMP) - -#define KEYDEBUG(lev,arg) if ((key_debug_level & (lev)) == (lev)) { arg; } - -#ifdef _KERNEL -extern u_int32_t key_debug_level; -#endif /*_KERNEL*/ - -struct sadb_msg; -struct sadb_ext; -extern void kdebug_sadb __P((struct sadb_msg *)); -extern void kdebug_sadb_x_policy __P((struct sadb_ext *)); - -#ifdef _KERNEL -struct secpolicy; -struct secpolicyindex; -struct secasindex; -struct secasvar; -struct secreplay; -struct mbuf; -extern void kdebug_secpolicy __P((struct secpolicy *)); -extern void kdebug_secpolicyindex __P((struct secpolicyindex *)); -extern void kdebug_secasindex __P((struct secasindex *)); -extern void kdebug_secasv __P((struct secasvar *)); -extern void kdebug_mbufhdr __P((struct mbuf *)); -extern void kdebug_mbuf __P((struct mbuf *)); -#endif /*_KERNEL*/ - -struct sockaddr; -extern void kdebug_sockaddr __P((struct sockaddr *)); - -extern void ipsec_hexdump __P((caddr_t, int)); -extern void ipsec_bindump __P((caddr_t, int)); - -#else - -#define KEYDEBUG(lev,arg) - -#endif /*!defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG))*/ - -#endif /* _NETKEY_KEY_DEBUG_H_ */ diff --git a/setkey.tproj/libpfkey.h b/setkey.tproj/libpfkey.h deleted file mode 100644 index 28adea7..0000000 --- a/setkey.tproj/libpfkey.h +++ /dev/null @@ -1,90 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/libpfkey.h,v 1.1.2.2 2001/07/03 11:01:14 ume Exp $ */ -/* $KAME: libpfkey.h,v 1.6 2001/03/05 18:22:17 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -struct sadb_msg; -extern void pfkey_sadump __P((struct sadb_msg *)); -extern void pfkey_spdump __P((struct sadb_msg *)); - -struct sockaddr; -struct sadb_alg; -int ipsec_check_keylen __P((u_int, u_int, u_int)); -int ipsec_check_keylen2 __P((u_int, u_int, u_int)); -int ipsec_get_keylen __P((u_int, u_int, struct sadb_alg *)); -u_int pfkey_set_softrate __P((u_int, u_int)); -u_int pfkey_get_softrate __P((u_int)); -int pfkey_send_getspi __P((int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int32_t, u_int32_t)); -int pfkey_send_update __P((int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int, - caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t, - u_int64_t, u_int64_t, u_int32_t)); -int pfkey_send_add __P((int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int, - caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t, - u_int64_t, u_int64_t, u_int32_t)); -int pfkey_send_delete __P((int, u_int, u_int, - struct sockaddr *, struct sockaddr *, u_int32_t)); -int pfkey_send_delete_all __P((int, u_int, u_int, - struct sockaddr *, struct sockaddr *)); -int pfkey_send_get __P((int, u_int, u_int, - struct sockaddr *, struct sockaddr *, u_int32_t)); -int pfkey_send_register __P((int, u_int)); -int pfkey_recv_register __P((int)); -int pfkey_set_supported __P((struct sadb_msg *, int)); -int pfkey_send_flush __P((int, u_int)); -int pfkey_send_dump __P((int, u_int)); -int pfkey_send_promisc_toggle __P((int, int)); -int pfkey_send_spdadd __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spdadd2 __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t, - caddr_t, int, u_int32_t)); -int pfkey_send_spdupdate __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spdupdate2 __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t, - caddr_t, int, u_int32_t)); -int pfkey_send_spddelete __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spddelete2 __P((int, u_int32_t)); -int pfkey_send_spdget __P((int, u_int32_t)); -int pfkey_send_spdsetidx __P((int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t)); -int pfkey_send_spdflush __P((int)); -int pfkey_send_spddump __P((int)); - -int pfkey_open __P((void)); -void pfkey_close __P((int)); -struct sadb_msg *pfkey_recv __P((int)); -int pfkey_send __P((int, struct sadb_msg *, int)); -int pfkey_align __P((struct sadb_msg *, caddr_t *)); -int pfkey_check __P((caddr_t *)); diff --git a/setkey.tproj/parse.y b/setkey.tproj/parse.y deleted file mode 100644 index 92f998e..0000000 --- a/setkey.tproj/parse.y +++ /dev/null @@ -1,933 +0,0 @@ -/* $FreeBSD: src/usr.sbin/setkey/parse.y,v 1.1.2.2 2001/07/03 11:02:17 ume Exp $ */ -/* $KAME: kame/kame/kame/setkey/parse.y,v 1.36 2001/06/07 15:53:12 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -%{ -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "libpfkey.h" -#include "vchar.h" - -#define ATOX(c) \ - (isdigit(c) ? (c - '0') : (isupper(c) ? (c - 'A' + 10) : (c - 'a' + 10) )) - -u_int p_type; -u_int32_t p_spi; -int p_no_spi; -struct sockaddr *p_src, *p_dst; -u_int p_prefs, p_prefd, p_upper; -u_int p_satype, p_ext, p_alg_enc, p_alg_auth, p_replay, p_mode; -u_int32_t p_reqid; -u_int p_key_enc_len, p_key_auth_len; -caddr_t p_key_enc, p_key_auth; -time_t p_lt_hard, p_lt_soft; - -u_int p_policy_len; -char *p_policy; - -/* temporary buffer */ -static struct sockaddr *pp_addr; -static u_int pp_prefix; -static u_int pp_port; -static caddr_t pp_key; - -extern u_char m_buf[BUFSIZ]; -extern int m_len; -extern char cmdarg[8192]; -extern int f_debug; - -static struct addrinfo *parse_addr __P((char *, char *, int)); -static int setvarbuf __P((int *, struct sadb_ext *, int, caddr_t, int)); -void parse_init __P((void)); -void free_buffer __P((void)); - -extern int setkeymsg __P((void)); -extern int sendkeymsg __P((void)); - -extern int yylex __P((void)); -extern void yyfatal __P((const char *)); -extern void yyerror __P((const char *)); -%} - -%union { - unsigned long num; - vchar_t val; -} - -%token EOT -%token ADD GET DELETE FLUSH DUMP -%token ADDRESS PREFIX PORT PORTANY -%token UP_PROTO PR_ESP PR_AH PR_IPCOMP -%token F_PROTOCOL F_AUTH F_ENC F_REPLAY F_COMP F_RAWCPI -%token F_MODE MODE F_REQID -%token F_EXT EXTENSION NOCYCLICSEQ -%token ALG_AUTH ALG_ENC ALG_ENC_DESDERIV ALG_ENC_DES32IV ALG_COMP -%token F_LIFETIME_HARD F_LIFETIME_SOFT -%token DECSTRING QUOTEDSTRING HEXSTRING STRING ANY - /* SPD management */ -%token SPDADD SPDDELETE SPDDUMP SPDFLUSH -%token F_POLICY PL_REQUESTS - -%type PORT PREFIX EXTENSION MODE -%type UP_PROTO PR_ESP PR_AH PR_IPCOMP -%type ALG_AUTH ALG_ENC ALG_ENC_DESDERIV ALG_ENC_DES32IV ALG_COMP -%type DECSTRING -%type ADDRESS PL_REQUESTS -%type key_string policy_requests -%type QUOTEDSTRING HEXSTRING STRING - -%% -commands - : /*NOTHING*/ - | commands command - { - if (f_debug) { - printf("cmdarg:\n%s\n", cmdarg); - } else { - setkeymsg(); - sendkeymsg(); - } - free_buffer(); - parse_init(); - } - ; - -command - : add_command - | get_command - | delete_command - | deleteall_command - | flush_command - | dump_command - | spdadd_command - | spddelete_command - | spddump_command - | spdflush_command - ; - /* commands concerned with management, there is in tail of this file. */ - - /* add command */ -add_command - : ADD { p_type = SADB_ADD; } - sa_selector_spec extension_spec algorithm_spec EOT - ; - - /* delete */ -delete_command - : DELETE { p_type = SADB_DELETE; } - sa_selector_spec extension_spec - { - if (p_mode != IPSEC_MODE_ANY) - yyerror("WARNING: mode is obsoleted."); - } - EOT - ; - - /* deleteall command */ -deleteall_command - : DELETEALL { p_type = SADB_DELETE; } - ipaddress { p_src = pp_addr; } - ipaddress { p_dst = pp_addr; } - protocol_spec - { p_no_spi = 1; } - EOT - ; - - /* get command */ -get_command - : GET { p_type = SADB_GET; } - sa_selector_spec extension_spec - { - if (p_mode != IPSEC_MODE_ANY) - yyerror("WARNING: mode is obsoleted."); - } - EOT - ; - - /* flush */ -flush_command - : FLUSH { p_type = SADB_FLUSH; } - protocol_spec EOT - ; - - /* dump */ -dump_command - : DUMP { p_type = SADB_DUMP; } - protocol_spec EOT - ; - - /* sa_selector_spec */ -sa_selector_spec - : ipaddress { p_src = pp_addr; } - ipaddress { p_dst = pp_addr; } - protocol_spec spi - ; - -protocol_spec - : /*NOTHING*/ { p_satype = SADB_SATYPE_UNSPEC; } - | PR_ESP - { - p_satype = SADB_SATYPE_ESP; - if ($1 == 1) - p_ext |= SADB_X_EXT_OLD; - else - p_ext &= ~SADB_X_EXT_OLD; - } - | PR_AH - { - p_satype = SADB_SATYPE_AH; - if ($1 == 1) - p_ext |= SADB_X_EXT_OLD; - else - p_ext &= ~SADB_X_EXT_OLD; - } - | PR_IPCOMP - { - p_satype = SADB_X_SATYPE_IPCOMP; - } - ; - -spi - : DECSTRING { p_spi = $1; } - | HEXSTRING - { - caddr_t bp; - caddr_t yp = $1.buf; - char buf0[4], buf[4]; - int i, j; - - /* sanity check */ - if ($1.len > 4) { - yyerror("SPI too big."); - free($1.buf); - return -1; - } - - bp = buf0; - while (*yp) { - *bp = (ATOX(yp[0]) << 4) | ATOX(yp[1]); - yp += 2, bp++; - } - - /* initialize */ - for (i = 0; i < 4; i++) buf[i] = 0; - - for (j = $1.len - 1, i = 3; j >= 0; j--, i--) - buf[i] = buf0[j]; - - /* XXX: endian */ - p_spi = ntohl(*(u_int32_t *)buf); - - free($1.buf); - } - ; - -algorithm_spec - : esp_spec - | ah_spec - | ipcomp_spec - ; - -esp_spec - : F_ENC enc_alg enc_key F_AUTH auth_alg auth_key - | F_ENC enc_alg enc_key - ; - -ah_spec - : F_AUTH auth_alg auth_key - ; - -ipcomp_spec - : F_COMP ALG_COMP { p_alg_enc = $2; } - | F_COMP ALG_COMP { p_alg_enc = $2; } - F_RAWCPI { p_ext |= SADB_X_EXT_RAWCPI; } - ; - -enc_alg - : ALG_ENC { p_alg_enc = $1; } - | ALG_ENC_DESDERIV - { - p_alg_enc = $1; - if (p_ext & SADB_X_EXT_OLD) { - yyerror("algorithm mismatched."); - return -1; - } - p_ext |= SADB_X_EXT_DERIV; - } - | ALG_ENC_DES32IV - { - p_alg_enc = $1; - if (!(p_ext & SADB_X_EXT_OLD)) { - yyerror("algorithm mismatched."); - return -1; - } - p_ext |= SADB_X_EXT_IV4B; - } - ; - -enc_key - : /*NOTHING*/ - { - if (p_alg_enc != SADB_EALG_NULL) { - yyerror("no key found."); - return -1; - } - } - | key_string - { - p_key_enc_len = $1.len; - p_key_enc = pp_key; - - if (ipsec_check_keylen(SADB_EXT_SUPPORTED_ENCRYPT, - p_alg_enc, - PFKEY_UNUNIT64(p_key_enc_len)) < 0) { - yyerror(ipsec_strerror()); - return -1; - } - } - ; - -auth_alg - : ALG_AUTH { p_alg_auth = $1; } - ; - -auth_key - : /*NOTHING*/ - { - if (p_alg_auth != SADB_X_AALG_NULL) { - yyerror("no key found."); - return -1; - } - } - | key_string - { - p_key_auth_len = $1.len; - p_key_auth = pp_key; - - if (ipsec_check_keylen(SADB_EXT_SUPPORTED_AUTH, - p_alg_auth, - PFKEY_UNUNIT64(p_key_auth_len)) < 0) { - yyerror(ipsec_strerror()); - return -1; - } - } - ; - -key_string - : QUOTEDSTRING - { - pp_key = $1.buf; - /* free pp_key later */ - } - | HEXSTRING - { - caddr_t bp; - caddr_t yp = $1.buf; - - if ((pp_key = malloc($1.len)) == 0) { - free($1.buf); - yyerror("not enough core"); - return -1; - } - memset(pp_key, 0, $1.len); - - bp = pp_key; - while (*yp) { - *bp = (ATOX(yp[0]) << 4) | ATOX(yp[1]); - yp += 2, bp++; - } - - free($1.buf); - } - ; - -extension_spec - : /*NOTHING*/ - | extension_spec extension - ; - -extension - : F_EXT EXTENSION { p_ext |= $2; } - | F_EXT NOCYCLICSEQ { p_ext &= ~SADB_X_EXT_CYCSEQ; } - | F_MODE MODE { p_mode = $2; } - | F_MODE ANY { p_mode = IPSEC_MODE_ANY; } - | F_REQID DECSTRING { p_reqid = $2; } - | F_REPLAY DECSTRING - { - if (p_ext & SADB_X_EXT_OLD) { - yyerror("replay prevention " - "only use on new spec."); - return -1; - } - p_replay = $2; - } - | F_LIFETIME_HARD DECSTRING { p_lt_hard = $2; } - | F_LIFETIME_SOFT DECSTRING { p_lt_soft = $2; } - ; - - /* definition about command for SPD management */ - /* spdadd */ -spdadd_command - : SPDADD - { - p_type = SADB_X_SPDADD; - p_satype = SADB_SATYPE_UNSPEC; - } - sp_selector_spec policy_spec EOT - ; - -spddelete_command: - SPDDELETE - { - p_type = SADB_X_SPDDELETE; - p_satype = SADB_SATYPE_UNSPEC; - } - sp_selector_spec policy_spec EOT - ; - -spddump_command: - SPDDUMP - { - p_type = SADB_X_SPDDUMP; - p_satype = SADB_SATYPE_UNSPEC; - } - EOT - ; - -spdflush_command: - SPDFLUSH - { - p_type = SADB_X_SPDFLUSH; - p_satype = SADB_SATYPE_UNSPEC; - } - EOT - ; - - /* sp_selector_spec */ -sp_selector_spec - : ipaddress { p_src = pp_addr; } - prefix { p_prefs = pp_prefix; } - port - { - switch (p_src->sa_family) { - case AF_INET: - ((struct sockaddr_in *)p_src)->sin_port = - htons(pp_port); - break; -#ifdef INET6 - case AF_INET6: - ((struct sockaddr_in6 *)p_src)->sin6_port = - htons(pp_port); - break; -#endif - default: - exit(1); /*XXX*/ - } - } - ipaddress { p_dst = pp_addr; } - prefix { p_prefd = pp_prefix; } - port - { - switch (p_dst->sa_family) { - case AF_INET: - ((struct sockaddr_in *)p_dst)->sin_port = - htons(pp_port); - break; -#ifdef INET6 - case AF_INET6: - ((struct sockaddr_in6 *)p_dst)->sin6_port = - htons(pp_port); - break; -#endif - default: - exit(1); /*XXX*/ - } - } - upper_spec - { - /* XXX is it something userland should check? */ -#if 0 - switch (p_upper) { - case IPPROTO_ICMP: - case IPPROTO_ICMPV6: - if (_INPORTBYSA(p_src) != IPSEC_PORT_ANY - || _INPORTBYSA(p_dst) != IPSEC_PORT_ANY) { - yyerror("port number must be \"any\"."); - return -1; - } - if ((pp_addr->sa_family == AF_INET6 - && p_upper == IPPROTO_ICMP) - || (pp_addr->sa_family == AF_INET - && p_upper == IPPROTO_ICMPV6)) { - yyerror("upper layer protocol " - "mismatched.\n"); - return -1; - } - break; - default: - break; - } -#endif - } - ; - -ipaddress - : ADDRESS - { - struct addrinfo *res; - - res = parse_addr($1.buf, NULL, AI_NUMERICHOST); - if (res == NULL) { - free($1.buf); - return -1; - } - pp_addr = (struct sockaddr *)malloc(res->ai_addrlen); - if (!pp_addr) { - yyerror("not enough core"); - goto end; - } - - memcpy(pp_addr, res->ai_addr, res->ai_addrlen); - end: - freeaddrinfo(res); - free($1.buf); - } - ; - -prefix - : /*NOTHING*/ { pp_prefix = ~0; } - | PREFIX { pp_prefix = $1; } - ; - -port - : /*NOTHING*/ { pp_port = IPSEC_PORT_ANY; } - | PORT { pp_port = $1; } - | PORTANY { pp_port = IPSEC_PORT_ANY; } - ; - -upper_spec - : DECSTRING { p_upper = $1; } - | UP_PROTO { p_upper = $1; } - | ANY { p_upper = IPSEC_ULPROTO_ANY; } - | STRING - { - struct protoent *ent; - - ent = getprotobyname($1.buf); - if (ent) - p_upper = ent->p_proto; - else { - if (strcmp("icmp6", $1.buf) == 0) { - p_upper = IPPROTO_ICMPV6; - } else if(strcmp("ip4", $1.buf) == 0) { - p_upper = IPPROTO_IPV4; - } else { - yyerror("invalid upper layer protocol"); - free($1.buf); - return -1; - } - } - free($1.buf); - } - ; - -policy_spec - : F_POLICY policy_requests - { - p_policy = ipsec_set_policy($2.buf, $2.len); - if (p_policy == NULL) { - free($2.buf); - p_policy = NULL; - yyerror(ipsec_strerror()); - return -1; - } - - p_policy_len = ipsec_get_policylen(p_policy); - - free($2.buf); - } - ; - -policy_requests - : PL_REQUESTS { $$ = $1; } - ; - -%% - -int -setkeymsg() -{ - struct sadb_msg m_msg; - - m_msg.sadb_msg_version = PF_KEY_V2; - m_msg.sadb_msg_type = p_type; - m_msg.sadb_msg_errno = 0; - m_msg.sadb_msg_satype = p_satype; - m_msg.sadb_msg_reserved = 0; - m_msg.sadb_msg_seq = 0; - m_msg.sadb_msg_pid = getpid(); - - m_len = sizeof(struct sadb_msg); - memcpy(m_buf, &m_msg, m_len); - - switch (p_type) { - case SADB_FLUSH: - case SADB_DUMP: - break; - - case SADB_ADD: - /* set encryption algorithm, if present. */ - if (p_satype != SADB_X_SATYPE_IPCOMP && p_alg_enc != SADB_EALG_NONE) { - struct sadb_key m_key; - - m_key.sadb_key_len = - PFKEY_UNIT64(sizeof(m_key) - + PFKEY_ALIGN8(p_key_enc_len)); - m_key.sadb_key_exttype = SADB_EXT_KEY_ENCRYPT; - m_key.sadb_key_bits = p_key_enc_len * 8; - m_key.sadb_key_reserved = 0; - - setvarbuf(&m_len, - (struct sadb_ext *)&m_key, sizeof(m_key), - (caddr_t)p_key_enc, p_key_enc_len); - } - - /* set authentication algorithm, if present. */ - if (p_alg_auth != SADB_AALG_NONE) { - struct sadb_key m_key; - - m_key.sadb_key_len = - PFKEY_UNIT64(sizeof(m_key) - + PFKEY_ALIGN8(p_key_auth_len)); - m_key.sadb_key_exttype = SADB_EXT_KEY_AUTH; - m_key.sadb_key_bits = p_key_auth_len * 8; - m_key.sadb_key_reserved = 0; - - setvarbuf(&m_len, - (struct sadb_ext *)&m_key, sizeof(m_key), - (caddr_t)p_key_auth, p_key_auth_len); - } - - /* set lifetime for HARD */ - if (p_lt_hard != 0) { - struct sadb_lifetime m_lt; - u_int len = sizeof(struct sadb_lifetime); - - m_lt.sadb_lifetime_len = PFKEY_UNIT64(len); - m_lt.sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD; - m_lt.sadb_lifetime_allocations = 0; - m_lt.sadb_lifetime_bytes = 0; - m_lt.sadb_lifetime_addtime = p_lt_hard; - m_lt.sadb_lifetime_usetime = 0; - - memcpy(m_buf + m_len, &m_lt, len); - m_len += len; - } - - /* set lifetime for SOFT */ - if (p_lt_soft != 0) { - struct sadb_lifetime m_lt; - u_int len = sizeof(struct sadb_lifetime); - - m_lt.sadb_lifetime_len = PFKEY_UNIT64(len); - m_lt.sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT; - m_lt.sadb_lifetime_allocations = 0; - m_lt.sadb_lifetime_bytes = 0; - m_lt.sadb_lifetime_addtime = p_lt_soft; - m_lt.sadb_lifetime_usetime = 0; - - memcpy(m_buf + m_len, &m_lt, len); - m_len += len; - } - /* FALLTHROUGH */ - - case SADB_DELETE: - case SADB_GET: - { - struct sadb_sa m_sa; - struct sadb_x_sa2 m_sa2; - struct sadb_address m_addr; - u_int len; - - if (p_no_spi == 0) { - len = sizeof(struct sadb_sa); - m_sa.sadb_sa_len = PFKEY_UNIT64(len); - m_sa.sadb_sa_exttype = SADB_EXT_SA; - m_sa.sadb_sa_spi = htonl(p_spi); - m_sa.sadb_sa_replay = p_replay; - m_sa.sadb_sa_state = 0; - m_sa.sadb_sa_auth = p_alg_auth; - m_sa.sadb_sa_encrypt = p_alg_enc; - m_sa.sadb_sa_flags = p_ext; - - memcpy(m_buf + m_len, &m_sa, len); - m_len += len; - - len = sizeof(struct sadb_x_sa2); - m_sa2.sadb_x_sa2_len = PFKEY_UNIT64(len); - m_sa2.sadb_x_sa2_exttype = SADB_X_EXT_SA2; - m_sa2.sadb_x_sa2_mode = p_mode; - m_sa2.sadb_x_sa2_reqid = p_reqid; - - memcpy(m_buf + m_len, &m_sa2, len); - m_len += len; - } - - /* set src */ - m_addr.sadb_address_len = - PFKEY_UNIT64(sizeof(m_addr) - + PFKEY_ALIGN8(p_src->sa_len)); - m_addr.sadb_address_exttype = SADB_EXT_ADDRESS_SRC; - m_addr.sadb_address_proto = IPSEC_ULPROTO_ANY; - switch (p_src->sa_family) { - case AF_INET: - m_addr.sadb_address_prefixlen = - sizeof(struct in_addr) << 3; - break; -#ifdef INET6 - case AF_INET6: - m_addr.sadb_address_prefixlen = - sizeof(struct in6_addr) << 3; - break; -#endif - default: - yyerror("unsupported address family"); - exit(1); /*XXX*/ - } - m_addr.sadb_address_reserved = 0; - - setvarbuf(&m_len, - (struct sadb_ext *)&m_addr, sizeof(m_addr), - (caddr_t)p_src, p_src->sa_len); - - /* set dst */ - m_addr.sadb_address_len = - PFKEY_UNIT64(sizeof(m_addr) - + PFKEY_ALIGN8(p_dst->sa_len)); - m_addr.sadb_address_exttype = SADB_EXT_ADDRESS_DST; - m_addr.sadb_address_proto = IPSEC_ULPROTO_ANY; - switch (p_dst->sa_family) { - case AF_INET: - m_addr.sadb_address_prefixlen = - sizeof(struct in_addr) << 3; - break; -#ifdef INET6 - case AF_INET6: - m_addr.sadb_address_prefixlen = - sizeof(struct in6_addr) << 3; - break; -#endif - default: - yyerror("unsupported address family"); - exit(1); /*XXX*/ - } - m_addr.sadb_address_reserved = 0; - - setvarbuf(&m_len, - (struct sadb_ext *)&m_addr, sizeof(m_addr), - (caddr_t)p_dst, p_dst->sa_len); - } - break; - - /* for SPD management */ - case SADB_X_SPDFLUSH: - case SADB_X_SPDDUMP: - break; - - case SADB_X_SPDADD: - case SADB_X_SPDDELETE: - { - struct sadb_address m_addr; - u_int8_t plen; - - memcpy(m_buf + m_len, p_policy, p_policy_len); - m_len += p_policy_len; - free(p_policy); - p_policy = NULL; - - /* set src */ - m_addr.sadb_address_len = - PFKEY_UNIT64(sizeof(m_addr) - + PFKEY_ALIGN8(p_src->sa_len)); - m_addr.sadb_address_exttype = SADB_EXT_ADDRESS_SRC; - m_addr.sadb_address_proto = p_upper; - switch (p_src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; -#ifdef INET6 - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; -#endif - default: - yyerror("unsupported address family"); - exit(1); /*XXX*/ - } - m_addr.sadb_address_prefixlen = - (p_prefs != ~0 ? p_prefs : plen); - m_addr.sadb_address_reserved = 0; - - setvarbuf(&m_len, - (struct sadb_ext *)&m_addr, sizeof(m_addr), - (caddr_t)p_src, p_src->sa_len); - - /* set dst */ - m_addr.sadb_address_len = - PFKEY_UNIT64(sizeof(m_addr) - + PFKEY_ALIGN8(p_dst->sa_len)); - m_addr.sadb_address_exttype = SADB_EXT_ADDRESS_DST; - m_addr.sadb_address_proto = p_upper; - switch (p_dst->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; -#ifdef INET6 - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; -#endif - default: - yyerror("unsupported address family"); - exit(1); /*XXX*/ - } - m_addr.sadb_address_prefixlen = - (p_prefd != ~0 ? p_prefd : plen); - m_addr.sadb_address_reserved = 0; - - setvarbuf(&m_len, - (struct sadb_ext *)&m_addr, sizeof(m_addr), - (caddr_t)p_dst, p_dst->sa_len); - } - break; - } - - ((struct sadb_msg *)m_buf)->sadb_msg_len = PFKEY_UNIT64(m_len); - - return 0; -} - -static struct addrinfo * -parse_addr(host, port, flag) - char *host; - char *port; - int flag; -{ - struct addrinfo hints, *res = NULL; - int error; - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_DGRAM; - hints.ai_flags = flag; - error = getaddrinfo(host, port, &hints, &res); - if (error != 0) { - yyerror(gai_strerror(error)); - return NULL; - } - if (res->ai_next != NULL) { - yyerror(gai_strerror(error)); - } - return res; -} - -static int -setvarbuf(off, ebuf, elen, vbuf, vlen) - caddr_t vbuf; - struct sadb_ext *ebuf; - int *off, elen, vlen; -{ - memset(m_buf + *off, 0, PFKEY_UNUNIT64(ebuf->sadb_ext_len)); - memcpy(m_buf + *off, (caddr_t)ebuf, elen); - memcpy(m_buf + *off + elen, vbuf, vlen); - (*off) += PFKEY_ALIGN8(elen + vlen); - - return 0; -} - -void -parse_init() -{ - p_type = 0; - p_spi = 0; - p_no_spi = 0; - - p_src = 0, p_dst = 0; - pp_prefix = p_prefs = p_prefd = ~0; - pp_port = IPSEC_PORT_ANY; - p_upper = 0; - - p_satype = 0; - p_ext = SADB_X_EXT_CYCSEQ; - p_alg_enc = SADB_EALG_NONE; - p_alg_auth = SADB_AALG_NONE; - p_mode = IPSEC_MODE_ANY; - p_reqid = 0; - p_replay = 0; - p_key_enc_len = p_key_auth_len = 0; - p_key_enc = p_key_auth = 0; - p_lt_hard = p_lt_soft = 0; - - p_policy_len = 0; - p_policy = NULL; - - memset(cmdarg, 0, sizeof(cmdarg)); - - return; -} - -void -free_buffer() -{ - if (p_src) free(p_src); - if (p_dst) free(p_dst); - if (p_key_enc) free(p_key_enc); - if (p_key_auth) free(p_key_auth); - - return; -} - diff --git a/setkey.tproj/pfkey.c b/setkey.tproj/pfkey.c deleted file mode 100644 index 813b304..0000000 --- a/setkey.tproj/pfkey.c +++ /dev/null @@ -1,2108 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/pfkey.c,v 1.1.2.2 2001/07/03 11:01:14 ume Exp $ */ -/* $KAME: pfkey.c,v 1.39 2001/03/05 18:22:17 thorpej Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "ipsec_strerror.h" -#include "libpfkey.h" - -#define CALLOC(size, cast) (cast)calloc(1, (size)) - -static int findsupportedmap __P((int)); -static int setsupportedmap __P((struct sadb_supported *)); -static struct sadb_alg *findsupportedalg __P((u_int, u_int)); -static int pfkey_send_x1 __P((int, u_int, u_int, u_int, struct sockaddr *, - struct sockaddr *, u_int32_t, u_int32_t, u_int, caddr_t, - u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int32_t, - u_int32_t, u_int32_t, u_int32_t)); -static int pfkey_send_x2 __P((int, u_int, u_int, u_int, - struct sockaddr *, struct sockaddr *, u_int32_t)); -static int pfkey_send_x3 __P((int, u_int, u_int)); -static int pfkey_send_x4 __P((int, u_int, struct sockaddr *, u_int, - struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t, - char *, int, u_int32_t)); -static int pfkey_send_x5 __P((int, u_int, u_int32_t)); - -static caddr_t pfkey_setsadbmsg __P((caddr_t, caddr_t, u_int, u_int, - u_int, u_int32_t, pid_t)); -static caddr_t pfkey_setsadbsa __P((caddr_t, caddr_t, u_int32_t, u_int, - u_int, u_int, u_int32_t)); -static caddr_t pfkey_setsadbaddr __P((caddr_t, caddr_t, u_int, - struct sockaddr *, u_int, u_int)); -static caddr_t pfkey_setsadbkey __P((caddr_t, caddr_t, u_int, caddr_t, u_int)); -static caddr_t pfkey_setsadblifetime __P((caddr_t, caddr_t, u_int, u_int32_t, - u_int32_t, u_int32_t, u_int32_t)); -static caddr_t pfkey_setsadbxsa2 __P((caddr_t, caddr_t, u_int32_t, u_int32_t)); - -/* - * make and search supported algorithm structure. - */ -static struct sadb_supported *ipsec_supported[] = { NULL, NULL, NULL, }; - -static int supported_map[] = { - SADB_SATYPE_AH, - SADB_SATYPE_ESP, - SADB_X_SATYPE_IPCOMP, -}; - -static int -findsupportedmap(satype) - int satype; -{ - int i; - - for (i = 0; i < sizeof(supported_map)/sizeof(supported_map[0]); i++) - if (supported_map[i] == satype) - return i; - return -1; -} - -static struct sadb_alg * -findsupportedalg(satype, alg_id) - u_int satype, alg_id; -{ - int algno; - int tlen; - caddr_t p; - - /* validity check */ - algno = findsupportedmap(satype); - if (algno == -1) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return NULL; - } - if (ipsec_supported[algno] == NULL) { - __ipsec_errcode = EIPSEC_DO_GET_SUPP_LIST; - return NULL; - } - - tlen = ipsec_supported[algno]->sadb_supported_len - - sizeof(struct sadb_supported); - p = (caddr_t)(ipsec_supported[algno] + 1); - while (tlen > 0) { - if (tlen < sizeof(struct sadb_alg)) { - /* invalid format */ - break; - } - if (((struct sadb_alg *)p)->sadb_alg_id == alg_id) - return (struct sadb_alg *)p; - - tlen -= sizeof(struct sadb_alg); - p += sizeof(struct sadb_alg); - } - - __ipsec_errcode = EIPSEC_NOT_SUPPORTED; - return NULL; -} - -static int -setsupportedmap(sup) - struct sadb_supported *sup; -{ - struct sadb_supported **ipsup; - - switch (sup->sadb_supported_exttype) { - case SADB_EXT_SUPPORTED_AUTH: - ipsup = &ipsec_supported[findsupportedmap(SADB_SATYPE_AH)]; - break; - case SADB_EXT_SUPPORTED_ENCRYPT: - ipsup = &ipsec_supported[findsupportedmap(SADB_SATYPE_ESP)]; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - if (*ipsup) - free(*ipsup); - - *ipsup = malloc(sup->sadb_supported_len); - if (!*ipsup) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - memcpy(*ipsup, sup, sup->sadb_supported_len); - - return 0; -} - -/* - * check key length against algorithm specified. - * This function is called with SADB_EXT_SUPPORTED_{AUTH,ENCRYPT} as the - * augument, and only calls to ipsec_check_keylen2(); - * keylen is the unit of bit. - * OUT: - * -1: invalid. - * 0: valid. - */ -int -ipsec_check_keylen(supported, alg_id, keylen) - u_int supported; - u_int alg_id; - u_int keylen; -{ - int satype; - - /* validity check */ - switch (supported) { - case SADB_EXT_SUPPORTED_AUTH: - satype = SADB_SATYPE_AH; - break; - case SADB_EXT_SUPPORTED_ENCRYPT: - satype = SADB_SATYPE_ESP; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - return ipsec_check_keylen2(satype, alg_id, keylen); -} - -/* - * check key length against algorithm specified. - * satype is one of satype defined at pfkeyv2.h. - * keylen is the unit of bit. - * OUT: - * -1: invalid. - * 0: valid. - */ -int -ipsec_check_keylen2(satype, alg_id, keylen) - u_int satype; - u_int alg_id; - u_int keylen; -{ - struct sadb_alg *alg; - - alg = findsupportedalg(satype, alg_id); - if (!alg) - return -1; - - if (keylen < alg->sadb_alg_minbits || keylen > alg->sadb_alg_maxbits) { - __ipsec_errcode = EIPSEC_INVAL_KEYLEN; - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * get max/min key length against algorithm specified. - * satype is one of satype defined at pfkeyv2.h. - * keylen is the unit of bit. - * OUT: - * -1: invalid. - * 0: valid. - */ -int -ipsec_get_keylen(supported, alg_id, alg0) - u_int supported, alg_id; - struct sadb_alg *alg0; -{ - struct sadb_alg *alg; - u_int satype; - - /* validity check */ - if (!alg0) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - switch (supported) { - case SADB_EXT_SUPPORTED_AUTH: - satype = SADB_SATYPE_AH; - break; - case SADB_EXT_SUPPORTED_ENCRYPT: - satype = SADB_SATYPE_ESP; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - alg = findsupportedalg(satype, alg_id); - if (!alg) - return -1; - - memcpy(alg0, alg, sizeof(*alg0)); - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * set the rate for SOFT lifetime against HARD one. - * If rate is more than 100 or equal to zero, then set to 100. - */ -static u_int soft_lifetime_allocations_rate = PFKEY_SOFT_LIFETIME_RATE; -static u_int soft_lifetime_bytes_rate = PFKEY_SOFT_LIFETIME_RATE; -static u_int soft_lifetime_addtime_rate = PFKEY_SOFT_LIFETIME_RATE; -static u_int soft_lifetime_usetime_rate = PFKEY_SOFT_LIFETIME_RATE; - -u_int -pfkey_set_softrate(type, rate) - u_int type, rate; -{ - __ipsec_errcode = EIPSEC_NO_ERROR; - - if (rate > 100 || rate == 0) - rate = 100; - - switch (type) { - case SADB_X_LIFETIME_ALLOCATIONS: - soft_lifetime_allocations_rate = rate; - return 0; - case SADB_X_LIFETIME_BYTES: - soft_lifetime_bytes_rate = rate; - return 0; - case SADB_X_LIFETIME_ADDTIME: - soft_lifetime_addtime_rate = rate; - return 0; - case SADB_X_LIFETIME_USETIME: - soft_lifetime_usetime_rate = rate; - return 0; - } - - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return 1; -} - -/* - * get current rate for SOFT lifetime against HARD one. - * ATTENTION: ~0 is returned if invalid type was passed. - */ -u_int -pfkey_get_softrate(type) - u_int type; -{ - switch (type) { - case SADB_X_LIFETIME_ALLOCATIONS: - return soft_lifetime_allocations_rate; - case SADB_X_LIFETIME_BYTES: - return soft_lifetime_bytes_rate; - case SADB_X_LIFETIME_ADDTIME: - return soft_lifetime_addtime_rate; - case SADB_X_LIFETIME_USETIME: - return soft_lifetime_usetime_rate; - } - - return ~0; -} - -/* - * sending SADB_GETSPI message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_getspi(so, satype, mode, src, dst, min, max, reqid, seq) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t min, max, reqid, seq; -{ - struct sadb_msg *newmsg; - caddr_t ep; - int len; - int need_spirange = 0; - caddr_t p; - int plen; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - if (min > max || (min > 0 && min <= 255)) { - __ipsec_errcode = EIPSEC_INVAL_SPI; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* create new sadb_msg to send. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_x_sa2) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len); - - if (min > 255 && max < ~0) { - need_spirange++; - len += sizeof(struct sadb_spirange); - } - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, SADB_GETSPI, - len, satype, seq, getpid()); - if (!p) { - free(newmsg); - return -1; - } - - p = pfkey_setsadbxsa2(p, ep, mode, reqid); - if (!p) { - free(newmsg); - return -1; - } - - /* set sadb_address for source */ - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - - /* set sadb_address for destination */ - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - - /* proccessing spi range */ - if (need_spirange) { - struct sadb_spirange spirange; - - if (p + sizeof(spirange) > ep) { - free(newmsg); - return -1; - } - - memset(&spirange, 0, sizeof(spirange)); - spirange.sadb_spirange_len = PFKEY_UNIT64(sizeof(spirange)); - spirange.sadb_spirange_exttype = SADB_EXT_SPIRANGE; - spirange.sadb_spirange_min = min; - spirange.sadb_spirange_max = max; - - memcpy(p, &spirange, sizeof(spirange)); - - p += sizeof(spirange); - } - if (p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * sending SADB_UPDATE message to the kernel. - * The length of key material is a_keylen + e_keylen. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_update(so, satype, mode, src, dst, spi, reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq) - int so; - u_int satype, mode, wsize; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - caddr_t keymat; - u_int e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc; - u_int64_t l_bytes, l_addtime, l_usetime; - u_int32_t seq; -{ - int len; - if ((len = pfkey_send_x1(so, SADB_UPDATE, satype, mode, src, dst, spi, - reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_ADD message to the kernel. - * The length of key material is a_keylen + e_keylen. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_add(so, satype, mode, src, dst, spi, reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq) - int so; - u_int satype, mode, wsize; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - caddr_t keymat; - u_int e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc; - u_int64_t l_bytes, l_addtime, l_usetime; - u_int32_t seq; -{ - int len; - if ((len = pfkey_send_x1(so, SADB_ADD, satype, mode, src, dst, spi, - reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_DELETE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_delete(so, satype, mode, src, dst, spi) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; -{ - int len; - if ((len = pfkey_send_x2(so, SADB_DELETE, satype, mode, src, dst, spi)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_DELETE without spi to the kernel. This is - * the "delete all" request (an extension also present in - * Solaris). - * - * OUT: - * positive: success and return length sent - * -1 : error occured, and set errno - */ -int -pfkey_send_delete_all(so, satype, mode, src, dst) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, SADB_DELETE, len, satype, 0, - getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * sending SADB_GET message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_get(so, satype, mode, src, dst, spi) - int so; - u_int satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; -{ - int len; - if ((len = pfkey_send_x2(so, SADB_GET, satype, mode, src, dst, spi)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_REGISTER message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_register(so, satype) - int so; - u_int satype; -{ - int len, algno; - - if (satype == PF_UNSPEC) { - for (algno = 0; - algno < sizeof(supported_map)/sizeof(supported_map[0]); - algno++) { - if (ipsec_supported[algno]) { - free(ipsec_supported[algno]); - ipsec_supported[algno] = NULL; - } - } - } else { - algno = findsupportedmap(satype); - if (algno == -1) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - if (ipsec_supported[algno]) { - free(ipsec_supported[algno]); - ipsec_supported[algno] = NULL; - } - } - - if ((len = pfkey_send_x3(so, SADB_REGISTER, satype)) < 0) - return -1; - - return len; -} - -/* - * receiving SADB_REGISTER message from the kernel, and copy buffer for - * sadb_supported returned into ipsec_supported. - * OUT: - * 0: success and return length sent. - * -1: error occured, and set errno. - */ -int -pfkey_recv_register(so) - int so; -{ - pid_t pid = getpid(); - struct sadb_msg *newmsg; - int error = -1; - - /* receive message */ - do { - if ((newmsg = pfkey_recv(so)) == NULL) - return -1; - } while (newmsg->sadb_msg_type != SADB_REGISTER - || newmsg->sadb_msg_pid != pid); - - /* check and fix */ - newmsg->sadb_msg_len = PFKEY_UNUNIT64(newmsg->sadb_msg_len); - - error = pfkey_set_supported(newmsg, newmsg->sadb_msg_len); - free(newmsg); - - if (error == 0) - __ipsec_errcode = EIPSEC_NO_ERROR; - - return error; -} - -/* - * receiving SADB_REGISTER message from the kernel, and copy buffer for - * sadb_supported returned into ipsec_supported. - * NOTE: sadb_msg_len must be host order. - * IN: - * tlen: msg length, it's to makeing sure. - * OUT: - * 0: success and return length sent. - * -1: error occured, and set errno. - */ -int -pfkey_set_supported(msg, tlen) - struct sadb_msg *msg; - int tlen; -{ - struct sadb_supported *sup; - caddr_t p; - caddr_t ep; - - /* validity */ - if (msg->sadb_msg_len != tlen) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - p = (caddr_t)msg; - ep = p + tlen; - - p += sizeof(struct sadb_msg); - - while (p < ep) { - sup = (struct sadb_supported *)p; - if (ep < p + sizeof(*sup) || - PFKEY_EXTLEN(sup) < sizeof(*sup) || - ep < p + sup->sadb_supported_len) { - /* invalid format */ - break; - } - - switch (sup->sadb_supported_exttype) { - case SADB_EXT_SUPPORTED_AUTH: - case SADB_EXT_SUPPORTED_ENCRYPT: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - /* fixed length */ - sup->sadb_supported_len = PFKEY_EXTLEN(sup); - - /* set supported map */ - if (setsupportedmap(sup) != 0) - return -1; - - p += sup->sadb_supported_len; - } - - if (p != ep) { - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - - return 0; -} - -/* - * sending SADB_FLUSH message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_flush(so, satype) - int so; - u_int satype; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_FLUSH, satype)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_DUMP message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_dump(so, satype) - int so; - u_int satype; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_DUMP, satype)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_PROMISC message to the kernel. - * NOTE that this function handles promisc mode toggle only. - * IN: - * flag: set promisc off if zero, set promisc on if non-zero. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - * 0 : error occured, and set errno. - * others: a pointer to new allocated buffer in which supported - * algorithms is. - */ -int -pfkey_send_promisc_toggle(so, flag) - int so; - int flag; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_X_PROMISC, (flag ? 1 : 0))) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDADD message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdadd(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDADD, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDADD message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdadd2(so, src, prefs, dst, prefd, proto, ltime, vtime, - policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - u_int64_t ltime, vtime; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDADD, - src, prefs, dst, prefd, proto, - ltime, vtime, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDUPDATE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdupdate(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDUPDATE, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDUPDATE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdupdate2(so, src, prefs, dst, prefd, proto, ltime, vtime, - policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - u_int64_t ltime, vtime; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if ((len = pfkey_send_x4(so, SADB_X_SPDUPDATE, - src, prefs, dst, prefd, proto, - ltime, vtime, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDDELETE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spddelete(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if (policylen != sizeof(struct sadb_x_policy)) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - if ((len = pfkey_send_x4(so, SADB_X_SPDDELETE, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDDELETE message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spddelete2(so, spid) - int so; - u_int32_t spid; -{ - int len; - - if ((len = pfkey_send_x5(so, SADB_X_SPDDELETE2, spid)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDGET message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdget(so, spid) - int so; - u_int32_t spid; -{ - int len; - - if ((len = pfkey_send_x5(so, SADB_X_SPDGET, spid)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_X_SPDSETIDX message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdsetidx(so, src, prefs, dst, prefd, proto, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int prefs, prefd, proto; - caddr_t policy; - int policylen; - u_int32_t seq; -{ - int len; - - if (policylen != sizeof(struct sadb_x_policy)) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - if ((len = pfkey_send_x4(so, SADB_X_SPDSETIDX, - src, prefs, dst, prefd, proto, - 0, 0, - policy, policylen, seq)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_SPDFLUSH message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spdflush(so) - int so; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_X_SPDFLUSH, SADB_SATYPE_UNSPEC)) < 0) - return -1; - - return len; -} - -/* - * sending SADB_SPDDUMP message to the kernel. - * OUT: - * positive: success and return length sent. - * -1 : error occured, and set errno. - */ -int -pfkey_send_spddump(so) - int so; -{ - int len; - - if ((len = pfkey_send_x3(so, SADB_X_SPDDUMP, SADB_SATYPE_UNSPEC)) < 0) - return -1; - - return len; -} - -/* sending SADB_ADD or SADB_UPDATE message to the kernel */ -static int -pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize, - keymat, e_type, e_keylen, a_type, a_keylen, flags, - l_alloc, l_bytes, l_addtime, l_usetime, seq) - int so; - u_int type, satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi, reqid; - u_int wsize; - caddr_t keymat; - u_int e_type, e_keylen, a_type, a_keylen, flags; - u_int32_t l_alloc, l_bytes, l_addtime, l_usetime, seq; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - switch (satype) { - case SADB_SATYPE_ESP: - if (e_type == SADB_EALG_NONE) { - __ipsec_errcode = EIPSEC_NO_ALGS; - return -1; - } - break; - case SADB_SATYPE_AH: - if (e_type != SADB_EALG_NONE) { - __ipsec_errcode = EIPSEC_INVAL_ALGS; - return -1; - } - if (a_type == SADB_AALG_NONE) { - __ipsec_errcode = EIPSEC_NO_ALGS; - return -1; - } - break; - case SADB_X_SATYPE_IPCOMP: - if (e_type == SADB_X_CALG_NONE) { - __ipsec_errcode = EIPSEC_INVAL_ALGS; - return -1; - } - if (a_type != SADB_AALG_NONE) { - __ipsec_errcode = EIPSEC_NO_ALGS; - return -1; - } - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_sa) - + sizeof(struct sadb_x_sa2) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len) - + sizeof(struct sadb_lifetime) - + sizeof(struct sadb_lifetime); - - if (e_type != SADB_EALG_NONE) - len += (sizeof(struct sadb_key) + PFKEY_ALIGN8(e_keylen)); - if (a_type != SADB_AALG_NONE) - len += (sizeof(struct sadb_key) + PFKEY_ALIGN8(a_keylen)); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, - satype, seq, getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbsa(p, ep, spi, wsize, a_type, e_type, flags); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbxsa2(p, ep, mode, reqid); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - - if (e_type != SADB_EALG_NONE) { - p = pfkey_setsadbkey(p, ep, SADB_EXT_KEY_ENCRYPT, - keymat, e_keylen); - if (!p) { - free(newmsg); - return -1; - } - } - if (a_type != SADB_AALG_NONE) { - p = pfkey_setsadbkey(p, ep, SADB_EXT_KEY_AUTH, - keymat + e_keylen, a_keylen); - if (!p) { - free(newmsg); - return -1; - } - } - - /* set sadb_lifetime for destination */ - p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_HARD, - l_alloc, l_bytes, l_addtime, l_usetime); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_SOFT, - l_alloc, l_bytes, l_addtime, l_usetime); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* sending SADB_DELETE or SADB_GET message to the kernel */ -static int -pfkey_send_x2(so, type, satype, mode, src, dst, spi) - int so; - u_int type, satype, mode; - struct sockaddr *src, *dst; - u_int32_t spi; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_sa) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(dst->sa_len); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, satype, 0, - getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbsa(p, ep, spi, 0, 0, 0, 0); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen, - IPSEC_ULPROTO_ANY); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen, - IPSEC_ULPROTO_ANY); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * sending SADB_REGISTER, SADB_FLUSH, SADB_DUMP or SADB_X_PROMISC message - * to the kernel - */ -static int -pfkey_send_x3(so, type, satype) - int so; - u_int type, satype; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - caddr_t ep; - - /* validity check */ - switch (type) { - case SADB_X_PROMISC: - if (satype != 0 && satype != 1) { - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - break; - default: - switch (satype) { - case SADB_SATYPE_UNSPEC: - case SADB_SATYPE_AH: - case SADB_SATYPE_ESP: - case SADB_X_SATYPE_IPCOMP: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - } - - /* create new sadb_msg to send. */ - len = sizeof(struct sadb_msg); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, satype, 0, - getpid()); - if (!p || p != ep) { - free(newmsg); - return -1; - } - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* sending SADB_X_SPDADD message to the kernel */ -static int -pfkey_send_x4(so, type, src, prefs, dst, prefd, proto, - ltime, vtime, policy, policylen, seq) - int so; - struct sockaddr *src, *dst; - u_int type, prefs, prefd, proto; - u_int64_t ltime, vtime; - char *policy; - int policylen; - u_int32_t seq; -{ - struct sadb_msg *newmsg; - int len; - caddr_t p; - int plen; - caddr_t ep; - - /* validity check */ - if (src == NULL || dst == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - if (src->sa_family != dst->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - - switch (src->sa_family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - if (prefs > plen || prefd > plen) { - __ipsec_errcode = EIPSEC_INVAL_PREFIXLEN; - return -1; - } - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_address) - + PFKEY_ALIGN8(src->sa_len) - + sizeof(struct sadb_lifetime) - + policylen; - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, - SADB_SATYPE_UNSPEC, seq, getpid()); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, prefs, proto); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, prefd, proto); - if (!p) { - free(newmsg); - return -1; - } - p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_HARD, - 0, 0, ltime, vtime); - if (!p || p + policylen != ep) { - free(newmsg); - return -1; - } - memcpy(p, policy, policylen); - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* sending SADB_X_SPDGET or SADB_X_SPDDELETE message to the kernel */ -static int -pfkey_send_x5(so, type, spid) - int so; - u_int type; - u_int32_t spid; -{ - struct sadb_msg *newmsg; - struct sadb_x_policy xpl; - int len; - caddr_t p; - caddr_t ep; - - /* create new sadb_msg to reply. */ - len = sizeof(struct sadb_msg) - + sizeof(xpl); - - if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - ep = ((caddr_t)newmsg) + len; - - p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, - SADB_SATYPE_UNSPEC, 0, getpid()); - if (!p) { - free(newmsg); - return -1; - } - - if (p + sizeof(xpl) != ep) { - free(newmsg); - return -1; - } - memset(&xpl, 0, sizeof(xpl)); - xpl.sadb_x_policy_len = PFKEY_UNUNIT64(sizeof(xpl)); - xpl.sadb_x_policy_exttype = SADB_X_EXT_POLICY; - xpl.sadb_x_policy_id = spid; - memcpy(p, &xpl, sizeof(xpl)); - - /* send message */ - len = pfkey_send(so, newmsg, len); - free(newmsg); - - if (len < 0) - return -1; - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * open a socket. - * OUT: - * -1: fail. - * others : success and return value of socket. - */ -int -pfkey_open() -{ - int so; - const int bufsiz = 128 * 1024; /*is 128K enough?*/ - - if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - - /* - * This is a temporary workaround for KAME PR 154. - * Don't really care even if it fails. - */ - (void)setsockopt(so, SOL_SOCKET, SO_SNDBUF, &bufsiz, sizeof(bufsiz)); - (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); - - __ipsec_errcode = EIPSEC_NO_ERROR; - return so; -} - -/* - * close a socket. - * OUT: - * 0: success. - * -1: fail. - */ -void -pfkey_close(so) - int so; -{ - (void)close(so); - - __ipsec_errcode = EIPSEC_NO_ERROR; - return; -} - -/* - * receive sadb_msg data, and return pointer to new buffer allocated. - * Must free this buffer later. - * OUT: - * NULL : error occured. - * others : a pointer to sadb_msg structure. - * - * XXX should be rewritten to pass length explicitly - */ -struct sadb_msg * -pfkey_recv(so) - int so; -{ - struct sadb_msg buf, *newmsg; - int len, reallen; - - while ((len = recv(so, (caddr_t)&buf, sizeof(buf), MSG_PEEK)) < 0) { - if (errno == EINTR) - continue; - __ipsec_set_strerror(strerror(errno)); - return NULL; - } - - if (len < sizeof(buf)) { - recv(so, (caddr_t)&buf, sizeof(buf), 0); - __ipsec_errcode = EIPSEC_MAX; - return NULL; - } - - /* read real message */ - reallen = PFKEY_UNUNIT64(buf.sadb_msg_len); - if ((newmsg = CALLOC(reallen, struct sadb_msg *)) == 0) { - __ipsec_set_strerror(strerror(errno)); - return NULL; - } - - while ((len = recv(so, (caddr_t)newmsg, reallen, 0)) < 0) { - if (errno == EINTR) - continue; - __ipsec_set_strerror(strerror(errno)); - free(newmsg); - return NULL; - } - - if (len != reallen) { - __ipsec_errcode = EIPSEC_SYSTEM_ERROR; - free(newmsg); - return NULL; - } - - /* don't trust what the kernel says, validate! */ - if (PFKEY_UNUNIT64(newmsg->sadb_msg_len) != len) { - __ipsec_errcode = EIPSEC_SYSTEM_ERROR; - free(newmsg); - return NULL; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return newmsg; -} - -/* - * send message to a socket. - * OUT: - * others: success and return length sent. - * -1 : fail. - */ -int -pfkey_send(so, msg, len) - int so; - struct sadb_msg *msg; - int len; -{ - if ((len = send(so, (caddr_t)msg, len, 0)) < 0) { - __ipsec_set_strerror(strerror(errno)); - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; -} - -/* - * %%% Utilities - * NOTE: These functions are derived from netkey/key.c in KAME. - */ -/* - * set the pointer to each header in this message buffer. - * IN: msg: pointer to message buffer. - * mhp: pointer to the buffer initialized like below: - * caddr_t mhp[SADB_EXT_MAX + 1]; - * OUT: -1: invalid. - * 0: valid. - * - * XXX should be rewritten to obtain length explicitly - */ -int -pfkey_align(msg, mhp) - struct sadb_msg *msg; - caddr_t *mhp; -{ - struct sadb_ext *ext; - int i; - caddr_t p; - caddr_t ep; /* XXX should be passed from upper layer */ - - /* validity check */ - if (msg == NULL || mhp == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - /* initialize */ - for (i = 0; i < SADB_EXT_MAX + 1; i++) - mhp[i] = NULL; - - mhp[0] = (caddr_t)msg; - - /* initialize */ - p = (caddr_t) msg; - ep = p + PFKEY_UNUNIT64(msg->sadb_msg_len); - - /* skip base header */ - p += sizeof(struct sadb_msg); - - while (p < ep) { - ext = (struct sadb_ext *)p; - if (ep < p + sizeof(*ext) || PFKEY_EXTLEN(ext) < sizeof(*ext) || - ep < p + PFKEY_EXTLEN(ext)) { - /* invalid format */ - break; - } - - /* duplicate check */ - /* XXX Are there duplication either KEY_AUTH or KEY_ENCRYPT ?*/ - if (mhp[ext->sadb_ext_type] != NULL) { - __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; - return -1; - } - - /* set pointer */ - switch (ext->sadb_ext_type) { - case SADB_EXT_SA: - case SADB_EXT_LIFETIME_CURRENT: - case SADB_EXT_LIFETIME_HARD: - case SADB_EXT_LIFETIME_SOFT: - case SADB_EXT_ADDRESS_SRC: - case SADB_EXT_ADDRESS_DST: - case SADB_EXT_ADDRESS_PROXY: - case SADB_EXT_KEY_AUTH: - /* XXX should to be check weak keys. */ - case SADB_EXT_KEY_ENCRYPT: - /* XXX should to be check weak keys. */ - case SADB_EXT_IDENTITY_SRC: - case SADB_EXT_IDENTITY_DST: - case SADB_EXT_SENSITIVITY: - case SADB_EXT_PROPOSAL: - case SADB_EXT_SUPPORTED_AUTH: - case SADB_EXT_SUPPORTED_ENCRYPT: - case SADB_EXT_SPIRANGE: - case SADB_X_EXT_POLICY: - case SADB_X_EXT_SA2: - mhp[ext->sadb_ext_type] = (caddr_t)ext; - break; - default: - __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; - return -1; - } - - p += PFKEY_EXTLEN(ext); - } - - if (p != ep) { - __ipsec_errcode = EIPSEC_INVAL_SADBMSG; - return -1; - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * check basic usage for sadb_msg, - * NOTE: This routine is derived from netkey/key.c in KAME. - * IN: msg: pointer to message buffer. - * mhp: pointer to the buffer initialized like below: - * - * caddr_t mhp[SADB_EXT_MAX + 1]; - * - * OUT: -1: invalid. - * 0: valid. - */ -int -pfkey_check(mhp) - caddr_t *mhp; -{ - struct sadb_msg *msg; - - /* validity check */ - if (mhp == NULL || mhp[0] == NULL) { - __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; - return -1; - } - - msg = (struct sadb_msg *)mhp[0]; - - /* check version */ - if (msg->sadb_msg_version != PF_KEY_V2) { - __ipsec_errcode = EIPSEC_INVAL_VERSION; - return -1; - } - - /* check type */ - if (msg->sadb_msg_type > SADB_MAX) { - __ipsec_errcode = EIPSEC_INVAL_MSGTYPE; - return -1; - } - - /* check SA type */ - switch (msg->sadb_msg_satype) { - case SADB_SATYPE_UNSPEC: - switch (msg->sadb_msg_type) { - case SADB_GETSPI: - case SADB_UPDATE: - case SADB_ADD: - case SADB_DELETE: - case SADB_GET: - case SADB_ACQUIRE: - case SADB_EXPIRE: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - break; - case SADB_SATYPE_ESP: - case SADB_SATYPE_AH: - case SADB_X_SATYPE_IPCOMP: - switch (msg->sadb_msg_type) { - case SADB_X_SPDADD: - case SADB_X_SPDDELETE: - case SADB_X_SPDGET: - case SADB_X_SPDDUMP: - case SADB_X_SPDFLUSH: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - break; - case SADB_SATYPE_RSVP: - case SADB_SATYPE_OSPFV2: - case SADB_SATYPE_RIPV2: - case SADB_SATYPE_MIP: - __ipsec_errcode = EIPSEC_NOT_SUPPORTED; - return -1; - case 1: /* XXX: What does it do ? */ - if (msg->sadb_msg_type == SADB_X_PROMISC) - break; - /*FALLTHROUGH*/ - default: - __ipsec_errcode = EIPSEC_INVAL_SATYPE; - return -1; - } - - /* check field of upper layer protocol and address family */ - if (mhp[SADB_EXT_ADDRESS_SRC] != NULL - && mhp[SADB_EXT_ADDRESS_DST] != NULL) { - struct sadb_address *src0, *dst0; - - src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]); - dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]); - - if (src0->sadb_address_proto != dst0->sadb_address_proto) { - __ipsec_errcode = EIPSEC_PROTO_MISMATCH; - return -1; - } - - if (PFKEY_ADDR_SADDR(src0)->sa_family - != PFKEY_ADDR_SADDR(dst0)->sa_family) { - __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; - return -1; - } - - switch (PFKEY_ADDR_SADDR(src0)->sa_family) { - case AF_INET: - case AF_INET6: - break; - default: - __ipsec_errcode = EIPSEC_INVAL_FAMILY; - return -1; - } - - /* - * prefixlen == 0 is valid because there must be the case - * all addresses are matched. - */ - } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return 0; -} - -/* - * set data into sadb_msg. - * `buf' must has been allocated sufficiently. - */ -static caddr_t -pfkey_setsadbmsg(buf, lim, type, tlen, satype, seq, pid) - caddr_t buf; - caddr_t lim; - u_int type, satype; - u_int tlen; - u_int32_t seq; - pid_t pid; -{ - struct sadb_msg *p; - u_int len; - - p = (struct sadb_msg *)buf; - len = sizeof(struct sadb_msg); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_msg_version = PF_KEY_V2; - p->sadb_msg_type = type; - p->sadb_msg_errno = 0; - p->sadb_msg_satype = satype; - p->sadb_msg_len = PFKEY_UNIT64(tlen); - p->sadb_msg_reserved = 0; - p->sadb_msg_seq = seq; - p->sadb_msg_pid = (u_int32_t)pid; - - return(buf + len); -} - -/* - * copy secasvar data into sadb_address. - * `buf' must has been allocated sufficiently. - */ -static caddr_t -pfkey_setsadbsa(buf, lim, spi, wsize, auth, enc, flags) - caddr_t buf; - caddr_t lim; - u_int32_t spi, flags; - u_int wsize, auth, enc; -{ - struct sadb_sa *p; - u_int len; - - p = (struct sadb_sa *)buf; - len = sizeof(struct sadb_sa); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_sa_len = PFKEY_UNIT64(len); - p->sadb_sa_exttype = SADB_EXT_SA; - p->sadb_sa_spi = spi; - p->sadb_sa_replay = wsize; - p->sadb_sa_state = SADB_SASTATE_LARVAL; - p->sadb_sa_auth = auth; - p->sadb_sa_encrypt = enc; - p->sadb_sa_flags = flags; - - return(buf + len); -} - -/* - * set data into sadb_address. - * `buf' must has been allocated sufficiently. - * prefixlen is in bits. - */ -static caddr_t -pfkey_setsadbaddr(buf, lim, exttype, saddr, prefixlen, ul_proto) - caddr_t buf; - caddr_t lim; - u_int exttype; - struct sockaddr *saddr; - u_int prefixlen; - u_int ul_proto; -{ - struct sadb_address *p; - u_int len; - - p = (struct sadb_address *)buf; - len = sizeof(struct sadb_address) + PFKEY_ALIGN8(saddr->sa_len); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_address_len = PFKEY_UNIT64(len); - p->sadb_address_exttype = exttype & 0xffff; - p->sadb_address_proto = ul_proto & 0xff; - p->sadb_address_prefixlen = prefixlen; - p->sadb_address_reserved = 0; - - memcpy(p + 1, saddr, saddr->sa_len); - - return(buf + len); -} - -/* - * set sadb_key structure after clearing buffer with zero. - * OUT: the pointer of buf + len. - */ -static caddr_t -pfkey_setsadbkey(buf, lim, type, key, keylen) - caddr_t buf; - caddr_t lim; - caddr_t key; - u_int type, keylen; -{ - struct sadb_key *p; - u_int len; - - p = (struct sadb_key *)buf; - len = sizeof(struct sadb_key) + PFKEY_ALIGN8(keylen); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_key_len = PFKEY_UNIT64(len); - p->sadb_key_exttype = type; - p->sadb_key_bits = keylen << 3; - p->sadb_key_reserved = 0; - - memcpy(p + 1, key, keylen); - - return buf + len; -} - -/* - * set sadb_lifetime structure after clearing buffer with zero. - * OUT: the pointer of buf + len. - */ -static caddr_t -pfkey_setsadblifetime(buf, lim, type, l_alloc, l_bytes, l_addtime, l_usetime) - caddr_t buf; - caddr_t lim; - u_int type; - u_int32_t l_alloc, l_bytes, l_addtime, l_usetime; -{ - struct sadb_lifetime *p; - u_int len; - - p = (struct sadb_lifetime *)buf; - len = sizeof(struct sadb_lifetime); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_lifetime_len = PFKEY_UNIT64(len); - p->sadb_lifetime_exttype = type; - - switch (type) { - case SADB_EXT_LIFETIME_SOFT: - p->sadb_lifetime_allocations - = (l_alloc * soft_lifetime_allocations_rate) /100; - p->sadb_lifetime_bytes - = (l_bytes * soft_lifetime_bytes_rate) /100; - p->sadb_lifetime_addtime - = (l_addtime * soft_lifetime_addtime_rate) /100; - p->sadb_lifetime_usetime - = (l_usetime * soft_lifetime_usetime_rate) /100; - break; - case SADB_EXT_LIFETIME_HARD: - p->sadb_lifetime_allocations = l_alloc; - p->sadb_lifetime_bytes = l_bytes; - p->sadb_lifetime_addtime = l_addtime; - p->sadb_lifetime_usetime = l_usetime; - break; - } - - return buf + len; -} - -/* - * copy secasvar data into sadb_address. - * `buf' must has been allocated sufficiently. - */ -static caddr_t -pfkey_setsadbxsa2(buf, lim, mode0, reqid) - caddr_t buf; - caddr_t lim; - u_int32_t mode0; - u_int32_t reqid; -{ - struct sadb_x_sa2 *p; - u_int8_t mode = mode0 & 0xff; - u_int len; - - p = (struct sadb_x_sa2 *)buf; - len = sizeof(struct sadb_x_sa2); - - if (buf + len > lim) - return NULL; - - memset(p, 0, len); - p->sadb_x_sa2_len = PFKEY_UNIT64(len); - p->sadb_x_sa2_exttype = SADB_X_EXT_SA2; - p->sadb_x_sa2_mode = mode; - p->sadb_x_sa2_reqid = reqid; - - return(buf + len); -} diff --git a/setkey.tproj/pfkey_dump.c b/setkey.tproj/pfkey_dump.c deleted file mode 100644 index 507a0dd..0000000 --- a/setkey.tproj/pfkey_dump.c +++ /dev/null @@ -1,596 +0,0 @@ -/* $FreeBSD: src/lib/libipsec/pfkey_dump.c,v 1.1.2.2 2001/07/03 11:01:15 ume Exp $ */ -/* $KAME: pfkey_dump.c,v 1.27 2001/03/12 09:03:38 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "ipsec_strerror.h" -#include "libpfkey.h" - -/* cope with old kame headers - ugly */ -#ifndef SADB_X_AALG_MD5 -#define SADB_X_AALG_MD5 SADB_AALG_MD5 -#endif -#ifndef SADB_X_AALG_SHA -#define SADB_X_AALG_SHA SADB_AALG_SHA -#endif -#ifndef SADB_X_AALG_NULL -#define SADB_X_AALG_NULL SADB_AALG_NULL -#endif - -#ifndef SADB_X_EALG_BLOWFISHCBC -#define SADB_X_EALG_BLOWFISHCBC SADB_EALG_BLOWFISHCBC -#endif -#ifndef SADB_X_EALG_CAST128CBC -#define SADB_X_EALG_CAST128CBC SADB_EALG_CAST128CBC -#endif -#ifndef SADB_X_EALG_RC5CBC -#ifdef SADB_EALG_RC5CBC -#define SADB_X_EALG_RC5CBC SADB_EALG_RC5CBC -#endif -#endif - -#define GETMSGSTR(str, num) \ -do { \ - if (sizeof((str)[0]) == 0 \ - || num >= sizeof(str)/sizeof((str)[0])) \ - printf("%d ", (num)); \ - else if (strlen((str)[(num)]) == 0) \ - printf("%d ", (num)); \ - else \ - printf("%s ", (str)[(num)]); \ -} while (0) - -#define GETMSGV2S(v2s, num) \ -do { \ - struct val2str *p; \ - for (p = (v2s); p && p->str; p++) { \ - if (p->val == (num)) \ - break; \ - } \ - if (p && p->str) \ - printf("%s ", p->str); \ - else \ - printf("%d ", (num)); \ -} while (0) - -static char *str_ipaddr __P((struct sockaddr *)); -static char *str_prefport __P((u_int, u_int, u_int)); -static char *str_time __P((time_t)); -static void str_lifetime_byte __P((struct sadb_lifetime *, char *)); - -struct val2str { - int val; - const char *str; -}; - -/* - * Must to be re-written about following strings. - */ -static char *str_satype[] = { - "unspec", - "unknown", - "ah", - "esp", - "unknown", - "rsvp", - "ospfv2", - "ripv2", - "mip", - "ipcomp", -}; - -static char *str_mode[] = { - "any", - "transport", - "tunnel", -}; - -static char *str_upper[] = { -/*0*/ "ip", "icmp", "igmp", "ggp", "ip4", - "", "tcp", "", "egp", "", -/*10*/ "", "", "", "", "", - "", "", "udp", "", "", -/*20*/ "", "", "idp", "", "", - "", "", "", "", "tp", -/*30*/ "", "", "", "", "", - "", "", "", "", "", -/*40*/ "", "ip6", "", "rt6", "frag6", - "", "rsvp", "gre", "", "", -/*50*/ "esp", "ah", "", "", "", - "", "", "", "icmp6", "none", -/*60*/ "dst6", -}; - -static char *str_state[] = { - "larval", - "mature", - "dying", - "dead", -}; - -static struct val2str str_alg_auth[] = { - { SADB_AALG_NONE, "none", }, - { SADB_AALG_MD5HMAC, "hmac-md5", }, - { SADB_AALG_SHA1HMAC, "hmac-sha1", }, - { SADB_X_AALG_MD5, "md5", }, - { SADB_X_AALG_SHA, "sha", }, - { SADB_X_AALG_NULL, "null", }, -#ifdef SADB_X_AALG_SHA2_256 - { SADB_X_AALG_SHA2_256, "hmac-sha2-256", }, -#endif -#ifdef SADB_X_AALG_SHA2_384 - { SADB_X_AALG_SHA2_384, "hmac-sha2-384", }, -#endif -#ifdef SADB_X_AALG_SHA2_512 - { SADB_X_AALG_SHA2_512, "hmac-sha2-512", }, -#endif - { -1, NULL, }, -}; - -static struct val2str str_alg_enc[] = { - { SADB_EALG_NONE, "none", }, - { SADB_EALG_DESCBC, "des-cbc", }, - { SADB_EALG_3DESCBC, "3des-cbc", }, - { SADB_EALG_NULL, "null", }, -#ifdef SADB_X_EALG_RC5CBC - { SADB_X_EALG_RC5CBC, "rc5-cbc", }, -#endif - { SADB_X_EALG_CAST128CBC, "cast128-cbc", }, - { SADB_X_EALG_BLOWFISHCBC, "blowfish-cbc", }, -#ifdef SADB_X_EALG_RIJNDAELCBC - { SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", }, -#endif -#ifdef SADB_X_EALG_TWOFISHCBC - { SADB_X_EALG_TWOFISHCBC, "twofish-cbc", }, -#endif - { -1, NULL, }, -}; - -static struct val2str str_alg_comp[] = { - { SADB_X_CALG_NONE, "none", }, - { SADB_X_CALG_OUI, "oui", }, - { SADB_X_CALG_DEFLATE, "deflate", }, - { SADB_X_CALG_LZS, "lzs", }, - { -1, NULL, }, -}; - -/* - * dump SADB_MSG formated. For debugging, you should use kdebug_sadb(). - */ -void -pfkey_sadump(m) - struct sadb_msg *m; -{ - caddr_t mhp[SADB_EXT_MAX + 1]; - struct sadb_sa *m_sa; - struct sadb_x_sa2 *m_sa2; - struct sadb_lifetime *m_lftc, *m_lfth, *m_lfts; - struct sadb_address *m_saddr, *m_daddr, *m_paddr; - struct sadb_key *m_auth, *m_enc; - struct sadb_ident *m_sid, *m_did; - struct sadb_sens *m_sens; - - /* check pfkey message. */ - if (pfkey_align(m, mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - if (pfkey_check(mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - - m_sa = (struct sadb_sa *)mhp[SADB_EXT_SA]; - m_sa2 = (struct sadb_x_sa2 *)mhp[SADB_X_EXT_SA2]; - m_lftc = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT]; - m_lfth = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD]; - m_lfts = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_SOFT]; - m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - m_paddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_PROXY]; - m_auth = (struct sadb_key *)mhp[SADB_EXT_KEY_AUTH]; - m_enc = (struct sadb_key *)mhp[SADB_EXT_KEY_ENCRYPT]; - m_sid = (struct sadb_ident *)mhp[SADB_EXT_IDENTITY_SRC]; - m_did = (struct sadb_ident *)mhp[SADB_EXT_IDENTITY_DST]; - m_sens = (struct sadb_sens *)mhp[SADB_EXT_SENSITIVITY]; - - /* source address */ - if (m_saddr == NULL) { - printf("no ADDRESS_SRC extension.\n"); - return; - } - printf("%s ", str_ipaddr((struct sockaddr *)(m_saddr + 1))); - - /* destination address */ - if (m_daddr == NULL) { - printf("no ADDRESS_DST extension.\n"); - return; - } - printf("%s ", str_ipaddr((struct sockaddr *)(m_daddr + 1))); - - /* SA type */ - if (m_sa == NULL) { - printf("no SA extension.\n"); - return; - } - if (m_sa2 == NULL) { - printf("no SA2 extension.\n"); - return; - } - printf("\n\t"); - - GETMSGSTR(str_satype, m->sadb_msg_satype); - - printf("mode="); - GETMSGSTR(str_mode, m_sa2->sadb_x_sa2_mode); - - printf("spi=%u(0x%08x) reqid=%u(0x%08x)\n", - (u_int32_t)ntohl(m_sa->sadb_sa_spi), - (u_int32_t)ntohl(m_sa->sadb_sa_spi), - (u_int32_t)m_sa2->sadb_x_sa2_reqid, - (u_int32_t)m_sa2->sadb_x_sa2_reqid); - - /* encryption key */ - if (m->sadb_msg_satype == SADB_X_SATYPE_IPCOMP) { - printf("\tC: "); - GETMSGV2S(str_alg_comp, m_sa->sadb_sa_encrypt); - } else if (m->sadb_msg_satype == SADB_SATYPE_ESP) { - if (m_enc != NULL) { - printf("\tE: "); - GETMSGV2S(str_alg_enc, m_sa->sadb_sa_encrypt); - ipsec_hexdump((caddr_t)m_enc + sizeof(*m_enc), - m_enc->sadb_key_bits / 8); - printf("\n"); - } - } - - /* authentication key */ - if (m_auth != NULL) { - printf("\tA: "); - GETMSGV2S(str_alg_auth, m_sa->sadb_sa_auth); - ipsec_hexdump((caddr_t)m_auth + sizeof(*m_auth), - m_auth->sadb_key_bits / 8); - printf("\n"); - } - - /* replay windoe size & flags */ - printf("\treplay=%u flags=0x%08x ", - m_sa->sadb_sa_replay, - m_sa->sadb_sa_flags); - - /* state */ - printf("state="); - GETMSGSTR(str_state, m_sa->sadb_sa_state); - - printf("seq=%lu pid=%lu\n", - (u_long)m->sadb_msg_seq, - (u_long)m->sadb_msg_pid); - - /* lifetime */ - if (m_lftc != NULL) { - time_t tmp_time = time(0); - - printf("\tcreated: %s", - str_time(m_lftc->sadb_lifetime_addtime)); - printf("\tcurrent: %s\n", str_time(tmp_time)); - printf("\tdiff: %lu(s)", - (u_long)(m_lftc->sadb_lifetime_addtime == 0 ? - 0 : (tmp_time - m_lftc->sadb_lifetime_addtime))); - - printf("\thard: %lu(s)", - (u_long)(m_lfth == NULL ? - 0 : m_lfth->sadb_lifetime_addtime)); - printf("\tsoft: %lu(s)\n", - (u_long)(m_lfts == NULL ? - 0 : m_lfts->sadb_lifetime_addtime)); - - printf("\tlast: %s", - str_time(m_lftc->sadb_lifetime_usetime)); - printf("\thard: %lu(s)", - (u_long)(m_lfth == NULL ? - 0 : m_lfth->sadb_lifetime_usetime)); - printf("\tsoft: %lu(s)\n", - (u_long)(m_lfts == NULL ? - 0 : m_lfts->sadb_lifetime_usetime)); - - str_lifetime_byte(m_lftc, "current"); - str_lifetime_byte(m_lfth, "hard"); - str_lifetime_byte(m_lfts, "soft"); - printf("\n"); - - printf("\tallocated: %lu", - (unsigned long)m_lftc->sadb_lifetime_allocations); - printf("\thard: %lu", - (u_long)(m_lfth == NULL ? - 0 : m_lfth->sadb_lifetime_allocations)); - printf("\tsoft: %lu\n", - (u_long)(m_lfts == NULL ? - 0 : m_lfts->sadb_lifetime_allocations)); - } - - /* XXX DEBUG */ - printf("\trefcnt=%u\n", m->sadb_msg_reserved); - - return; -} - -void -pfkey_spdump(m) - struct sadb_msg *m; -{ - char pbuf[NI_MAXSERV]; - caddr_t mhp[SADB_EXT_MAX + 1]; - struct sadb_address *m_saddr, *m_daddr; - struct sadb_x_policy *m_xpl; - struct sadb_lifetime *m_lft = NULL; - struct sockaddr *sa; - u_int16_t port; - - /* check pfkey message. */ - if (pfkey_align(m, mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - if (pfkey_check(mhp)) { - printf("%s\n", ipsec_strerror()); - return; - } - - m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]; - m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]; - m_xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY]; - m_lft = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD]; - - /* source address */ - if (m_saddr == NULL) { - printf("no ADDRESS_SRC extension.\n"); - return; - } - sa = (struct sockaddr *)(m_saddr + 1); - switch (sa->sa_family) { - case AF_INET: - case AF_INET6: - if (getnameinfo(sa, sa->sa_len, NULL, 0, pbuf, sizeof(pbuf), - NI_NUMERICSERV) != 0) - port = 0; /*XXX*/ - else - port = atoi(pbuf); - printf("%s%s ", str_ipaddr(sa), - str_prefport(sa->sa_family, - m_saddr->sadb_address_prefixlen, port)); - break; - default: - printf("unknown-af "); - break; - } - - /* destination address */ - if (m_daddr == NULL) { - printf("no ADDRESS_DST extension.\n"); - return; - } - sa = (struct sockaddr *)(m_daddr + 1); - switch (sa->sa_family) { - case AF_INET: - case AF_INET6: - if (getnameinfo(sa, sa->sa_len, NULL, 0, pbuf, sizeof(pbuf), - NI_NUMERICSERV) != 0) - port = 0; /*XXX*/ - else - port = atoi(pbuf); - printf("%s%s ", str_ipaddr(sa), - str_prefport(sa->sa_family, - m_daddr->sadb_address_prefixlen, port)); - break; - default: - printf("unknown-af "); - break; - } - - /* upper layer protocol */ - if (m_saddr->sadb_address_proto != m_daddr->sadb_address_proto) { - printf("upper layer protocol mismatched.\n"); - return; - } - if (m_saddr->sadb_address_proto == IPSEC_ULPROTO_ANY) - printf("any"); - else - GETMSGSTR(str_upper, m_saddr->sadb_address_proto); - - /* policy */ - { - char *d_xpl; - - if (m_xpl == NULL) { - printf("no X_POLICY extension.\n"); - return; - } - d_xpl = ipsec_dump_policy((char *)m_xpl, "\n\t"); - - /* dump SPD */ - printf("\n\t%s\n", d_xpl); - free(d_xpl); - } - - /* lifetime */ - if (m_lft) { - printf("\tlifetime:%lu validtime:%lu\n", - (u_long)m_lft->sadb_lifetime_addtime, - (u_long)m_lft->sadb_lifetime_usetime); - } - - printf("\tspid=%ld seq=%ld pid=%ld\n", - (u_long)m_xpl->sadb_x_policy_id, - (u_long)m->sadb_msg_seq, - (u_long)m->sadb_msg_pid); - - /* XXX TEST */ - printf("\trefcnt=%u\n", m->sadb_msg_reserved); - - return; -} - -/* - * set "ipaddress" to buffer. - */ -static char * -str_ipaddr(sa) - struct sockaddr *sa; -{ - static char buf[NI_MAXHOST]; -#ifdef NI_WITHSCOPEID - const int niflag = NI_NUMERICHOST | NI_WITHSCOPEID; -#else - const int niflag = NI_NUMERICHOST; -#endif - - if (sa == NULL) - return ""; - - if (getnameinfo(sa, sa->sa_len, buf, sizeof(buf), NULL, 0, niflag) == 0) - return buf; - return NULL; -} - -/* - * set "/prefix[port number]" to buffer. - */ -static char * -str_prefport(family, pref, port) - u_int family, pref, port; -{ - static char buf[128]; - char prefbuf[20]; - char portbuf[20]; - int plen; - - switch (family) { - case AF_INET: - plen = sizeof(struct in_addr) << 3; - break; - case AF_INET6: - plen = sizeof(struct in6_addr) << 3; - break; - default: - return "?"; - } - - if (pref == plen) - prefbuf[0] = '\0'; - else - snprintf(prefbuf, sizeof(prefbuf), "/%u", pref); - - if (port == IPSEC_PORT_ANY) - snprintf(portbuf, sizeof(portbuf), "[%s]", "any"); - else - snprintf(portbuf, sizeof(portbuf), "[%u]", port); - - snprintf(buf, sizeof(buf), "%s%s", prefbuf, portbuf); - - return buf; -} - -/* - * set "Mon Day Time Year" to buffer - */ -static char * -str_time(t) - time_t t; -{ - static char buf[128]; - - if (t == 0) { - int i = 0; - for (;i < 20;) buf[i++] = ' '; - } else { - char *t0; - t0 = ctime(&t); - memcpy(buf, t0 + 4, 20); - } - - buf[20] = '\0'; - - return(buf); -} - -static void -str_lifetime_byte(x, str) - struct sadb_lifetime *x; - char *str; -{ - double y; - char *unit; - int w; - - if (x == NULL) { - printf("\t%s: 0(bytes)", str); - return; - } - -#if 0 - if ((x->sadb_lifetime_bytes) / 1024 / 1024) { - y = (x->sadb_lifetime_bytes) * 1.0 / 1024 / 1024; - unit = "M"; - w = 1; - } else if ((x->sadb_lifetime_bytes) / 1024) { - y = (x->sadb_lifetime_bytes) * 1.0 / 1024; - unit = "K"; - w = 1; - } else { - y = (x->sadb_lifetime_bytes) * 1.0; - unit = ""; - w = 0; - } -#else - y = (x->sadb_lifetime_bytes) * 1.0; - unit = ""; - w = 0; -#endif - printf("\t%s: %.*f(%sbytes)", str, w, y, unit); -} diff --git a/setkey.tproj/setkey.8 b/setkey.tproj/setkey.8 deleted file mode 100644 index ec39ac6..0000000 --- a/setkey.tproj/setkey.8 +++ /dev/null @@ -1,629 +0,0 @@ -.\" $KAME: setkey.8,v 1.49 2001/05/18 05:49:51 sakane Exp $ -.\" $FreeBSD: src/usr.sbin/setkey/setkey.8,v 1.4.2.12 2001/08/16 15:56:32 ru Exp $ -.\" -.\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of the project nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd November 20, 2000 -.Dt SETKEY 8 -.Os -.\" -.Sh NAME -.Nm setkey -.Nd "manually manipulate the IPsec SA/SP database" -.\" -.Sh SYNOPSIS -.Nm -.Op Fl dv -.Fl c -.Nm -.Op Fl dv -.Fl f Ar filename -.Nm -.Op Fl adPlv -.Fl D -.Nm -.Op Fl dPv -.Fl F -.Nm -.Op Fl h -.Fl x -.\" -.Sh DESCRIPTION -.Nm -adds, updates, dumps, or flushes -Security Association Database (SAD) entries -as well as Security Policy Database (SPD) entries in the kernel. -.Pp -.Nm -takes a series of operations from the standard input -(if invoked with -.Fl c ) -or the file named -.Ar filename -(if invoked with -.Fl f Ar filename ) . -.Bl -tag -width Ds -.It Fl D -Dump the SAD entries. -If with -.Fl P , -the SPD entries are dumped. -.It Fl F -Flush the SAD entries. -If with -.Fl P , -the SPD entries are flushed. -.It Fl a -.Nm -usually does not display dead SAD entries with -.Fl D . -If with -.Fl a , -the dead SAD entries will be displayed as well. -A dead SAD entry means that -it has been expired but remains -because it is referenced by SPD entries. -.It Fl d -Enable to print debugging messages for command parser, -without talking to kernel. -It is not used usually. -.It Fl x -Loop forever and dump all the messages transmitted to -.Dv PF_KEY -socket. -.Fl xx -makes each timestamps unformatted. -.It Fl h -Add hexadecimal dump on -.Fl x -mode. -.It Fl l -Loop forever with short output on -.Fl D . -.It Fl v -Be verbose. -The program will dump messages exchanged on -.Dv PF_KEY -socket, including messages sent from other processes to the kernel. -.El -.Pp -Operations have the following grammar. -Note that lines starting with -hashmarks ('#') are treated as comment lines. -.Bl -tag -width Ds -.It Xo -.Li add -.Ar src Ar dst Ar protocol Ar spi -.Op Ar extensions -.Ar algorithm... -.Li ; -.Xc -Add an SAD entry. -.\" -.It Xo -.Li get -.Ar src Ar dst Ar protocol Ar spi -.Li ; -.Xc -Show an SAD entry. -.\" -.It Xo -.Li delete -.Ar src Ar dst Ar protocol Ar spi -.Li ; -.Xc -Remove an SAD entry. -.\" -.It Xo -.Li deleteall -.Ar src Ar dst Ar protocol -.Li ; -.Xc -Remove all SAD entries that match the specification. -.\" -.It Xo -.Li flush -.Op Ar protocol -.Li ; -.Xc -Clear all SAD entries matched by the options. -.\" -.It Xo -.Li dump -.Op Ar protocol -.Li ; -.Xc -Dumps all SAD entries matched by the options. -.\" -.It Xo -.Li spdadd -.Ar src_range Ar dst_range Ar upperspec Ar policy -.Li ; -.Xc -Add an SPD entry. -.\" -.It Xo -.Li spddelete -.Ar src_range Ar dst_range Ar upperspec Fl P Ar direction -.Li ; -.Xc -Delete an SPD entry. -.\" -.It Xo -.Li spdflush -.Li ; -.Xc -Clear all SPD entries. -.\" -.It Xo -.Li spddump -.Li ; -.Xc -Dumps all SPD entries. -.El -.\" -.Pp -Meta-arguments are as follows: -.Pp -.Bl -tag -compact -width Ds -.It Ar src -.It Ar dst -Source/destination of the secure communication is specified as -IPv4/v6 address. -.Nm -does not consult hostname-to-address for arguments -.Ar src -and -.Ar dst . -They must be in numeric form. -.\" -.Pp -.It Ar protocol -.Ar protocol -is one of following: -.Bl -tag -width Fl -compact -.It Li esp -ESP based on rfc2405 -.It Li esp-old -ESP based on rfc1827 -.It Li ah -AH based on rfc2402 -.It Li ah-old -AH based on rfc1826 -.It Li ipcomp -IPCOMP -.El -.\" -.Pp -.It Ar spi -Security Parameter Index (SPI) for the SAD and the SPD. -It must be decimal number or hexadecimal number -You cannot use the set of SPI values in the range 0 through 255. -(with -.Li 0x -attached). -.\" -.Pp -.It Ar extensions -takes some of the following: -.Bl -tag -width Fl -compact -.\" -.It Fl m Ar mode -Specify a security protocol mode for use. -.Ar mode -is one of following: -.Li transport , tunnel -or -.Li any . -The default value is -.Li any . -.\" -.It Fl r Ar size -Specify window size of bytes for replay prevention. -.Ar size -must be decimal number in 32-bit word. -If -.Ar size -is zero or not specified, replay check don't take place. -.\" -.It Fl u Ar id -Specify the identifier of the policy entry in SPD. -See -.Ar policy . -.\" -.It Fl f Ar pad_option -defines the content of the ESP padding. -.Ar pad_option -is one of following: -.Bl -tag -width random-pad -compact -.It Li zero-pad -All of the padding are zero. -.It Li random-pad -A series of randomized values are set. -.It Li seq-pad -A series of sequential increasing numbers started from 1 are set. -.El -.\" -.It Fl f Li nocyclic-seq -Don't allow cyclic sequence number. -.\" -.It Fl lh Ar time -.It Fl ls Ar time -Specify hard/soft life time duration of the SA. -.El -.\" -.Pp -.It Ar algorithm -.Bl -tag -width Fl -compact -.It Fl E Ar ealgo Ar key -Specify a encryption algorithm. -.It Fl A Ar aalgo Ar key -Specify a authentication algorithm. -If -.Fl A -is used with -.Ar protocol Li esp , -it will be treated as ESP payload authentication algorithm. -.It Fl C Ar calgo Op Fl R -Specify compression algorithm. -If -.Fl R -is not specified with -.Li ipcomp -line, the kernel will use well-known IPComp CPI -(compression parameter index) -on IPComp CPI field on packets, and -.Ar spi -field will be ignored. -.Ar spi -field is only for kernel internal use in this case. -.\"Therefore, compression protocol number will appear on IPComp CPI field. -If -.Fl R -is used, -the value on -.Ar spi -field will appear on IPComp CPI field on outgoing packets. -.Ar spi -field needs to be smaller than -.Li 0x10000 -in this case. -.El -.Pp -.Ar protocol Li esp -accepts -.Fl E -and -.Fl A . -.Ar protocol Li esp-old -accepts -.Fl E -only. -.Ar protocol Li ah -and -.Li ah-old -accept -.Fl A -only. -.Ar protocol Li ipcomp -accepts -.Fl C -only. -.Pp -.Ar key -must be double-quoted character string or series of hexadecimal digits. -.Pp -Possible values for -.Ar ealgo , -.Ar aalgo -and -.Ar calgo -are specified in separate section. -.\" -.Pp -.It Ar src_range -.It Ar dst_range -These are selections of the secure communication specified as -IPv4/v6 address or IPv4/v6 address range, and it may accompany -TCP/UDP port specification. -This takes the following form: -.Bd -literal -offset -.Ar address -.Ar address/prefixlen -.Ar address[port] -.Ar address/prefixlen[port] -.Ed -.Pp -.Ar prefixlen -and -.Ar port -must be decimal number. -The square bracket around -.Ar port -is really necessary. -They are not manpage metacharacters. -.Pp -.Nm -does not consult hostname-to-address for arguments -.Ar src -and -.Ar dst . -They must be in numeric form. -.\" -.Pp -.It Ar upperspec -Upper-layer protocol to be used. -You can use one of words in -.Pa /etc/protocols -as -.Ar upperspec . -Or -.Li icmp6 , -.Li ip4 , -and -.Li any -can be specified. -.Li any -stands for -.Dq any protocol . -Also you can use the protocol number. -.Pp -NOTE: -.Ar upperspec -does not work against forwarding case at this moment, -as it requires extra reassembly at forwarding node -(not implemented at this moment). -We have many protocols in -.Pa /etc/protocols , -but protocols except of TCP, UDP and ICMP may not be suitable to use with IPSec. -You have to consider and be careful to use them. -.Li icmp -.Li tcp -.Li udp -all protocols -.\" -.Pp -.It Ar policy -.Ar policy -is the one of following: -.Bd -literal -offset -.Xo -.Fl P -.Ar direction -.Li discard -.Xc -.Xo -.Fl P -.Ar direction -.Li none -.Xc -.Xo -.Fl P -.Ar direction -.Li ipsec -.Ar protocol/mode/src-dst/level -.Xc -.Ed -.Pp -You must specify the direction of its policy as -.Ar direction . -Either -.Li out -or -.Li in -are used. -.Li discard -means the packet matching indexes will be discarded. -.Li none -means that IPsec operation will not take place onto the packet. -.Li ipsec -means that IPsec operation will take place onto the packet. -Either -.Li ah , -.Li esp -or -.Li ipcomp -is to be set as -.Ar protocol . -.Ar mode -is either -.Li transport -or -.Li tunnel . -If -.Ar mode -is -.Li tunnel , -you must specify the end-points addresses of the SA as -.Ar src -and -.Ar dst -with -.Sq - -between these addresses which is used to specify the SA to use. -If -.Ar mode -is -.Li transport , -both -.Ar src -and -.Ar dst -can be omited. -.Ar level -is to be one of the following: -.Li default , use , require -or -.Li unique . -If the SA is not available in every level, the kernel will request -getting SA to the key exchange daemon. -.Li default -means the kernel consults to the system wide default against protocol you -specified, e.g.\& -.Li esp_trans_deflev -sysctl variable, when the kernel processes the packet. -.Li use -means that the kernel use a SA if it's available, -otherwise the kernel keeps normal operation. -.Li require -means SA is required whenever the kernel sends a packet matched -with the policy. -.Li unique -is the same to require. -In addition, it allows the policy to bind with the unique out-bound SA. -If you use the SA by manual keying, -you can put the decimal number as the policy identifier after -.Li unique -separated by colon -.Sq \: -like the following; -.Li unique:number . -.Li number -must be between 1 and 32767. -It corresponds to -.Ar extensions Fl u . -.Pp -Note that -.Dq Li discard -and -.Dq Li none -are not in the syntax described in -.Xr ipsec_set_policy 3 . -There are little differences in the syntax. -See -.Xr ipsec_set_policy 3 -for detail. -.Pp -.El -.Pp -.\" -.Sh ALGORITHMS -The following list shows the supported algorithms. -.Sy protocol -and -.Sy algorithm -are almost orthogonal. -Followings are the list of authentication algorithms that can be used as -.Ar aalgo -in -.Fl A Ar aalgo -of -.Ar protocol -parameter: -.Pp -.Bd -literal -offset indent -algorithm keylen (bits) comment -hmac-md5 128 ah: rfc2403 - 128 ah-old: rfc2085 -hmac-sha1 160 ah: rfc2404 - 160 ah-old: 128bit ICV (no document) -keyed-md5 128 ah: 96bit ICV (no document) - 128 ah-old: rfc1828 -keyed-sha1 160 ah: 96bit ICV (no document) - 160 ah-old: 128bit ICV (no document) -null 0 to 2048 for debugging -hmac-sha2-256 256 ah: 96bit ICV (no document) - 256 ah-old: 128bit ICV (no document) -hmac-sha2-384 384 ah: 96bit ICV (no document) - 384 ah-old: 128bit ICV (no document) -hmac-sha2-512 512 ah: 96bit ICV (no document) - 512 ah-old: 128bit ICV (no document) -.Ed -.Pp -Followings are the list of encryption algorithms that can be used as -.Ar ealgo -in -.Fl E Ar ealgo -of -.Ar protocol -parameter: -.Pp -.Bd -literal -offset indent -algorithm keylen (bits) comment -des-cbc 64 esp-old: rfc1829, esp: rfc2405 -3des-cbc 192 rfc2451 -simple 0 to 2048 rfc2410 -blowfish-cbc 40 to 448 rfc2451 -cast128-cbc 40 to 128 rfc2451 -des-deriv 64 ipsec-ciph-des-derived-01 (expired) -3des-deriv 192 no document -rijndael-cbc 128/192/256 draft-ietf-ipsec-ciph-aes-cbc-00 -.Ed -.Pp -Followings are the list of compression algorithms that can be used as -.Ar calgo -in -.Fl C Ar calgo -of -.Ar protocol -parameter: -.Pp -.Bd -literal -offset indent -algorithm comment -deflate rfc2394 -lzs rfc2395 -.Ed -.\" -.Sh EXAMPLES -.Bd -literal -offset -add 3ffe:501:4819::1 3ffe:501:481d::1 esp 123457 - -E des-cbc "ESP SA!!" ; - -add 3ffe:501:4819::1 3ffe:501:481d::1 ah 123456 - -A hmac-sha1 "AH SA configuration!" ; - -add 10.0.11.41 10.0.11.33 esp 0x10001 - -E des-cbc "ESP with" - -A hmac-md5 "authentication!!" ; - -get 3ffe:501:4819::1 3ffe:501:481d::1 ah 123456 ; - -flush ; - -dump esp ; - -spdadd 10.0.11.41/32[21] 10.0.11.33/32[any] any - -P out ipsec esp/tunnel/192.168.0.1-192.168.1.2/require ; - -.Ed -.\" -.Sh RETURN VALUES -The command exits with 0 on success, and non-zero on errors. -.\" -.Sh SEE ALSO -.Xr ipsec_set_policy 3 , -.Xr racoon 8 , -.Xr sysctl 8 -.\" -.Sh HISTORY -The -.Nm -command first appeared in WIDE Hydrangea IPv6 protocol stack kit. -The command was completely re-designed in June 1998. -.\" -.\" .Sh BUGS diff --git a/setkey.tproj/setkey.c b/setkey.tproj/setkey.c deleted file mode 100644 index e49db07..0000000 --- a/setkey.tproj/setkey.c +++ /dev/null @@ -1,648 +0,0 @@ -/* $FreeBSD: src/usr.sbin/setkey/setkey.c,v 1.1.2.2 2001/07/03 11:02:17 ume Exp $ */ -/* $KAME: setkey.c,v 1.18 2001/05/08 04:36:39 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "libpfkey.h" - -void Usage __P((void)); -int main __P((int, char **)); -int get_supported __P((void)); -void sendkeyshort __P((u_int)); -void promisc __P((void)); -int sendkeymsg __P((void)); -int postproc __P((struct sadb_msg *, int)); -const char *numstr __P((int)); -void shortdump_hdr __P((void)); -void shortdump __P((struct sadb_msg *)); -static void printdate __P((void)); -static int32_t gmt2local __P((time_t)); - -#define MODE_SCRIPT 1 -#define MODE_CMDDUMP 2 -#define MODE_CMDFLUSH 3 -#define MODE_PROMISC 4 - -int so; - -int f_forever = 0; -int f_all = 0; -int f_debug = 0; -int f_verbose = 0; -int f_mode = 0; -int f_cmddump = 0; -int f_policy = 0; -int f_hexdump = 0; -int f_tflag = 0; -char *pname; - -u_char m_buf[BUFSIZ]; -u_int m_len; - -static time_t thiszone; - -extern int lineno; - -extern int parse __P((FILE **)); - -void -Usage() -{ - printf("Usage:\t%s [-dv] -c\n", pname); - printf("\t%s [-dv] -f (file)\n", pname); - printf("\t%s [-Padlv] -D\n", pname); - printf("\t%s [-Pdv] -F\n", pname); - printf("\t%s [-h] -x\n", pname); - pfkey_close(so); - exit(1); -} - -int -main(ac, av) - int ac; - char **av; -{ - FILE *fp = stdin; - int c; - - pname = *av; - - if (ac == 1) Usage(); - - thiszone = gmt2local(0); - - while ((c = getopt(ac, av, "acdf:hlvxDFP")) != -1) { - switch (c) { - case 'c': - f_mode = MODE_SCRIPT; - fp = stdin; - break; - case 'f': - f_mode = MODE_SCRIPT; - if ((fp = fopen(optarg, "r")) == NULL) { - err(-1, "fopen"); - /*NOTREACHED*/ - } - break; - case 'D': - f_mode = MODE_CMDDUMP; - break; - case 'F': - f_mode = MODE_CMDFLUSH; - break; - case 'a': - f_all = 1; - break; - case 'l': - f_forever = 1; - break; - case 'h': - f_hexdump = 1; - break; - case 'x': - f_mode = MODE_PROMISC; - f_tflag++; - break; - case 'P': - f_policy = 1; - break; - case 'd': - f_debug = 1; - break; - case 'v': - f_verbose = 1; - break; - default: - Usage(); - /*NOTREACHED*/ - } - } - - switch (f_mode) { - case MODE_CMDDUMP: - sendkeyshort(f_policy ? SADB_X_SPDDUMP: SADB_DUMP); - break; - case MODE_CMDFLUSH: - sendkeyshort(f_policy ? SADB_X_SPDFLUSH: SADB_FLUSH); - pfkey_close(so); - break; - case MODE_SCRIPT: - if (get_supported() < 0) { - errx(-1, "%s", ipsec_strerror()); - /*NOTREACHED*/ - } - if (parse(&fp)) - exit (1); - break; - case MODE_PROMISC: - promisc(); - /*NOTREACHED*/ - default: - Usage(); - /*NOTREACHED*/ - } - - exit(0); -} - -int -get_supported() -{ - int so; - - if ((so = pfkey_open()) < 0) { - perror("pfkey_open"); - return -1; - } - - /* debug mode ? */ - if (f_debug) - return 0; - - if (pfkey_send_register(so, SADB_SATYPE_UNSPEC) < 0) - return -1; - - if (pfkey_recv_register(so) < 0) - return -1; - - return 0; -} - -void -sendkeyshort(type) - u_int type; -{ - struct sadb_msg *m_msg = (struct sadb_msg *)m_buf; - - m_len = sizeof(struct sadb_msg); - - m_msg->sadb_msg_version = PF_KEY_V2; - m_msg->sadb_msg_type = type; - m_msg->sadb_msg_errno = 0; - m_msg->sadb_msg_satype = SADB_SATYPE_UNSPEC; - m_msg->sadb_msg_len = PFKEY_UNIT64(m_len); - m_msg->sadb_msg_reserved = 0; - m_msg->sadb_msg_seq = 0; - m_msg->sadb_msg_pid = getpid(); - - sendkeymsg(); - - return; -} - -void -promisc() -{ - struct sadb_msg *m_msg = (struct sadb_msg *)m_buf; - u_char rbuf[1024 * 32]; /* XXX: Enough ? Should I do MSG_PEEK ? */ - int so, len; - - m_len = sizeof(struct sadb_msg); - - m_msg->sadb_msg_version = PF_KEY_V2; - m_msg->sadb_msg_type = SADB_X_PROMISC; - m_msg->sadb_msg_errno = 0; - m_msg->sadb_msg_satype = 1; - m_msg->sadb_msg_len = PFKEY_UNIT64(m_len); - m_msg->sadb_msg_reserved = 0; - m_msg->sadb_msg_seq = 0; - m_msg->sadb_msg_pid = getpid(); - - if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) { - err(1, "socket(PF_KEY)"); - /*NOTREACHED*/ - } - - if ((len = send(so, m_buf, m_len, 0)) < 0) { - err(1, "send"); - /*NOTREACHED*/ - } - - while (1) { - struct sadb_msg *base; - - if ((len = recv(so, rbuf, sizeof(*base), MSG_PEEK)) < 0) { - err(1, "recv"); - /*NOTREACHED*/ - } - - if (len != sizeof(*base)) - continue; - - base = (struct sadb_msg *)rbuf; - if ((len = recv(so, rbuf, PFKEY_UNUNIT64(base->sadb_msg_len), - 0)) < 0) { - err(1, "recv"); - /*NOTREACHED*/ - } - printdate(); - if (f_hexdump) { - int i; - for (i = 0; i < len; i++) { - if (i % 16 == 0) - printf("%08x: ", i); - printf("%02x ", rbuf[i] & 0xff); - if (i % 16 == 15) - printf("\n"); - } - if (len % 16) - printf("\n"); - } - /* adjust base pointer for promisc mode */ - if (base->sadb_msg_type == SADB_X_PROMISC) { - if (sizeof(*base) < len) - base++; - else - base = NULL; - } - if (base) { - kdebug_sadb(base); - printf("\n"); - fflush(stdout); - } - } -} - -int -sendkeymsg() -{ - int so; - - u_char rbuf[1024 * 32]; /* XXX: Enough ? Should I do MSG_PEEK ? */ - int len; - struct sadb_msg *msg; - - if ((so = pfkey_open()) < 0) { - perror("pfkey_open"); - return -1; - } - - { - struct timeval tv; - tv.tv_sec = 1; - tv.tv_usec = 0; - if (setsockopt(so, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)) < 0) { - perror("setsockopt"); - goto end; - } - } - - if (f_forever) - shortdump_hdr(); -again: - if (f_verbose) { - kdebug_sadb((struct sadb_msg *)m_buf); - printf("\n"); - } - - if ((len = send(so, m_buf, m_len, 0)) < 0) { - perror("send"); - goto end; - } - - msg = (struct sadb_msg *)rbuf; - do { - if ((len = recv(so, rbuf, sizeof(rbuf), 0)) < 0) { - perror("recv"); - goto end; - } - - if (PFKEY_UNUNIT64(msg->sadb_msg_len) != len) { - warnx("invalid keymsg length"); - break; - } - - if (f_verbose) { - kdebug_sadb((struct sadb_msg *)rbuf); - printf("\n"); - } - if (postproc(msg, len) < 0) - break; - } while (msg->sadb_msg_errno || msg->sadb_msg_seq); - - if (f_forever) { - fflush(stdout); - sleep(1); - goto again; - } - -end: - pfkey_close(so); - return(0); -} - -int -postproc(msg, len) - struct sadb_msg *msg; - int len; -{ - - if (msg->sadb_msg_errno != 0) { - char inf[80]; - char *errmsg = NULL; - - if (f_mode == MODE_SCRIPT) - snprintf(inf, sizeof(inf), "The result of line %d: ", lineno); - else - inf[0] = '\0'; - - switch (msg->sadb_msg_errno) { - case ENOENT: - switch (msg->sadb_msg_type) { - case SADB_DELETE: - case SADB_GET: - case SADB_X_SPDDELETE: - errmsg = "No entry"; - break; - case SADB_DUMP: - errmsg = "No SAD entries"; - break; - case SADB_X_SPDDUMP: - errmsg = "No SPD entries"; - break; - } - break; - default: - errmsg = strerror(msg->sadb_msg_errno); - } - printf("%s%s.\n", inf, errmsg); - return(-1); - } - - switch (msg->sadb_msg_type) { - case SADB_GET: - pfkey_sadump(msg); - break; - - case SADB_DUMP: - /* filter out DEAD SAs */ - if (!f_all) { - caddr_t mhp[SADB_EXT_MAX + 1]; - struct sadb_sa *sa; - pfkey_align(msg, mhp); - pfkey_check(mhp); - if ((sa = (struct sadb_sa *)mhp[SADB_EXT_SA]) != NULL) { - if (sa->sadb_sa_state == SADB_SASTATE_DEAD) - break; - } - } - if (f_forever) - shortdump(msg); - else - pfkey_sadump(msg); - msg = (struct sadb_msg *)((caddr_t)msg + - PFKEY_UNUNIT64(msg->sadb_msg_len)); - if (f_verbose) { - kdebug_sadb((struct sadb_msg *)msg); - printf("\n"); - } - break; - - case SADB_X_SPDDUMP: - pfkey_spdump(msg); - if (msg->sadb_msg_seq == 0) break; - msg = (struct sadb_msg *)((caddr_t)msg + - PFKEY_UNUNIT64(msg->sadb_msg_len)); - if (f_verbose) { - kdebug_sadb((struct sadb_msg *)msg); - printf("\n"); - } - break; - } - - return(0); -} - -/*------------------------------------------------------------*/ -static char *satype[] = { - NULL, NULL, "ah", "esp" -}; -static char *sastate[] = { - "L", "M", "D", "d" -}; -static char *ipproto[] = { -/*0*/ "ip", "icmp", "igmp", "ggp", "ip4", - NULL, "tcp", NULL, "egp", NULL, -/*10*/ NULL, NULL, NULL, NULL, NULL, - NULL, NULL, "udp", NULL, NULL, -/*20*/ NULL, NULL, "idp", NULL, NULL, - NULL, NULL, NULL, NULL, "tp", -/*30*/ NULL, NULL, NULL, NULL, NULL, - NULL, NULL, NULL, NULL, NULL, -/*40*/ NULL, "ip6", NULL, "rt6", "frag6", - NULL, "rsvp", "gre", NULL, NULL, -/*50*/ "esp", "ah", NULL, NULL, NULL, - NULL, NULL, NULL, "icmp6", "none", -/*60*/ "dst6", -}; - -#define STR_OR_ID(x, tab) \ - (((x) < sizeof(tab)/sizeof(tab[0]) && tab[(x)]) ? tab[(x)] : numstr(x)) - -const char * -numstr(x) - int x; -{ - static char buf[20]; - snprintf(buf, sizeof(buf), "#%d", x); - return buf; -} - -void -shortdump_hdr() -{ - printf("%-4s %-3s %-1s %-8s %-7s %s -> %s\n", - "time", "p", "s", "spi", "ltime", "src", "dst"); -} - -void -shortdump(msg) - struct sadb_msg *msg; -{ - caddr_t mhp[SADB_EXT_MAX + 1]; - char buf[NI_MAXHOST], pbuf[NI_MAXSERV]; - struct sadb_sa *sa; - struct sadb_address *saddr; - struct sadb_lifetime *lts, *lth, *ltc; - struct sockaddr *s; - u_int t; - time_t cur = time(0); - - pfkey_align(msg, mhp); - pfkey_check(mhp); - - printf("%02lu%02lu", (u_long)(cur % 3600) / 60, (u_long)(cur % 60)); - - printf(" %-3s", STR_OR_ID(msg->sadb_msg_satype, satype)); - - if ((sa = (struct sadb_sa *)mhp[SADB_EXT_SA]) != NULL) { - printf(" %-1s", STR_OR_ID(sa->sadb_sa_state, sastate)); - printf(" %08x", (u_int32_t)ntohl(sa->sadb_sa_spi)); - } else - printf("%-1s %-8s", "?", "?"); - - lts = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_SOFT]; - lth = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD]; - ltc = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT]; - if (lts && lth && ltc) { - if (ltc->sadb_lifetime_addtime == 0) - t = (u_long)0; - else - t = (u_long)(cur - ltc->sadb_lifetime_addtime); - if (t >= 1000) - strcpy(buf, " big/"); - else - snprintf(buf, sizeof(buf), " %3lu/", (u_long)t); - printf("%s", buf); - - t = (u_long)lth->sadb_lifetime_addtime; - if (t >= 1000) - strcpy(buf, "big"); - else - snprintf(buf, sizeof(buf), "%-3lu", (u_long)t); - printf("%s", buf); - } else - printf(" ??\?/???"); /* backslash to avoid trigraph ??/ */ - - printf(" "); - - if ((saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]) != NULL) { - if (saddr->sadb_address_proto) - printf("%s ", STR_OR_ID(saddr->sadb_address_proto, ipproto)); - s = (struct sockaddr *)(saddr + 1); - getnameinfo(s, s->sa_len, buf, sizeof(buf), - pbuf, sizeof(pbuf), NI_NUMERICHOST|NI_NUMERICSERV); - if (strcmp(pbuf, "0") != 0) - printf("%s[%s]", buf, pbuf); - else - printf("%s", buf); - } else - printf("?"); - - printf(" -> "); - - if ((saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]) != NULL) { - if (saddr->sadb_address_proto) - printf("%s ", STR_OR_ID(saddr->sadb_address_proto, ipproto)); - - s = (struct sockaddr *)(saddr + 1); - getnameinfo(s, s->sa_len, buf, sizeof(buf), - pbuf, sizeof(pbuf), NI_NUMERICHOST|NI_NUMERICSERV); - if (strcmp(pbuf, "0") != 0) - printf("%s[%s]", buf, pbuf); - else - printf("%s", buf); - } else - printf("?"); - - printf("\n"); -} - -/* From: tcpdump(1):gmt2local.c and util.c */ -/* - * Print the timestamp - */ -static void -printdate() -{ - struct timeval tp; - int s; - - if (gettimeofday(&tp, NULL) == -1) { - perror("gettimeofday"); - return; - } - - if (f_tflag == 1) { - /* Default */ - s = (tp.tv_sec + thiszone ) % 86400; - (void)printf("%02d:%02d:%02d.%06u ", - s / 3600, (s % 3600) / 60, s % 60, (u_int32_t)tp.tv_usec); - } else if (f_tflag > 1) { - /* Unix timeval style */ - (void)printf("%u.%06u ", - (u_int32_t)tp.tv_sec, (u_int32_t)tp.tv_usec); - } - - printf("\n"); -} - -/* - * Returns the difference between gmt and local time in seconds. - * Use gmtime() and localtime() to keep things simple. - */ -int32_t -gmt2local(time_t t) -{ - register int dt, dir; - register struct tm *gmt, *loc; - struct tm sgmt; - - if (t == 0) - t = time(NULL); - gmt = &sgmt; - *gmt = *gmtime(&t); - loc = localtime(&t); - dt = (loc->tm_hour - gmt->tm_hour) * 60 * 60 + - (loc->tm_min - gmt->tm_min) * 60; - - /* - * If the year or julian day is different, we span 00:00 GMT - * and must add or subtract a day. Check the year first to - * avoid problems when the julian day wraps. - */ - dir = loc->tm_year - gmt->tm_year; - if (dir == 0) - dir = loc->tm_yday - gmt->tm_yday; - dt += dir * 24 * 60 * 60; - - return (dt); -} diff --git a/setkey.tproj/token.l b/setkey.tproj/token.l deleted file mode 100644 index 23be078..0000000 --- a/setkey.tproj/token.l +++ /dev/null @@ -1,323 +0,0 @@ -/* $FreeBSD: src/usr.sbin/setkey/token.l,v 1.2.2.3 2001/07/03 11:02:17 ume Exp $ */ -/* $KAME: token.l,v 1.21 2001/05/18 05:35:01 sakane Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -%option noyywrap -%{ -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include "vchar.h" -#ifdef __NetBSD__ -#include "parse.h" -#else -#include "y.tab.h" -#endif - -#define DECHO \ - if (f_debug) {printf("<%d>", yy_start); ECHO ; printf("\n"); } - -#define CMDARG \ -{ \ - char *__buf__ = strdup(yytext), *__p__; \ - for (__p__ = __buf__; *__p__ != NULL; __p__++) \ - if (*__p__ == '\n' || *__p__ == '\t') \ - *__p__ = ' '; \ - strcat(cmdarg, __buf__); \ - free(__buf__); \ -} - -#define PREPROC DECHO CMDARG - -int lineno = 1; -char cmdarg[8192]; /* XXX: BUFSIZ is the better ? */ - -extern u_char m_buf[BUFSIZ]; -extern u_int m_len; -extern int f_debug; - -int yylex __P((void)); -void yyfatal __P((const char *s)); -void yyerror __P((const char *s)); -extern void parse_init __P((void)); -int parse __P((FILE **)); -int yyparse __P((void)); - -%} - -/* common section */ -nl \n -ws [ \t]+ -digit [0-9] -letter [0-9A-Za-z] -hexdigit [0-9A-Fa-f] -/*octet (([01]?{digit}?{digit})|((2([0-4]{digit}))|(25[0-5])))*/ -special [()+\|\?\*,] -dot \. -comma \, -hyphen \- -colon \: -slash \/ -bcl \{ -ecl \} -blcl \[ -elcl \] -percent \% -semi \; -usec {dot}{digit}{1,6} -comment \#.* -ccomment "/*" -bracketstring \<[^>]*\> -quotedstring \"[^"]*\" -decstring {digit}+ -hexpair {hexdigit}{hexdigit} -hexstring 0[xX]{hexdigit}+ -octetstring {octet}({dot}{octet})+ -ipaddress [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*) -ipaddrmask {slash}{digit}{1,3} -ipaddrport {blcl}{decstring}{elcl} -keyword {letter}{letter}+ -name {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))* -hostname {name}(({dot}{name})+{dot}?)? - -%s S_PL - -%% - -add { PREPROC; return(ADD); } -delete { PREPROC; return(DELETE); } -deleteall { PREPROC; return(DELETEALL); } -get { PREPROC; return(GET); } -flush { PREPROC; return(FLUSH); } -dump { PREPROC; return(DUMP); } - - /* for management SPD */ -spdadd { PREPROC; return(SPDADD); } -spddelete { PREPROC; return(SPDDELETE); } -spddump { PREPROC; return(SPDDUMP); } -spdflush { PREPROC; return(SPDFLUSH); } -{hyphen}P { BEGIN S_PL; PREPROC; return(F_POLICY); } -[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.\-_/ \n\t]* { - yymore(); - - /* count up for nl */ - { - char *p; - for (p = yytext; *p != NULL; p++) - if (*p == '\n') - lineno++; - } - - yylval.val.len = strlen(yytext); - yylval.val.buf = strdup(yytext); - - return(PL_REQUESTS); -} -{semi} { PREPROC; BEGIN INITIAL; return(EOT); } - - /* security protocols */ -ah { PREPROC; yylval.num = 0; return(PR_AH); } -esp { PREPROC; yylval.num = 0; return(PR_ESP); } -ah-old { PREPROC; yylval.num = 1; return(PR_AH); } -esp-old { PREPROC; yylval.num = 1; return(PR_ESP); } -ipcomp { PREPROC; yylval.num = 0; return(PR_IPCOMP); } - - /* authentication alogorithm */ -{hyphen}A { PREPROC; return(F_AUTH); } -hmac-md5 { PREPROC; yylval.num = SADB_AALG_MD5HMAC; return(ALG_AUTH); } -hmac-sha1 { PREPROC; yylval.num = SADB_AALG_SHA1HMAC; return(ALG_AUTH); } -keyed-md5 { PREPROC; yylval.num = SADB_X_AALG_MD5; return(ALG_AUTH); } -keyed-sha1 { PREPROC; yylval.num = SADB_X_AALG_SHA; return(ALG_AUTH); } -hmac-sha2-256 { PREPROC; yylval.num = SADB_X_AALG_SHA2_256; return(ALG_AUTH); } -hmac-sha2-384 { PREPROC; yylval.num = SADB_X_AALG_SHA2_384; return(ALG_AUTH); } -hmac-sha2-512 { PREPROC; yylval.num = SADB_X_AALG_SHA2_512; return(ALG_AUTH); } -null { PREPROC; yylval.num = SADB_X_AALG_NULL; return(ALG_AUTH); } - - /* encryption alogorithm */ -{hyphen}E { PREPROC; return(F_ENC); } -des-cbc { PREPROC; yylval.num = SADB_EALG_DESCBC; return(ALG_ENC); } -3des-cbc { PREPROC; yylval.num = SADB_EALG_3DESCBC; return(ALG_ENC); } -simple { PREPROC; yylval.num = SADB_EALG_NULL; return(ALG_ENC); } -blowfish-cbc { PREPROC; yylval.num = SADB_X_EALG_BLOWFISHCBC; return(ALG_ENC); } -cast128-cbc { PREPROC; yylval.num = SADB_X_EALG_CAST128CBC; return(ALG_ENC); } -des-deriv { PREPROC; yylval.num = SADB_EALG_DESCBC; return(ALG_ENC_DESDERIV); } -des-32iv { PREPROC; yylval.num = SADB_EALG_DESCBC; return(ALG_ENC_DES32IV); } -rijndael-cbc { PREPROC; yylval.num = SADB_X_EALG_RIJNDAELCBC; return(ALG_ENC); } - - /* compression algorithms */ -{hyphen}C { PREPROC; return(F_COMP); } -oui { PREPROC; yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); } -deflate { PREPROC; yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); } -lzs { PREPROC; yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); } -{hyphen}R { PREPROC; return(F_RAWCPI); } - - /* extension */ -{hyphen}m { PREPROC; return(F_MODE); } -transport { PREPROC; yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } -tunnel { PREPROC; yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } -{hyphen}u { PREPROC; return(F_REQID); } -{hyphen}f { PREPROC; return(F_EXT); } -random-pad { PREPROC; yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); } -seq-pad { PREPROC; yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); } -zero-pad { PREPROC; yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); } -nocyclic-seq { PREPROC; return(NOCYCLICSEQ); } -{hyphen}r { PREPROC; return(F_REPLAY); } -{hyphen}lh { PREPROC; return(F_LIFETIME_HARD); } -{hyphen}ls { PREPROC; return(F_LIFETIME_SOFT); } - - /* ... */ -any { PREPROC; return(ANY); } -{ws} { PREPROC; } -{nl} { lineno++; } -{comment} -{semi} { PREPROC; return(EOT); } - - /* parameter */ -{decstring} { - char *bp; - - PREPROC; - yylval.num = strtoul(yytext, &bp, 10); - return(DECSTRING); - } - -{ipaddress} { - PREPROC; - - yylval.val.len = yyleng; - yylval.val.buf = strdup(yytext); - - return(ADDRESS); - } - -{ipaddrmask} { - PREPROC; - yytext++; - yylval.num = atoi(yytext); - return(PREFIX); - } - -{ipaddrport} { - char *p = yytext; - PREPROC; - while (*++p != ']') ; - *p = NULL; - yytext++; - yylval.num = atoi(yytext); - return(PORT); - } - -{blcl}any{elcl} { - PREPROC; - return(PORTANY); - } - -{hexstring} { - int len = yyleng - 2; /* (str - "0x") */ - PREPROC; - yylval.val.len = (len & 1) + (len / 2); - /* fixed string if length is odd. */ - if (len & 1) { - yytext[1] = '0'; - yylval.val.buf = strdup(yytext + 1); - } else - yylval.val.buf = strdup(yytext + 2); - - return(HEXSTRING); - } - -{quotedstring} { - char *p = yytext; - PREPROC; - while (*++p != '"') ; - *p = NULL; - yytext++; - yylval.val.len = yyleng - 2; - yylval.val.buf = strdup(yytext); - - return(QUOTEDSTRING); - } - -[a-z0-9.\-]* { - yylval.val.len = yyleng; - yylval.val.buf = strdup(yytext); - return(STRING); - } - -. { - yyfatal("Syntax error"); - /*NOTREACHED*/ - } - -%% - -void -yyfatal(s) - const char *s; -{ - yyerror(s); - exit(1); -} - -void -yyerror(s) - const char *s; -{ - printf("line %d: %s at [%s]\n", lineno, s, yytext); -} - -int -parse(fp) - FILE **fp; -{ - yyin = *fp; - - parse_init(); - - if (yyparse()) { - printf("parse failed, line %d.\n", lineno); - return(-1); - } - - return(0); -} diff --git a/setkey.tproj/vchar.h b/setkey.tproj/vchar.h deleted file mode 100644 index a3f852d..0000000 --- a/setkey.tproj/vchar.h +++ /dev/null @@ -1,36 +0,0 @@ -/* $FreeBSD: src/usr.sbin/setkey/vchar.h,v 1.1.2.1 2000/07/15 07:37:04 kris Exp $ */ -/* $KAME: vchar.h,v 1.2 2000/06/07 00:29:14 itojun Exp $ */ - -/* - * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -typedef struct { - u_int len; - caddr_t buf; -} vchar_t; diff --git a/slattach.tproj/Makefile.preamble b/slattach.tproj/Makefile.preamble index dc05194..d5547d0 100644 --- a/slattach.tproj/Makefile.preamble +++ b/slattach.tproj/Makefile.preamble @@ -1,2 +1,3 @@ +OTHER_CFLAGS += -mdynamic-no-pic OTHER_GENERATED_OFILES = $(VERS_OFILE) -include ../Makefile.include diff --git a/slattach.tproj/slattach.c b/slattach.tproj/slattach.c index 580da18..7f722d7 100644 --- a/slattach.tproj/slattach.c +++ b/slattach.tproj/slattach.c @@ -66,15 +66,23 @@ #include #include #include +#include +#include +#include +#include +#include #include #define DEFAULT_BAUD 9600 int slipdisc = SLIPDISC; __private_extern__ -char devname[32] = { '\0' }; +char dev_name[32] = { '\0' }; char hostname[MAXHOSTNAMELEN]; +int findspeed(int); + +int main(argc, argv) int argc; char *argv[]; @@ -94,9 +102,9 @@ main(argc, argv) exit(1); } if (strncmp(_PATH_DEV, dev, sizeof(_PATH_DEV) - 1)) { - (void)snprintf(devname, sizeof(devname), + (void)snprintf(dev_name, sizeof(dev_name), "%s%s", _PATH_DEV, dev); - dev = devname; + dev = dev_name; } if ((fd = open(dev, O_RDWR | O_NDELAY)) < 0) { perror(dev); @@ -117,6 +125,8 @@ main(argc, argv) exit(0); for (;;) sigpause(0L); + /* NOTREACHED */ + return 0; } struct sg_spds { @@ -176,6 +186,7 @@ struct sg_spds { { 0, 0 } }; +int findspeed(speed) register int speed; { diff --git a/spray.tproj/Makefile.preamble b/spray.tproj/Makefile.preamble index 31db359..16b055b 100644 --- a/spray.tproj/Makefile.preamble +++ b/spray.tproj/Makefile.preamble @@ -1,3 +1,4 @@ +OTHER_CFLAGS += -mdynamic-no-pic OTHER_OFILES = spray_xdr.o OTHER_INITIAL_TARGETS = spray.h OTHER_GENERATED_OFILES = $(VERS_OFILE) diff --git a/spray.tproj/spray.8 b/spray.tproj/spray.8 index 5bd0b3e..0f61422 100644 --- a/spray.tproj/spray.8 +++ b/spray.tproj/spray.8 @@ -71,5 +71,4 @@ can be very hard on a network and should be used with caution. .Sh SEE ALSO .Xr netstat 1 , .Xr ifconfig 8 , -.Xr ping 8 , -.Xr rpc.sprayd 8 +.Xr ping 8 diff --git a/spray.tproj/spray.c b/spray.tproj/spray.c index c8e24dd..70fd8db 100644 --- a/spray.tproj/spray.c +++ b/spray.tproj/spray.c @@ -50,7 +50,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $Id: spray.c,v 1.1 1999/05/02 03:58:27 wsanchez Exp $ + * $Id: spray.c,v 1.2 2006/02/07 06:22:44 lindak Exp $ */ #include @@ -158,11 +158,11 @@ main(argc, argv) * The following (undocumented) hack resets the internal state * of the client handle. */ - clnt_control(cl, CLSET_TIMEOUT, &NO_DEFAULT); + clnt_control(cl, CLSET_TIMEOUT, (char *)&NO_DEFAULT); /* Clear server statistics */ - if (clnt_call(cl, SPRAYPROC_CLEAR, xdr_void, NULL, xdr_void, NULL, TIMEOUT) != RPC_SUCCESS) { + if (clnt_call(cl, SPRAYPROC_CLEAR, (xdrproc_t)xdr_void, NULL, (xdrproc_t)xdr_void, NULL, TIMEOUT) != RPC_SUCCESS) { clnt_perror(cl, progname); exit(1); } @@ -173,7 +173,7 @@ main(argc, argv) fflush (stdout); for (i = 0; i < count; i++) { - clnt_call(cl, SPRAYPROC_SPRAY, xdr_sprayarr, &host_array, xdr_void, NULL, ONE_WAY); + clnt_call(cl, SPRAYPROC_SPRAY, (xdrproc_t)xdr_sprayarr, &host_array, (xdrproc_t)xdr_void, NULL, ONE_WAY); if (delay) { usleep(delay); @@ -182,7 +182,7 @@ main(argc, argv) /* Collect statistics from server */ - if (clnt_call(cl, SPRAYPROC_GET, xdr_void, NULL, xdr_spraycumul, &host_stats, TIMEOUT) != RPC_SUCCESS) { + if (clnt_call(cl, SPRAYPROC_GET, (xdrproc_t)xdr_void, NULL, (xdrproc_t)xdr_spraycumul, &host_stats, TIMEOUT) != RPC_SUCCESS) { clnt_perror(cl, progname); exit(1); } diff --git a/stdethers.tproj/Makefile b/stdethers.tproj/Makefile deleted file mode 100644 index 3ee9c9a..0000000 --- a/stdethers.tproj/Makefile +++ /dev/null @@ -1,46 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = stdethers - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = stdethers.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble stdethers.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/stdethers.tproj/Makefile.postamble b/stdethers.tproj/Makefile.postamble deleted file mode 100644 index cfd24d4..0000000 --- a/stdethers.tproj/Makefile.postamble +++ /dev/null @@ -1,105 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S -STRIPFLAGS = - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# - -install-man-page: - install -d $(DSTROOT)/usr/share/man/man8 - install -c -m 444 stdethers.8 $(DSTROOT)/usr/share/man/man8/stdethers.8 diff --git a/stdethers.tproj/Makefile.preamble b/stdethers.tproj/Makefile.preamble deleted file mode 100644 index e48625d..0000000 --- a/stdethers.tproj/Makefile.preamble +++ /dev/null @@ -1,125 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. <> -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSION: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -AFTER_INSTALL += install-man-page diff --git a/stdethers.tproj/PB.project b/stdethers.tproj/PB.project deleted file mode 100644 index 6379be0..0000000 --- a/stdethers.tproj/PB.project +++ /dev/null @@ -1,27 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (stdethers.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, stdethers.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = stdethers; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/stdethers.tproj/stdethers.8 b/stdethers.tproj/stdethers.8 deleted file mode 100644 index 3740af7..0000000 --- a/stdethers.tproj/stdethers.8 +++ /dev/null @@ -1,55 +0,0 @@ -.\" $OpenBSD: stdethers.8,v 1.3 1996/05/30 09:53:11 deraadt Exp $ -.\" Copyright (c) 1995 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Mats O Jansson -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd December 2, 1995 -.Dt STDETHERS 8 -.Os -.Sh NAME -.Nm stdethers -.Nd a YP filter program -.Sh SYNOPSIS -.Nm stdethers -.Op Ar file -.Sh DESCRIPTION -.Nm Stdethers -is used to get ride of some unwanted information in file or stdin. This -program is used by YP when creating some YP maps. -.Pp -.Pp -The options are as follows: -.Bl -tag -width indent -.It Ar file -Use this file as input instead of stdin. -.El -.Sh SEE ALSO -.Xr yp 8 , -.Xr ypserv 8 -.Sh AUTHOR -Mats O Jansson diff --git a/stdethers.tproj/stdethers.c b/stdethers.tproj/stdethers.c deleted file mode 100644 index 7a50f99..0000000 --- a/stdethers.tproj/stdethers.c +++ /dev/null @@ -1,217 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: stdethers.c,v 1.3 1997/09/11 19:47:33 deraadt Exp $ */ - -/* - * Copyright (c) 1995 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: stdethers.c,v 1.3 1997/09/11 19:47:33 deraadt Exp $"; -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -char *ProgramName = "stdethers"; - -#ifndef NTOA_FIX -#define NTOA(x) (char *)ether_ntoa(x) -#else -#define NTOA(x) (char *) working_ntoa((u_char *) x) - -/* As of 1995-12-02 NetBSD and OpenBSD has an SunOS 4 incompatible ether_ntoa. - The code in usr/lib/libc/net/ethers seems to do the correct thing - when asking YP but not when returning string from ether_ntoa. - */ - -char * -working_ntoa(e) - u_char *e; -{ - static char a[] = "xx:xx:xx:xx:xx:xx"; - - sprintf(a, "%x:%x:%x:%x:%x:%x", - e[0], e[1], e[2], e[3], e[4], e[5]); - return a; -} -#endif - -static int read_line(fp, buf, size) -FILE *fp; -char *buf; -int size; -{ - int done = 0; - - do { - while (fgets(buf, size, fp)) { - int len = strlen(buf); - done += len; - if (len > 1 && buf[len-2] == '\\' && - buf[len-1] == '\n') { - int ch; - buf += len - 2; - size -= len - 2; - *buf = '\n'; buf[1] = '\0'; - /* - * Skip leading white space on next line - */ - while ((ch = getc(fp)) != EOF && - isascii(ch) && isspace(ch)) - ; - (void) ungetc(ch, fp); - } else { - return done; - } - } - } while (size > 0 && !feof(fp)); - - return done; -} - -int -main (argc,argv) -int argc; -char *argv[]; -{ - FILE *data_file; - char data_line[1024]; - int usage = 0; - int line_no = 0; - int len; - char *p,*k,*v; - struct ether_addr eth_addr; - char hostname[256]; - - if (argc > 2) { - usage++; - } - - if (usage) { - fprintf(stderr, - "usage: %s [file]\n", - ProgramName); - exit(1); - } - - if (argc == 2) { - data_file = fopen(argv[1], "r"); - if (data_file == NULL) { - fprintf(stderr, - "%s: can't open %s\n", - ProgramName, - argv[1]); - exit(1); - } - } else { - data_file = stdin; - } - - while (read_line(data_file,data_line,sizeof(data_line))) { - - line_no++; - len = strlen(data_line); - - if (len > 0) { - if (data_line[0] == '#') - continue; - } - - /* - * Check if we have the whole line - */ - - if (data_line[len-1] != '\n') { - if (argc == 2) { - fprintf(stderr, - "line %d in \"%s\" is too long", - line_no, argv[1]); - } else { - fprintf(stderr, - "line %d in \"stdin\" is too long", - line_no); - } - } else { - data_line[len-1] = '\0'; - } - - p = (char *) &data_line; - - k = p; /* save start of key */ - while (!isspace(*p)) { p++; }; /* find first "space" */ - while (isspace(*p)) { p++; }; /* move over "space" */ - - v = p; /* save start of value */ - while(*p != '\0') { p++; }; /* find end of string */ - - if (ether_line(data_line, ð_addr, hostname) == 0) { - fprintf(stdout, "%s\t%s\n", - NTOA(ð_addr), - hostname); - } else { - fprintf(stderr, - "%s: ignoring line %d: \"%s\"\n", - ProgramName, - line_no, - data_line); - } - } - - return(0); - -} diff --git a/stdhosts.tproj/Makefile b/stdhosts.tproj/Makefile deleted file mode 100644 index 600fddf..0000000 --- a/stdhosts.tproj/Makefile +++ /dev/null @@ -1,46 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = stdhosts - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = stdhosts.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble stdhosts.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/stdhosts.tproj/Makefile.postamble b/stdhosts.tproj/Makefile.postamble deleted file mode 100644 index ad50dc8..0000000 --- a/stdhosts.tproj/Makefile.postamble +++ /dev/null @@ -1,105 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S -STRIPFLAGS = - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# - -install-man-page: - install -d $(DSTROOT)/usr/share/man/man8 - install -c -m 444 stdhosts.8 $(DSTROOT)/usr/share/man/man8/stdhosts.8 diff --git a/stdhosts.tproj/Makefile.preamble b/stdhosts.tproj/Makefile.preamble deleted file mode 100644 index e48625d..0000000 --- a/stdhosts.tproj/Makefile.preamble +++ /dev/null @@ -1,125 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. <> -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSION: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -AFTER_INSTALL += install-man-page diff --git a/stdhosts.tproj/PB.project b/stdhosts.tproj/PB.project deleted file mode 100644 index ba79c4b..0000000 --- a/stdhosts.tproj/PB.project +++ /dev/null @@ -1,26 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (); - OTHER_LINKED = (stdhosts.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, stdhosts.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = stdhosts; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/stdhosts.tproj/stdhosts.8 b/stdhosts.tproj/stdhosts.8 deleted file mode 100644 index 6cd5540..0000000 --- a/stdhosts.tproj/stdhosts.8 +++ /dev/null @@ -1,55 +0,0 @@ -.\" $OpenBSD: stdhosts.8,v 1.4 1996/06/26 21:26:36 maja Exp $ -.\" Copyright (c) 1994 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Mats O Jansson -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd August 25, 1994 -.Dt STDHOSTS 8 -.Os -.Sh NAME -.Nm stdhosts -.Nd a YP filter program -.Sh SYNOPSIS -.Nm stdhosts -.Op Ar file -.Sh DESCRIPTION -.Nm Stdhosts -is used to get ride of some unwanted information in file or stdin. This -program is used by YP when creating some YP maps. -.Pp -.Pp -The options are as follows: -.Bl -tag -width indent -.It Ar file -Use this file as input instead of stdin. -.El -.Sh SEE ALSO -.Xr yp 8 , -.Xr ypserv 8 -.Sh AUTHOR -Mats O Jansson diff --git a/stdhosts.tproj/stdhosts.c b/stdhosts.tproj/stdhosts.c deleted file mode 100644 index 3406558..0000000 --- a/stdhosts.tproj/stdhosts.c +++ /dev/null @@ -1,172 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: stdhosts.c,v 1.4 1997/09/11 19:47:35 deraadt Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: stdhosts.c,v 1.4 1997/09/11 19:47:35 deraadt Exp $"; -#endif - -#include -#include -#include -#include -#include -#include -#include - -static int read_line(fp, buf, size) -FILE *fp; -char *buf; -int size; -{ - int done = 0; - - do { - while (fgets(buf, size, fp)) { - int len = strlen(buf); - done += len; - if (len > 1 && buf[len-2] == '\\' && - buf[len-1] == '\n') { - int ch; - buf += len - 2; - size -= len - 2; - *buf = '\n'; buf[1] = '\0'; - /* - * Skip leading white space on next line - */ - while ((ch = getc(fp)) != EOF && - isascii(ch) && isspace(ch)) - ; - (void) ungetc(ch, fp); - } else { - return done; - } - } - } while (size > 0 && !feof(fp)); - - return done; -} - -int -main (argc,argv) -int argc; -char *argv[]; -{ - FILE *data_file; - char data_line[1024]; - int usage = 0; - int line_no = 0; - int len; - char *p,*k,*v; - struct in_addr host_addr; - - if (argc > 2) { - usage++; - } - - if (usage) { - fprintf(stderr, - "%s", - "usage: stdhosts [file]\n"); - exit(1); - } - - if (argc == 2) { - data_file = fopen(argv[argc-1], "r"); - } else { - data_file = stdin; - } - - while (read_line(data_file,data_line,sizeof(data_line))) { - - line_no++; - len = strlen(data_line); - - if (len > 0) { - if (data_line[0] == '#') - continue; - } - - /* - * Check if we have the whole line - */ - - if (data_line[len-1] != '\n') { - if (argc == 2) { - fprintf(stderr, "line %d in \"%s\" is too long", line_no, argv[1]); - } else { - fprintf(stderr, "line %d in \"stdin\" is too long", line_no); - } - } else { - data_line[len-1] = '\0'; - } - - p = (char *) &data_line; - - k = p; /* save start of key */ - while (!isspace(*p)) { p++; }; /* find first "space" */ - while (isspace(*p)) { *p = '\0'; p++; }; /* replace space with */ - - v = p; /* save start of value */ - while(*p != '\0') { p++; }; /* find end of string */ - - (void)inet_aton(k,&host_addr); - printf("%s %s\n",inet_ntoa(host_addr),v); - - } - - return(0); - -} diff --git a/talk.tproj/Makefile b/talk.tproj/Makefile deleted file mode 100644 index 81c52ce..0000000 --- a/talk.tproj/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = talk - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = talk.h talk_ctl.h - -CFILES = ctl.c ctl_transact.c display.c get_addrs.c get_names.c\ - init_disp.c invite.c io.c look_up.c msgs.c talk.c - -OTHERSRCS = Makefile.preamble Makefile talk.1 Makefile.postamble - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /usr/bin -PDO_UNIX_INSTALLDIR = /usr/bin -LIBS = -lcurses -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/talk.tproj/Makefile.postamble b/talk.tproj/Makefile.postamble deleted file mode 100644 index c29d177..0000000 --- a/talk.tproj/Makefile.postamble +++ /dev/null @@ -1,3 +0,0 @@ -after_install: - mkdir -p $(DSTROOT)/usr/share/man/man1 - install -c -m 444 talk.1 $(DSTROOT)/usr/share/man/man1/talk.1 diff --git a/talk.tproj/Makefile.preamble b/talk.tproj/Makefile.preamble deleted file mode 100644 index 925a5c7..0000000 --- a/talk.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -CLEAN_ALL_SUBPROJECTS = YES -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include diff --git a/talk.tproj/PB.project b/talk.tproj/PB.project deleted file mode 100644 index f6093c3..0000000 --- a/talk.tproj/PB.project +++ /dev/null @@ -1,37 +0,0 @@ -{ - DOCICONFILES = (); - FILESTABLE = { - C_FILES = (); - H_FILES = (talk.h, talk_ctl.h); - OTHER_LIBS = (); - OTHER_LINKED = ( - ctl.c, - ctl_transact.c, - display.c, - get_addrs.c, - get_names.c, - init_disp.c, - invite.c, - io.c, - look_up.c, - msgs.c, - talk.c - ); - OTHER_SOURCES = (Makefile.preamble, Makefile, talk.1); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_INSTALLDIR = /usr/bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = talk; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_INSTALLDIR = /usr/bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/talk.tproj/ctl.c b/talk.tproj/ctl.c deleted file mode 100644 index d1c016b..0000000 --- a/talk.tproj/ctl.c +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -/* - * This file handles haggling with the various talk daemons to - * get a socket to talk to. sockt is opened and connected in - * the progress - */ - -#include -#include -#include -#include -#include "talk.h" -#include "talk_ctl.h" - -struct sockaddr_in daemon_addr = { sizeof(daemon_addr), AF_INET }; -struct sockaddr_in ctl_addr = { sizeof(ctl_addr), AF_INET }; -struct sockaddr_in my_addr = { sizeof(my_addr), AF_INET }; - - /* inet addresses of the two machines */ -struct in_addr my_machine_addr; -struct in_addr his_machine_addr; - -u_short daemon_port; /* port number of the talk daemon */ - -int ctl_sockt; -int sockt; -int invitation_waiting = 0; - -CTL_MSG msg; - -open_sockt() -{ - int length; - - my_addr.sin_addr = my_machine_addr; - my_addr.sin_port = 0; - sockt = socket(AF_INET, SOCK_STREAM, 0); - if (sockt <= 0) - p_error("Bad socket"); - if (bind(sockt, (struct sockaddr *)&my_addr, sizeof(my_addr)) != 0) - p_error("Binding local socket"); - length = sizeof(my_addr); - if (getsockname(sockt, (struct sockaddr *)&my_addr, &length) == -1) - p_error("Bad address for socket"); -} - -/* open the ctl socket */ -open_ctl() -{ - int length; - - ctl_addr.sin_port = 0; - ctl_addr.sin_addr = my_machine_addr; - ctl_sockt = socket(AF_INET, SOCK_DGRAM, 0); - if (ctl_sockt <= 0) - p_error("Bad socket"); - if (bind(ctl_sockt, - (struct sockaddr *)&ctl_addr, sizeof(ctl_addr)) != 0) - p_error("Couldn't bind to control socket"); - length = sizeof(ctl_addr); - if (getsockname(ctl_sockt, - (struct sockaddr *)&ctl_addr, &length) == -1) - p_error("Bad address for ctl socket"); -} - -/* print_addr is a debug print routine */ -print_addr(addr) - struct sockaddr_in addr; -{ - int i; - - printf("addr = %x, port = %o, family = %o zero = ", - addr.sin_addr, addr.sin_port, addr.sin_family); - for (i = 0; i<8;i++) - printf("%o ", (int)addr.sin_zero[i]); - putchar('\n'); -} diff --git a/talk.tproj/ctl_transact.c b/talk.tproj/ctl_transact.c deleted file mode 100644 index 85474dd..0000000 --- a/talk.tproj/ctl_transact.c +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#include -#include -#include -#include -#include -#include -#include "talk_ctl.h" - -#define CTL_WAIT 2 /* time to wait for a response, in seconds */ - -/* - * SOCKDGRAM is unreliable, so we must repeat messages if we have - * not recieved an acknowledgement within a reasonable amount - * of time - */ -ctl_transact(target, msg, type, rp) - struct in_addr target; - CTL_MSG msg; - int type; - CTL_RESPONSE *rp; -{ - int read_mask, ctl_mask, nready, cc; - struct timeval wait; - - msg.type = type; - daemon_addr.sin_addr = target; - daemon_addr.sin_port = daemon_port; - ctl_mask = 1 << ctl_sockt; - - /* - * Keep sending the message until a response of - * the proper type is obtained. - */ - do { - wait.tv_sec = CTL_WAIT; - wait.tv_usec = 0; - /* resend message until a response is obtained */ - do { - cc = sendto(ctl_sockt, (char *)&msg, sizeof (msg), 0, - (struct sockaddr *)&daemon_addr, - sizeof (daemon_addr)); - if (cc != sizeof (msg)) { - if (errno == EINTR) - continue; - p_error("Error on write to talk daemon"); - } - read_mask = ctl_mask; - nready = select(32, &read_mask, 0, 0, &wait); - if (nready < 0) { - if (errno == EINTR) - continue; - p_error("Error waiting for daemon response"); - } - } while (nready == 0); - /* - * Keep reading while there are queued messages - * (this is not necessary, it just saves extra - * request/acknowledgements being sent) - */ - do { - cc = recv(ctl_sockt, (char *)rp, sizeof (*rp), 0); - if (cc < 0) { - if (errno == EINTR) - continue; - p_error("Error on read from talk daemon"); - } - read_mask = ctl_mask; - /* an immediate poll */ - timerclear(&wait); - nready = select(32, &read_mask, 0, 0, &wait); - } while (nready > 0 && (rp->vers != TALK_VERSION || - rp->type != type)); - } while (rp->vers != TALK_VERSION || rp->type != type); - rp->id_num = ntohl(rp->id_num); - rp->addr.sa_family = ntohs(rp->addr.sa_family); -} diff --git a/talk.tproj/display.c b/talk.tproj/display.c deleted file mode 100644 index 6a725a6..0000000 --- a/talk.tproj/display.c +++ /dev/null @@ -1,210 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -/* - * The window 'manager', initializes curses and handles the actual - * displaying of text - */ -#include "talk.h" - -xwin_t my_win; -xwin_t his_win; -WINDOW *line_win; - -int curses_initialized = 0; - -/* - * max HAS to be a function, it is called with - * a argument of the form --foo at least once. - */ -max(a,b) - int a, b; -{ - - return (a > b ? a : b); -} - -/* - * Display some text on somebody's window, processing some control - * characters while we are at it. - */ -display(win, text, size) - register xwin_t *win; - register char *text; - int size; -{ - register int i; - char cch; - - for (i = 0; i < size; i++) { - if (*text == '\n') { - xscroll(win, 0); - text++; - continue; - } - /* erase character */ - if (*text == win->cerase) { - wmove(win->x_win, win->x_line, max(--win->x_col, 0)); - getyx(win->x_win, win->x_line, win->x_col); - waddch(win->x_win, ' '); - wmove(win->x_win, win->x_line, win->x_col); - getyx(win->x_win, win->x_line, win->x_col); - text++; - continue; - } - /* - * On word erase search backwards until we find - * the beginning of a word or the beginning of - * the line. - */ - if (*text == win->werase) { - int endcol, xcol, i, c; - - endcol = win->x_col; - xcol = endcol - 1; - while (xcol >= 0) { - c = readwin(win->x_win, win->x_line, xcol); - if (c != ' ') - break; - xcol--; - } - while (xcol >= 0) { - c = readwin(win->x_win, win->x_line, xcol); - if (c == ' ') - break; - xcol--; - } - wmove(win->x_win, win->x_line, xcol + 1); - for (i = xcol + 1; i < endcol; i++) - waddch(win->x_win, ' '); - wmove(win->x_win, win->x_line, xcol + 1); - getyx(win->x_win, win->x_line, win->x_col); - text++; - continue; - } - /* line kill */ - if (*text == win->kill) { - wmove(win->x_win, win->x_line, 0); - wclrtoeol(win->x_win); - getyx(win->x_win, win->x_line, win->x_col); - text++; - continue; - } - if (*text == '\f') { - if (win == &my_win) - wrefresh(curscr); - text++; - continue; - } - if (win->x_col == COLS-1) { - /* check for wraparound */ - xscroll(win, 0); - } - if (*text < ' ' && *text != '\t') { - waddch(win->x_win, '^'); - getyx(win->x_win, win->x_line, win->x_col); - if (win->x_col == COLS-1) /* check for wraparound */ - xscroll(win, 0); - cch = (*text & 63) + 64; - waddch(win->x_win, cch); - } else - waddch(win->x_win, *text); - getyx(win->x_win, win->x_line, win->x_col); - text++; - } - wrefresh(win->x_win); -} - -/* - * Read the character at the indicated position in win - */ -readwin(win, line, col) - WINDOW *win; -{ - int oldline, oldcol; - register int c; - - getyx(win, oldline, oldcol); - wmove(win, line, col); - c = winch(win); - wmove(win, oldline, oldcol); - return (c); -} - -/* - * Scroll a window, blanking out the line following the current line - * so that the current position is obvious - */ -xscroll(win, flag) - register xwin_t *win; - int flag; -{ - - if (flag == -1) { - wmove(win->x_win, 0, 0); - win->x_line = 0; - win->x_col = 0; - return; - } - win->x_line = (win->x_line + 1) % win->x_nlines; - win->x_col = 0; - wmove(win->x_win, win->x_line, win->x_col); - wclrtoeol(win->x_win); - wmove(win->x_win, (win->x_line + 1) % win->x_nlines, win->x_col); - wclrtoeol(win->x_win); - wmove(win->x_win, win->x_line, win->x_col); -} diff --git a/talk.tproj/get_addrs.c b/talk.tproj/get_addrs.c deleted file mode 100644 index ce728c5..0000000 --- a/talk.tproj/get_addrs.c +++ /dev/null @@ -1,103 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#include -#include -#include -#include -#include -#include -#include "talk_ctl.h" - -get_addrs(my_machine_name, his_machine_name) - char *my_machine_name, *his_machine_name; -{ - struct hostent *hp; - struct servent *sp; - - msg.pid = htonl(getpid()); - /* look up the address of the local host */ - hp = gethostbyname(my_machine_name); - if (hp == NULL) { - fprintf(stderr, "talk: %s: ", my_machine_name); - herror((char *)NULL); - exit(-1); - } - bcopy(hp->h_addr, (char *)&my_machine_addr, hp->h_length); - /* - * If the callee is on-machine, just copy the - * network address, otherwise do a lookup... - */ - if (strcmp(his_machine_name, my_machine_name)) { - hp = gethostbyname(his_machine_name); - if (hp == NULL) { - fprintf(stderr, "talk: %s: ", his_machine_name); - herror((char *)NULL); - exit(-1); - } - bcopy(hp->h_addr, (char *) &his_machine_addr, hp->h_length); - } else - his_machine_addr = my_machine_addr; - /* find the server's port */ - sp = getservbyname("ntalk", "udp"); - if (sp == 0) { - fprintf(stderr, "talk: %s/%s: service is not registered.\n", - "ntalk", "udp"); - exit(-1); - } - daemon_port = sp->s_port; -} diff --git a/talk.tproj/get_names.c b/talk.tproj/get_names.c deleted file mode 100644 index adf43bc..0000000 --- a/talk.tproj/get_names.c +++ /dev/null @@ -1,138 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#include -#include -#include -#include -#include "talk.h" - -char *getlogin(); -char *ttyname(); -char *rindex(); -extern CTL_MSG msg; - -/* - * Determine the local and remote user, tty, and machines - */ -get_names(argc, argv) - int argc; - char *argv[]; -{ - char hostname[MAXHOSTNAMELEN]; - char *his_name, *my_name; - char *my_machine_name, *his_machine_name; - char *my_tty, *his_tty; - register char *cp; - - if (argc < 2 ) { - printf("Usage: talk user [ttyname]\n"); - exit(-1); - } - if (!isatty(0)) { - printf("Standard input must be a tty, not a pipe or a file\n"); - exit(-1); - } - if ((my_name = getlogin()) == NULL) { - struct passwd *pw; - - if ((pw = getpwuid(getuid())) == NULL) { - printf("You don't exist. Go away.\n"); - exit(-1); - } - my_name = pw->pw_name; - } - gethostname(hostname, sizeof (hostname)); - my_machine_name = hostname; - /* check for, and strip out, the machine name of the target */ - for (cp = argv[1]; *cp && !index("@:!.", *cp); cp++) - ; - if (*cp == '\0') { - /* this is a local to local talk */ - his_name = argv[1]; - his_machine_name = my_machine_name; - } else { - if (*cp++ == '@') { - /* user@host */ - his_name = argv[1]; - his_machine_name = cp; - } else { - /* host.user or host!user or host:user */ - his_name = cp; - his_machine_name = argv[1]; - } - *--cp = '\0'; - } - if (argc > 2) - his_tty = argv[2]; /* tty name is arg 2 */ - else - his_tty = ""; - get_addrs(my_machine_name, his_machine_name); - /* - * Initialize the message template. - */ - msg.vers = TALK_VERSION; - msg.addr.sa_family = htons(AF_INET); - msg.ctl_addr.sa_family = htons(AF_INET); - msg.id_num = htonl(0); - strncpy(msg.l_name, my_name, NAME_SIZE); - msg.l_name[NAME_SIZE - 1] = '\0'; - strncpy(msg.r_name, his_name, NAME_SIZE); - msg.r_name[NAME_SIZE - 1] = '\0'; - strncpy(msg.r_tty, his_tty, TTY_SIZE); - msg.r_tty[TTY_SIZE - 1] = '\0'; -} diff --git a/talk.tproj/init_disp.c b/talk.tproj/init_disp.c deleted file mode 100644 index 1332107..0000000 --- a/talk.tproj/init_disp.c +++ /dev/null @@ -1,169 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -/* - * Initialization code for the display package, - * as well as the signal handling routines. - */ - -#include -#include - -#include -#include -#include "talk.h" - -/* - * Set up curses, catch the appropriate signals, - * and build the various windows. - */ -init_display() -{ - void sig_sent(); - struct sigvec sigv; - - if (initscr() == NULL) - errx(1, "Terminal type unset or lacking necessary features."); - (void) sigvec(SIGTSTP, (struct sigvec *)0, &sigv); - sigv.sv_mask |= sigmask(SIGALRM); - (void) _sigvec_nobind(SIGTSTP, &sigv, (struct sigvec *)0); - curses_initialized = 1; - clear(); - refresh(); - noecho(); - crmode(); - signal(SIGINT, sig_sent); - signal(SIGPIPE, sig_sent); - /* curses takes care of ^Z */ - my_win.x_nlines = LINES / 2; - my_win.x_ncols = COLS; - my_win.x_win = newwin(my_win.x_nlines, my_win.x_ncols, 0, 0); - scrollok(my_win.x_win, FALSE); - wclear(my_win.x_win); - - his_win.x_nlines = LINES / 2 - 1; - his_win.x_ncols = COLS; - his_win.x_win = newwin(his_win.x_nlines, his_win.x_ncols, - my_win.x_nlines+1, 0); - scrollok(his_win.x_win, FALSE); - wclear(his_win.x_win); - - line_win = newwin(1, COLS, my_win.x_nlines, 0); - box(line_win, '-', '-'); - wrefresh(line_win); - /* let them know we are working on it */ - current_state = "No connection yet"; -} - -/* - * Trade edit characters with the other talk. By agreement - * the first three characters each talk transmits after - * connection are the three edit characters. - */ -set_edit_chars() -{ - char buf[3]; - int cc; - struct sgttyb tty; - struct ltchars ltc; - - ioctl(0, TIOCGETP, &tty); - ioctl(0, TIOCGLTC, (struct sgttyb *)<c); - my_win.cerase = tty.sg_erase; - my_win.kill = tty.sg_kill; - if (ltc.t_werasc == (char) -1) - my_win.werase = '\027'; /* control W */ - else - my_win.werase = ltc.t_werasc; - buf[0] = my_win.cerase; - buf[1] = my_win.kill; - buf[2] = my_win.werase; - cc = write(sockt, buf, sizeof(buf)); - if (cc != sizeof(buf) ) - p_error("Lost the connection"); - cc = read(sockt, buf, sizeof(buf)); - if (cc != sizeof(buf) ) - p_error("Lost the connection"); - his_win.cerase = buf[0]; - his_win.kill = buf[1]; - his_win.werase = buf[2]; -} - -void -sig_sent() -{ - - message("Connection closing. Exiting"); - quit(); -} - -/* - * All done talking...hang up the phone and reset terminal thingy's - */ -quit() -{ - - if (curses_initialized) { - wmove(his_win.x_win, his_win.x_nlines-1, 0); - wclrtoeol(his_win.x_win); - wrefresh(his_win.x_win); - endwin(); - } - if (invitation_waiting) - send_delete(); - exit(0); -} diff --git a/talk.tproj/invite.c b/talk.tproj/invite.c deleted file mode 100644 index 47fbf44..0000000 --- a/talk.tproj/invite.c +++ /dev/null @@ -1,208 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#include -#include -#include -#include -#include -#include -#include -#include -#include "talk_ctl.h" -#include "talk.h" - -/* - * There wasn't an invitation waiting, so send a request containing - * our sockt address to the remote talk daemon so it can invite - * him - */ - -/* - * The msg.id's for the invitations - * on the local and remote machines. - * These are used to delete the - * invitations. - */ -int local_id, remote_id; -void re_invite(); -jmp_buf invitebuf; - -invite_remote() -{ - int nfd, read_mask, template, new_sockt; - struct itimerval itimer; - CTL_RESPONSE response; - - itimer.it_value.tv_sec = RING_WAIT; - itimer.it_value.tv_usec = 0; - itimer.it_interval = itimer.it_value; - if (listen(sockt, 5) != 0) - p_error("Error on attempt to listen for caller"); -#ifdef MSG_EOR - /* copy new style sockaddr to old, swap family (short in old) */ - msg.addr = *(struct osockaddr *)&my_addr; /* XXX new to old style*/ - msg.addr.sa_family = htons(my_addr.sin_family); -#else - msg.addr = *(struct sockaddr *)&my_addr; -#endif - msg.id_num = htonl(-1); /* an impossible id_num */ - invitation_waiting = 1; - announce_invite(); - /* - * Shut off the automatic messages for a while, - * so we can use the interupt timer to resend the invitation - */ - end_msgs(); - setitimer(ITIMER_REAL, &itimer, (struct itimerval *)0); - message("Waiting for your party to respond"); - signal(SIGALRM, re_invite); - (void) setjmp(invitebuf); - while ((new_sockt = accept(sockt, 0, 0)) < 0) { - if (errno == EINTR) - continue; - p_error("Unable to connect with your party"); - } - close(sockt); - sockt = new_sockt; - - /* - * Have the daemons delete the invitations now that we - * have connected. - */ - current_state = "Waiting for your party to respond"; - start_msgs(); - - msg.id_num = htonl(local_id); - ctl_transact(my_machine_addr, msg, DELETE, &response); - msg.id_num = htonl(remote_id); - ctl_transact(his_machine_addr, msg, DELETE, &response); - invitation_waiting = 0; -} - -/* - * Routine called on interupt to re-invite the callee - */ -void -re_invite() -{ - - message("Ringing your party again"); - current_line++; - /* force a re-announce */ - msg.id_num = htonl(remote_id + 1); - announce_invite(); - longjmp(invitebuf, 1); -} - -static char *answers[] = { - "answer #0", /* SUCCESS */ - "Your party is not logged on", /* NOT_HERE */ - "Target machine is too confused to talk to us", /* FAILED */ - "Target machine does not recognize us", /* MACHINE_UNKNOWN */ - "Your party is refusing messages", /* PERMISSION_REFUSED */ - "Target machine can not handle remote talk", /* UNKNOWN_REQUEST */ - "Target machine indicates protocol mismatch", /* BADVERSION */ - "Target machine indicates protocol botch (addr)",/* BADADDR */ - "Target machine indicates protocol botch (ctl_addr)",/* BADCTLADDR */ -}; -#define NANSWERS (sizeof (answers) / sizeof (answers[0])) - -/* - * Transmit the invitation and process the response - */ -announce_invite() -{ - CTL_RESPONSE response; - - current_state = "Trying to connect to your party's talk daemon"; - ctl_transact(his_machine_addr, msg, ANNOUNCE, &response); - remote_id = response.id_num; - if (response.answer != SUCCESS) { - if (response.answer < NANSWERS) - message(answers[response.answer]); - quit(); - } - /* leave the actual invitation on my talk daemon */ - ctl_transact(my_machine_addr, msg, LEAVE_INVITE, &response); - local_id = response.id_num; -} - -/* - * Tell the daemon to remove your invitation - */ -send_delete() -{ - - msg.type = DELETE; - /* - * This is just a extra clean up, so just send it - * and don't wait for an answer - */ - msg.id_num = htonl(remote_id); - daemon_addr.sin_addr = his_machine_addr; - if (sendto(ctl_sockt, &msg, sizeof (msg), 0, - (struct sockaddr *)&daemon_addr, - sizeof (daemon_addr)) != sizeof(msg)) - perror("send_delete (remote)"); - msg.id_num = htonl(local_id); - daemon_addr.sin_addr = my_machine_addr; - if (sendto(ctl_sockt, &msg, sizeof (msg), 0, - (struct sockaddr *)&daemon_addr, - sizeof (daemon_addr)) != sizeof (msg)) - perror("send_delete (local)"); -} diff --git a/talk.tproj/io.c b/talk.tproj/io.c deleted file mode 100644 index 7d6fd55..0000000 --- a/talk.tproj/io.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -/* - * This file contains the I/O handling and the exchange of - * edit characters. This connection itself is established in - * ctl.c - */ - -#include -#include -#include -#include -#include -#include "talk.h" - -#define A_LONG_TIME 10000000 -#define STDIN_MASK (1< -#include -#include -#include -#include -#include "talk_ctl.h" -#include "talk.h" - -/* - * See if the local daemon has an invitation for us. - */ -check_local() -{ - CTL_RESPONSE response; - register CTL_RESPONSE *rp = &response; - - /* the rest of msg was set up in get_names */ -#ifdef MSG_EOR - /* copy new style sockaddr to old, swap family (short in old) */ - msg.ctl_addr = *(struct osockaddr *)&ctl_addr; - msg.ctl_addr.sa_family = htons(ctl_addr.sin_family); -#else - msg.ctl_addr = *(struct sockaddr *)&ctl_addr; -#endif - /* must be initiating a talk */ - if (!look_for_invite(rp)) - return (0); - /* - * There was an invitation waiting for us, - * so connect with the other (hopefully waiting) party - */ - current_state = "Waiting to connect with caller"; - do { - if (rp->addr.sa_family != AF_INET) - p_error("Response uses invalid network address"); - errno = 0; - if (connect(sockt, - (struct sockaddr *)&rp->addr, sizeof (rp->addr)) != -1) - return (1); - } while (errno == EINTR); - if (errno == ECONNREFUSED) { - /* - * The caller gave up, but his invitation somehow - * was not cleared. Clear it and initiate an - * invitation. (We know there are no newer invitations, - * the talkd works LIFO.) - */ - ctl_transact(his_machine_addr, msg, DELETE, rp); - close(sockt); - open_sockt(); - return (0); - } - p_error("Unable to connect with initiator"); - /*NOTREACHED*/ -} - -/* - * Look for an invitation on 'machine' - */ -look_for_invite(rp) - CTL_RESPONSE *rp; -{ - struct in_addr machine_addr; - - current_state = "Checking for invitation on caller's machine"; - ctl_transact(his_machine_addr, msg, LOOK_UP, rp); - /* the switch is for later options, such as multiple invitations */ - switch (rp->answer) { - - case SUCCESS: - msg.id_num = htonl(rp->id_num); - return (1); - - default: - /* there wasn't an invitation waiting for us */ - return (0); - } -} diff --git a/talk.tproj/msgs.c b/talk.tproj/msgs.c deleted file mode 100644 index 7e1edb1..0000000 --- a/talk.tproj/msgs.c +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -/* - * A package to display what is happening every MSG_INTERVAL seconds - * if we are slow connecting. - */ - -#include -#include -#include -#include "talk.h" - -#define MSG_INTERVAL 4 - -char *current_state; -int current_line = 0; - -void -disp_msg() -{ - message(current_state); -} - -start_msgs() -{ - struct itimerval itimer; - - message(current_state); - signal(SIGALRM, disp_msg); - itimer.it_value.tv_sec = itimer.it_interval.tv_sec = MSG_INTERVAL; - itimer.it_value.tv_usec = itimer.it_interval.tv_usec = 0; - setitimer(ITIMER_REAL, &itimer, (struct itimerval *)0); -} - -end_msgs() -{ - struct itimerval itimer; - - timerclear(&itimer.it_value); - timerclear(&itimer.it_interval); - setitimer(ITIMER_REAL, &itimer, (struct itimerval *)0); - signal(SIGALRM, SIG_DFL); -} diff --git a/talk.tproj/talk.1 b/talk.tproj/talk.1 deleted file mode 100644 index 18c3304..0000000 --- a/talk.tproj/talk.1 +++ /dev/null @@ -1,129 +0,0 @@ -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)talk.1 8.1 (Berkeley) 6/6/93 -.\" -.Dd June 6, 1993 -.Dt TALK 1 -.Os BSD 4.2 -.Sh NAME -.Nm talk -.Nd talk to another user -.Sh SYNOPSIS -.Nm talk -.Ar person -.Op Ar ttyname -.Sh DESCRIPTION -.Nm Talk -is a visual communication program which copies lines from your -terminal to that of another user. -.Pp -Options available: -.Bl -tag -width ttyname -.It Ar person -If you wish to talk to someone on your own machine, then -.Ar person -is just the person's login name. If you wish to talk to a user on -another host, then -.Ar person -is of the form -.Ql user@host . -.It Ar ttyname -If you wish to talk to a user who is logged in more than once, the -.Ar ttyname -argument may be used to indicate the appropriate terminal -name, where -.Ar ttyname -is of the form -.Ql ttyXX . -.El -.Pp -When first called, -.Nm talk -sends the message -.Bd -literal -offset indent -compact -Message from TalkDaemon@his_machine... -talk: connection requested by your_name@your_machine. -talk: respond with: talk your_name@your_machine -.Ed -.Pp -to the user you wish to talk to. At this point, the recipient -of the message should reply by typing -.Pp -.Dl talk \ your_name@your_machine -.Pp -It doesn't matter from which machine the recipient replies, as -long as his login-name is the same. Once communication is established, -the two parties may type simultaneously, with their output appearing -in separate windows. Typing control-L -.Ql ^L -will cause the screen to -be reprinted, while your erase, kill, and word kill characters will -behave normally. To exit, just type your interrupt character; -.Nm talk -then moves the cursor to the bottom of the screen and restores the -terminal to its previous state. -.Pp -Permission to talk may be denied or granted by use of the -.Xr mesg 1 -command. At the outset talking is allowed. Certain commands, in -particular -.Xr nroff 1 -and -.Xr pr 1 , -disallow messages in order to -prevent messy output. -.Pp -.Sh FILES -.Bl -tag -width /var/run/utmp -compact -.It Pa /etc/hosts -to find the recipient's machine -.It Pa /var/run/utmp -to find the recipient's tty -.El -.Sh SEE ALSO -.Xr mail 1 , -.Xr mesg 1 , -.Xr who 1 , -.Xr write 1 -.Sh BUGS -The version of -.Xr talk 1 -released with -.Bx 4.3 -uses a protocol that -is incompatible with the protocol used in the version released with -.Bx 4.2 . -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . diff --git a/talk.tproj/talk.c b/talk.tproj/talk.c deleted file mode 100644 index 3690d01..0000000 --- a/talk.tproj/talk.c +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1983, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#include "talk.h" - -/* - * talk: A visual form of write. Using sockets, a two way - * connection is set up between the two people talking. - * With the aid of curses, the screen is split into two - * windows, and each users text is added to the window, - * one character at a time... - * - * Written by Kipp Hickman - * - * Modified to run under 4.1a by Clem Cole and Peter Moore - * Modified to run between hosts by Peter Moore, 8/19/82 - * Modified to run under 4.1c by Peter Moore 3/17/83 - */ - -main(argc, argv) - int argc; - char *argv[]; -{ - get_names(argc, argv); - init_display(); - open_ctl(); - open_sockt(); - start_msgs(); - if (!check_local()) - invite_remote(); - end_msgs(); - set_edit_chars(); - talk(); -} diff --git a/talk.tproj/talk.h b/talk.tproj/talk.h deleted file mode 100644 index 2458247..0000000 --- a/talk.tproj/talk.h +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)talk.h 8.1 (Berkeley) 6/6/93 - */ - -#include - -extern int sockt; -extern int curses_initialized; -extern int invitation_waiting; - -extern char *current_state; -extern int current_line; - -typedef struct xwin { - WINDOW *x_win; - int x_nlines; - int x_ncols; - int x_line; - int x_col; - char kill; - char cerase; - char werase; -} xwin_t; - -extern xwin_t my_win; -extern xwin_t his_win; -extern WINDOW *line_win; diff --git a/talk.tproj/talk_ctl.h b/talk.tproj/talk_ctl.h deleted file mode 100644 index bfe8416..0000000 --- a/talk.tproj/talk_ctl.h +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)talk_ctl.h 8.1 (Berkeley) 6/6/93 - */ - -extern struct sockaddr_in daemon_addr; -extern struct sockaddr_in ctl_addr; -extern struct sockaddr_in my_addr; -extern struct in_addr my_machine_addr; -extern struct in_addr his_machine_addr; -extern u_short daemon_port; -extern int ctl_sockt; -extern CTL_MSG msg; diff --git a/talkd.tproj/Makefile b/talkd.tproj/Makefile deleted file mode 100644 index 30285e6..0000000 --- a/talkd.tproj/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = ntalkd - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = talkd.h - -CFILES = announce.c print.c process.c table.c talkd.c - -OTHERSRCS = Makefile Makefile.dist Makefile.postamble Makefile.preamble\ - talkd.8 ntalk.plist - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/libexec -WINDOWS_INSTALLDIR = /usr/libexec -PDO_UNIX_INSTALLDIR = /usr/libexec -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/talkd.tproj/Makefile.dist b/talkd.tproj/Makefile.dist deleted file mode 100644 index 51f6806..0000000 --- a/talkd.tproj/Makefile.dist +++ /dev/null @@ -1,8 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 6/4/93 - -PROG= ntalkd -SRCS= talkd.c announce.c process.c table.c print.c ttymsg.c -.PATH: ${.CURDIR}/../../usr.bin/wall -MAN8= talkd.0 - -.include diff --git a/talkd.tproj/Makefile.postamble b/talkd.tproj/Makefile.postamble deleted file mode 100644 index 62e6095..0000000 --- a/talkd.tproj/Makefile.postamble +++ /dev/null @@ -1,116 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# ENGLISH - boolean flag set iff $(LANGUAGE) = "English" -# JAPANESE - boolean flag set iff $(LANGUAGE) = "Japanese" -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder that output Makefile -# APPICON - application icon file -# DOCICONS - dock icon files -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A -#COMPATIBILITY_PROJECT_VERSION = 1 - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wall -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root # User/group ownership -#INSTALL_AS_GROUP = wheel # (probably want to set both of these) -#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S # for .a archives -#DYNAMIC_STRIP_OPTS = -S # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. - -VPATH += :../wall.tproj - -after_install: - mkdir -p "$(DSTROOT)/System/Library/LaunchDaemons" - cp ntalk.plist "$(DSTROOT)/System/Library/LaunchDaemons/" diff --git a/talkd.tproj/Makefile.preamble b/talkd.tproj/Makefile.preamble deleted file mode 100644 index 9764639..0000000 --- a/talkd.tproj/Makefile.preamble +++ /dev/null @@ -1,120 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set all three of these if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the specified dir on the -# specified public header files with the specified additional flags. Don't put -# $(DSTROOT) in PUBLIC_HEADER_DIR; this is done for you. -PUBLIC_HEADER_DIR = -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES= ttymsg.o -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# A virtual root directory (other than /) to be prepended to the $(INSTALLDIR) -# passed from ProjectBuilder. -DSTROOT = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - -OTHER_OFILES = ttymsg.o --include ../Makefile.include diff --git a/talkd.tproj/PB.project b/talkd.tproj/PB.project deleted file mode 100644 index 15be3ec..0000000 --- a/talkd.tproj/PB.project +++ /dev/null @@ -1,39 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (talkd.h); - M_FILES = (); - OTHER_LINKED = (announce.c, print.c, process.c, table.c, talkd.c); - OTHER_SOURCES = (Makefile, Makefile.dist, Makefile.postamble, Makefile.preamble, talkd.8); - PRECOMPILED_HEADERS = (); - PROJECT_HEADERS = (); - PUBLIC_HEADERS = (); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/libexec; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/libexec; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = ntalkd; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/libexec; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/talkd.tproj/announce.c b/talkd.tproj/announce.c deleted file mode 100644 index cda84a1..0000000 --- a/talkd.tproj/announce.c +++ /dev/null @@ -1,191 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)announce.c 8.3 (Berkeley) 1/7/94"; -#endif /* not lint */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "talkd.h" - -extern char hostname[]; - -int print_mesg __P((char *tty, CTL_MSG *request, char *remote_machine)); - -/* - * Announce an invitation to talk. - */ - -/* - * See if the user is accepting messages. If so, announce that - * a talk is requested. - */ -int -announce(request, remote_machine) - CTL_MSG *request; - char *remote_machine; -{ - char full_tty[32]; - struct stat stbuf; - - (void)snprintf(full_tty, sizeof(full_tty), - "%s%s", _PATH_DEV, request->r_tty); - if (stat(full_tty, &stbuf) < 0 || (stbuf.st_mode&020) == 0) - return (PERMISSION_DENIED); - return (print_mesg(request->r_tty, request, remote_machine)); -} - -#define max(a,b) ( (a) > (b) ? (a) : (b) ) -#define N_LINES 5 -#define N_CHARS 256 - -/* - * Build a block of characters containing the message. - * It is sent blank filled and in a single block to - * try to keep the message in one piece if the recipient - * in in vi at the time - */ -int -print_mesg(tty, request, remote_machine) - char *tty; - CTL_MSG *request; - char *remote_machine; -{ - struct timeval clock; - struct timezone zone; - struct tm *localtime(); - struct tm *localclock; - struct iovec iovec; - char line_buf[N_LINES][N_CHARS]; - int sizes[N_LINES]; - char big_buf[N_LINES*N_CHARS]; - char *bptr, *lptr, *vis_user; - int i, j, max_size; - - i = 0; - max_size = 0; - gettimeofday(&clock, &zone); - localclock = localtime( &clock.tv_sec ); - (void)snprintf(line_buf[i], N_CHARS, " "); - sizes[i] = strlen(line_buf[i]); - max_size = max(max_size, sizes[i]); - i++; - (void)snprintf(line_buf[i], N_CHARS, - "Message from Talk_Daemon@%s at %d:%02d ...", - hostname, localclock->tm_hour , localclock->tm_min ); - sizes[i] = strlen(line_buf[i]); - max_size = max(max_size, sizes[i]); - i++; - - vis_user = malloc(strlen(request->l_name) * 4 + 1); - strvis(vis_user, request->l_name, VIS_CSTYLE); - (void)snprintf(line_buf[i], N_CHARS, - "talk: connection requested by %s@%s", vis_user, remote_machine); - sizes[i] = strlen(line_buf[i]); - max_size = max(max_size, sizes[i]); - i++; - (void)snprintf(line_buf[i], N_CHARS, "talk: respond with: talk %s@%s", - vis_user, remote_machine); - sizes[i] = strlen(line_buf[i]); - max_size = max(max_size, sizes[i]); - i++; - (void)snprintf(line_buf[i], N_CHARS, " "); - sizes[i] = strlen(line_buf[i]); - max_size = max(max_size, sizes[i]); - i++; - bptr = big_buf; - *bptr++ = ''; /* send something to wake them up */ - *bptr++ = '\r'; /* add a \r in case of raw mode */ - *bptr++ = '\n'; - for (i = 0; i < N_LINES; i++) { - /* copy the line into the big buffer */ - lptr = line_buf[i]; - while (*lptr != '\0') - *(bptr++) = *(lptr++); - /* pad out the rest of the lines with blanks */ - for (j = sizes[i]; j < max_size + 2; j++) - *(bptr++) = ' '; - *(bptr++) = '\r'; /* add a \r in case of raw mode */ - *(bptr++) = '\n'; - } - *bptr = '\0'; - iovec.iov_base = big_buf; - iovec.iov_len = bptr - big_buf; - /* - * we choose a timeout of RING_WAIT-5 seconds so that we don't - * stack up processes trying to write messages to a tty - * that is permanently blocked. - */ - if (ttymsg(&iovec, 1, tty, RING_WAIT - 5) != NULL) - return (FAILED); - - return (SUCCESS); -} diff --git a/talkd.tproj/ntalk.plist b/talkd.tproj/ntalk.plist deleted file mode 100644 index 2e63da2..0000000 --- a/talkd.tproj/ntalk.plist +++ /dev/null @@ -1,29 +0,0 @@ - - - - - Disabled - - Label - com.apple.ntalkd - ProgramArguments - - /usr/libexec/ntalkd - - inetdCompatibility - - Wait - - - Sockets - - Listeners - - SockServiceName - ntalk - SockType - dgram - - - - diff --git a/talkd.tproj/print.c b/talkd.tproj/print.c deleted file mode 100644 index 74f7aa8..0000000 --- a/talkd.tproj/print.c +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)print.c 8.1 (Berkeley) 6/4/93"; -#endif /* not lint */ - -/* debug print routines */ - -#include -#include -#include -#include -#include - -static char *types[] = - { "leave_invite", "look_up", "delete", "announce" }; -#define NTYPES (sizeof (types) / sizeof (types[0])) -static char *answers[] = - { "success", "not_here", "failed", "machine_unknown", "permission_denied", - "unknown_request", "badversion", "badaddr", "badctladdr" }; -#define NANSWERS (sizeof (answers) / sizeof (answers[0])) - -void -print_request(cp, mp) - char *cp; - register CTL_MSG *mp; -{ - char tbuf[80], *tp; - - if (mp->type > NTYPES) { - (void)sprintf(tbuf, "type %d", mp->type); - tp = tbuf; - } else - tp = types[mp->type]; - syslog(LOG_DEBUG, "%s: %s: id %d, l_user %s, r_user %s, r_tty %s", - cp, tp, mp->id_num, mp->l_name, mp->r_name, mp->r_tty); -} - -void -print_response(cp, rp) - char *cp; - register CTL_RESPONSE *rp; -{ - char tbuf[80], *tp, abuf[80], *ap; - - if (rp->type > NTYPES) { - (void)sprintf(tbuf, "type %d", rp->type); - tp = tbuf; - } else - tp = types[rp->type]; - if (rp->answer > NANSWERS) { - (void)sprintf(abuf, "answer %d", rp->answer); - ap = abuf; - } else - ap = answers[rp->answer]; - syslog(LOG_DEBUG, "%s: %s: %s, id %d", cp, tp, ap, ntohl(rp->id_num)); -} diff --git a/talkd.tproj/process.c b/talkd.tproj/process.c deleted file mode 100644 index c7d7b2c..0000000 --- a/talkd.tproj/process.c +++ /dev/null @@ -1,246 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)process.c 8.2 (Berkeley) 11/16/93"; -#endif /* not lint */ - -/* - * process.c handles the requests, which can be of three types: - * ANNOUNCE - announce to a user that a talk is wanted - * LEAVE_INVITE - insert the request into the table - * LOOK_UP - look up to see if a request is waiting in - * in the table for the local user - * DELETE - delete invitation - */ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "talkd.h" - -CTL_MSG *find_request(); -CTL_MSG *find_match(); - -void -process_request(mp, rp) - register CTL_MSG *mp; - register CTL_RESPONSE *rp; -{ - register CTL_MSG *ptr; - extern int debug; - - rp->vers = TALK_VERSION; - rp->type = mp->type; - rp->id_num = htonl(0); - if (mp->vers != TALK_VERSION) { - syslog(LOG_WARNING, "Bad protocol version %d", mp->vers); - rp->answer = BADVERSION; - return; - } - mp->id_num = ntohl(mp->id_num); - mp->addr.sa_family = ntohs(mp->addr.sa_family); - if (mp->addr.sa_family != AF_INET) { - syslog(LOG_WARNING, "Bad address, family %d", - mp->addr.sa_family); - rp->answer = BADADDR; - return; - } - mp->ctl_addr.sa_family = ntohs(mp->ctl_addr.sa_family); - if (mp->ctl_addr.sa_family != AF_INET) { - syslog(LOG_WARNING, "Bad control address, family %d", - mp->ctl_addr.sa_family); - rp->answer = BADCTLADDR; - return; - } - mp->pid = ntohl(mp->pid); - if (debug) - print_request("process_request", mp); - switch (mp->type) { - - case ANNOUNCE: - do_announce(mp, rp); - break; - - case LEAVE_INVITE: - ptr = find_request(mp); - if (ptr != (CTL_MSG *)0) { - rp->id_num = htonl(ptr->id_num); - rp->answer = SUCCESS; - } else - insert_table(mp, rp); - break; - - case LOOK_UP: - ptr = find_match(mp); - if (ptr != (CTL_MSG *)0) { - rp->id_num = htonl(ptr->id_num); - rp->addr = ptr->addr; - rp->addr.sa_family = htons(ptr->addr.sa_family); - rp->answer = SUCCESS; - } else - rp->answer = NOT_HERE; - break; - - case DELETE: - rp->answer = delete_invite(mp->id_num); - break; - - default: - rp->answer = UNKNOWN_REQUEST; - break; - } - if (debug) - print_response("process_request", rp); -} - -void -do_announce(mp, rp) - register CTL_MSG *mp; - CTL_RESPONSE *rp; -{ - struct hostent *hp; - CTL_MSG *ptr; - int result; - - /* see if the user is logged */ - result = find_user(mp->r_name, mp->r_tty); - if (result != SUCCESS) { - rp->answer = result; - return; - } -#define satosin(sa) ((struct sockaddr_in *)(sa)) - hp = gethostbyaddr((char *)&satosin(&mp->ctl_addr)->sin_addr, - sizeof (struct in_addr), AF_INET); - if (hp == (struct hostent *)0) { - rp->answer = MACHINE_UNKNOWN; - return; - } - ptr = find_request(mp); - if (ptr == (CTL_MSG *) 0) { - insert_table(mp, rp); - rp->answer = announce(mp, hp->h_name); - return; - } - if (mp->id_num > ptr->id_num) { - /* - * This is an explicit re-announce, so update the id_num - * field to avoid duplicates and re-announce the talk. - */ - ptr->id_num = new_id(); - rp->id_num = htonl(ptr->id_num); - rp->answer = announce(mp, hp->h_name); - } else { - /* a duplicated request, so ignore it */ - rp->id_num = htonl(ptr->id_num); - rp->answer = SUCCESS; - } -} - -#include - -/* - * Search utmp for the local user - */ -int -find_user(name, tty) - char *name, *tty; -{ - struct utmp ubuf; - int status; - FILE *fd; - struct stat statb; - char line[sizeof(ubuf.ut_line) + 1]; - char ftty[sizeof(_PATH_DEV) - 1 + sizeof(line)]; - - if ((fd = fopen(_PATH_UTMP, "r")) == NULL) { - fprintf(stderr, "talkd: can't read %s.\n", _PATH_UTMP); - return (FAILED); - } -#define SCMPN(a, b) strncmp(a, b, sizeof (a)) - status = NOT_HERE; - (void) strcpy(ftty, _PATH_DEV); - while (fread((char *) &ubuf, sizeof ubuf, 1, fd) == 1) - if (SCMPN(ubuf.ut_name, name) == 0) { - strncpy(line, ubuf.ut_line, sizeof(ubuf.ut_line)); - line[sizeof(ubuf.ut_line)] = '\0'; - if (*tty == '\0') { - status = PERMISSION_DENIED; - /* no particular tty was requested */ - (void) strcpy(ftty + sizeof(_PATH_DEV) - 1, - line); - if (stat(ftty, &statb) == 0) { - if (!(statb.st_mode & 020)) - continue; - (void) strcpy(tty, line); - status = SUCCESS; - break; - } - } - if (strcmp(line, tty) == 0) { - status = SUCCESS; - break; - } - } - fclose(fd); - return (status); -} diff --git a/talkd.tproj/table.c b/talkd.tproj/table.c deleted file mode 100644 index df3fb23..0000000 --- a/talkd.tproj/table.c +++ /dev/null @@ -1,263 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)table.c 8.1 (Berkeley) 6/4/93"; -#endif /* not lint */ - -/* - * Routines to handle insertion, deletion, etc on the table - * of requests kept by the daemon. Nothing fancy here, linear - * search on a double-linked list. A time is kept with each - * entry so that overly old invitations can be eliminated. - * - * Consider this a mis-guided attempt at modularity - */ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "talkd.h" - -#define MAX_ID 16000 /* << 2^15 so I don't have sign troubles */ - -#define NIL ((TABLE_ENTRY *)0) - -extern int debug; -struct timeval tp; -struct timezone txp; - -typedef struct table_entry TABLE_ENTRY; - -struct table_entry { - CTL_MSG request; - long time; - TABLE_ENTRY *next; - TABLE_ENTRY *last; -}; - -TABLE_ENTRY *table = NIL; -CTL_MSG *find_request(); -CTL_MSG *find_match(); - -void delete __P((TABLE_ENTRY *ptr)); - -/* - * Look in the table for an invitation that matches the current - * request looking for an invitation - */ -CTL_MSG * -find_match(request) - register CTL_MSG *request; -{ - register TABLE_ENTRY *ptr; - time_t current_time; - - gettimeofday(&tp, &txp); - current_time = tp.tv_sec; - if (debug) - print_request("find_match", request); - for (ptr = table; ptr != NIL; ptr = ptr->next) { - if ((ptr->time - current_time) > MAX_LIFE) { - /* the entry is too old */ - if (debug) - print_request("deleting expired entry", - &ptr->request); - delete(ptr); - continue; - } - if (debug) - print_request("", &ptr->request); - if (strcmp(request->l_name, ptr->request.r_name) == 0 && - strcmp(request->r_name, ptr->request.l_name) == 0 && - ptr->request.type == LEAVE_INVITE) - return (&ptr->request); - } - return ((CTL_MSG *)0); -} - -/* - * Look for an identical request, as opposed to a complimentary - * one as find_match does - */ -CTL_MSG * -find_request(request) - register CTL_MSG *request; -{ - register TABLE_ENTRY *ptr; - time_t current_time; - - gettimeofday(&tp, &txp); - current_time = tp.tv_sec; - /* - * See if this is a repeated message, and check for - * out of date entries in the table while we are it. - */ - if (debug) - print_request("find_request", request); - for (ptr = table; ptr != NIL; ptr = ptr->next) { - if ((ptr->time - current_time) > MAX_LIFE) { - /* the entry is too old */ - if (debug) - print_request("deleting expired entry", - &ptr->request); - delete(ptr); - continue; - } - if (debug) - print_request("", &ptr->request); - if (strcmp(request->r_name, ptr->request.r_name) == 0 && - strcmp(request->l_name, ptr->request.l_name) == 0 && - request->type == ptr->request.type && - request->pid == ptr->request.pid) { - /* update the time if we 'touch' it */ - ptr->time = current_time; - return (&ptr->request); - } - } - return ((CTL_MSG *)0); -} - -void -insert_table(request, response) - CTL_MSG *request; - CTL_RESPONSE *response; -{ - register TABLE_ENTRY *ptr; - time_t current_time; - - gettimeofday(&tp, &txp); - current_time = tp.tv_sec; - request->id_num = new_id(); - response->id_num = htonl(request->id_num); - /* insert a new entry into the top of the list */ - ptr = (TABLE_ENTRY *)malloc(sizeof(TABLE_ENTRY)); - if (ptr == NIL) { - syslog(LOG_ERR, "insert_table: Out of memory"); - _exit(1); - } - ptr->time = current_time; - ptr->request = *request; - ptr->next = table; - if (ptr->next != NIL) - ptr->next->last = ptr; - ptr->last = NIL; - table = ptr; -} - -/* - * Generate a unique non-zero sequence number - */ -int -new_id() -{ - static int current_id = 0; - - current_id = (current_id + 1) % MAX_ID; - /* 0 is reserved, helps to pick up bugs */ - if (current_id == 0) - current_id = 1; - return (current_id); -} - -/* - * Delete the invitation with id 'id_num' - */ -int -delete_invite(id_num) - int id_num; -{ - register TABLE_ENTRY *ptr; - - ptr = table; - if (debug) - syslog(LOG_DEBUG, "delete_invite(%d)", id_num); - for (ptr = table; ptr != NIL; ptr = ptr->next) { - if (ptr->request.id_num == id_num) - break; - if (debug) - print_request("", &ptr->request); - } - if (ptr != NIL) { - delete(ptr); - return (SUCCESS); - } - return (NOT_HERE); -} - -/* - * Classic delete from a double-linked list - */ -void -delete(ptr) - register TABLE_ENTRY *ptr; -{ - - if (debug) - print_request("delete", &ptr->request); - if (table == ptr) - table = ptr->next; - else if (ptr->last != NIL) - ptr->last->next = ptr->next; - if (ptr->next != NIL) - ptr->next->last = ptr->last; - free((char *)ptr); -} diff --git a/talkd.tproj/talkd.8 b/talkd.tproj/talkd.8 deleted file mode 100644 index 36dfb28..0000000 --- a/talkd.tproj/talkd.8 +++ /dev/null @@ -1,75 +0,0 @@ -.\" Copyright (c) 1983, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)talkd.8 8.2 (Berkeley) 12/11/93 -.\" -.Dd December 11, 1993 -.Dt TALKD 8 -.Os BSD 4.3 -.Sh NAME -.Nm talkd -.Nd remote user communication server -.Sh SYNOPSIS -.Nm talkd -.Sh DESCRIPTION -.Nm Talkd -is the server that notifies a user that someone else wants to -initiate a conversation. -It acts as a repository of invitations, responding to requests -by clients wishing to rendezvous to hold a conversation. -In normal operation, a client, the caller, -initiates a rendezvous by sending a -.Tn CTL_MSG -to the server of -type -.Tn LOOK_UP -(see -.Aq Pa protocols/talkd.h ) . -This causes the server to search its invitation -tables to check if an invitation currently exists for the caller -(to speak to the callee specified in the message). -If the lookup fails, -the caller then sends an -.Tn ANNOUNCE -message causing the server to -broadcast an announcement on the callee's login ports requesting contact. -When the callee responds, the local server uses the -recorded invitation to respond with the appropriate rendezvous -address and the caller and callee client programs establish a -stream connection through which the conversation takes place. -.Sh SEE ALSO -.Xr talk 1 , -.Xr write 1 -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.3 . diff --git a/talkd.tproj/talkd.c b/talkd.tproj/talkd.c deleted file mode 100644 index 7281351..0000000 --- a/talkd.tproj/talkd.c +++ /dev/null @@ -1,153 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1983, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -static char sccsid[] = "@(#)talkd.c 8.1 (Berkeley) 6/4/93"; -#endif /* not lint */ - -/* - * The top level of the daemon, the format is heavily borrowed - * from rwhod.c. Basically: find out who and where you are; - * disconnect all descriptors and ttys, and then endless - * loop on waiting for and processing requests - */ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "talkd.h" - -CTL_MSG request; -CTL_RESPONSE response; - -int sockt; -int debug = 0; -void timeout(); -long lastmsgtime; - -char hostname[MAXHOSTNAMELEN + 1]; - -#define TIMEOUT 30 -#define MAXIDLE 120 - -void -main(argc, argv) - int argc; - char *argv[]; -{ - register CTL_MSG *mp = &request; - int cc; - - if (getuid()) { - fprintf(stderr, "%s: getuid: not super-user\n", argv[0]); - exit(1); - } - openlog("talkd", LOG_PID, LOG_DAEMON); - if (gethostname(hostname, sizeof (hostname) - 1) < 0) { - syslog(LOG_ERR, "gethostname: %m"); - _exit(1); - } - if (chdir(_PATH_DEV) < 0) { - syslog(LOG_ERR, "chdir: %s: %m", _PATH_DEV); - _exit(1); - } - if (argc > 1 && strcmp(argv[1], "-d") == 0) - debug = 1; - signal(SIGALRM, timeout); - alarm(TIMEOUT); - for (;;) { - extern int errno; - - cc = recv(0, (char *)mp, sizeof (*mp), 0); - if (cc != sizeof (*mp)) { - if (cc < 0 && errno != EINTR) - syslog(LOG_WARNING, "recv: %m"); - continue; - } - lastmsgtime = time(0); - process_request(mp, &response); - /* can block here, is this what I want? */ - cc = sendto(sockt, (char *)&response, - sizeof (response), 0, (struct sockaddr *)&mp->ctl_addr, - sizeof (mp->ctl_addr)); - if (cc != sizeof (response)) - syslog(LOG_WARNING, "sendto: %m"); - } -} - -void -timeout() -{ - - if (time(0) - lastmsgtime >= MAXIDLE) - _exit(0); - alarm(TIMEOUT); -} diff --git a/talkd.tproj/talkd.h b/talkd.tproj/talkd.h deleted file mode 100644 index 9a686c5..0000000 --- a/talkd.tproj/talkd.h +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -extern int announce __P((CTL_MSG *request, char *remote_machine)); -extern void do_announce __P((CTL_MSG *mp, CTL_RESPONSE *rp)); -extern int delete_invite __P((int id_num)); -extern int find_user __P((char *name, char *tty)); -extern void insert_table __P((CTL_MSG *request, CTL_RESPONSE *response)); -extern int new_id __P((void)); -extern void print_request __P((char *cp, CTL_MSG *mp)); -extern void print_response __P((char *cp, CTL_RESPONSE *rp)); -extern void process_request __P((CTL_MSG *mp, CTL_RESPONSE *rp)); diff --git a/telnet.tproj/Makefile b/telnet.tproj/Makefile deleted file mode 100644 index 5b2c075..0000000 --- a/telnet.tproj/Makefile +++ /dev/null @@ -1,57 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = telnet - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = externs.h fdset.h general.h krb4-proto.h ring.h types.h\ - defines.h misc.h misc-proto.h - -CFILES = authenc.c commands.c main.c network.c ring.c sys_bsd.c\ - telnet.c terminal.c tn3270.c utilities.c - -OTHERSRCS = Makefile.preamble Makefile README telnet.1 Makefile.dist Makefile.postamble - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /usr/bin -PDO_UNIX_INSTALLDIR = /usr/bin -LIBS = -lcurses -lkrb4 -lkrb5 -lipsec -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - -NEXTSTEP_PB_CFLAGS = -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DENV_HACK -DAUTHENTICATION -DENCRYPTION -DKRB4 -DKRB5 -DSKEY -DIPSEC -DINET6 -DFORWARD -WINDOWS_PB_CFLAGS = -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DENV_HACK -DAUTHENTICATION -DENCRYPTION -DKRB4 -DKRB5 -DSKEY -DIPSEC -DINET6 -DFORWARD -PDO_UNIX_PB_CFLAGS = -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DENV_HACK -DAUTHENTICATION -DENCRYPTION -DKRB4 -DKRB5 -DSKEY -DIPSEC -DINET6 -DFORWARD - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/telnet.tproj/Makefile.dist b/telnet.tproj/Makefile.dist deleted file mode 100644 index 2e38a28..0000000 --- a/telnet.tproj/Makefile.dist +++ /dev/null @@ -1,73 +0,0 @@ -# -# Copyright (c) 1990 The Regents of the University of California. -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# 3. All advertising materials mentioning features or use of this software -# must display the following acknowledgement: -# This product includes software developed by the University of -# California, Berkeley and its contributors. -# 4. Neither the name of the University nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# @(#)Makefile 8.1 (Berkeley) 6/6/93 -# - -PROG= telnet - -CFLAGS+=-DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATION -DENCRYPTION -CFLAGS+=-DENV_HACK -CFLAGS+=-I${.CURDIR}/../../lib - -CFLAGS+= -DKRB4 - -LDADD= -ltermcap -ltelnet -LDADD+= -lkrb -ldes -DPADD= ${LIBTERMCAP} - -SRCS= authenc.c commands.c main.c network.c ring.c sys_bsd.c telnet.c \ - terminal.c tn3270.c utilities.c - -# These are the sources that have encryption stuff in them. -CRYPT_SRC= authenc.c commands.c externs.h main.c network.c -CRYPT_SRC+= ring.c ring.h telnet.c terminal.c utilities.c Makefile -NOCRYPT_DIR=${.CURDIR}/Nocrypt - -.include - -nocrypt: -#ifdef ENCRYPTION - @for i in ${CRYPT_SRC}; do \ - if [ ! -d ${NOCRYPT_DIR} ]; then \ - echo Creating subdirectory ${NOCRYPT_DIR}; \ - mkdir ${NOCRYPT_DIR}; \ - fi; \ - echo ${NOCRYPT_DIR}/$$i; \ - unifdef -UENCRYPTION ${.CURDIR}/$$i | \ - sed "s/ || defined(ENCRYPTION)//" > ${NOCRYPT_DIR}/$$i; \ - done - -placeholder: -#else /* ENCRYPTION */ - @echo "Encryption code already removed." -#endif /* ENCRYPTION */ diff --git a/telnet.tproj/Makefile.postamble b/telnet.tproj/Makefile.postamble deleted file mode 100644 index e1a5207..0000000 --- a/telnet.tproj/Makefile.postamble +++ /dev/null @@ -1,3 +0,0 @@ -after_install: - install -d $(DSTROOT)/usr/share/man/man1 - install -c -m 444 telnet.1 $(DSTROOT)/usr/share/man/man1 diff --git a/telnet.tproj/Makefile.preamble b/telnet.tproj/Makefile.preamble deleted file mode 100644 index 0f58055..0000000 --- a/telnet.tproj/Makefile.preamble +++ /dev/null @@ -1,4 +0,0 @@ -CLEAN_ALL_SUBPROJECTS = YES -OTHER_GENERATED_OFILES = $(VERS_OFILE) -OTHER_LIBS = -ltelnet --include ../Makefile.include diff --git a/telnet.tproj/PB.project b/telnet.tproj/PB.project deleted file mode 100644 index 23bd9c5..0000000 --- a/telnet.tproj/PB.project +++ /dev/null @@ -1,47 +0,0 @@ -{ - DOCICONFILES = (); - FILESTABLE = { - C_FILES = (); - H_FILES = (externs.h, fdset.h, general.h, "krb4-proto.h", ring.h, types.h, defines.h); - OTHER_LIBS = (); - OTHER_LINKED = ( - authenc.c, - commands.c, - main.c, - network.c, - ring.c, - sys_bsd.c, - telnet.c, - terminal.c, - tn3270.c, - utilities.c - ); - OTHER_SOURCES = (Makefile.preamble, Makefile, README, telnet.1, Makefile.dist); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_COMPILEROPTIONS = "-DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DENV_HACK # -DAUTHENTICATION -DENCRYPTION -DKRB4"; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = "-DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DENV_HACK # -DAUTHENTICATION -DENCRYPTION -DKRB4"; - PDO_UNIX_INSTALLDIR = /usr/bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = telnet; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = "-DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DENV_HACK # -DAUTHENTICATION -DENCRYPTION -DKRB4"; - WINDOWS_INSTALLDIR = /usr/bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/telnet.tproj/README b/telnet.tproj/README deleted file mode 100644 index 37b588f..0000000 --- a/telnet.tproj/README +++ /dev/null @@ -1,743 +0,0 @@ - -This is a distribution of both client and server telnet. These programs -have been compiled on: - telnet telnetd - 4.4 BSD-Lite x x - 4.3 BSD Reno X X - UNICOS 9.1 X X - UNICOS 9.0 X X - UNICOS 8.0 X X - BSDI 2.0 X X - Solaris 2.4 x x (no linemode in server) - SunOs 4.1.4 X X (no linemode in server) - Ultrix 4.3 X X (no linemode in server) - Ultrix 4.1 X X (no linemode in server) - -In addition, previous versions have been compiled on the following -machines, but were not available for testing this version. - telnet telnetd - Next1.0 X X - UNICOS 8.3 X X - UNICOS 7.C X X - UNICOS 7.0 X X - SunOs 4.0.3c X X (no linemode in server) - 4.3 BSD X X (no linemode in server) - DYNIX V3.0.12 X X (no linemode in server) - Ultrix 3.1 X X (no linemode in server) - Ultrix 4.0 X X (no linemode in server) - SunOs 3.5 X X (no linemode in server) - SunOs 4.1.3 X X (no linemode in server) - Solaris 2.2 x x (no linemode in server) - Solaris 2.3 x x (no linemode in server) - BSDI 1.0 X X - BSDI 1.1 X X - DYNIX V3.0.17.9 X X (no linemode in server) - HP-UX 8.0 x x (no linemode in server) - -This code should work, but there are no guarantees. - -May 30, 1995 - -This release represents what is on the 4.4BSD-Lite2 release, which -should be the final BSD release. I will continue to support of -telnet, The code (without encryption) is available via anonymous ftp -from ftp.cray.com, in src/telnet/telnet.YY.MM.DD.NE.tar.Z, where -YY.MM.DD is replaced with the year, month and day of the release. -If you can't find it at one of these places, at some point in the -near future information about the latest releases should be available -from ftp.borman.com. - -In addition, the version with the encryption code is available via -ftp from net-dist.mit.edu, in the directory /pub/telnet. There -is a README file there that gives further information on how -to get the distribution. - -Questions, comments, bug reports and bug fixes can be sent to -one of these addresses: - dab@borman.com - dab@cray.com - dab@bsdi.com - -This release is mainly bug fixes and code cleanup. - - Replace all calls to bcopy()/bzero() with calls to - memmove()/memset() and all calls to index()/rindex() - with calls to strchr()/strrchr(). - - Add some missing diagnostics for option tracing - to telnetd. - - Add support for BSDI 2.0 and Solaris 2.4. - - Add support for UNICOS 8.0 - - Get rid of expanded tabs and trailing white spaces. - - From Paul Vixie: - Fix for telnet going into an endless spin - when the session dies abnormally. - - From Jef Poskanzer: - Changes to allow telnet to compile - under SunOS 3.5. - - From Philip Guenther: - makeutx() doesn't expand utmpx, - use pututxline() instead. - - From Chris Torek: - Add a sleep(1) before execing login - to avoid race condition that can eat - up the login prompt. - Use terminal speed directly if it is - not an encoded value. - - From Steve Parker: - Fix to realloc() call. Fix for execing - login on solaris with no user name. - -January 19, 1994 - -This is a list of some of the changes since the last tar release -of telnet/telnetd. There are probably other changes that aren't -listed here, but this should hit a lot of the main ones. - - General: - Changed #define for AUTHENTICATE to AUTHENTICATION - Changed #define for ENCRYPT to ENCRYPTION - Changed #define for DES_ENCRYPT to DES_ENCRYPTION - - Added support for SPX authentication: -DSPX - - Added support for Kerberos Version 5 authentication: -DKRB5 - - Added support for ANSI C function prototypes - - Added support for the NEW-ENVIRON option (RFC-1572) - including support for USERVAR. - - Made support for the old Environment Option (RFC-1408) - conditional on -DOLD_ENVIRON - - Added #define ENV_HACK - support for RFC 1571 - - The encryption code is removed from the public distributions. - Domestic 4.4 BSD distributions contain the encryption code. - - ENV_HACK: Code to deal with systems that only implement - the old ENVIRON option, and have reversed definitions - of ENV_VAR and ENV_VAL. Also fixes ENV processing in - client to handle things besides just the default set... - - NO_BSD_SETJMP: UNICOS configuration for - UNICOS 6.1/6.0/5.1/5.0 systems. - - STREAMSPTY: Use /dev/ptmx to get a clean pty. This - is for SVr4 derivatives (Like Solaris) - - UTMPX: For systems that have /etc/utmpx. This is for - SVr4 derivatives (Like Solaris) - - Definitions for BSDI 1.0 - - Definitions for 4.3 Reno and 4.4 BSD. - - Definitions for UNICOS 8.0 and UNICOS 7.C - - Definitions for Solaris 2.0 - - Definitions for HP-UX 8.0 - - Latest Copyright notices from Berkeley. - - FLOW-CONTROL: support for RFC-XXXx - - - Client Specific: - - Fix the "send" command to not send garbage... - - Fix status message for "skiprc" - - Make sure to send NAWS after telnet has been suspended - or an external command has been run, if the window size - has changed. - - sysV88 support. - - Server Specific: - - Support flowcontrol option in non-linemode servers. - - -k Server supports Kludge Linemode, but will default to - either single character mode or real Linemode support. - The user will have to explicitly ask to switch into - kludge linemode. ("stty extproc", or escape back to - to telnet and say "mode line".) - - -u Specify the length of the hostname field in the utmp - file. Hostname longer than this length will be put - into the utmp file in dotted decimal notation, rather - than putting in a truncated hostname. - - -U Registered hosts only. If a reverse hostname lookup - fails, the connection will be refused. - - -f/-F - Allows forwarding of credentials for KRB5. - -Februrary 22, 1991: - - Features: - - This version of telnet/telnetd has support for both - the AUTHENTICATION and ENCRYPTION options. The - AUTHENTICATION option is fairly well defined, and - an option number has been assigned to it. The - ENCRYPTION option is still in a state of flux; an - option number has been assigned to, but it is still - subject to change. The code is provided in this release - for experimental and testing purposes. - - The telnet "send" command can now be used to send - do/dont/will/wont commands, with any telnet option - name. The rules for when do/dont/will/wont are sent - are still followed, so just because the user requests - that one of these be sent doesn't mean that it will - be sent... - - The telnet "getstatus" command no longer requires - that option printing be enabled to see the response - to the "DO STATUS" command. - - A -n flag has been added to telnetd to disable - keepalives. - - A new telnet command, "auth" has been added (if - AUTHENTICATE is defined). It has four sub-commands, - "status", "disable", "enable" and "help". - - A new telnet command, "encrypt" has been added (if - ENCRYPT is defined). It has many sub-commands: - "enable", "type", "start", "stop", "input", - "-input", "output", "-output", "status", and "help". - - The LOGOUT option is now supported by both telnet - and telnetd, a new command, "logout", was added - to support this. - - Several new toggle options were added: - "autoencrypt", "autodecrypt", "autologin", "authdebug", - "encdebug", "skiprc", "verbose_encrypt" - - An "rlogin" interface has been added. If the program - is named "rlogin", or the "-r" flag is given, then - an rlogin type of interface will be used. - ~. Terminates the session - ~ Suspend the session - ~^] Escape to telnet command mode - ~~ Pass through the ~. - BUG: If you type the rlogin escape character - in the middle of a line while in rlogin - mode, you cannot erase it or any characters - before it. Hopefully this can be fixed - in a future release... - - General changes: - - A "libtelnet.a" has now been created. This libraray - contains code that is common to both telnet and - telnetd. This is also where library routines that - are needed, but are not in the standard C library, - are placed. - - The makefiles have been re-done. All of the site - specific configuration information has now been put - into a single "Config.generic" file, in the top level - directory. Changing this one file will take care of - all three subdirectories. Also, to add a new/local - definition, a "Config.local" file may be created - at the top level; if that file exists, the subdirectories - will use that file instead of "Config.generic". - - Many 1-2 line functions in commands.c have been - removed, and just inserted in-line, or replaced - with a macro. - - Bug Fixes: - - The non-termio code in both telnet and telnetd was - setting/clearing CTLECH in the sg_flags word. This - was incorrect, and has been changed to set/clear the - LCTLECH bit in the local mode word. - - The SRCRT #define has been removed. If IP_OPTIONS - and IPPROTO_IP are defined on the system, then the - source route code is automatically enabled. - - The NO_GETTYTAB #define has been removed; there - is a compatability routine that can be built into - libtelnet to achive the same results. - - The server, telnetd, has been switched to use getopt() - for parsing the argument list. - - The code for getting the input/output speeds via - cfgetispeed()/cfgetospeed() was still not quite - right in telnet. Posix says if the ispeed is 0, - then it is really equal to the ospeed. - - The suboption processing code in telnet now has - explicit checks to make sure that we received - the entire suboption (telnetd was already doing this). - - The telnet code for processing the terminal type - could cause a core dump if an existing connection - was closed, and a new connection opened without - exiting telnet. - - Telnetd was doing a TCSADRAIN when setting the new - terminal settings; This is not good, because it means - that the tcsetattr() will hang waiting for output to - drain, and telnetd is the only one that will drain - the output... The fix is to use TCSANOW which does - not wait. - - Telnetd was improperly setting/clearing the ISTRIP - flag in the c_lflag field, it should be using the - c_iflag field. - - When the child process of telnetd was opening the - slave side of the pty, it was re-setting the EXTPROC - bit too early, and some of the other initialization - code was wiping it out. This would cause telnetd - to go out of linemode and into single character mode. - - One instance of leaving linemode in telnetd forgot - to send a WILL ECHO to the client, the net result - would be that the user would see double character - echo. - - If the MODE was being changed several times very - quickly, telnetd could get out of sync with the - state changes and the returning acks; and wind up - being left in the wrong state. - -September 14, 1990: - - Switch the client to use getopt() for parsing the - argument list. The 4.3Reno getopt.c is included for - systems that don't have getopt(). - - Use the posix _POSIX_VDISABLE value for what value - to use when disabling special characters. If this - is undefined, it defaults to 0x3ff. - - For non-termio systems, TIOCSETP was being used to - change the state of the terminal. This causes the - input queue to be flushed, which we don't want. This - is now changed to TIOCSETN. - - Take out the "#ifdef notdef" around the code in the - server that generates a "sync" when the pty oputput - is flushed. The potential problem is that some older - telnet clients may go into an infinate loop when they - receive a "sync", if so, the server can be compiled - with "NO_URGENT" defined. - - Fix the client where it was setting/clearing the OPOST - bit in the c_lflag field, not the c_oflag field. - - Fix the client where it was setting/clearing the ISTRIP - bit in the c_lflag field, not the c_iflag field. (On - 4.3Reno, this is the ECHOPRT bit in the c_lflag field.) - The client also had its interpretation of WILL BINARY - and DO BINARY reversed. - - Fix a bug in client that would cause a core dump when - attempting to remove the last environment variable. - - In the client, there were a few places were switch() - was being passed a character, and if it was a negative - value, it could get sign extended, and not match - the 8 bit case statements. The fix is to and the - switch value with 0xff. - - Add a couple more printoption() calls in the client, I - don't think there are any more places were a telnet - command can be received and not printed out when - "options" is on. - - A new flag has been added to the client, "-a". Currently, - this just causes the USER name to be sent across, in - the future this may be used to signify that automatic - authentication is requested. - - The USER variable is now only sent by the client if - the "-a" or "-l user" options are explicity used, or - if the user explicitly asks for the "USER" environment - variable to be exported. In the server, if it receives - the "USER" environment variable, it won't print out the - banner message, so that only "Password:" will be printed. - This makes the symantics more like rlogin, and should be - more familiar to the user. (People are not used to - getting a banner message, and then getting just a - "Password:" prompt.) - - Re-vamp the code for starting up the child login - process. The code was getting ugly, and it was - hard to tell what was really going on. What we - do now is after the fork(), in the child: - 1) make sure we have no controlling tty - 2) open and initialize the tty - 3) do a setsid()/setpgrp() - 4) makes the tty our controlling tty. - On some systems, #2 makes the tty our controlling - tty, and #4 is a no-op. The parent process does - a gets rid of any controlling tty after the child - is fork()ed. - - Use the strdup() library routine in telnet, instead - of the local savestr() routine. If you don't have - strdup(), you need to define NO_STRDUP. - - Add support for ^T (SIGINFO/VSTATUS), found in the - 4.3Reno distribution. This maps to the AYT character. - You need a 4-line bugfix in the kernel to get this - to work properly: - - > *** tty_pty.c.ORG Tue Sep 11 09:41:53 1990 - > --- tty_pty.c Tue Sep 11 17:48:03 1990 - > *************** - > *** 609,613 **** - > if ((tp->t_lflag&NOFLSH) == 0) - > ttyflush(tp, FREAD|FWRITE); - > ! pgsignal(tp->t_pgrp, *(unsigned int *)data); - > return(0); - > } - > --- 609,616 ---- - > if ((tp->t_lflag&NOFLSH) == 0) - > ttyflush(tp, FREAD|FWRITE); - > ! pgsignal(tp->t_pgrp, *(unsigned int *)data, 1); - > ! if ((*(unsigned int *)data == SIGINFO) && - > ! ((tp->t_lflag&NOKERNINFO) == 0)) - > ! ttyinfo(tp); - > return(0); - > } - - The client is now smarter when setting the telnet escape - character; it only sets it to one of VEOL and VEOL2 if - one of them is undefined, and the other one is not already - defined to the telnet escape character. - - Handle TERMIOS systems that have seperate input and output - line speed settings imbedded in the flags. - - Many other minor bug fixes. - -June 20, 1990: - Re-organize makefiles and source tree. The telnet/Source - directory is now gone, and all the source that was in - telnet/Source is now just in the telnet directory. - - Seperate makefile for each system are now gone. There - are two makefiles, Makefile and Makefile.generic. - The "Makefile" has the definitions for the various - system, and "Makefile.generic" does all the work. - There is a variable called "WHAT" that is used to - specify what to make. For example, in the telnet - directory, you might say: - make 4.4bsd WHAT=clean - to clean out the directory. - - Add support for the ENVIRON and XDISPLOC options. - In order for the server to work, login has to have - the "-p" option to preserve environment variables. - - Add the SOFT_TAB and LIT_ECHO modes in the LINEMODE support. - - Add the "-l user" option to command line and open command - (This is passed through the ENVIRON option). - - Add the "-e" command line option, for setting the escape - character. - - Add the "-D", diagnostic, option to the server. This allows - the server to print out debug information, which is very - useful when trying to debug a telnet that doesn't have any - debugging ability. - - Turn off the literal next character when not in LINEMODE. - - Don't recognize ^Y locally, just pass it through. - - Make minor modifications for Sun4.0 and Sun4.1 - - Add support for both FORW1 and FORW2 characters. The - telnet escpape character is set to whichever of the - two is not being used. If both are in use, the escape - character is not set, so when in linemode the user will - have to follow the escape character with a or - -libtelnet/Makefile.4.4: -telnet/Makefile.4.4: -telnetd/Makefile.4.4: - These are the makefiles that can be used on a 4.3Reno - system when this software is installed in /usr/src/lib/libtelnet, - /usr/src/libexec/telnetd, and /usr/src/usr.bin/telnet. - - -The following TELNET options are supported: - - LINEMODE: - The LINEMODE option is supported as per RFC1116. The - FORWARDMASK option is not currently supported. - - BINARY: The client has the ability to turn on/off the BINARY - option in each direction. Turning on BINARY from - server to client causes the LITOUT bit to get set in - the terminal driver on both ends, turning on BINARY - from the client to the server causes the PASS8 bit - to get set in the terminal driver on both ends. - - TERMINAL-TYPE: - This is supported as per RFC1091. On the server side, - when a terminal type is received, termcap/terminfo - is consulted to determine if it is a known terminal - type. It keeps requesting terminal types until it - gets one that it recongnizes, or hits the end of the - list. The server side looks up the entry in the - termcap/terminfo data base, and generates a list of - names which it then passes one at a time to each - request for a terminal type, duplicating the last - entry in the list before cycling back to the beginning. - - NAWS: The Negotiate about Window Size, as per RFC 1073. - - TERMINAL-SPEED: - Implemented as per RFC 1079 - - TOGGLE-FLOW-CONTROL: - Implemented as per RFC 1080 - - TIMING-MARK: - As per RFC 860 - - SGA: As per RFC 858 - - ECHO: As per RFC 857 - - LOGOUT: As per RFC 727 - - STATUS: - The server will send its current status upon - request. It does not ask for the clients status. - The client will request the servers current status - from the "send getstatus" command. - - ENVIRON: - This option is currently being defined by the IETF - Telnet Working Group, and an RFC has not yet been - issued, but should be in the near future... - - X-DISPLAY-LOCATION: - This functionality can be done through the ENVIRON - option, it is added here for completeness. - - AUTHENTICATION: - This option is currently being defined by the IETF - Telnet Working Group, and an RFC has not yet been - issued. The basic framework is pretty much decided, - but the definitions for the specific authentication - schemes is still in a state of flux. - - ENCRYPTION: - This option is currently being defined by the IETF - Telnet Working Group, and an RFC has not yet been - issued. The draft RFC is still in a state of flux, - so this code may change in the future. diff --git a/telnet.tproj/authenc.c b/telnet.tproj/authenc.c deleted file mode 100644 index c04bb7d..0000000 --- a/telnet.tproj/authenc.c +++ /dev/null @@ -1,113 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -#ifdef __FBSDID -__FBSDID("$FreeBSD: src/crypto/telnet/telnet/authenc.c,v 1.2.8.2 2002/04/13 10:59:08 markm Exp $"); -#endif - -#ifndef lint -static const char sccsid[] = "@(#)authenc.c 8.1 (Berkeley) 6/6/93"; -#endif - -#ifdef AUTHENTICATION -#ifdef ENCRYPTION -#include -#include -#include -#include -#include -#include - -#include "general.h" -#include "ring.h" -#include "externs.h" -#include "defines.h" -#include "types.h" - -int -net_write(unsigned char *str, int len) -{ - if (NETROOM() > len) { - ring_supply_data(&netoring, str, len); - if (str[0] == IAC && str[1] == SE) - printsub('>', &str[2], len-2); - return(len); - } - return(0); -} - -void -net_encrypt(void) -{ -#ifdef ENCRYPTION - if (encrypt_output) - ring_encrypt(&netoring, encrypt_output); - else - ring_clearto(&netoring); -#endif /* ENCRYPTION */ -} - -int -telnet_spin(void) -{ - return(-1); -} - -char * -telnet_getenv(char *val) -{ - return((char *)env_getvalue((unsigned char *)val)); -} - -char * -telnet_gets(const char *prom, char *result, int length, int echo) -{ - extern int globalmode; - int om = globalmode; - char *res; - - TerminalNewMode(-1); - if (echo) { - printf("%s", prom); - res = fgets(result, length, stdin); - } else if ((res = getpass(prom))) { - strncpy(result, res, length); - res = result; - } - TerminalNewMode(om); - return(res); -} -#endif /* ENCRYPTION */ -#endif /* AUTHENTICATION */ diff --git a/telnet.tproj/commands.c b/telnet.tproj/commands.c deleted file mode 100644 index bc87448..0000000 --- a/telnet.tproj/commands.c +++ /dev/null @@ -1,3029 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -#ifdef __FBSDID -__FBSDID("$FreeBSD: src/crypto/telnet/telnet/commands.c,v 1.12.2.5 2002/04/13 10:59:08 markm Exp $"); -#endif - -#ifndef __unused -#define __unused __attribute__((__unused__)) -#endif - -#ifndef lint -static const char sccsid[] = "@(#)commands.c 8.4 (Berkeley) 5/30/95"; -#endif - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include - -#include "general.h" - -#include "ring.h" - -#include "externs.h" -#include "defines.h" -#include "types.h" -#include "misc.h" - -#ifdef AUTHENTICATION -#include -#endif -#ifdef ENCRYPTION -#include -#endif - -#include -#include -#include - -#ifndef MAXHOSTNAMELEN -#define MAXHOSTNAMELEN 256 -#endif MAXHOSTNAMELEN - -typedef int (*intrtn_t)(int, char **); - -#ifdef AUTHENTICATION -extern int auth_togdebug(int); -#endif -#ifdef ENCRYPTION -extern int EncryptAutoEnc(int); -extern int EncryptAutoDec(int); -extern int EncryptDebug(int); -extern int EncryptVerbose(int); -#endif /* ENCRYPTION */ -#if defined(IPPROTO_IP) && defined(IP_TOS) -int tos = -1; -#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */ - -char *hostname; -static char _hostname[MAXHOSTNAMELEN]; - -static int help(int, char **); -static int call(intrtn_t, ...); -static void cmdrc(char *, char *); -#ifdef INET6 -static int switch_af(struct addrinfo **); -#endif -static int togglehelp(void); -static int send_tncmd(void (*)(int, int), const char *, char *); -static int setmod(int); -static int clearmode(int); -static int modehelp(void); -static int sourceroute(struct addrinfo *, char *, char **, int *, int *, int *); - -typedef struct { - const char *name; /* command name */ - const char *help; /* help string (NULL for no help) */ - int (*handler)(int, char **); /* routine which executes command */ - int needconnect; /* Do we need to be connected to execute? */ -} Command; - -static char line[256]; -static char saveline[256]; -static int margc; -static char *margv[20]; - -#ifdef OPIE -#include -#define PATH_OPIEKEY "/usr/bin/opiekey" -static int -opie_calc(int argc, char *argv[]) -{ - int status; - - if(argc != 3) { - printf("%s sequence challenge\n", argv[0]); - return (0); - } - - switch(fork()) { - case 0: - execv(PATH_OPIEKEY, argv); - exit (1); - case -1: - perror("fork"); - break; - default: - (void) wait(&status); - if (WIFEXITED(status)) - return (WEXITSTATUS(status)); - } - return (0); -} -#endif - -static void -makeargv(void) -{ - char *cp, *cp2, c; - char **argp = margv; - - margc = 0; - cp = line; - if (*cp == '!') { /* Special case shell escape */ - strcpy(saveline, line); /* save for shell command */ - *argp++ = strdup("!"); /* No room in string to get this */ - margc++; - cp++; - } - while ((c = *cp)) { - int inquote = 0; - while (isspace(c)) - c = *++cp; - if (c == '\0') - break; - *argp++ = cp; - margc += 1; - for (cp2 = cp; c != '\0'; c = *++cp) { - if (inquote) { - if (c == inquote) { - inquote = 0; - continue; - } - } else { - if (c == '\\') { - if ((c = *++cp) == '\0') - break; - } else if (c == '"') { - inquote = '"'; - continue; - } else if (c == '\'') { - inquote = '\''; - continue; - } else if (isspace(c)) - break; - } - *cp2++ = c; - } - *cp2 = '\0'; - if (c == '\0') - break; - cp++; - } - *argp++ = 0; -} - -/* - * Make a character string into a number. - * - * Todo: 1. Could take random integers (12, 0x12, 012, 0b1). - */ - -static int -special(char *s) -{ - char c; - char b; - - switch (*s) { - case '^': - b = *++s; - if (b == '?') { - c = b | 0x40; /* DEL */ - } else { - c = b & 0x1f; - } - break; - default: - c = *s; - break; - } - return c; -} - -/* - * Construct a control character sequence - * for a special character. - */ -static const char * -control(cc_t c) -{ - static char buf[5]; - /* - * The only way I could get the Sun 3.5 compiler - * to shut up about - * if ((unsigned int)c >= 0x80) - * was to assign "c" to an unsigned int variable... - * Arggg.... - */ - unsigned int uic = (unsigned int)c; - - if (uic == 0x7f) - return ("^?"); - if (c == (cc_t)_POSIX_VDISABLE) { - return "off"; - } - if (uic >= 0x80) { - buf[0] = '\\'; - buf[1] = ((c>>6)&07) + '0'; - buf[2] = ((c>>3)&07) + '0'; - buf[3] = (c&07) + '0'; - buf[4] = 0; - } else if (uic >= 0x20) { - buf[0] = c; - buf[1] = 0; - } else { - buf[0] = '^'; - buf[1] = '@'+c; - buf[2] = 0; - } - return (buf); -} - -/* - * The following are data structures and routines for - * the "send" command. - * - */ - -struct sendlist { - const char *name; /* How user refers to it (case independent) */ - const char *help; /* Help information (0 ==> no help) */ - int needconnect; /* Need to be connected */ - int narg; /* Number of arguments */ - int (*handler)(char *, ...); /* Routine to perform (for special ops) */ - int nbyte; /* Number of bytes to send this command */ - int what; /* Character to be sent (<0 ==> special) */ -}; - - -static int - send_esc(void), - send_help(void), - send_docmd(char *), - send_dontcmd(char *), - send_willcmd(char *), - send_wontcmd(char *); - -static struct sendlist Sendlist[] = { - { "ao", "Send Telnet Abort output", 1, 0, NULL, 2, AO }, - { "ayt", "Send Telnet 'Are You There'", 1, 0, NULL, 2, AYT }, - { "brk", "Send Telnet Break", 1, 0, NULL, 2, BREAK }, - { "break", NULL, 1, 0, NULL, 2, BREAK }, - { "ec", "Send Telnet Erase Character", 1, 0, NULL, 2, EC }, - { "el", "Send Telnet Erase Line", 1, 0, NULL, 2, EL }, - { "escape", "Send current escape character",1, 0, (int (*)(char *, ...))send_esc, 1, 0 }, - { "ga", "Send Telnet 'Go Ahead' sequence", 1, 0, NULL, 2, GA }, - { "ip", "Send Telnet Interrupt Process",1, 0, NULL, 2, IP }, - { "intp", NULL, 1, 0, NULL, 2, IP }, - { "interrupt", NULL, 1, 0, NULL, 2, IP }, - { "intr", NULL, 1, 0, NULL, 2, IP }, - { "nop", "Send Telnet 'No operation'", 1, 0, NULL, 2, NOP }, - { "eor", "Send Telnet 'End of Record'", 1, 0, NULL, 2, EOR }, - { "abort", "Send Telnet 'Abort Process'", 1, 0, NULL, 2, ABORT }, - { "susp", "Send Telnet 'Suspend Process'",1, 0, NULL, 2, SUSP }, - { "eof", "Send Telnet End of File Character", 1, 0, NULL, 2, xEOF }, - { "synch", "Perform Telnet 'Synch operation'", 1, 0, (int (*)(char *, ...))dosynch, 2, 0 }, - { "getstatus", "Send request for STATUS", 1, 0, (int (*)(char *, ...))get_status, 6, 0 }, - { "?", "Display send options", 0, 0, (int (*)(char *, ...))send_help, 0, 0 }, - { "help", NULL, 0, 0, (int (*)(char *, ...))send_help, 0, 0 }, - { "do", NULL, 0, 1, (int (*)(char *, ...))send_docmd, 3, 0 }, - { "dont", NULL, 0, 1, (int (*)(char *, ...))send_dontcmd, 3, 0 }, - { "will", NULL, 0, 1, (int (*)(char *, ...))send_willcmd, 3, 0 }, - { "wont", NULL, 0, 1, (int (*)(char *, ...))send_wontcmd, 3, 0 }, - { NULL, NULL, 0, 0, NULL, 0, 0 } -}; - -#define GETSEND(name) ((struct sendlist *) genget(name, (char **) Sendlist, \ - sizeof(struct sendlist))) - -static int -sendcmd(int argc, char *argv[]) -{ - int count; /* how many bytes we are going to need to send */ - int i; - struct sendlist *s; /* pointer to current command */ - int success = 0; - int needconnect = 0; - - if (argc < 2) { - printf("need at least one argument for 'send' command\n"); - printf("'send ?' for help\n"); - return 0; - } - /* - * First, validate all the send arguments. - * In addition, we see how much space we are going to need, and - * whether or not we will be doing a "SYNCH" operation (which - * flushes the network queue). - */ - count = 0; - for (i = 1; i < argc; i++) { - s = GETSEND(argv[i]); - if (s == 0) { - printf("Unknown send argument '%s'\n'send ?' for help.\n", - argv[i]); - return 0; - } else if (Ambiguous((void *)s)) { - printf("Ambiguous send argument '%s'\n'send ?' for help.\n", - argv[i]); - return 0; - } - if (i + s->narg >= argc) { - fprintf(stderr, - "Need %d argument%s to 'send %s' command. 'send %s ?' for help.\n", - s->narg, s->narg == 1 ? "" : "s", s->name, s->name); - return 0; - } - count += s->nbyte; - if ((void *)s->handler == (void *)send_help) { - send_help(); - return 0; - } - - i += s->narg; - needconnect += s->needconnect; - } - if (!connected && needconnect) { - printf("?Need to be connected first.\n"); - printf("'send ?' for help\n"); - return 0; - } - /* Now, do we have enough room? */ - if (NETROOM() < count) { - printf("There is not enough room in the buffer TO the network\n"); - printf("to process your request. Nothing will be done.\n"); - printf("('send synch' will throw away most data in the network\n"); - printf("buffer, if this might help.)\n"); - return 0; - } - /* OK, they are all OK, now go through again and actually send */ - count = 0; - for (i = 1; i < argc; i++) { - if ((s = GETSEND(argv[i])) == 0) { - fprintf(stderr, "Telnet 'send' error - argument disappeared!\n"); - quit(); - /*NOTREACHED*/ - } - if (s->handler) { - count++; - success += (*s->handler)((s->narg > 0) ? argv[i+1] : 0, - (s->narg > 1) ? argv[i+2] : 0); - i += s->narg; - } else { - NET2ADD(IAC, s->what); - printoption("SENT", IAC, s->what); - } - } - return (count == success); -} - -static int -send_esc(void) -{ - NETADD(escape); - return 1; -} - -static int -send_docmd(char *name) -{ - return(send_tncmd(send_do, "do", name)); -} - -static int -send_dontcmd(name) - char *name; -{ - return(send_tncmd(send_dont, "dont", name)); -} - -static int -send_willcmd(char *name) -{ - return(send_tncmd(send_will, "will", name)); -} - -static int -send_wontcmd(char *name) -{ - return(send_tncmd(send_wont, "wont", name)); -} - -static int -send_tncmd(void (*func)(int, int), const char *cmd, char *name) -{ - char **cpp; - extern char *telopts[]; - int val = 0; - - if (isprefix(name, "help") || isprefix(name, "?")) { - int col, len; - - printf("Usage: send %s \n", cmd); - printf("\"value\" must be from 0 to 255\n"); - printf("Valid options are:\n\t"); - - col = 8; - for (cpp = telopts; *cpp; cpp++) { - len = strlen(*cpp) + 3; - if (col + len > 65) { - printf("\n\t"); - col = 8; - } - printf(" \"%s\"", *cpp); - col += len; - } - printf("\n"); - return 0; - } - cpp = (char **)genget(name, telopts, sizeof(char *)); - if (Ambiguous(cpp)) { - fprintf(stderr,"'%s': ambiguous argument ('send %s ?' for help).\n", - name, cmd); - return 0; - } - if (cpp) { - val = cpp - telopts; - } else { - char *cp = name; - - while (*cp >= '0' && *cp <= '9') { - val *= 10; - val += *cp - '0'; - cp++; - } - if (*cp != 0) { - fprintf(stderr, "'%s': unknown argument ('send %s ?' for help).\n", - name, cmd); - return 0; - } else if (val < 0 || val > 255) { - fprintf(stderr, "'%s': bad value ('send %s ?' for help).\n", - name, cmd); - return 0; - } - } - if (!connected) { - printf("?Need to be connected first.\n"); - return 0; - } - (*func)(val, 1); - return 1; -} - -static int -send_help(void) -{ - struct sendlist *s; /* pointer to current command */ - for (s = Sendlist; s->name; s++) { - if (s->help) - printf("%-15s %s\n", s->name, s->help); - } - return(0); -} - -/* - * The following are the routines and data structures referred - * to by the arguments to the "toggle" command. - */ - -static int -lclchars(void) -{ - donelclchars = 1; - return 1; -} - -static int -togdebug(void) -{ -#ifndef NOT43 - if (net > 0 && - (SetSockOpt(net, SOL_SOCKET, SO_DEBUG, debug)) < 0) { - perror("setsockopt (SO_DEBUG)"); - } -#else /* NOT43 */ - if (debug) { - if (net > 0 && SetSockOpt(net, SOL_SOCKET, SO_DEBUG, 1) < 0) - perror("setsockopt (SO_DEBUG)"); - } else - printf("Cannot turn off socket debugging\n"); -#endif /* NOT43 */ - return 1; -} - - -static int -togcrlf(void) -{ - if (crlf) { - printf("Will send carriage returns as telnet .\n"); - } else { - printf("Will send carriage returns as telnet .\n"); - } - return 1; -} - -int binmode; - -static int -togbinary(int val) -{ - donebinarytoggle = 1; - - if (val >= 0) { - binmode = val; - } else { - if (my_want_state_is_will(TELOPT_BINARY) && - my_want_state_is_do(TELOPT_BINARY)) { - binmode = 1; - } else if (my_want_state_is_wont(TELOPT_BINARY) && - my_want_state_is_dont(TELOPT_BINARY)) { - binmode = 0; - } - val = binmode ? 0 : 1; - } - - if (val == 1) { - if (my_want_state_is_will(TELOPT_BINARY) && - my_want_state_is_do(TELOPT_BINARY)) { - printf("Already operating in binary mode with remote host.\n"); - } else { - printf("Negotiating binary mode with remote host.\n"); - tel_enter_binary(3); - } - } else { - if (my_want_state_is_wont(TELOPT_BINARY) && - my_want_state_is_dont(TELOPT_BINARY)) { - printf("Already in network ascii mode with remote host.\n"); - } else { - printf("Negotiating network ascii mode with remote host.\n"); - tel_leave_binary(3); - } - } - return 1; -} - -static int -togrbinary(int val) -{ - donebinarytoggle = 1; - - if (val == -1) - val = my_want_state_is_do(TELOPT_BINARY) ? 0 : 1; - - if (val == 1) { - if (my_want_state_is_do(TELOPT_BINARY)) { - printf("Already receiving in binary mode.\n"); - } else { - printf("Negotiating binary mode on input.\n"); - tel_enter_binary(1); - } - } else { - if (my_want_state_is_dont(TELOPT_BINARY)) { - printf("Already receiving in network ascii mode.\n"); - } else { - printf("Negotiating network ascii mode on input.\n"); - tel_leave_binary(1); - } - } - return 1; -} - -static int -togxbinary(int val) -{ - donebinarytoggle = 1; - - if (val == -1) - val = my_want_state_is_will(TELOPT_BINARY) ? 0 : 1; - - if (val == 1) { - if (my_want_state_is_will(TELOPT_BINARY)) { - printf("Already transmitting in binary mode.\n"); - } else { - printf("Negotiating binary mode on output.\n"); - tel_enter_binary(2); - } - } else { - if (my_want_state_is_wont(TELOPT_BINARY)) { - printf("Already transmitting in network ascii mode.\n"); - } else { - printf("Negotiating network ascii mode on output.\n"); - tel_leave_binary(2); - } - } - return 1; -} - -struct togglelist { - const char *name; /* name of toggle */ - const char *help; /* help message */ - int (*handler)(int); /* routine to do actual setting */ - int *variable; - const char *actionexplanation; -}; - -static struct togglelist Togglelist[] = { - { "autoflush", - "flushing of output when sending interrupt characters", - 0, - &autoflush, - "flush output when sending interrupt characters" }, - { "autosynch", - "automatic sending of interrupt characters in urgent mode", - 0, - &autosynch, - "send interrupt characters in urgent mode" }, -#ifdef AUTHENTICATION - { "autologin", - "automatic sending of login and/or authentication info", - 0, - &autologin, - "send login name and/or authentication information" }, - { "authdebug", - "Toggle authentication debugging", - auth_togdebug, - 0, - "print authentication debugging information" }, -#endif -#ifdef ENCRYPTION - { "autoencrypt", - "automatic encryption of data stream", - EncryptAutoEnc, - 0, - "automatically encrypt output" }, - { "autodecrypt", - "automatic decryption of data stream", - EncryptAutoDec, - 0, - "automatically decrypt input" }, - { "verbose_encrypt", - "Toggle verbose encryption output", - EncryptVerbose, - 0, - "print verbose encryption output" }, - { "encdebug", - "Toggle encryption debugging", - EncryptDebug, - 0, - "print encryption debugging information" }, -#endif /* ENCRYPTION */ - { "skiprc", - "don't read ~/.telnetrc file", - 0, - &skiprc, - "skip reading of ~/.telnetrc file" }, - { "binary", - "sending and receiving of binary data", - togbinary, - 0, - 0 }, - { "inbinary", - "receiving of binary data", - togrbinary, - 0, - 0 }, - { "outbinary", - "sending of binary data", - togxbinary, - 0, - 0 }, - { "crlf", - "sending carriage returns as telnet ", - (int (*)(int))togcrlf, - &crlf, - 0 }, - { "crmod", - "mapping of received carriage returns", - 0, - &crmod, - "map carriage return on output" }, - { "localchars", - "local recognition of certain control characters", - (int (*)(int))lclchars, - &localchars, - "recognize certain control characters" }, - { " ", "", NULL, NULL, NULL }, /* empty line */ - { "debug", - "debugging", - (int (*)(int))togdebug, - &debug, - "turn on socket level debugging" }, - { "netdata", - "printing of hexadecimal network data (debugging)", - 0, - &netdata, - "print hexadecimal representation of network traffic" }, - { "prettydump", - "output of \"netdata\" to user readable format (debugging)", - 0, - &prettydump, - "print user readable output for \"netdata\"" }, - { "options", - "viewing of options processing (debugging)", - 0, - &showoptions, - "show option processing" }, - { "termdata", - "(debugging) toggle printing of hexadecimal terminal data", - 0, - &termdata, - "print hexadecimal representation of terminal traffic" }, - { "?", - NULL, - (int (*)(int))togglehelp, - NULL, - NULL }, - { NULL, NULL, NULL, NULL, NULL }, - { "help", - NULL, - (int (*)(int))togglehelp, - NULL, - NULL }, - { NULL, NULL, NULL, NULL, NULL } -}; - -static int -togglehelp(void) -{ - struct togglelist *c; - - for (c = Togglelist; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s toggle %s\n", c->name, c->help); - else - printf("\n"); - } - } - printf("\n"); - printf("%-15s %s\n", "?", "display help information"); - return 0; -} - -static void -settogglehelp(int set) -{ - struct togglelist *c; - - for (c = Togglelist; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s %s\n", c->name, set ? "enable" : "disable", - c->help); - else - printf("\n"); - } - } -} - -#define GETTOGGLE(name) (struct togglelist *) \ - genget(name, (char **) Togglelist, sizeof(struct togglelist)) - -static int -toggle(int argc, char *argv[]) -{ - int retval = 1; - char *name; - struct togglelist *c; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'toggle' command. 'toggle ?' for help.\n"); - return 0; - } - argc--; - argv++; - while (argc--) { - name = *argv++; - c = GETTOGGLE(name); - if (Ambiguous((void *)c)) { - fprintf(stderr, "'%s': ambiguous argument ('toggle ?' for help).\n", - name); - return 0; - } else if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('toggle ?' for help).\n", - name); - return 0; - } else { - if (c->variable) { - *c->variable = !*c->variable; /* invert it */ - if (c->actionexplanation) { - printf("%s %s.\n", *c->variable? "Will" : "Won't", - c->actionexplanation); - } - } - if (c->handler) { - retval &= (*c->handler)(-1); - } - } - } - return retval; -} - -/* - * The following perform the "set" command. - */ - -#ifdef USE_TERMIO -struct termio new_tc = { 0, 0, 0, 0, {}, 0, 0 }; -#endif - -struct setlist { - const char *name; /* name */ - const char *help; /* help information */ - void (*handler)(char *); - cc_t *charp; /* where it is located at */ -}; - -static struct setlist Setlist[] = { -#ifdef KLUDGELINEMODE - { "echo", "character to toggle local echoing on/off", NULL, &echoc }, -#endif - { "escape", "character to escape back to telnet command mode", NULL, &escape }, - { "rlogin", "rlogin escape character", 0, &rlogin }, - { "tracefile", "file to write trace information to", SetNetTrace, (cc_t *)NetTraceFile}, - { " ", "", NULL, NULL }, - { " ", "The following need 'localchars' to be toggled true", NULL, NULL }, - { "flushoutput", "character to cause an Abort Output", NULL, termFlushCharp }, - { "interrupt", "character to cause an Interrupt Process", NULL, termIntCharp }, - { "quit", "character to cause an Abort process", NULL, termQuitCharp }, - { "eof", "character to cause an EOF ", NULL, termEofCharp }, - { " ", "", NULL, NULL }, - { " ", "The following are for local editing in linemode", NULL, NULL }, - { "erase", "character to use to erase a character", NULL, termEraseCharp }, - { "kill", "character to use to erase a line", NULL, termKillCharp }, - { "lnext", "character to use for literal next", NULL, termLiteralNextCharp }, - { "susp", "character to cause a Suspend Process", NULL, termSuspCharp }, - { "reprint", "character to use for line reprint", NULL, termRprntCharp }, - { "worderase", "character to use to erase a word", NULL, termWerasCharp }, - { "start", "character to use for XON", NULL, termStartCharp }, - { "stop", "character to use for XOFF", NULL, termStopCharp }, - { "forw1", "alternate end of line character", NULL, termForw1Charp }, - { "forw2", "alternate end of line character", NULL, termForw2Charp }, - { "ayt", "alternate AYT character", NULL, termAytCharp }, - { NULL, NULL, NULL, NULL } -}; - -static struct setlist * -getset(char *name) -{ - return (struct setlist *) - genget(name, (char **) Setlist, sizeof(struct setlist)); -} - -void -set_escape_char(char *s) -{ - if (rlogin != _POSIX_VDISABLE) { - rlogin = (s && *s) ? special(s) : _POSIX_VDISABLE; - printf("Telnet rlogin escape character is '%s'.\n", - control(rlogin)); - } else { - escape = (s && *s) ? special(s) : _POSIX_VDISABLE; - printf("Telnet escape character is '%s'.\n", control(escape)); - } -} - -static int -setcmd(int argc, char *argv[]) -{ - int value; - struct setlist *ct; - struct togglelist *c; - - if (argc < 2 || argc > 3) { - printf("Format is 'set Name Value'\n'set ?' for help.\n"); - return 0; - } - if ((argc == 2) && (isprefix(argv[1], "?") || isprefix(argv[1], "help"))) { - for (ct = Setlist; ct->name; ct++) - printf("%-15s %s\n", ct->name, ct->help); - printf("\n"); - settogglehelp(1); - printf("%-15s %s\n", "?", "display help information"); - return 0; - } - - ct = getset(argv[1]); - if (ct == 0) { - c = GETTOGGLE(argv[1]); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('set ?' for help).\n", - argv[1]); - return 0; - } else if (Ambiguous((void *)c)) { - fprintf(stderr, "'%s': ambiguous argument ('set ?' for help).\n", - argv[1]); - return 0; - } - if (c->variable) { - if ((argc == 2) || (strcmp("on", argv[2]) == 0)) - *c->variable = 1; - else if (strcmp("off", argv[2]) == 0) - *c->variable = 0; - else { - printf("Format is 'set togglename [on|off]'\n'set ?' for help.\n"); - return 0; - } - if (c->actionexplanation) { - printf("%s %s.\n", *c->variable? "Will" : "Won't", - c->actionexplanation); - } - } - if (c->handler) - (*c->handler)(1); - } else if (argc != 3) { - printf("Format is 'set Name Value'\n'set ?' for help.\n"); - return 0; - } else if (Ambiguous((void *)ct)) { - fprintf(stderr, "'%s': ambiguous argument ('set ?' for help).\n", - argv[1]); - return 0; - } else if (ct->handler) { - (*ct->handler)(argv[2]); - printf("%s set to \"%s\".\n", ct->name, (char *)ct->charp); - } else { - if (strcmp("off", argv[2])) { - value = special(argv[2]); - } else { - value = _POSIX_VDISABLE; - } - *(ct->charp) = (cc_t)value; - printf("%s character is '%s'.\n", ct->name, control(*(ct->charp))); - } - slc_check(); - return 1; -} - -static int -unsetcmd(int argc, char *argv[]) -{ - struct setlist *ct; - struct togglelist *c; - char *name; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'unset' command. 'unset ?' for help.\n"); - return 0; - } - if (isprefix(argv[1], "?") || isprefix(argv[1], "help")) { - for (ct = Setlist; ct->name; ct++) - printf("%-15s %s\n", ct->name, ct->help); - printf("\n"); - settogglehelp(0); - printf("%-15s %s\n", "?", "display help information"); - return 0; - } - - argc--; - argv++; - while (argc--) { - name = *argv++; - ct = getset(name); - if (ct == 0) { - c = GETTOGGLE(name); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('unset ?' for help).\n", - name); - return 0; - } else if (Ambiguous((void *)c)) { - fprintf(stderr, "'%s': ambiguous argument ('unset ?' for help).\n", - name); - return 0; - } - if (c->variable) { - *c->variable = 0; - if (c->actionexplanation) { - printf("%s %s.\n", *c->variable? "Will" : "Won't", - c->actionexplanation); - } - } - if (c->handler) - (*c->handler)(0); - } else if (Ambiguous((void *)ct)) { - fprintf(stderr, "'%s': ambiguous argument ('unset ?' for help).\n", - name); - return 0; - } else if (ct->handler) { - (*ct->handler)(0); - printf("%s reset to \"%s\".\n", ct->name, (char *)ct->charp); - } else { - *(ct->charp) = _POSIX_VDISABLE; - printf("%s character is '%s'.\n", ct->name, control(*(ct->charp))); - } - } - return 1; -} - -/* - * The following are the data structures and routines for the - * 'mode' command. - */ -#ifdef KLUDGELINEMODE -extern int kludgelinemode; - -static int -dokludgemode(void) -{ - kludgelinemode = 1; - send_wont(TELOPT_LINEMODE, 1); - send_dont(TELOPT_SGA, 1); - send_dont(TELOPT_ECHO, 1); - return 1; -} -#endif - -static int -dolinemode(void) -{ -#ifdef KLUDGELINEMODE - if (kludgelinemode) - send_dont(TELOPT_SGA, 1); -#endif - send_will(TELOPT_LINEMODE, 1); - send_dont(TELOPT_ECHO, 1); - return 1; -} - -static int -docharmode(void) -{ -#ifdef KLUDGELINEMODE - if (kludgelinemode) - send_do(TELOPT_SGA, 1); - else -#endif - send_wont(TELOPT_LINEMODE, 1); - send_do(TELOPT_ECHO, 1); - return 1; -} - -static int -dolmmode(int bit, int on) -{ - unsigned char c; - extern int linemode; - - if (my_want_state_is_wont(TELOPT_LINEMODE)) { - printf("?Need to have LINEMODE option enabled first.\n"); - printf("'mode ?' for help.\n"); - return 0; - } - - if (on) - c = (linemode | bit); - else - c = (linemode & ~bit); - lm_mode(&c, 1, 1); - return 1; -} - -static int -setmod(int bit) -{ - return dolmmode(bit, 1); -} - -static int -clearmode(int bit) -{ - return dolmmode(bit, 0); -} - -struct modelist { - const char *name; /* command name */ - const char *help; /* help string */ - int (*handler)(int);/* routine which executes command */ - int needconnect; /* Do we need to be connected to execute? */ - int arg1; -}; - -static struct modelist ModeList[] = { - { "character", "Disable LINEMODE option", (int (*)(int))docharmode, 1, 0 }, -#ifdef KLUDGELINEMODE - { "", "(or disable obsolete line-by-line mode)", NULL, 0, 0 }, -#endif - { "line", "Enable LINEMODE option", (int (*)(int))dolinemode, 1, 0 }, -#ifdef KLUDGELINEMODE - { "", "(or enable obsolete line-by-line mode)", NULL, 0, 0 }, -#endif - { "", "", NULL, 0, 0 }, - { "", "These require the LINEMODE option to be enabled", NULL, 0, 0 }, - { "isig", "Enable signal trapping", setmod, 1, MODE_TRAPSIG }, - { "+isig", 0, setmod, 1, MODE_TRAPSIG }, - { "-isig", "Disable signal trapping", clearmode, 1, MODE_TRAPSIG }, - { "edit", "Enable character editing", setmod, 1, MODE_EDIT }, - { "+edit", 0, setmod, 1, MODE_EDIT }, - { "-edit", "Disable character editing", clearmode, 1, MODE_EDIT }, - { "softtabs", "Enable tab expansion", setmod, 1, MODE_SOFT_TAB }, - { "+softtabs", 0, setmod, 1, MODE_SOFT_TAB }, - { "-softtabs", "Disable character editing", clearmode, 1, MODE_SOFT_TAB }, - { "litecho", "Enable literal character echo", setmod, 1, MODE_LIT_ECHO }, - { "+litecho", 0, setmod, 1, MODE_LIT_ECHO }, - { "-litecho", "Disable literal character echo", clearmode, 1, MODE_LIT_ECHO }, - { "help", 0, (int (*)(int))modehelp, 0, 0 }, -#ifdef KLUDGELINEMODE - { "kludgeline", 0, (int (*)(int))dokludgemode, 1, 0 }, -#endif - { "", "", NULL, 0, 0 }, - { "?", "Print help information", (int (*)(int))modehelp, 0, 0 }, - { NULL, NULL, NULL, 0, 0 }, -}; - - -static int -modehelp(void) -{ - struct modelist *mt; - - printf("format is: 'mode Mode', where 'Mode' is one of:\n\n"); - for (mt = ModeList; mt->name; mt++) { - if (mt->help) { - if (*mt->help) - printf("%-15s %s\n", mt->name, mt->help); - else - printf("\n"); - } - } - return 0; -} - -#define GETMODECMD(name) (struct modelist *) \ - genget(name, (char **) ModeList, sizeof(struct modelist)) - -static int -modecmd(int argc, char *argv[]) -{ - struct modelist *mt; - - if (argc != 2) { - printf("'mode' command requires an argument\n"); - printf("'mode ?' for help.\n"); - } else if ((mt = GETMODECMD(argv[1])) == 0) { - fprintf(stderr, "Unknown mode '%s' ('mode ?' for help).\n", argv[1]); - } else if (Ambiguous((void *)mt)) { - fprintf(stderr, "Ambiguous mode '%s' ('mode ?' for help).\n", argv[1]); - } else if (mt->needconnect && !connected) { - printf("?Need to be connected first.\n"); - printf("'mode ?' for help.\n"); - } else if (mt->handler) { - return (*mt->handler)(mt->arg1); - } - return 0; -} - -/* - * The following data structures and routines implement the - * "display" command. - */ - -static int -display(int argc, char *argv[]) -{ - struct togglelist *tl; - struct setlist *sl; - -#define dotog(tl) if (tl->variable && tl->actionexplanation) { \ - if (*tl->variable) { \ - printf("will"); \ - } else { \ - printf("won't"); \ - } \ - printf(" %s.\n", tl->actionexplanation); \ - } - -#define doset(sl) if (sl->name && *sl->name != ' ') { \ - if (sl->handler == 0) \ - printf("%-15s [%s]\n", sl->name, control(*sl->charp)); \ - else \ - printf("%-15s \"%s\"\n", sl->name, (char *)sl->charp); \ - } - - if (argc == 1) { - for (tl = Togglelist; tl->name; tl++) { - dotog(tl); - } - printf("\n"); - for (sl = Setlist; sl->name; sl++) { - doset(sl); - } - } else { - int i; - - for (i = 1; i < argc; i++) { - sl = getset(argv[i]); - tl = GETTOGGLE(argv[i]); - if (Ambiguous((void *)sl) || Ambiguous((void *)tl)) { - printf("?Ambiguous argument '%s'.\n", argv[i]); - return 0; - } else if (!sl && !tl) { - printf("?Unknown argument '%s'.\n", argv[i]); - return 0; - } else { - if (tl) { - dotog(tl); - } - if (sl) { - doset(sl); - } - } - } - } -/*@*/optionstatus(); -#ifdef ENCRYPTION - EncryptStatus(); -#endif /* ENCRYPTION */ - return 1; -#undef doset -#undef dotog -} - -/* - * The following are the data structures, and many of the routines, - * relating to command processing. - */ - -/* - * Set the escape character. - */ -static int -setescape(int argc, char *argv[]) -{ - char *arg; - char buf[50]; - - printf( - "Deprecated usage - please use 'set escape%s%s' in the future.\n", - (argc > 2)? " ":"", (argc > 2)? argv[1]: ""); - if (argc > 2) - arg = argv[1]; - else { - printf("new escape character: "); - (void) fgets(buf, sizeof(buf), stdin); - arg = buf; - } - if (arg[0] != '\0') - escape = arg[0]; - (void) fflush(stdout); - return 1; -} - -static int -togcrmod(void) -{ - crmod = !crmod; - printf("Deprecated usage - please use 'toggle crmod' in the future.\n"); - printf("%s map carriage return on output.\n", crmod ? "Will" : "Won't"); - (void) fflush(stdout); - return 1; -} - -static int -suspend(void) -{ -#ifdef SIGTSTP - setcommandmode(); - { - long oldrows, oldcols, newrows, newcols, err_; - - err_ = (TerminalWindowSize(&oldrows, &oldcols) == 0) ? 1 : 0; - (void) kill(0, SIGTSTP); - /* - * If we didn't get the window size before the SUSPEND, but we - * can get them now (?), then send the NAWS to make sure that - * we are set up for the right window size. - */ - if (TerminalWindowSize(&newrows, &newcols) && connected && - (err_ || ((oldrows != newrows) || (oldcols != newcols)))) { - sendnaws(); - } - } - /* reget parameters in case they were changed */ - TerminalSaveState(); - setconnmode(0); -#else - printf("Suspend is not supported. Try the '!' command instead\n"); -#endif - return 1; -} - -static int -shell(int argc, char *argv[] __unused) -{ - long oldrows, oldcols, newrows, newcols, err_; - - setcommandmode(); - - err_ = (TerminalWindowSize(&oldrows, &oldcols) == 0) ? 1 : 0; - switch(vfork()) { - case -1: - perror("Fork failed\n"); - break; - - case 0: - { - /* - * Fire up the shell in the child. - */ - const char *shellp, *shellname; - - shellp = getenv("SHELL"); - if (shellp == NULL) - shellp = "/bin/sh"; - if ((shellname = strrchr(shellp, '/')) == 0) - shellname = shellp; - else - shellname++; - if (argc > 1) - execl(shellp, shellname, "-c", &saveline[1], (char *)0); - else - execl(shellp, shellname, (char *)0); - perror("Execl"); - _exit(1); - } - default: - (void)wait((int *)0); /* Wait for the shell to complete */ - - if (TerminalWindowSize(&newrows, &newcols) && connected && - (err_ || ((oldrows != newrows) || (oldcols != newcols)))) { - sendnaws(); - } - break; - } - return 1; -} - -static int -bye(int argc, char *argv[]) -{ - extern int resettermname; - - if (connected) { - (void) shutdown(net, 2); - printf("Connection closed.\n"); - (void) NetClose(net); - connected = 0; - resettermname = 1; -#ifdef AUTHENTICATION -#ifdef ENCRYPTION - auth_encrypt_connect(connected); -#endif -#endif - /* reset options */ - tninit(); - } - if ((argc != 2) || (strcmp(argv[1], "fromquit") != 0)) { - longjmp(toplevel, 1); - /* NOTREACHED */ - } - return 1; /* Keep lint, etc., happy */ -} - -void -quit(void) -{ - (void) call(bye, "bye", "fromquit", 0); - Exit(0); -} - -static int -logout(void) -{ - send_do(TELOPT_LOGOUT, 1); - (void) netflush(); - return 1; -} - - -/* - * The SLC command. - */ - -struct slclist { - const char *name; - const char *help; - void (*handler)(int); - int arg; -}; - -static void slc_help(void); - -struct slclist SlcList[] = { - { "export", "Use local special character definitions", - (void (*)(int))slc_mode_export, 0 }, - { "import", "Use remote special character definitions", - slc_mode_import, 1 }, - { "check", "Verify remote special character definitions", - slc_mode_import, 0 }, - { "help", NULL, (void (*)(int))slc_help, 0 }, - { "?", "Print help information", (void (*)(int))slc_help, 0 }, - { NULL, NULL, NULL, 0 }, -}; - -static void -slc_help(void) -{ - struct slclist *c; - - for (c = SlcList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\n", c->name, c->help); - else - printf("\n"); - } - } -} - -static struct slclist * -getslc(char *name) -{ - return (struct slclist *) - genget(name, (char **) SlcList, sizeof(struct slclist)); -} - -static int -slccmd(int argc, char *argv[]) -{ - struct slclist *c; - - if (argc != 2) { - fprintf(stderr, - "Need an argument to 'slc' command. 'slc ?' for help.\n"); - return 0; - } - c = getslc(argv[1]); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('slc ?' for help).\n", - argv[1]); - return 0; - } - if (Ambiguous((void *)c)) { - fprintf(stderr, "'%s': ambiguous argument ('slc ?' for help).\n", - argv[1]); - return 0; - } - (*c->handler)(c->arg); - slcstate(); - return 1; -} - -/* - * The ENVIRON command. - */ - -struct envlist { - const char *name; - const char *help; - void (*handler)(unsigned char *, unsigned char *); - int narg; -}; - -extern struct env_lst * - env_define(const unsigned char *, unsigned char *); -extern void - env_undefine(unsigned char *), - env_export(const unsigned char *), - env_unexport(const unsigned char *), - env_send(unsigned char *), -#if defined(OLD_ENVIRON) && defined(ENV_HACK) - env_varval(unsigned char *), -#endif - env_list(void); -static void - env_help(void); - -struct envlist EnvList[] = { - { "define", "Define an environment variable", - (void (*)(unsigned char *, unsigned char *))env_define, 2 }, - { "undefine", "Undefine an environment variable", - (void (*)(unsigned char *, unsigned char *))env_undefine, 1 }, - { "export", "Mark an environment variable for automatic export", - (void (*)(unsigned char *, unsigned char *))env_export, 1 }, - { "unexport", "Don't mark an environment variable for automatic export", - (void (*)(unsigned char *, unsigned char *))env_unexport, 1 }, - { "send", "Send an environment variable", (void (*)(unsigned char *, unsigned char *))env_send, 1 }, - { "list", "List the current environment variables", - (void (*)(unsigned char *, unsigned char *))env_list, 0 }, -#if defined(OLD_ENVIRON) && defined(ENV_HACK) - { "varval", "Reverse VAR and VALUE (auto, right, wrong, status)", - (void (*)(unsigned char *, unsigned char *))env_varval, 1 }, -#endif - { "help", NULL, (void (*)(unsigned char *, unsigned char *))env_help, 0 }, - { "?", "Print help information", (void (*)(unsigned char *, unsigned char *))env_help, 0 }, - { NULL, NULL, NULL, 0 }, -}; - -static void -env_help(void) -{ - struct envlist *c; - - for (c = EnvList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\n", c->name, c->help); - else - printf("\n"); - } - } -} - -static struct envlist * -getenvcmd(char *name) -{ - return (struct envlist *) - genget(name, (char **) EnvList, sizeof(struct envlist)); -} - -static int -env_cmd(int argc, char *argv[]) -{ - struct envlist *c; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'environ' command. 'environ ?' for help.\n"); - return 0; - } - c = getenvcmd(argv[1]); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('environ ?' for help).\n", - argv[1]); - return 0; - } - if (Ambiguous((void *)c)) { - fprintf(stderr, "'%s': ambiguous argument ('environ ?' for help).\n", - argv[1]); - return 0; - } - if (c->narg + 2 != argc && strcasecmp(argv[1],"define")==0 && c->narg + 1 != argc) { - fprintf(stderr, - "Need %s%d argument%s to 'environ %s' command. 'environ ?' for help.\n", - c->narg < argc + 2 ? "only " : "", - c->narg, c->narg == 1 ? "" : "s", c->name); - return 0; - } - (*c->handler)(argv[2], argv[3]); - return 1; -} - -struct env_lst { - struct env_lst *next; /* pointer to next structure */ - struct env_lst *prev; /* pointer to previous structure */ - unsigned char *var; /* pointer to variable name */ - unsigned char *value; /* pointer to variable value */ - int export; /* 1 -> export with default list of variables */ - int welldefined; /* A well defined variable */ -}; - -struct env_lst envlisthead; - -static struct env_lst * -env_find(const unsigned char *var) -{ - struct env_lst *ep; - - for (ep = envlisthead.next; ep; ep = ep->next) { - if (strcmp(ep->var, var) == 0) - return(ep); - } - return(NULL); -} - -void -env_init(void) -{ - char *ev; - struct env_lst *ep; - int i; - - const char *safe_vars[]= - {"USER", "PRINTER", "DISPLAY", "TERM", "COLUMNS", "LINES"}; - - for(i=0;iexport=0; - } - } - - /* - * Special case for DISPLAY variable. If it is ":0.0" or - * "unix:0.0", we have to get rid of "unix" and insert our - * hostname. - */ - if ((ep = env_find("DISPLAY")) - && ((*ep->value == ':') - || (strncmp((char *)ep->value, "unix:", 5) == 0))) { - char hbuf[256+1]; - char *cp, *cp2 = strchr((char *)ep->value, ':'); - - gethostname(hbuf, 256); - hbuf[256] = '\0'; - cp = (char *)malloc(strlen(hbuf) + strlen(cp2) + 1); - sprintf((char *)cp, "%s%s", hbuf, cp2); - free(ep->value); - ep->value = (unsigned char *)cp; - } - /* - * If USER is not defined, but LOGNAME is, then add - * USER with the value from LOGNAME. By default, we - * don't export the USER variable. - */ - if ((env_find("USER") == NULL) && (ep = env_find("LOGNAME"))) { - env_define("USER", ep->value); - env_unexport("USER"); - } - env_export("DISPLAY"); - env_export("PRINTER"); -} - -struct env_lst * -env_define(const unsigned char *var, unsigned char *value) -{ - char *ev; - struct env_lst *ep; - - if ((ep = env_find(var))) { - if (ep->var) - free(ep->var); - if (ep->value) - free(ep->value); - } else { - ep = (struct env_lst *)malloc(sizeof(struct env_lst)); - ep->next = envlisthead.next; - envlisthead.next = ep; - ep->prev = &envlisthead; - if (ep->next) - ep->next->prev = ep; - } - - ep->welldefined = opt_welldefined((const char *)var); - ep->export = 1; - ep->var = (unsigned char *)strdup((const char *)var); - - if(value) - ep->value = (unsigned char *)strdup((const char *)value); - else if(ev=getenv((const char *)var)) - ep->value = (unsigned char *)strdup(ev); - else ep->value = (unsigned char *)strdup(""); - return(ep); -} - -void -env_undefine(unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) { - ep->prev->next = ep->next; - if (ep->next) - ep->next->prev = ep->prev; - if (ep->var) - free(ep->var); - if (ep->value) - free(ep->value); - free(ep); - } -} - -void -env_export(const unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) - ep->export = 1; -} - -void -env_unexport(const unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) - ep->export = 0; -} - -void -env_send(unsigned char *var) -{ - struct env_lst *ep; - - if (my_state_is_wont(TELOPT_NEW_ENVIRON) -#ifdef OLD_ENVIRON - && my_state_is_wont(TELOPT_OLD_ENVIRON) -#endif - ) { - fprintf(stderr, - "Cannot send '%s': Telnet ENVIRON option not enabled\n", - var); - return; - } - ep = env_find(var); - if (ep == 0) { - fprintf(stderr, "Cannot send '%s': variable not defined\n", - var); - return; - } - env_opt_start_info(); - env_opt_add(ep->var); - env_opt_end(0); -} - -void -env_list(void) -{ - struct env_lst *ep; - - for (ep = envlisthead.next; ep; ep = ep->next) { - printf("%c %-20s %s\n", ep->export ? '*' : ' ', - ep->var, ep->value); - } -} - -unsigned char * -env_default(int init, int welldefined) -{ - static struct env_lst *nep = NULL; - - if (init) { - nep = &envlisthead; - return(NULL); - } - if (nep) { - while ((nep = nep->next)) { - if (nep->export && (nep->welldefined == welldefined)) - return(nep->var); - } - } - return(NULL); -} - -unsigned char * -env_getvalue(const unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) - return(ep->value); - return(NULL); -} - -#if defined(OLD_ENVIRON) && defined(ENV_HACK) -void -env_varval(unsigned char *what) -{ - extern int old_env_var, old_env_value, env_auto; - int len = strlen((char *)what); - - if (len == 0) - goto unknown; - - if (strncasecmp((char *)what, "status", len) == 0) { - if (env_auto) - printf("%s%s", "VAR and VALUE are/will be ", - "determined automatically\n"); - if (old_env_var == OLD_ENV_VAR) - printf("VAR and VALUE set to correct definitions\n"); - else - printf("VAR and VALUE definitions are reversed\n"); - } else if (strncasecmp((char *)what, "auto", len) == 0) { - env_auto = 1; - old_env_var = OLD_ENV_VALUE; - old_env_value = OLD_ENV_VAR; - } else if (strncasecmp((char *)what, "right", len) == 0) { - env_auto = 0; - old_env_var = OLD_ENV_VAR; - old_env_value = OLD_ENV_VALUE; - } else if (strncasecmp((char *)what, "wrong", len) == 0) { - env_auto = 0; - old_env_var = OLD_ENV_VALUE; - old_env_value = OLD_ENV_VAR; - } else { -unknown: - printf("Unknown \"varval\" command. (\"auto\", \"right\", \"wrong\", \"status\")\n"); - } -} -#endif - -#ifdef AUTHENTICATION -/* - * The AUTHENTICATE command. - */ - -struct authlist { - const char *name; - const char *help; - int (*handler)(char *); - int narg; -}; - -extern int - auth_enable(char *), - auth_disable(char *), - auth_status(void); -static int - auth_help(void); - -struct authlist AuthList[] = { - { "status", "Display current status of authentication information", - (int (*)(char *))auth_status, 0 }, - { "disable", "Disable an authentication type ('auth disable ?' for more)", - auth_disable, 1 }, - { "enable", "Enable an authentication type ('auth enable ?' for more)", - auth_enable, 1 }, - { "help", NULL, (int (*)(char *))auth_help, 0 }, - { "?", "Print help information", (int (*)(char *))auth_help, 0 }, - { NULL, NULL, NULL, 0 }, -}; - -static int -auth_help(void) -{ - struct authlist *c; - - for (c = AuthList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\n", c->name, c->help); - else - printf("\n"); - } - } - return 0; -} - -int -auth_cmd(int argc, char *argv[]) -{ - struct authlist *c; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'auth' command. 'auth ?' for help.\n"); - return 0; - } - - c = (struct authlist *) - genget(argv[1], (char **) AuthList, sizeof(struct authlist)); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('auth ?' for help).\n", - argv[1]); - return 0; - } - if (Ambiguous((void *)c)) { - fprintf(stderr, "'%s': ambiguous argument ('auth ?' for help).\n", - argv[1]); - return 0; - } - if (c->narg + 2 != argc) { - fprintf(stderr, - "Need %s%d argument%s to 'auth %s' command. 'auth ?' for help.\n", - c->narg < argc + 2 ? "only " : "", - c->narg, c->narg == 1 ? "" : "s", c->name); - return 0; - } - return((*c->handler)(argv[2])); -} -#endif - -#ifdef ENCRYPTION -/* - * The ENCRYPT command. - */ - -struct encryptlist { - const char *name; - const char *help; - int (*handler)(char *, char *); - int needconnect; - int minarg; - int maxarg; -}; - -extern int - EncryptEnable(char *, char *), - EncryptDisable(char *, char *), - EncryptType(char *, char *), - EncryptStart(char *), - EncryptStartInput(void), - EncryptStartOutput(void), - EncryptStop(char *), - EncryptStopInput(void), - EncryptStopOutput(void), - EncryptStatus(void); -static int - EncryptHelp(void); - -struct encryptlist EncryptList[] = { - { "enable", "Enable encryption. ('encrypt enable ?' for more)", - EncryptEnable, 1, 1, 2 }, - { "disable", "Disable encryption. ('encrypt enable ?' for more)", - EncryptDisable, 0, 1, 2 }, - { "type", "Set encryption type. ('encrypt type ?' for more)", - EncryptType, 0, 1, 1 }, - { "start", "Start encryption. ('encrypt start ?' for more)", - (int (*)(char *, char *))EncryptStart, 1, 0, 1 }, - { "stop", "Stop encryption. ('encrypt stop ?' for more)", - (int (*)(char *, char *))EncryptStop, 1, 0, 1 }, - { "input", "Start encrypting the input stream", - (int (*)(char *, char *))EncryptStartInput, 1, 0, 0 }, - { "-input", "Stop encrypting the input stream", - (int (*)(char *, char *))EncryptStopInput, 1, 0, 0 }, - { "output", "Start encrypting the output stream", - (int (*)(char *, char *))EncryptStartOutput, 1, 0, 0 }, - { "-output", "Stop encrypting the output stream", - (int (*)(char *, char *))EncryptStopOutput, 1, 0, 0 }, - - { "status", "Display current status of authentication information", - (int (*)(char *, char *))EncryptStatus, 0, 0, 0 }, - { "help", NULL, (int (*)(char *, char *))EncryptHelp, 0, 0, 0 }, - { "?", "Print help information", (int (*)(char *, char *))EncryptHelp, 0, 0, 0 }, - { NULL, NULL, NULL, 0, 0, 0 }, -}; - -static int -EncryptHelp(void) -{ - struct encryptlist *c; - - for (c = EncryptList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\n", c->name, c->help); - else - printf("\n"); - } - } - return 0; -} - -static int -encrypt_cmd(int argc, char *argv[]) -{ - struct encryptlist *c; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'encrypt' command. 'encrypt ?' for help.\n"); - return 0; - } - - c = (struct encryptlist *) - genget(argv[1], (char **) EncryptList, sizeof(struct encryptlist)); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('encrypt ?' for help).\n", - argv[1]); - return 0; - } - if (Ambiguous((void *)c)) { - fprintf(stderr, "'%s': ambiguous argument ('encrypt ?' for help).\n", - argv[1]); - return 0; - } - argc -= 2; - if (argc < c->minarg || argc > c->maxarg) { - if (c->minarg == c->maxarg) { - fprintf(stderr, "Need %s%d argument%s ", - c->minarg < argc ? "only " : "", c->minarg, - c->minarg == 1 ? "" : "s"); - } else { - fprintf(stderr, "Need %s%d-%d arguments ", - c->maxarg < argc ? "only " : "", c->minarg, c->maxarg); - } - fprintf(stderr, "to 'encrypt %s' command. 'encrypt ?' for help.\n", - c->name); - return 0; - } - if (c->needconnect && !connected) { - if (!(argc && (isprefix(argv[2], "help") || isprefix(argv[2], "?")))) { - printf("?Need to be connected first.\n"); - return 0; - } - } - return ((*c->handler)(argc > 0 ? argv[2] : 0, - argc > 1 ? argv[3] : 0)); -} -#endif /* ENCRYPTION */ - -/* - * Print status about the connection. - */ -/*ARGSUSED*/ -static int -status(int argc, char *argv[]) -{ - if (connected) { - printf("Connected to %s.\n", hostname); - if ((argc < 2) || strcmp(argv[1], "notmuch")) { - int mode = getconnmode(); - - if (my_want_state_is_will(TELOPT_LINEMODE)) { - printf("Operating with LINEMODE option\n"); - printf("%s line editing\n", (mode&MODE_EDIT) ? "Local" : "No"); - printf("%s catching of signals\n", - (mode&MODE_TRAPSIG) ? "Local" : "No"); - slcstate(); -#ifdef KLUDGELINEMODE - } else if (kludgelinemode && my_want_state_is_dont(TELOPT_SGA)) { - printf("Operating in obsolete linemode\n"); -#endif - } else { - printf("Operating in single character mode\n"); - if (localchars) - printf("Catching signals locally\n"); - } - printf("%s character echo\n", (mode&MODE_ECHO) ? "Local" : "Remote"); - if (my_want_state_is_will(TELOPT_LFLOW)) - printf("%s flow control\n", (mode&MODE_FLOW) ? "Local" : "No"); -#ifdef ENCRYPTION - encrypt_display(); -#endif /* ENCRYPTION */ - } - } else { - printf("No connection.\n"); - } - printf("Escape character is '%s'.\n", control(escape)); - (void) fflush(stdout); - return 1; -} - -#ifdef SIGINFO -/* - * Function that gets called when SIGINFO is received. - */ -void -ayt_status(void) -{ - (void) call(status, "status", "notmuch", 0); -} -#endif - -static const char * -sockaddr_ntop(struct sockaddr *sa) -{ - void *addr; - static char addrbuf[INET6_ADDRSTRLEN]; - - switch (sa->sa_family) { - case AF_INET: - addr = &((struct sockaddr_in *)sa)->sin_addr; - break; - case AF_UNIX: - addr = &((struct sockaddr_un *)sa)->sun_path; - break; -#ifdef INET6 - case AF_INET6: - addr = &((struct sockaddr_in6 *)sa)->sin6_addr; - break; -#endif - default: - return NULL; - } - inet_ntop(sa->sa_family, addr, addrbuf, sizeof(addrbuf)); - return addrbuf; -} - -#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) -static int -setpolicy(int lnet, struct addrinfo *res, char *policy) -{ - char *buf; - int level; - int optname; - - if (policy == NULL) - return 0; - - buf = ipsec_set_policy(policy, strlen(policy)); - if (buf == NULL) { - printf("%s\n", ipsec_strerror()); - return -1; - } - level = res->ai_family == AF_INET ? IPPROTO_IP : IPPROTO_IPV6; - optname = res->ai_family == AF_INET ? IP_IPSEC_POLICY : IPV6_IPSEC_POLICY; - if (setsockopt(lnet, level, optname, buf, ipsec_get_policylen(buf)) < 0){ - perror("setsockopt"); - return -1; - } - - free(buf); - return 0; -} -#endif - -#ifdef INET6 -/* - * When an Address Family related error happend, check if retry with - * another AF is possible or not. - * Return 1, if retry with another af is OK. Else, return 0. - */ -static int -switch_af(struct addrinfo **aip) -{ - int nextaf; - struct addrinfo *ai; - - ai = *aip; - nextaf = (ai->ai_family == AF_INET) ? AF_INET6 : AF_INET; - do - ai=ai->ai_next; - while (ai != NULL && ai->ai_family != nextaf); - *aip = ai; - if (*aip != NULL) { - return 1; - } - return 0; -} -#endif - -int -tn(int argc, char *argv[]) -{ - char *srp = 0; - int proto, opt; - int srlen; - int srcroute = 0, result; - char *cmd, *hostp = 0, *portp = 0, *user = 0; - char *src_addr = NULL; - struct addrinfo hints, *res, *res0 = NULL, *src_res, *src_res0 = NULL; - int error = 0, af_error = 0; - - if (connected) { - printf("?Already connected to %s\n", hostname); - setuid(getuid()); - return 0; - } - if (argc < 2) { - (void) strcpy(line, "open "); - printf("(to) "); - (void) fgets(&line[strlen(line)], sizeof(line) - strlen(line), stdin); - makeargv(); - argc = margc; - argv = margv; - } - cmd = *argv; - --argc; ++argv; - while (argc) { - if (strcmp(*argv, "help") == 0 || isprefix(*argv, "?")) - goto usage; - if (strcmp(*argv, "-l") == 0) { - --argc; ++argv; - if (argc == 0) - goto usage; - user = *argv++; - --argc; - continue; - } - if (strcmp(*argv, "-a") == 0) { - --argc; ++argv; - autologin = 1; - continue; - } - if (strcmp(*argv, "-s") == 0) { - --argc; ++argv; - if (argc == 0) - goto usage; - src_addr = *argv++; - --argc; - continue; - } - if (hostp == 0) { - hostp = *argv++; - --argc; - continue; - } - if (portp == 0) { - portp = *argv++; - --argc; - continue; - } - usage: - printf("usage: %s [-l user] [-a] [-s src_addr] host-name [port]\n", cmd); - setuid(getuid()); - return 0; - } - if (hostp == 0) - goto usage; - - if (src_addr != NULL) { - memset(&hints, 0, sizeof(hints)); - hints.ai_flags = AI_NUMERICHOST; - hints.ai_family = family; - hints.ai_socktype = SOCK_STREAM; - error = getaddrinfo(src_addr, 0, &hints, &src_res); - if (error == EAI_NODATA) { - hints.ai_flags = 0; - error = getaddrinfo(src_addr, 0, &hints, &src_res); - } - if (error != 0) { - fprintf(stderr, "%s: %s\n", src_addr, gai_strerror(error)); - if (error == EAI_SYSTEM) - fprintf(stderr, "%s: %s\n", src_addr, strerror(errno)); - setuid(getuid()); - return 0; - } - src_res0 = src_res; - } - if (hostp[0] == '/') { - struct sockaddr_un su; - - if (strlen(hostp) >= sizeof(su.sun_path)) { - fprintf(stderr, "hostname too long for unix domain socket: %s", - hostp); - goto fail; - } - memset(&su, 0, sizeof su); - su.sun_family = AF_UNIX; - strncpy(su.sun_path, hostp, sizeof su.sun_path); - printf("Trying %s...\n", hostp); - net = socket(PF_UNIX, SOCK_STREAM, 0); - if ( net < 0) { - perror("socket"); - goto fail; - } - if (connect(net, (struct sockaddr *)&su, sizeof su) == -1) { - perror(su.sun_path); - (void) NetClose(net); - goto fail; - } - goto af_unix; - } else if (hostp[0] == '@' || hostp[0] == '!') { - if ( -#ifdef INET6 - family == AF_INET6 || -#endif - (hostname = strrchr(hostp, ':')) == NULL) - hostname = strrchr(hostp, '@'); - if (hostname == NULL) { - hostname = hostp; - } else { - hostname++; - srcroute = 1; - } - } else - hostname = hostp; - if (!portp) { - telnetport = 1; - portp = strdup("telnet"); - } else if (*portp == '-') { - portp++; - telnetport = 1; - } else - telnetport = 0; - - memset(&hints, 0, sizeof(hints)); - hints.ai_flags = AI_NUMERICHOST; - hints.ai_family = family; - hints.ai_socktype = SOCK_STREAM; - error = getaddrinfo(hostname, portp, &hints, &res); - if (error) { - hints.ai_flags = AI_CANONNAME; - error = getaddrinfo(hostname, portp, &hints, &res); - } - if (error != 0) { - fprintf(stderr, "%s: %s\n", hostname, gai_strerror(error)); - if (error == EAI_SYSTEM) - fprintf(stderr, "%s: %s\n", hostname, strerror(errno)); - setuid(getuid()); - goto fail; - } - if (hints.ai_flags == AI_NUMERICHOST) { - /* hostname has numeric */ - int gni_err = 1; - - if (doaddrlookup) - gni_err = getnameinfo(res->ai_addr, res->ai_addr->sa_len, - _hostname, sizeof(_hostname) - 1, NULL, 0, - NI_NAMEREQD); - if (gni_err != 0) - (void) strncpy(_hostname, hostp, sizeof(_hostname) - 1); - _hostname[sizeof(_hostname)-1] = '\0'; - hostname = _hostname; - } else { - /* hostname has FQDN */ - if (srcroute != 0) - (void) strncpy(_hostname, hostname, sizeof(_hostname) - 1); - else if (res->ai_canonname != NULL) - strcpy(_hostname, res->ai_canonname); - else - (void) strncpy(_hostname, hostp, sizeof(_hostname) - 1); - _hostname[sizeof(_hostname)-1] = '\0'; - hostname = _hostname; - } - res0 = res; - #ifdef INET6 - af_again: - #endif - if (srcroute != 0) { - static char hostbuf[BUFSIZ]; - - if (af_error == 0) { /* save intermediate hostnames for retry */ - strncpy(hostbuf, hostp, BUFSIZ - 1); - hostbuf[BUFSIZ - 1] = '\0'; - } else - hostp = hostbuf; - srp = 0; - result = sourceroute(res, hostp, &srp, &srlen, &proto, &opt); - if (result == 0) { -#ifdef INET6 - if (family == AF_UNSPEC && af_error == 0 && - switch_af(&res) == 1) { - af_error = 1; - goto af_again; - } -#endif - setuid(getuid()); - goto fail; - } else if (result == -1) { - printf("Bad source route option: %s\n", hostp); - setuid(getuid()); - goto fail; - } - } - do { - printf("Trying %s...\n", sockaddr_ntop(res->ai_addr)); - net = socket(res->ai_family, res->ai_socktype, res->ai_protocol); - setuid(getuid()); - if (net < 0) { -#ifdef INET6 - if (family == AF_UNSPEC && af_error == 0 && - switch_af(&res) == 1) { - af_error = 1; - goto af_again; - } -#endif - perror("telnet: socket"); - goto fail; - } - if (srp && setsockopt(net, proto, opt, (char *)srp, srlen) < 0) - perror("setsockopt (source route)"); -#if defined(IPPROTO_IP) && defined(IP_TOS) - if (res->ai_family == PF_INET) { -# if defined(HAS_GETTOS) - struct tosent *tp; - if (tos < 0 && (tp = gettosbyname("telnet", "tcp"))) - tos = tp->t_tos; -# endif - if (tos < 0) - tos = IPTOS_LOWDELAY; - if (tos - && (setsockopt(net, IPPROTO_IP, IP_TOS, - (char *)&tos, sizeof(int)) < 0) - && (errno != ENOPROTOOPT)) - perror("telnet: setsockopt (IP_TOS) (ignored)"); - } -#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */ - - if (debug && SetSockOpt(net, SOL_SOCKET, SO_DEBUG, 1) < 0) { - perror("setsockopt (SO_DEBUG)"); - } - - if (src_addr != NULL) { - for (src_res = src_res0; src_res != 0; src_res = src_res->ai_next) - if (src_res->ai_family == res->ai_family) - break; - if (src_res == NULL) - src_res = src_res0; - if (bind(net, src_res->ai_addr, src_res->ai_addrlen) == -1) { -#ifdef INET6 - if (family == AF_UNSPEC && af_error == 0 && - switch_af(&res) == 1) { - af_error = 1; - (void) NetClose(net); - goto af_again; - } -#endif - perror("bind"); - (void) NetClose(net); - goto fail; - } - } -#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) - if (setpolicy(net, res, ipsec_policy_in) < 0) { - (void) NetClose(net); - goto fail; - } - if (setpolicy(net, res, ipsec_policy_out) < 0) { - (void) NetClose(net); - goto fail; - } -#endif - - if (connect(net, res->ai_addr, res->ai_addrlen) < 0) { - struct addrinfo *next; - - next = res->ai_next; - /* If already an af failed, only try same af. */ - if (af_error != 0) - while (next != NULL && next->ai_family != res->ai_family) - next = next->ai_next; - warn("connect to address %s", sockaddr_ntop(res->ai_addr)); - if (next != NULL) { - res = next; - (void) NetClose(net); - continue; - } - warnx("Unable to connect to remote host"); - (void) NetClose(net); - goto fail; - } - connected++; -#ifdef AUTHENTICATION -#ifdef ENCRYPTION - auth_encrypt_connect(connected); -#endif -#endif - } while (connected == 0); - freeaddrinfo(res0); - if (src_res0 != NULL) - freeaddrinfo(src_res0); - cmdrc(hostp, hostname); - af_unix: - if (autologin && user == NULL) { - struct passwd *pw; - - user = getenv("USER"); - if (user == NULL || - ((pw = getpwnam(user)) && pw->pw_uid != getuid())) { - if ((pw = getpwuid(getuid()))) - user = pw->pw_name; - else - user = NULL; - } - } - if (user) { - env_define("USER", user); - env_export("USER"); - } - (void) call(status, "status", "notmuch", 0); - if (setjmp(peerdied) == 0) - telnet(user); - (void) NetClose(net); - ExitString("Connection closed by foreign host.\n",1); - /*NOTREACHED*/ - fail: - if (res0 != NULL) - freeaddrinfo(res0); - if (src_res0 != NULL) - freeaddrinfo(src_res0); - return 0; -} - -#define HELPINDENT (sizeof ("connect")) - -static char - openhelp[] = "connect to a site", - closehelp[] = "close current connection", - logouthelp[] = "forcibly logout remote user and close the connection", - quithelp[] = "exit telnet", - statushelp[] = "print status information", - helphelp[] = "print help information", - sendhelp[] = "transmit special characters ('send ?' for more)", - sethelp[] = "set operating parameters ('set ?' for more)", - unsethelp[] = "unset operating parameters ('unset ?' for more)", - togglestring[] ="toggle operating parameters ('toggle ?' for more)", - slchelp[] = "change state of special charaters ('slc ?' for more)", - displayhelp[] = "display operating parameters", -#ifdef AUTHENTICATION - authhelp[] = "turn on (off) authentication ('auth ?' for more)", -#endif -#ifdef ENCRYPTION - encrypthelp[] = "turn on (off) encryption ('encrypt ?' for more)", -#endif /* ENCRYPTION */ - zhelp[] = "suspend telnet", -#ifdef OPIE - opiehelp[] = "compute response to OPIE challenge", -#endif - shellhelp[] = "invoke a subshell", - envhelp[] = "change environment variables ('environ ?' for more)", - modestring[] = "try to enter line or character mode ('mode ?' for more)"; - -static Command cmdtab[] = { - { "close", closehelp, bye, 1 }, - { "logout", logouthelp, (int (*)(int, char **))logout, 1 }, - { "display", displayhelp, display, 0 }, - { "mode", modestring, modecmd, 0 }, - { "telnet", openhelp, tn, 0 }, - { "open", openhelp, tn, 0 }, - { "quit", quithelp, (int (*)(int, char **))quit, 0 }, - { "send", sendhelp, sendcmd, 0 }, - { "set", sethelp, setcmd, 0 }, - { "unset", unsethelp, unsetcmd, 0 }, - { "status", statushelp, status, 0 }, - { "toggle", togglestring, toggle, 0 }, - { "slc", slchelp, slccmd, 0 }, -#ifdef AUTHENTICATION - { "auth", authhelp, auth_cmd, 0 }, -#endif -#ifdef ENCRYPTION - { "encrypt", encrypthelp, encrypt_cmd, 0 }, -#endif /* ENCRYPTION */ - { "z", zhelp, (int (*)(int, char **))suspend, 0 }, - { "!", shellhelp, shell, 1 }, - { "environ", envhelp, env_cmd, 0 }, - { "?", helphelp, help, 0 }, -#ifdef OPIE - { "opie", opiehelp, opie_calc, 0 }, -#endif - { NULL, NULL, NULL, 0 } -}; - -static char crmodhelp[] = "deprecated command -- use 'toggle crmod' instead"; -static char escapehelp[] = "deprecated command -- use 'set escape' instead"; - -static Command cmdtab2[] = { - { "help", 0, help, 0 }, - { "escape", escapehelp, setescape, 0 }, - { "crmod", crmodhelp, (int (*)(int, char **))togcrmod, 0 }, - { NULL, NULL, NULL, 0 } -}; - - -/* - * Call routine with argc, argv set from args (terminated by 0). - */ - -static int -call(intrtn_t routine, ...) -{ - va_list ap; - char *args[100]; - int argno = 0; - - va_start(ap, routine); - while ((args[argno++] = va_arg(ap, char *)) != 0); - va_end(ap); - return (*routine)(argno-1, args); -} - - -static Command * -getcmd(char *name) -{ - Command *cm; - - if ((cm = (Command *) genget(name, (char **) cmdtab, sizeof(Command)))) - return cm; - return (Command *) genget(name, (char **) cmdtab2, sizeof(Command)); -} - -void -command(int top, const char *tbuf, int cnt) -{ - Command *c; - - setcommandmode(); - if (!top) { - putchar('\n'); - } else { - (void) signal(SIGINT, SIG_DFL); - (void) signal(SIGQUIT, SIG_DFL); - } - for (;;) { - if (rlogin == _POSIX_VDISABLE) - printf("%s> ", prompt); - if (tbuf) { - char *cp; - cp = line; - while (cnt > 0 && (*cp++ = *tbuf++) != '\n') - cnt--; - tbuf = 0; - if (cp == line || *--cp != '\n' || cp == line) - goto getline; - *cp = '\0'; - if (rlogin == _POSIX_VDISABLE) - printf("%s\n", line); - } else { - getline: - if (rlogin != _POSIX_VDISABLE) - printf("%s> ", prompt); - if (fgets(line, sizeof(line), stdin) == NULL) { - if (feof(stdin) || ferror(stdin)) { - (void) quit(); - /*NOTREACHED*/ - } - break; - } - } - if (line[0] == 0) - break; - makeargv(); - if (margv[0] == 0) { - break; - } - c = getcmd(margv[0]); - if (Ambiguous((void *)c)) { - printf("?Ambiguous command\n"); - continue; - } - if (c == 0) { - printf("?Invalid command\n"); - continue; - } - if (c->needconnect && !connected) { - printf("?Need to be connected first.\n"); - continue; - } - if ((*c->handler)(margc, margv)) { - break; - } - } - if (!top) { - if (!connected) { - longjmp(toplevel, 1); - /*NOTREACHED*/ - } - setconnmode(0); - } -} - -/* - * Help command. - */ -static int -help(int argc, char *argv[]) -{ - Command *c; - - if (argc == 1) { - printf("Commands may be abbreviated. Commands are:\n\n"); - for (c = cmdtab; c->name; c++) - if (c->help) { - printf("%-*s\t%s\n", (int)HELPINDENT, c->name, - c->help); - } - return 0; - } - else while (--argc > 0) { - char *arg; - arg = *++argv; - c = getcmd(arg); - if (Ambiguous((void *)c)) - printf("?Ambiguous help command %s\n", arg); - else if (c == (Command *)0) - printf("?Invalid help command %s\n", arg); - else - printf("%s\n", c->help); - } - return 0; -} - -static char *rcname = 0; -static char rcbuf[128]; - -void -cmdrc(char *m1, char *m2) -{ - Command *c; - FILE *rcfile; - int gotmachine = 0; - int l1 = strlen(m1); - int l2 = strlen(m2); - char m1save[MAXHOSTNAMELEN]; - - if (skiprc) - return; - - strlcpy(m1save, m1, sizeof(m1save)); - m1 = m1save; - - if (rcname == 0) { - rcname = getenv("HOME"); - if (rcname && (strlen(rcname) + 10) < sizeof(rcbuf)) - strcpy(rcbuf, rcname); - else - rcbuf[0] = '\0'; - strcat(rcbuf, "/.telnetrc"); - rcname = rcbuf; - } - - if ((rcfile = fopen(rcname, "r")) == 0) { - return; - } - - for (;;) { - if (fgets(line, sizeof(line), rcfile) == NULL) - break; - if (line[0] == 0) - break; - if (line[0] == '#') - continue; - if (gotmachine) { - if (!isspace(line[0])) - gotmachine = 0; - } - if (gotmachine == 0) { - if (isspace(line[0])) - continue; - if (strncasecmp(line, m1, l1) == 0) - strncpy(line, &line[l1], sizeof(line) - l1); - else if (strncasecmp(line, m2, l2) == 0) - strncpy(line, &line[l2], sizeof(line) - l2); - else if (strncasecmp(line, "DEFAULT", 7) == 0) - strncpy(line, &line[7], sizeof(line) - 7); - else - continue; - if (line[0] != ' ' && line[0] != '\t' && line[0] != '\n') - continue; - gotmachine = 1; - } - makeargv(); - if (margv[0] == 0) - continue; - c = getcmd(margv[0]); - if (Ambiguous((void *)c)) { - printf("?Ambiguous command: %s\n", margv[0]); - continue; - } - if (c == 0) { - printf("?Invalid command: %s\n", margv[0]); - continue; - } - /* - * This should never happen... - */ - if (c->needconnect && !connected) { - printf("?Need to be connected first for %s.\n", margv[0]); - continue; - } - (*c->handler)(margc, margv); - } - fclose(rcfile); -} - -/* - * Source route is handed in as - * [!]@hop1@hop2...[@|:]dst - * If the leading ! is present, it is a - * strict source route, otherwise it is - * assmed to be a loose source route. - * - * We fill in the source route option as - * hop1,hop2,hop3...dest - * and return a pointer to hop1, which will - * be the address to connect() to. - * - * Arguments: - * - * res: ponter to addrinfo structure which contains sockaddr to - * the host to connect to. - * - * arg: pointer to route list to decipher - * - * cpp: If *cpp is not equal to NULL, this is a - * pointer to a pointer to a character array - * that should be filled in with the option. - * - * lenp: pointer to an integer that contains the - * length of *cpp if *cpp != NULL. - * - * protop: pointer to an integer that should be filled in with - * appropriate protocol for setsockopt, as socket - * protocol family. - * - * optp: pointer to an integer that should be filled in with - * appropriate option for setsockopt, as socket protocol - * family. - * - * Return values: - * - * If the return value is 1, then all operations are - * successful. If the - * return value is -1, there was a syntax error in the - * option, either unknown characters, or too many hosts. - * If the return value is 0, one of the hostnames in the - * path is unknown, and *cpp is set to point to the bad - * hostname. - * - * *cpp: If *cpp was equal to NULL, it will be filled - * in with a pointer to our static area that has - * the option filled in. This will be 32bit aligned. - * - * *lenp: This will be filled in with how long the option - * pointed to by *cpp is. - * - * *protop: This will be filled in with appropriate protocol for - * setsockopt, as socket protocol family. - * - * *optp: This will be filled in with appropriate option for - * setsockopt, as socket protocol family. - */ -static int -sourceroute(struct addrinfo *ai, char *arg, char **cpp, int *lenp, int *protop, int *optp) -{ - static char buf[1024 + ALIGNBYTES]; /*XXX*/ - char *cp, *cp2, *lsrp, *ep; - struct sockaddr_in *_sin; -#ifdef INET6 - struct sockaddr_in6 *sin6; - struct cmsghdr *cmsg; -#endif - struct addrinfo hints, *res; - int error; - char c; - - /* - * Verify the arguments, and make sure we have - * at least 7 bytes for the option. - */ - if (cpp == NULL || lenp == NULL) - return -1; - if (*cpp != NULL) { - switch (res->ai_family) { - case AF_INET: - if (*lenp < 7) - return -1; - break; -#ifdef INET6 - case AF_INET6: - if (*lenp < (int)CMSG_SPACE(sizeof(struct ip6_rthdr) + - sizeof(struct in6_addr))) - return -1; - break; -#endif - } - } - /* - * Decide whether we have a buffer passed to us, - * or if we need to use our own static buffer. - */ - if (*cpp) { - lsrp = *cpp; - ep = lsrp + *lenp; - } else { - *cpp = lsrp = (char *)ALIGN(buf); - ep = lsrp + 1024; - } - - cp = arg; - -#ifdef INET6 - if (ai->ai_family == AF_INET6) { - cmsg = inet6_rthdr_init(*cpp, IPV6_RTHDR_TYPE_0); - if (*cp != '@') - return -1; - *protop = IPPROTO_IPV6; - *optp = IPV6_PKTOPTIONS; - } else -#endif - { - /* - * Next, decide whether we have a loose source - * route or a strict source route, and fill in - * the begining of the option. - */ - if (*cp == '!') { - cp++; - *lsrp++ = IPOPT_SSRR; - } else - *lsrp++ = IPOPT_LSRR; - - if (*cp != '@') - return -1; - - lsrp++; /* skip over length, we'll fill it in later */ - *lsrp++ = 4; - *protop = IPPROTO_IP; - *optp = IP_OPTIONS; - } - - cp++; - memset(&hints, 0, sizeof(hints)); - hints.ai_family = ai->ai_family; - hints.ai_socktype = SOCK_STREAM; - for (c = 0;;) { - if ( -#ifdef INET6 - ai->ai_family != AF_INET6 && -#endif - c == ':') - cp2 = 0; - else for (cp2 = cp; (c = *cp2); cp2++) { - if (c == ',') { - *cp2++ = '\0'; - if (*cp2 == '@') - cp2++; - } else if (c == '@') { - *cp2++ = '\0'; - } else if ( -#ifdef INET6 - ai->ai_family != AF_INET6 && -#endif - c == ':') { - *cp2++ = '\0'; - } else - continue; - break; - } - if (!c) - cp2 = 0; - - hints.ai_flags = AI_NUMERICHOST; - error = getaddrinfo(cp, NULL, &hints, &res); - if (error == EAI_NODATA) { - hints.ai_flags = 0; - error = getaddrinfo(cp, NULL, &hints, &res); - } - if (error != 0) { - fprintf(stderr, "%s: %s\n", cp, gai_strerror(error)); - if (error == EAI_SYSTEM) - fprintf(stderr, "%s: %s\n", cp, - strerror(errno)); - *cpp = cp; - return(0); - } -#ifdef INET6 - if (res->ai_family == AF_INET6) { - sin6 = (struct sockaddr_in6 *)res->ai_addr; - inet6_rthdr_add(cmsg, &sin6->sin6_addr, - IPV6_RTHDR_LOOSE); - } else -#endif - { - _sin = (struct sockaddr_in *)res->ai_addr; - memcpy(lsrp, (char *)&_sin->sin_addr, 4); - lsrp += 4; - } - if (cp2) - cp = cp2; - else - break; - /* - * Check to make sure there is space for next address - */ -#ifdef INET6 - if (res->ai_family == AF_INET6) { - if (((char *)CMSG_DATA(cmsg) + - sizeof(struct ip6_rthdr) + - ((inet6_rthdr_segments(cmsg) + 1) * - sizeof(struct in6_addr))) > ep) - return -1; - } else -#endif - if (lsrp + 4 > ep) - return -1; - freeaddrinfo(res); - } -#ifdef INET6 - if (res->ai_family == AF_INET6) { - inet6_rthdr_lasthop(cmsg, IPV6_RTHDR_LOOSE); - *lenp = cmsg->cmsg_len; - } else -#endif - { - if ((*(*cpp+IPOPT_OLEN) = lsrp - *cpp) <= 7) { - *cpp = 0; - *lenp = 0; - return -1; - } - *lsrp++ = IPOPT_NOP; /* 32 bit word align it */ - *lenp = lsrp - *cpp; - } - freeaddrinfo(res); - return 1; -} diff --git a/telnet.tproj/defines.h b/telnet.tproj/defines.h deleted file mode 100644 index 070770f..0000000 --- a/telnet.tproj/defines.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)defines.h 8.1 (Berkeley) 6/6/93 - * $FreeBSD: src/crypto/telnet/telnet/defines.h,v 1.1.1.1.8.1 2002/04/13 10:59:08 markm Exp $ - */ - -#define settimer(x) clocks.x = clocks.system++ - -#define NETADD(c) { *netoring.supply = c; ring_supplied(&netoring, 1); } -#define NET2ADD(c1,c2) { NETADD(c1); NETADD(c2); } -#define NETBYTES() (ring_full_count(&netoring)) -#define NETROOM() (ring_empty_count(&netoring)) - -#define TTYADD(c) if (!(SYNCHing||flushout)) { \ - *ttyoring.supply = c; \ - ring_supplied(&ttyoring, 1); \ - } -#define TTYBYTES() (ring_full_count(&ttyoring)) -#define TTYROOM() (ring_empty_count(&ttyoring)) - -/* Various modes */ -#define MODE_LOCAL_CHARS(m) ((m)&(MODE_EDIT|MODE_TRAPSIG)) -#define MODE_LOCAL_ECHO(m) ((m)&MODE_ECHO) -#define MODE_COMMAND_LINE(m) ((m)==-1) - -#define CONTROL(x) ((x)&0x1f) /* CTRL(x) is not portable */ diff --git a/telnet.tproj/externs.h b/telnet.tproj/externs.h deleted file mode 100644 index afa6fd3..0000000 --- a/telnet.tproj/externs.h +++ /dev/null @@ -1,491 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)externs.h 8.3 (Berkeley) 5/30/95 - * $FreeBSD: src/crypto/telnet/telnet/externs.h,v 1.4.2.2 2002/04/13 10:59:08 markm Exp $ - */ - -#ifndef BSD -# define BSD 43 -#endif - -/* - * ucb stdio.h defines BSD as something weird - */ -#if defined(sun) && defined(__svr4__) -#define BSD 43 -#endif - -#ifndef USE_TERMIO -# if BSD > 43 || defined(SYSV_TERMIO) -# define USE_TERMIO -# endif -#endif - -#include -#include -#include -#include -#ifdef USE_TERMIO -# ifndef VINTR -# include -# endif -# define termio termios -#endif -#if defined(NO_CC_T) || !defined(USE_TERMIO) -# if !defined(USE_TERMIO) -typedef char cc_t; -# else -typedef unsigned char cc_t; -# endif -#endif - -#include - -#if defined(IPSEC) -#include -#if defined(IPSEC_POLICY_IPSEC) -extern char *ipsec_policy_in; -extern char *ipsec_policy_out; -#endif -#endif - -#ifndef _POSIX_VDISABLE -# ifdef sun -# include /* pick up VDISABLE definition, mayby */ -# endif -# ifdef VDISABLE -# define _POSIX_VDISABLE VDISABLE -# else -# define _POSIX_VDISABLE ((cc_t)'\377') -# endif -#endif - -#define SUBBUFSIZE 256 - -#if !defined(P) -# ifdef __STDC__ -# define P(x) x -# else -# define P(x) () -# endif -#endif - -extern int - autologin, /* Autologin enabled */ - skiprc, /* Don't process the ~/.telnetrc file */ - eight, /* use eight bit mode (binary in and/or out */ - family, /* address family of peer */ - flushout, /* flush output */ - connected, /* Are we connected to the other side? */ - globalmode, /* Mode tty should be in */ - telnetport, /* Are we connected to the telnet port? */ - localflow, /* Flow control handled locally */ - restartany, /* If flow control, restart output on any character */ - localchars, /* we recognize interrupt/quit */ - donelclchars, /* the user has set "localchars" */ - showoptions, - net, /* Network file descriptor */ - tin, /* Terminal input file descriptor */ - tout, /* Terminal output file descriptor */ - crlf, /* Should '\r' be mapped to (or )? */ - autoflush, /* flush output when interrupting? */ - autosynch, /* send interrupt characters with SYNCH? */ - SYNCHing, /* Is the stream in telnet SYNCH mode? */ - donebinarytoggle, /* the user has put us in binary */ - dontlecho, /* do we suppress local echoing right now? */ - crmod, - netdata, /* Print out network data flow */ - prettydump, /* Print "netdata" output in user readable format */ - termdata, /* Print out terminal data flow */ - debug, /* Debug level */ - doaddrlookup, /* do a reverse lookup? */ - clienteof; /* Client received EOF */ - -extern cc_t escape; /* Escape to command mode */ -extern cc_t rlogin; /* Rlogin mode escape character */ -#ifdef KLUDGELINEMODE -extern cc_t echoc; /* Toggle local echoing */ -#endif - -extern char - *prompt; /* Prompt for command. */ - -extern char - doopt[], - dont[], - will[], - wont[], - options[], /* All the little options */ - *hostname; /* Who are we connected to? */ -#ifdef ENCRYPTION -extern void (*encrypt_output)(unsigned char *, int); -extern int (*decrypt_input)(int); -#endif /* ENCRYPTION */ - -/* - * We keep track of each side of the option negotiation. - */ - -#define MY_STATE_WILL 0x01 -#define MY_WANT_STATE_WILL 0x02 -#define MY_STATE_DO 0x04 -#define MY_WANT_STATE_DO 0x08 - -/* - * Macros to check the current state of things - */ - -#define my_state_is_do(opt) (options[opt]&MY_STATE_DO) -#define my_state_is_will(opt) (options[opt]&MY_STATE_WILL) -#define my_want_state_is_do(opt) (options[opt]&MY_WANT_STATE_DO) -#define my_want_state_is_will(opt) (options[opt]&MY_WANT_STATE_WILL) - -#define my_state_is_dont(opt) (!my_state_is_do(opt)) -#define my_state_is_wont(opt) (!my_state_is_will(opt)) -#define my_want_state_is_dont(opt) (!my_want_state_is_do(opt)) -#define my_want_state_is_wont(opt) (!my_want_state_is_will(opt)) - -#define set_my_state_do(opt) {options[opt] |= MY_STATE_DO;} -#define set_my_state_will(opt) {options[opt] |= MY_STATE_WILL;} -#define set_my_want_state_do(opt) {options[opt] |= MY_WANT_STATE_DO;} -#define set_my_want_state_will(opt) {options[opt] |= MY_WANT_STATE_WILL;} - -#define set_my_state_dont(opt) {options[opt] &= ~MY_STATE_DO;} -#define set_my_state_wont(opt) {options[opt] &= ~MY_STATE_WILL;} -#define set_my_want_state_dont(opt) {options[opt] &= ~MY_WANT_STATE_DO;} -#define set_my_want_state_wont(opt) {options[opt] &= ~MY_WANT_STATE_WILL;} - -/* - * Make everything symetrical - */ - -#define HIS_STATE_WILL MY_STATE_DO -#define HIS_WANT_STATE_WILL MY_WANT_STATE_DO -#define HIS_STATE_DO MY_STATE_WILL -#define HIS_WANT_STATE_DO MY_WANT_STATE_WILL - -#define his_state_is_do my_state_is_will -#define his_state_is_will my_state_is_do -#define his_want_state_is_do my_want_state_is_will -#define his_want_state_is_will my_want_state_is_do - -#define his_state_is_dont my_state_is_wont -#define his_state_is_wont my_state_is_dont -#define his_want_state_is_dont my_want_state_is_wont -#define his_want_state_is_wont my_want_state_is_dont - -#define set_his_state_do set_my_state_will -#define set_his_state_will set_my_state_do -#define set_his_want_state_do set_my_want_state_will -#define set_his_want_state_will set_my_want_state_do - -#define set_his_state_dont set_my_state_wont -#define set_his_state_wont set_my_state_dont -#define set_his_want_state_dont set_my_want_state_wont -#define set_his_want_state_wont set_my_want_state_dont - -#if defined(USE_TERMIO) -#define SIG_FUNC_RET void -#else -#define SIG_FUNC_RET int -#endif - -#ifdef SIGINFO -extern SIG_FUNC_RET - ayt_status(void); -#endif - -extern FILE - *NetTrace; /* Where debugging output goes */ -extern unsigned char - NetTraceFile[]; /* Name of file where debugging output goes */ -extern void - SetNetTrace(char *); /* Function to change where debugging goes */ - -extern jmp_buf - peerdied, - toplevel; /* For error conditions. */ - -extern void - command(int, const char *, int), - Dump(char, unsigned char *, int), - env_init(void), - Exit(int), - ExitString(const char *, int), - init_network(void), - init_sys(void), - init_telnet(void), - init_terminal(void), - intp(void), - optionstatus(void), - printoption(const char *, int, int), - printsub(char, unsigned char *, int), - quit(void), - sendabort(void), - sendbrk(void), - sendeof(void), - sendsusp(void), - sendnaws(void), - sendayt(void), - setconnmode(int), - setcommandmode(void), - set_escape_char(char *s), - setneturg(void), - sys_telnet_init(void), - telnet(char *), - tel_enter_binary(int), - tel_leave_binary(int), - TerminalFlushOutput(void), - TerminalNewMode(int), - TerminalRestoreState(void), - TerminalSaveState(void), - TerminalDefaultChars(void), - TerminalSpeeds(long *, long *), - tninit(void), - upcase(char *), - willoption(int), - wontoption(int); - -extern void - send_do(int, int), - send_dont(int, int), - send_will(int, int), - send_wont(int, int); - -extern void - lm_will(unsigned char *, int), - lm_wont(unsigned char *, int), - lm_do(unsigned char *, int), - lm_dont(unsigned char *, int), - lm_mode(unsigned char *, int, int); - -extern void - slc_init(void), - slcstate(void), - slc_mode_export(void), - slc_mode_import(int), - slc_import(int), - slc_export(void), - slc(unsigned char *, int), - slc_check(void), - slc_start_reply(void), - slc_add_reply(unsigned char, unsigned char, cc_t), - slc_end_reply(void); -extern int - getconnmode(void), - opt_welldefined(const char *), - NetClose(int), - netflush(void), - process_rings(int, int, int, int, int, int), - rlogin_susp(void), - SetSockOpt(int, int, int, int), - slc_update(void), - stilloob(void), - telrcv(void), - TerminalRead(char *, int), - TerminalWrite(char *, int), - TerminalAutoFlush(void), - TerminalWindowSize(long *, long *), - TerminalSpecialChars(int), - tn(int, char **), - ttyflush(int); - -extern void - env_opt(unsigned char *, int), - env_opt_start(void), - env_opt_start_info(void), - env_opt_add(unsigned char *), - env_opt_end(int); - -extern unsigned char - *env_default(int, int), - *env_getvalue(const unsigned char *); - -extern int - get_status(char *), - dosynch(char *); - -extern cc_t - *tcval(int); - -#ifndef USE_TERMIO - -extern struct tchars ntc; -extern struct ltchars nltc; -extern struct sgttyb nttyb; - -# define termEofChar ntc.t_eofc -# define termEraseChar nttyb.sg_erase -# define termFlushChar nltc.t_flushc -# define termIntChar ntc.t_intrc -# define termKillChar nttyb.sg_kill -# define termLiteralNextChar nltc.t_lnextc -# define termQuitChar ntc.t_quitc -# define termSuspChar nltc.t_suspc -# define termRprntChar nltc.t_rprntc -# define termWerasChar nltc.t_werasc -# define termStartChar ntc.t_startc -# define termStopChar ntc.t_stopc -# define termForw1Char ntc.t_brkc -extern cc_t termForw2Char; -extern cc_t termAytChar; - -# define termEofCharp (cc_t *)&ntc.t_eofc -# define termEraseCharp (cc_t *)&nttyb.sg_erase -# define termFlushCharp (cc_t *)&nltc.t_flushc -# define termIntCharp (cc_t *)&ntc.t_intrc -# define termKillCharp (cc_t *)&nttyb.sg_kill -# define termLiteralNextCharp (cc_t *)&nltc.t_lnextc -# define termQuitCharp (cc_t *)&ntc.t_quitc -# define termSuspCharp (cc_t *)&nltc.t_suspc -# define termRprntCharp (cc_t *)&nltc.t_rprntc -# define termWerasCharp (cc_t *)&nltc.t_werasc -# define termStartCharp (cc_t *)&ntc.t_startc -# define termStopCharp (cc_t *)&ntc.t_stopc -# define termForw1Charp (cc_t *)&ntc.t_brkc -# define termForw2Charp (cc_t *)&termForw2Char -# define termAytCharp (cc_t *)&termAytChar - -# else - -extern struct termio new_tc; - -# define termEofChar new_tc.c_cc[VEOF] -# define termEraseChar new_tc.c_cc[VERASE] -# define termIntChar new_tc.c_cc[VINTR] -# define termKillChar new_tc.c_cc[VKILL] -# define termQuitChar new_tc.c_cc[VQUIT] - -# ifndef VSUSP -extern cc_t termSuspChar; -# else -# define termSuspChar new_tc.c_cc[VSUSP] -# endif -# if defined(VFLUSHO) && !defined(VDISCARD) -# define VDISCARD VFLUSHO -# endif -# ifndef VDISCARD -extern cc_t termFlushChar; -# else -# define termFlushChar new_tc.c_cc[VDISCARD] -# endif -# ifndef VWERASE -extern cc_t termWerasChar; -# else -# define termWerasChar new_tc.c_cc[VWERASE] -# endif -# ifndef VREPRINT -extern cc_t termRprntChar; -# else -# define termRprntChar new_tc.c_cc[VREPRINT] -# endif -# ifndef VLNEXT -extern cc_t termLiteralNextChar; -# else -# define termLiteralNextChar new_tc.c_cc[VLNEXT] -# endif -# ifndef VSTART -extern cc_t termStartChar; -# else -# define termStartChar new_tc.c_cc[VSTART] -# endif -# ifndef VSTOP -extern cc_t termStopChar; -# else -# define termStopChar new_tc.c_cc[VSTOP] -# endif -# ifndef VEOL -extern cc_t termForw1Char; -# else -# define termForw1Char new_tc.c_cc[VEOL] -# endif -# ifndef VEOL2 -extern cc_t termForw2Char; -# else -# define termForw2Char new_tc.c_cc[VEOL] -# endif -# ifndef VSTATUS -extern cc_t termAytChar; -#else -# define termAytChar new_tc.c_cc[VSTATUS] -#endif - -# if defined(__STDC__) -# define termEofCharp &termEofChar -# define termEraseCharp &termEraseChar -# define termIntCharp &termIntChar -# define termKillCharp &termKillChar -# define termQuitCharp &termQuitChar -# define termSuspCharp &termSuspChar -# define termFlushCharp &termFlushChar -# define termWerasCharp &termWerasChar -# define termRprntCharp &termRprntChar -# define termLiteralNextCharp &termLiteralNextChar -# define termStartCharp &termStartChar -# define termStopCharp &termStopChar -# define termForw1Charp &termForw1Char -# define termForw2Charp &termForw2Char -# define termAytCharp &termAytChar -# else - /* Work around a compiler bug */ -# define termEofCharp 0 -# define termEraseCharp 0 -# define termIntCharp 0 -# define termKillCharp 0 -# define termQuitCharp 0 -# define termSuspCharp 0 -# define termFlushCharp 0 -# define termWerasCharp 0 -# define termRprntCharp 0 -# define termLiteralNextCharp 0 -# define termStartCharp 0 -# define termStopCharp 0 -# define termForw1Charp 0 -# define termForw2Charp 0 -# define termAytCharp 0 -# endif -#endif - - -/* Ring buffer structures which are shared */ - -extern Ring - netoring, - netiring, - ttyoring, - ttyiring; - -extern void - xmitAO(void), - xmitEC(void), - xmitEL(void); diff --git a/telnet.tproj/fdset.h b/telnet.tproj/fdset.h deleted file mode 100644 index 045bb72..0000000 --- a/telnet.tproj/fdset.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)fdset.h 8.1 (Berkeley) 6/6/93 - */ - -/* - * The following is defined just in case someone should want to run - * this telnet on a 4.2 system. - * - */ - -#ifndef FD_SETSIZE - -#define FD_SET(n, p) ((p)->fds_bits[0] |= (1<<(n))) -#define FD_CLR(n, p) ((p)->fds_bits[0] &= ~(1<<(n))) -#define FD_ISSET(n, p) ((p)->fds_bits[0] & (1<<(n))) -#define FD_ZERO(p) ((p)->fds_bits[0] = 0) - -#endif diff --git a/telnet.tproj/general.h b/telnet.tproj/general.h deleted file mode 100644 index 4efa951..0000000 --- a/telnet.tproj/general.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)general.h 8.1 (Berkeley) 6/6/93 - */ - -/* - * Some general definitions. - */ - - -#define numberof(x) (sizeof x/sizeof x[0]) -#define highestof(x) (numberof(x)-1) - -#define ClearElement(x) memset((char *)&x, 0, sizeof x) -#define ClearArray(x) memset((char *)x, 0, sizeof x) diff --git a/telnet.tproj/krb4-proto.h b/telnet.tproj/krb4-proto.h deleted file mode 100644 index 9f3f0b0..0000000 --- a/telnet.tproj/krb4-proto.h +++ /dev/null @@ -1,230 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -#ifdef __STDC__ -# define P(s) s -#else -# define P(s) () -#endif - -/* add_ticket.c */ -int add_ticket P((KTEXT , int , char *, int , char *, char *, char *, int , KTEXT )); - -/* cr_err_reply.c */ -void cr_err_reply P((KTEXT , char *, char *, char *, u_long , u_long , char *)); - -/* create_auth_reply.c */ -KTEXT create_auth_reply P((char *, char *, char *, long , int , unsigned long , int , KTEXT )); - -/* create_ciph.c */ -int create_ciph P((KTEXT , C_Block , char *, char *, char *, unsigned long , int , KTEXT , unsigned long , C_Block )); - -/* create_death_packet.c */ -KTEXT krb_create_death_packet P((char *)); - -/* create_ticket.c */ -int krb_create_ticket P((KTEXT , unsigned int , char *, char *, char *, long , char *, int , long , char *, char *, C_Block )); - -/* debug_decl.c */ - -/* decomp_ticket.c */ -int decomp_ticket P((KTEXT , unsigned char *, char *, char *, char *, unsigned long *, C_Block , int *, unsigned long *, char *, char *, C_Block , Key_schedule )); - -/* dest_tkt.c */ -int dest_tkt P((void )); - -/* extract_ticket.c */ -int extract_ticket P((KTEXT , int , char *, int *, int *, char *, KTEXT )); - -/* fgetst.c */ -int fgetst P((FILE *, char *, int )); - -/* get_ad_tkt.c */ -int get_ad_tkt P((char *, char *, char *, int )); - -/* get_admhst.c */ -int krb_get_admhst P((char *, char *, int )); - -/* get_cred.c */ -int krb_get_cred P((char *, char *, char *, CREDENTIALS *)); - -/* get_in_tkt.c */ -int krb_get_pw_in_tkt P((char *, char *, char *, char *, char *, int , char *)); -int placebo_read_password P((des_cblock *, char *, int )); -int placebo_read_pw_string P((char *, int , char *, int )); - -/* get_krbhst.c */ -int krb_get_krbhst P((char *, char *, int )); - -/* get_krbrlm.c */ -int krb_get_lrealm P((char *, int )); - -/* get_phost.c */ -char *krb_get_phost P((char *)); - -/* get_pw_tkt.c */ -int get_pw_tkt P((char *, char *, char *, char *)); - -/* get_request.c */ -int get_request P((KTEXT , int , char **, char **)); - -/* get_svc_in_tkt.c */ -int krb_get_svc_in_tkt P((char *, char *, char *, char *, char *, int , char *)); - -/* get_tf_fullname.c */ -int krb_get_tf_fullname P((char *, char *, char *, char *)); - -/* get_tf_realm.c */ -int krb_get_tf_realm P((char *, char *)); - -/* getopt.c */ -int getopt P((int , char **, char *)); - -/* getrealm.c */ -char *krb_realmofhost P((char *)); - -/* getst.c */ -int getst P((int , char *, int )); - -/* in_tkt.c */ -int in_tkt P((char *, char *)); - -/* k_gethostname.c */ -int k_gethostname P((char *, int )); - -/* klog.c */ -char *klog P((int , char *, int , int , int , int , int , int , int , int , int , int )); -int kset_logfile P((char *)); - -/* kname_parse.c */ -int kname_parse P((char *, char *, char *, char *)); -int k_isname P((char *)); -int k_isinst P((char *)); -int k_isrealm P((char *)); - -/* kntoln.c */ -int krb_kntoln P((AUTH_DAT *, char *)); - -/* krb_err_txt.c */ - -/* krb_get_in_tkt.c */ -int krb_get_in_tkt P((char *, char *, char *, char *, char *, int , int (*key_proc )(), int (*decrypt_proc )(), char *)); - -/* kuserok.c */ -int kuserok P((AUTH_DAT *, char *)); - -/* log.c */ -void log P((char *, int , int , int , int , int , int , int , int , int , int )); -int set_logfile P((char *)); -int new_log P((long , char *)); - -/* mk_err.c */ -long krb_mk_err P((u_char *, long , char *)); - -/* mk_priv.c */ -long krb_mk_priv P((u_char *, u_char *, u_long , Key_schedule , C_Block , struct sockaddr_in *, struct sockaddr_in *)); - -/* mk_req.c */ -int krb_mk_req P((KTEXT , char *, char *, char *, long )); -int krb_set_lifetime P((int )); - -/* mk_safe.c */ -long krb_mk_safe P((u_char *, u_char *, u_long , C_Block *, struct sockaddr_in *, struct sockaddr_in *)); - -/* month_sname.c */ -char *month_sname P((int )); - -/* netread.c */ -int krb_net_read P((int , char *, int )); - -/* netwrite.c */ -int krb_net_write P((int , char *, int )); - -/* one.c */ - -/* pkt_cipher.c */ -KTEXT pkt_cipher P((KTEXT )); - -/* pkt_clen.c */ -int pkt_clen P((KTEXT )); - -/* rd_err.c */ -int krb_rd_err P((u_char *, u_long , long *, MSG_DAT *)); - -/* rd_priv.c */ -long krb_rd_priv P((u_char *, u_long , Key_schedule , C_Block , struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *)); - -/* rd_req.c */ -int krb_set_key P((char *, int )); -int krb_rd_req P((KTEXT , char *, char *, long , AUTH_DAT *, char *)); - -/* rd_safe.c */ -long krb_rd_safe P((u_char *, u_long , C_Block *, struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *)); - -/* read_service_key.c */ -int read_service_key P((char *, char *, char *, int , char *, char *)); - -/* recvauth.c */ -int krb_recvauth P((long , int , KTEXT , char *, char *, struct sockaddr_in *, struct sockaddr_in *, AUTH_DAT *, char *, Key_schedule , char *)); - -/* save_credentials.c */ -int save_credentials P((char *, char *, char *, C_Block , int , int , KTEXT , long )); - -/* send_to_kdc.c */ -int send_to_kdc P((KTEXT , KTEXT , char *)); - -/* sendauth.c */ -int krb_sendauth P((long , int , KTEXT , char *, char *, char *, u_long , MSG_DAT *, CREDENTIALS *, Key_schedule , struct sockaddr_in *, struct sockaddr_in *, char *)); -int krb_sendsvc P((int , char *)); - -/* setenv.c */ -int setenv P((char *, char *, int )); -void unsetenv P((char *)); -char *getenv P((char *)); -char *_findenv P((char *, int *)); - -/* stime.c */ -char *stime P((long *)); - -/* tf_shm.c */ -int krb_shm_create P((char *)); -int krb_is_diskless P((void )); -int krb_shm_dest P((char *)); - -/* tf_util.c */ -int tf_init P((char *, int )); -int tf_get_pname P((char *)); -int tf_get_pinst P((char *)); -int tf_get_cred P((CREDENTIALS *)); -int tf_close P((void )); -int tf_save_cred P((char *, char *, char *, C_Block , int , int , KTEXT , long )); - -/* tkt_string.c */ -char *tkt_string P((void )); -void krb_set_tkt_string P((char *)); - -/* util.c */ -int ad_print P((AUTH_DAT *)); -int placebo_cblock_print P((des_cblock )); - -#undef P diff --git a/telnet.tproj/main.c b/telnet.tproj/main.c deleted file mode 100644 index b19e735..0000000 --- a/telnet.tproj/main.c +++ /dev/null @@ -1,379 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -#ifdef __FBSDID -__FBSDID("$FreeBSD: src/crypto/telnet/telnet/main.c,v 1.4.2.5 2002/04/13 10:59:08 markm Exp $"); -#endif - -#ifndef lint -static const char sccsid[] = "@(#)main.c 8.3 (Berkeley) 5/30/95"; -#endif - -#include -#include -#include -#include -#include - -#include "ring.h" -#include "externs.h" -#include "defines.h" - -#ifdef AUTHENTICATION -#include -#endif -#ifdef ENCRYPTION -#include -#endif - -/* These values need to be the same as defined in libtelnet/kerberos5.c */ -/* Either define them in both places, or put in some common header file. */ -#define OPTS_FORWARD_CREDS 0x00000002 -#define OPTS_FORWARDABLE_CREDS 0x00000001 - -#if 0 -#define FORWARD -#endif - -#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) -char *ipsec_policy_in = NULL; -char *ipsec_policy_out = NULL; -#endif - -int family = AF_UNSPEC; - -/* - * Initialize variables. - */ -void -tninit(void) -{ - init_terminal(); - - init_network(); - - init_telnet(); - - init_sys(); -} - -static void -usage(void) -{ - fprintf(stderr, "Usage: %s %s%s%s%s\n", - prompt, -#ifdef AUTHENTICATION - "[-4] [-6] [-8] [-E] [-K] [-L] [-N] [-S tos] [-X atype] [-c] [-d]", - "\n\t[-e char] [-k realm] [-l user] [-f/-F] [-n tracefile] ", -#else - "[-4] [-6] [-8] [-E] [-L] [-N] [-S tos] [-c] [-d]", - "\n\t[-e char] [-l user] [-n tracefile] ", -#endif - "[-r] [-s src_addr] [-u] ", -#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) - "[-P policy] " -#endif -#ifdef ENCRYPTION - "[-y] [host-name [port]]" -#else /* ENCRYPTION */ - "[host-name [port]]" -#endif /* ENCRYPTION */ - ); - exit(1); -} - -/* - * main. Parse arguments, invoke the protocol or command parser. - */ - -int -main(int argc, char *argv[]) -{ - int ch; - char *user; - char *src_addr = NULL; -#ifdef FORWARD - extern int forward_flags; -#endif /* FORWARD */ - - tninit(); /* Clear out things */ - - TerminalSaveState(); - - if ((prompt = strrchr(argv[0], '/'))) - ++prompt; - else - prompt = argv[0]; - - user = NULL; - - rlogin = (strncmp(prompt, "rlog", 4) == 0) ? '~' : _POSIX_VDISABLE; -#ifdef AUTHENTICATION - autologin = 1; -#else - autologin = -1; -#endif - -#ifdef ENCRYPTION - encrypt_auto(1); - decrypt_auto(1); -#endif - -#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) -#define IPSECOPT "P:" -#else -#define IPSECOPT -#endif - while ((ch = getopt(argc, argv, - "468EKLNS:X:acde:fFk:l:n:rs:t:uxy" IPSECOPT)) != -1) -#undef IPSECOPT - { - switch(ch) { - case '4': - family = AF_INET; - break; -#ifdef INET6 - case '6': - family = AF_INET6; - break; -#endif - case '8': - eight = 3; /* binary output and input */ - break; - case 'E': - rlogin = escape = _POSIX_VDISABLE; - break; - case 'K': -#ifdef AUTHENTICATION - autologin = 0; -#endif - break; - case 'L': - eight |= 2; /* binary output only */ - break; - case 'N': - doaddrlookup = 0; - break; - case 'S': - { -#ifdef HAS_GETTOS - extern int tos; - - if ((tos = parsetos(optarg, "tcp")) < 0) - fprintf(stderr, "%s%s%s%s\n", - prompt, ": Bad TOS argument '", - optarg, - "; will try to use default TOS"); -#else - fprintf(stderr, - "%s: Warning: -S ignored, no parsetos() support.\n", - prompt); -#endif - } - break; - case 'X': -#ifdef AUTHENTICATION - auth_disable_name(optarg); -#endif - break; - case 'a': -#ifdef AUTHENTICATION - /* It's the default now, so ignore */ -#else - autologin = 1; -#endif - break; - case 'c': - skiprc = 1; - break; - case 'd': - debug = 1; - break; - case 'e': - set_escape_char(optarg); - break; - case 'f': -#ifdef AUTHENTICATION -#if defined(KRB5) && defined(FORWARD) - if (forward_flags & OPTS_FORWARD_CREDS) { - fprintf(stderr, - "%s: Only one of -f and -F allowed.\n", - prompt); - usage(); - } - forward_flags |= OPTS_FORWARD_CREDS; -#else - fprintf(stderr, - "%s: Warning: -f ignored, no Kerberos V5 support.\n", - prompt); -#endif -#else - fprintf(stderr, - "%s: Warning: -f ignored, no Kerberos V5 support.\n", - prompt); -#endif - break; - case 'F': -#ifdef AUTHENTICATION -#if defined(KRB5) && defined(FORWARD) - if (forward_flags & OPTS_FORWARD_CREDS) { - fprintf(stderr, - "%s: Only one of -f and -F allowed.\n", - prompt); - usage(); - } - forward_flags |= OPTS_FORWARD_CREDS; - forward_flags |= OPTS_FORWARDABLE_CREDS; -#else - fprintf(stderr, - "%s: Warning: -F ignored, no Kerberos V5 support.\n", - prompt); -#endif -#else - fprintf(stderr, - "%s: Warning: -F ignored, no Kerberos V5 support.\n", - prompt); -#endif - break; - case 'k': -#ifdef AUTHENTICATION -#if defined(KRB4) - { - extern char *dest_realm, dst_realm_buf[], dst_realm_sz; - dest_realm = dst_realm_buf; - (void)strncpy(dest_realm, optarg, dst_realm_sz); - } -#else - fprintf(stderr, - "%s: Warning: -k ignored, no Kerberos V4 support.\n", - prompt); -#endif -#else - fprintf(stderr, - "%s: Warning: -k ignored, no Kerberos V4 support.\n", - prompt); -#endif - break; - case 'l': -#ifdef AUTHENTICATION - /* This is the default now, so ignore it */ -#else - autologin = 1; -#endif - user = optarg; - break; - case 'n': - SetNetTrace(optarg); - break; - case 'r': - rlogin = '~'; - break; - case 's': - src_addr = optarg; - break; - case 'u': - family = AF_UNIX; - break; - case 'x': -#ifndef ENCRYPTION - fprintf(stderr, - "%s: Warning: -x ignored, no ENCRYPT support.\n", - prompt); -#endif /* ENCRYPTION */ - break; - case 'y': -#ifdef ENCRYPTION - encrypt_auto(0); - decrypt_auto(0); -#else - fprintf(stderr, - "%s: Warning: -y ignored, no ENCRYPT support.\n", - prompt); -#endif /* ENCRYPTION */ - break; -#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) - case 'P': - if (!strncmp("in", optarg, 2)) - ipsec_policy_in = strdup(optarg); - else if (!strncmp("out", optarg, 3)) - ipsec_policy_out = strdup(optarg); - else - usage(); - break; -#endif - case '?': - default: - usage(); - /* NOTREACHED */ - } - } - if (autologin == -1) - autologin = (rlogin == _POSIX_VDISABLE) ? 0 : 1; - - argc -= optind; - argv += optind; - - if (argc) { - char *args[9], **argp = args; - - if (argc > 2) - usage(); - *argp++ = prompt; - if (user) { - *argp++ = strdup("-l"); - *argp++ = user; - } - if (src_addr) { - *argp++ = strdup("-s"); - *argp++ = src_addr; - } - *argp++ = argv[0]; /* host */ - if (argc > 1) - *argp++ = argv[1]; /* port */ - *argp = 0; - - if (setjmp(toplevel) != 0) - Exit(0); - if (tn(argp - args, args) == 1) - return (0); - else - return (1); - } - (void)setjmp(toplevel); - for (;;) { - command(1, 0, 0); - } - return 0; -} diff --git a/telnet.tproj/misc-proto.h b/telnet.tproj/misc-proto.h deleted file mode 100644 index 511a1bf..0000000 --- a/telnet.tproj/misc-proto.h +++ /dev/null @@ -1,80 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)misc-proto.h 8.1 (Berkeley) 6/4/93 - * $FreeBSD: src/crypto/telnet/libtelnet/misc-proto.h,v 1.1.1.1.8.1 2002/04/13 10:59:07 markm Exp $ - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef __MISC_PROTO__ -#define __MISC_PROTO__ - -void auth_encrypt_init(char *, char *, const char *, int); -void auth_encrypt_connect(int); -void printd(const unsigned char *, int); - -int isprefix(char *, const char *); -char **genget(char *, char **, int); -int Ambiguous(char **); - -int getent(char *, const char *); -char *Getstr(const char *, char **); - -/* - * These functions are imported from the application - */ -int net_write(unsigned char *, int); -void net_encrypt(void); -int telnet_spin(void); -char *telnet_getenv(char *); -char *telnet_gets(const char *, char *, int, int); -void printsub(char, unsigned char *, int); -#endif diff --git a/telnet.tproj/misc.h b/telnet.tproj/misc.h deleted file mode 100644 index 41ffa7f..0000000 --- a/telnet.tproj/misc.h +++ /dev/null @@ -1,42 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)misc.h 8.1 (Berkeley) 6/4/93 - */ - -extern char *UserNameRequested; -extern char *LocalHostName; -extern char *RemoteHostName; -extern int ConnectedCount; -extern int ReservedPort; - -#include "misc-proto.h" diff --git a/telnet.tproj/network.c b/telnet.tproj/network.c deleted file mode 100644 index 800b896..0000000 --- a/telnet.tproj/network.c +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -#ifdef __FBSDID -__FBSDID("$FreeBSD: src/crypto/telnet/telnet/network.c,v 1.2.8.2 2002/04/13 10:59:08 markm Exp $"); -#endif - -#ifndef lint -static const char sccsid[] = "@(#)network.c 8.2 (Berkeley) 12/15/93"; -#endif - -#include -#include -#include - -#include - -#include -#include - -#include "ring.h" - -#include "defines.h" -#include "externs.h" -#include "fdset.h" - -Ring netoring, netiring; -unsigned char netobuf[2*BUFSIZ], netibuf[BUFSIZ]; - -/* - * Initialize internal network data structures. - */ - -void -init_network(void) -{ - if (ring_init(&netoring, netobuf, sizeof netobuf) != 1) { - exit(1); - } - if (ring_init(&netiring, netibuf, sizeof netibuf) != 1) { - exit(1); - } - NetTrace = stdout; -} - - -/* - * Check to see if any out-of-band data exists on a socket (for - * Telnet "synch" processing). - */ - -int -stilloob(void) -{ - static struct timeval timeout = { 0, 0 }; - fd_set excepts; - int value; - - do { - FD_ZERO(&excepts); - FD_SET(net, &excepts); - value = select(net+1, (fd_set *)0, (fd_set *)0, &excepts, &timeout); - } while ((value == -1) && (errno == EINTR)); - - if (value < 0) { - perror("select"); - (void) quit(); - /* NOTREACHED */ - } - if (FD_ISSET(net, &excepts)) { - return 1; - } else { - return 0; - } -} - - -/* - * setneturg() - * - * Sets "neturg" to the current location. - */ - -void -setneturg(void) -{ - ring_mark(&netoring); -} - - -/* - * netflush - * Send as much data as possible to the network, - * handling requests for urgent data. - * - * The return value indicates whether we did any - * useful work. - */ - -int -netflush(void) -{ - int n, n1; - -#ifdef ENCRYPTION - if (encrypt_output) - ring_encrypt(&netoring, encrypt_output); -#endif /* ENCRYPTION */ - if ((n1 = n = ring_full_consecutive(&netoring)) > 0) { - if (!ring_at_mark(&netoring)) { - n = send(net, (char *)netoring.consume, n, 0); /* normal write */ - } else { - /* - * In 4.2 (and 4.3) systems, there is some question about - * what byte in a sendOOB operation is the "OOB" data. - * To make ourselves compatible, we only send ONE byte - * out of band, the one WE THINK should be OOB (though - * we really have more the TCP philosophy of urgent data - * rather than the Unix philosophy of OOB data). - */ - n = send(net, (char *)netoring.consume, 1, MSG_OOB);/* URGENT data */ - } - } - if (n < 0) { - if (errno != ENOBUFS && errno != EWOULDBLOCK) { - setcommandmode(); - perror(hostname); - (void)NetClose(net); - ring_clear_mark(&netoring); - longjmp(peerdied, -1); - /*NOTREACHED*/ - } - n = 0; - } - if (netdata && n) { - Dump('>', netoring.consume, n); - } - if (n) { - ring_consumed(&netoring, n); - /* - * If we sent all, and more to send, then recurse to pick - * up the other half. - */ - if ((n1 == n) && ring_full_consecutive(&netoring)) { - (void) netflush(); - } - return 1; - } else { - return 0; - } -} diff --git a/telnet.tproj/ring.c b/telnet.tproj/ring.c deleted file mode 100644 index d5e353f..0000000 --- a/telnet.tproj/ring.c +++ /dev/null @@ -1,324 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -#ifdef __FBSDID -__FBSDID("$FreeBSD: src/crypto/telnet/telnet/ring.c,v 1.2.8.2 2002/04/13 10:59:08 markm Exp $"); -#endif - -#ifndef lint -static const char sccsid[] = "@(#)ring.c 8.2 (Berkeley) 5/30/95"; -#endif - -/* - * This defines a structure for a ring buffer. - * - * The circular buffer has two parts: - *((( - * full: [consume, supply) - * empty: [supply, consume) - *]]] - * - */ - -#include -#include -#include - -#ifdef size_t -#undef size_t -#endif - -#include -#ifndef FILIO_H -#include -#endif -#include - -#include "ring.h" -#include "general.h" - -/* Internal macros */ - -#if !defined(MIN) -#define MIN(a,b) (((a)<(b))? (a):(b)) -#endif /* !defined(MIN) */ - -#define ring_subtract(d,a,b) (((a)-(b) >= 0)? \ - (a)-(b): (((a)-(b))+(d)->size)) - -#define ring_increment(d,a,c) (((a)+(c) < (d)->top)? \ - (a)+(c) : (((a)+(c))-(d)->size)) - -#define ring_decrement(d,a,c) (((a)-(c) >= (d)->bottom)? \ - (a)-(c) : (((a)-(c))-(d)->size)) - - -/* - * The following is a clock, used to determine full, empty, etc. - * - * There is some trickiness here. Since the ring buffers are initialized - * to ZERO on allocation, we need to make sure, when interpreting the - * clock, that when the times are EQUAL, then the buffer is FULL. - */ -static u_long ring_clock = 0; - - -#define ring_empty(d) (((d)->consume == (d)->supply) && \ - ((d)->consumetime >= (d)->supplytime)) -#define ring_full(d) (((d)->supply == (d)->consume) && \ - ((d)->supplytime > (d)->consumetime)) - -/* Buffer state transition routines */ - -int -ring_init(Ring *ring, unsigned char *buffer, int count) -{ - memset((char *)ring, 0, sizeof *ring); - - ring->size = count; - - ring->supply = ring->consume = ring->bottom = buffer; - - ring->top = ring->bottom+ring->size; - -#ifdef ENCRYPTION - ring->clearto = 0; -#endif /* ENCRYPTION */ - - return 1; -} - -/* Mark routines */ - -/* - * Mark the most recently supplied byte. - */ - -void -ring_mark(Ring *ring) -{ - ring->mark = ring_decrement(ring, ring->supply, 1); -} - -/* - * Is the ring pointing to the mark? - */ - -int -ring_at_mark(Ring *ring) -{ - if (ring->mark == ring->consume) { - return 1; - } else { - return 0; - } -} - -/* - * Clear any mark set on the ring. - */ - -void -ring_clear_mark(Ring *ring) -{ - ring->mark = 0; -} - -/* - * Add characters from current segment to ring buffer. - */ -void -ring_supplied(Ring *ring, int count) -{ - ring->supply = ring_increment(ring, ring->supply, count); - ring->supplytime = ++ring_clock; -} - -/* - * We have just consumed "c" bytes. - */ -void -ring_consumed(Ring *ring, int count) -{ - if (count == 0) /* don't update anything */ - return; - - if (ring->mark && - (ring_subtract(ring, ring->mark, ring->consume) < count)) { - ring->mark = 0; - } -#ifdef ENCRYPTION - if (ring->consume < ring->clearto && - ring->clearto <= ring->consume + count) - ring->clearto = 0; - else if (ring->consume + count > ring->top && - ring->bottom <= ring->clearto && - ring->bottom + ((ring->consume + count) - ring->top)) - ring->clearto = 0; -#endif /* ENCRYPTION */ - ring->consume = ring_increment(ring, ring->consume, count); - ring->consumetime = ++ring_clock; - /* - * Try to encourage "ring_empty_consecutive()" to be large. - */ - if (ring_empty(ring)) { - ring->consume = ring->supply = ring->bottom; - } -} - - - -/* Buffer state query routines */ - - -/* Number of bytes that may be supplied */ -int -ring_empty_count(Ring *ring) -{ - if (ring_empty(ring)) { /* if empty */ - return ring->size; - } else { - return ring_subtract(ring, ring->consume, ring->supply); - } -} - -/* number of CONSECUTIVE bytes that may be supplied */ -int -ring_empty_consecutive(Ring *ring) -{ - if ((ring->consume < ring->supply) || ring_empty(ring)) { - /* - * if consume is "below" supply, or empty, then - * return distance to the top - */ - return ring_subtract(ring, ring->top, ring->supply); - } else { - /* - * else, return what we may. - */ - return ring_subtract(ring, ring->consume, ring->supply); - } -} - -/* Return the number of bytes that are available for consuming - * (but don't give more than enough to get to cross over set mark) - */ - -int -ring_full_count(Ring *ring) -{ - if ((ring->mark == 0) || (ring->mark == ring->consume)) { - if (ring_full(ring)) { - return ring->size; /* nothing consumed, but full */ - } else { - return ring_subtract(ring, ring->supply, ring->consume); - } - } else { - return ring_subtract(ring, ring->mark, ring->consume); - } -} - -/* - * Return the number of CONSECUTIVE bytes available for consuming. - * However, don't return more than enough to cross over set mark. - */ -int -ring_full_consecutive(Ring *ring) -{ - if ((ring->mark == 0) || (ring->mark == ring->consume)) { - if ((ring->supply < ring->consume) || ring_full(ring)) { - return ring_subtract(ring, ring->top, ring->consume); - } else { - return ring_subtract(ring, ring->supply, ring->consume); - } - } else { - if (ring->mark < ring->consume) { - return ring_subtract(ring, ring->top, ring->consume); - } else { /* Else, distance to mark */ - return ring_subtract(ring, ring->mark, ring->consume); - } - } -} - -/* - * Move data into the "supply" portion of of the ring buffer. - */ -void -ring_supply_data(Ring *ring, unsigned char *buffer, int count) -{ - int i; - - while (count) { - i = MIN(count, ring_empty_consecutive(ring)); - memcpy(ring->supply, buffer, i); - ring_supplied(ring, i); - count -= i; - buffer += i; - } -} - -#ifdef ENCRYPTION -void -ring_encrypt(Ring *ring, void (*encryptor)(unsigned char *, int)) -{ - unsigned char *s, *c; - - if (ring_empty(ring) || ring->clearto == ring->supply) - return; - - if (!(c = ring->clearto)) - c = ring->consume; - - s = ring->supply; - - if (s <= c) { - (*encryptor)(c, ring->top - c); - (*encryptor)(ring->bottom, s - ring->bottom); - } else - (*encryptor)(c, s - c); - - ring->clearto = ring->supply; -} - - void -ring_clearto(ring) - Ring *ring; -{ - if (!ring_empty(ring)) - ring->clearto = ring->supply; - else - ring->clearto = 0; -} -#endif /* ENCRYPTION */ diff --git a/telnet.tproj/ring.h b/telnet.tproj/ring.h deleted file mode 100644 index 57b3ab4..0000000 --- a/telnet.tproj/ring.h +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ring.h 8.1 (Berkeley) 6/6/93 - * $FreeBSD: src/crypto/telnet/telnet/ring.h,v 1.1.1.1.8.1 2002/04/13 10:59:08 markm Exp $ - */ - -#if defined(P) -# undef P -#endif - -#if defined(__STDC__) || defined(LINT_ARGS) -# define P(x) x -#else -# define P(x) () -#endif - -/* - * This defines a structure for a ring buffer. - * - * The circular buffer has two parts: - *((( - * full: [consume, supply) - * empty: [supply, consume) - *]]] - * - */ -typedef struct { - unsigned char *consume, /* where data comes out of */ - *supply, /* where data comes in to */ - *bottom, /* lowest address in buffer */ - *top, /* highest address+1 in buffer */ - *mark; /* marker (user defined) */ -#ifdef ENCRYPTION - unsigned char *clearto; /* Data to this point is clear text */ - unsigned char *encryyptedto; /* Data is encrypted to here */ -#endif /* ENCRYPTION */ - int size; /* size in bytes of buffer */ - u_long consumetime, /* help us keep straight full, empty, etc. */ - supplytime; -} Ring; - -/* Here are some functions and macros to deal with the ring buffer */ - -/* Initialization routine */ -extern int - ring_init(Ring *ring, unsigned char *buffer, int count); - -/* Data movement routines */ -extern void - ring_supply_data(Ring *ring, unsigned char *buffer, int count); -#ifdef notdef -extern void - ring_consume_data(Ring *ring, unsigned char *buffer, int count); -#endif - -/* Buffer state transition routines */ -extern void - ring_supplied(Ring *ring, int count), - ring_consumed(Ring *ring, int count); - -/* Buffer state query routines */ -extern int - ring_at_mark(Ring *), - ring_empty_count(Ring *ring), - ring_empty_consecutive(Ring *ring), - ring_full_count(Ring *ring), - ring_full_consecutive(Ring *ring); - -#ifdef ENCRYPTION -extern void - ring_encrypt(Ring *ring, void (*func)(unsigned char *, int)), - ring_clearto(Ring *ring); -#endif /* ENCRYPTION */ - -extern void - ring_clear_mark(Ring *), - ring_mark(Ring *); diff --git a/telnet.tproj/sys_bsd.c b/telnet.tproj/sys_bsd.c deleted file mode 100644 index b5ea433..0000000 --- a/telnet.tproj/sys_bsd.c +++ /dev/null @@ -1,1151 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include - -#ifdef __FBSDID -__FBSDID("$FreeBSD: src/crypto/telnet/telnet/sys_bsd.c,v 1.2.8.4 2002/04/13 10:59:08 markm Exp $"); -#endif - -#ifndef __unused -#define __unused __attribute__((__unused__)) -#endif - -#ifndef lint -static const char sccsid[] = "@(#)sys_bsd.c 8.4 (Berkeley) 5/30/95"; -#endif - -/* - * The following routines try to encapsulate what is system dependent - * (at least between 4.x and dos) which is used in telnet.c. - */ - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "ring.h" -#include "fdset.h" -#include "defines.h" -#include "externs.h" -#include "types.h" - -int - tout, /* Output file descriptor */ - tin, /* Input file descriptor */ - net; - -#ifndef USE_TERMIO -struct tchars otc = { 0 }, ntc = { 0 }; -struct ltchars oltc = { 0 }, nltc = { 0 }; -struct sgttyb ottyb = { 0 }, nttyb = { 0 }; -int olmode = 0; -# define cfgetispeed(ptr) (ptr)->sg_ispeed -# define cfgetospeed(ptr) (ptr)->sg_ospeed -# define old_tc ottyb - -#else /* USE_TERMIO */ -struct termio old_tc = { 0, 0, 0, 0, {}, 0, 0 }; - -# ifndef TCSANOW -# ifdef TCSETS -# define TCSANOW TCSETS -# define TCSADRAIN TCSETSW -# define tcgetattr(f, t) ioctl(f, TCGETS, (char *)t) -# else -# ifdef TCSETA -# define TCSANOW TCSETA -# define TCSADRAIN TCSETAW -# define tcgetattr(f, t) ioctl(f, TCGETA, (char *)t) -# else -# define TCSANOW TIOCSETA -# define TCSADRAIN TIOCSETAW -# define tcgetattr(f, t) ioctl(f, TIOCGETA, (char *)t) -# endif -# endif -# define tcsetattr(f, a, t) ioctl(f, a, (char *)t) -# define cfgetospeed(ptr) ((ptr)->c_cflag&CBAUD) -# ifdef CIBAUD -# define cfgetispeed(ptr) (((ptr)->c_cflag&CIBAUD) >> IBSHIFT) -# else -# define cfgetispeed(ptr) cfgetospeed(ptr) -# endif -# endif /* TCSANOW */ -# ifdef sysV88 -# define TIOCFLUSH TC_PX_DRAIN -# endif -#endif /* USE_TERMIO */ - -static fd_set *ibitsp, *obitsp, *xbitsp; -int fdsn; - -#ifdef SIGINT -static SIG_FUNC_RET intr(int); -#endif /* SIGINT */ -#ifdef SIGQUIT -static SIG_FUNC_RET intr2(int); -#endif /* SIGQUIT */ -#ifdef SIGTSTP -static SIG_FUNC_RET susp(int); -#endif /* SIGTSTP */ -#ifdef SIGINFO -static SIG_FUNC_RET ayt(int); -#endif - -void -init_sys(void) -{ - tout = fileno(stdout); - tin = fileno(stdin); - errno = 0; -} - -int -TerminalWrite(char *buf, int n) -{ - return write(tout, buf, n); -} - -int -TerminalRead(char *buf, int n) -{ - return read(tin, buf, n); -} - -/* - * - */ - -int -TerminalAutoFlush(void) -{ -#if defined(LNOFLSH) - int flush; - - ioctl(0, TIOCLGET, (char *)&flush); - return !(flush&LNOFLSH); /* if LNOFLSH, no autoflush */ -#else /* LNOFLSH */ - return 1; -#endif /* LNOFLSH */ -} - -#ifdef KLUDGELINEMODE -extern int kludgelinemode; -#endif -/* - * TerminalSpecialChars() - * - * Look at an input character to see if it is a special character - * and decide what to do. - * - * Output: - * - * 0 Don't add this character. - * 1 Do add this character - */ - -int -TerminalSpecialChars(int c) -{ - if (c == termIntChar) { - intp(); - return 0; - } else if (c == termQuitChar) { -#ifdef KLUDGELINEMODE - if (kludgelinemode) - sendbrk(); - else -#endif - sendabort(); - return 0; - } else if (c == termEofChar) { - if (my_want_state_is_will(TELOPT_LINEMODE)) { - sendeof(); - return 0; - } - return 1; - } else if (c == termSuspChar) { - sendsusp(); - return(0); - } else if (c == termFlushChar) { - xmitAO(); /* Transmit Abort Output */ - return 0; - } else if (!MODE_LOCAL_CHARS(globalmode)) { - if (c == termKillChar) { - xmitEL(); - return 0; - } else if (c == termEraseChar) { - xmitEC(); /* Transmit Erase Character */ - return 0; - } - } - return 1; -} - - -/* - * Flush output to the terminal - */ - -void -TerminalFlushOutput(void) -{ -#ifdef TIOCFLUSH - (void) ioctl(fileno(stdout), TIOCFLUSH, (char *) 0); -#else - (void) ioctl(fileno(stdout), TCFLSH, (char *) 0); -#endif -} - -void -TerminalSaveState(void) -{ -#ifndef USE_TERMIO - ioctl(0, TIOCGETP, (char *)&ottyb); - ioctl(0, TIOCGETC, (char *)&otc); - ioctl(0, TIOCGLTC, (char *)&oltc); - ioctl(0, TIOCLGET, (char *)&olmode); - - ntc = otc; - nltc = oltc; - nttyb = ottyb; - -#else /* USE_TERMIO */ - tcgetattr(0, &old_tc); - - new_tc = old_tc; - -#ifndef VDISCARD - termFlushChar = CONTROL('O'); -#endif -#ifndef VWERASE - termWerasChar = CONTROL('W'); -#endif -#ifndef VREPRINT - termRprntChar = CONTROL('R'); -#endif -#ifndef VLNEXT - termLiteralNextChar = CONTROL('V'); -#endif -#ifndef VSTART - termStartChar = CONTROL('Q'); -#endif -#ifndef VSTOP - termStopChar = CONTROL('S'); -#endif -#ifndef VSTATUS - termAytChar = CONTROL('T'); -#endif -#endif /* USE_TERMIO */ -} - -cc_t * -tcval(int func) -{ - switch(func) { - case SLC_IP: return(&termIntChar); - case SLC_ABORT: return(&termQuitChar); - case SLC_EOF: return(&termEofChar); - case SLC_EC: return(&termEraseChar); - case SLC_EL: return(&termKillChar); - case SLC_XON: return(&termStartChar); - case SLC_XOFF: return(&termStopChar); - case SLC_FORW1: return(&termForw1Char); -#ifdef USE_TERMIO - case SLC_FORW2: return(&termForw2Char); -# ifdef VDISCARD - case SLC_AO: return(&termFlushChar); -# endif -# ifdef VSUSP - case SLC_SUSP: return(&termSuspChar); -# endif -# ifdef VWERASE - case SLC_EW: return(&termWerasChar); -# endif -# ifdef VREPRINT - case SLC_RP: return(&termRprntChar); -# endif -# ifdef VLNEXT - case SLC_LNEXT: return(&termLiteralNextChar); -# endif -# ifdef VSTATUS - case SLC_AYT: return(&termAytChar); -# endif -#endif - - case SLC_SYNCH: - case SLC_BRK: - case SLC_EOR: - default: - return((cc_t *)0); - } -} - -void -TerminalDefaultChars(void) -{ -#ifndef USE_TERMIO - ntc = otc; - nltc = oltc; - nttyb.sg_kill = ottyb.sg_kill; - nttyb.sg_erase = ottyb.sg_erase; -#else /* USE_TERMIO */ - memcpy(new_tc.c_cc, old_tc.c_cc, sizeof(old_tc.c_cc)); -# ifndef VDISCARD - termFlushChar = CONTROL('O'); -# endif -# ifndef VWERASE - termWerasChar = CONTROL('W'); -# endif -# ifndef VREPRINT - termRprntChar = CONTROL('R'); -# endif -# ifndef VLNEXT - termLiteralNextChar = CONTROL('V'); -# endif -# ifndef VSTART - termStartChar = CONTROL('Q'); -# endif -# ifndef VSTOP - termStopChar = CONTROL('S'); -# endif -# ifndef VSTATUS - termAytChar = CONTROL('T'); -# endif -#endif /* USE_TERMIO */ -} - -/* - * TerminalNewMode - set up terminal to a specific mode. - * MODE_ECHO: do local terminal echo - * MODE_FLOW: do local flow control - * MODE_TRAPSIG: do local mapping to TELNET IAC sequences - * MODE_EDIT: do local line editing - * - * Command mode: - * MODE_ECHO|MODE_EDIT|MODE_FLOW|MODE_TRAPSIG - * local echo - * local editing - * local xon/xoff - * local signal mapping - * - * Linemode: - * local/no editing - * Both Linemode and Single Character mode: - * local/remote echo - * local/no xon/xoff - * local/no signal mapping - */ - -void -TerminalNewMode(int f) -{ - static int prevmode = 0; -#ifndef USE_TERMIO - struct tchars tc; - struct ltchars ltc; - struct sgttyb sb; - int lmode; -#else /* USE_TERMIO */ - struct termio tmp_tc; -#endif /* USE_TERMIO */ - int onoff; - int old; - cc_t esc; - - globalmode = f&~MODE_FORCE; - if (prevmode == f) - return; - - /* - * Write any outstanding data before switching modes - * ttyflush() returns 0 only when there is no more data - * left to write out, it returns -1 if it couldn't do - * anything at all, otherwise it returns 1 + the number - * of characters left to write. -#ifndef USE_TERMIO - * We would really like ask the kernel to wait for the output - * to drain, like we can do with the TCSADRAIN, but we don't have - * that option. The only ioctl that waits for the output to - * drain, TIOCSETP, also flushes the input queue, which is NOT - * what we want (TIOCSETP is like TCSADFLUSH). -#endif - */ - old = ttyflush(SYNCHing|flushout); - if (old < 0 || old > 1) { -#ifdef USE_TERMIO - tcgetattr(tin, &tmp_tc); -#endif /* USE_TERMIO */ - do { - /* - * Wait for data to drain, then flush again. - */ -#ifdef USE_TERMIO - tcsetattr(tin, TCSADRAIN, &tmp_tc); -#endif /* USE_TERMIO */ - old = ttyflush(SYNCHing|flushout); - } while (old < 0 || old > 1); - } - - old = prevmode; - prevmode = f&~MODE_FORCE; -#ifndef USE_TERMIO - sb = nttyb; - tc = ntc; - ltc = nltc; - lmode = olmode; -#else - tmp_tc = new_tc; -#endif - - if (f&MODE_ECHO) { -#ifndef USE_TERMIO - sb.sg_flags |= ECHO; -#else - tmp_tc.c_lflag |= ECHO; - tmp_tc.c_oflag |= ONLCR; - if (crlf) - tmp_tc.c_iflag |= ICRNL; -#endif - } else { -#ifndef USE_TERMIO - sb.sg_flags &= ~ECHO; -#else - tmp_tc.c_lflag &= ~ECHO; - tmp_tc.c_oflag &= ~ONLCR; -#endif - } - - if ((f&MODE_FLOW) == 0) { -#ifndef USE_TERMIO - tc.t_startc = _POSIX_VDISABLE; - tc.t_stopc = _POSIX_VDISABLE; -#else - tmp_tc.c_iflag &= ~(IXOFF|IXON); /* Leave the IXANY bit alone */ - } else { - if (restartany < 0) { - tmp_tc.c_iflag |= IXOFF|IXON; /* Leave the IXANY bit alone */ - } else if (restartany > 0) { - tmp_tc.c_iflag |= IXOFF|IXON|IXANY; - } else { - tmp_tc.c_iflag |= IXOFF|IXON; - tmp_tc.c_iflag &= ~IXANY; - } -#endif - } - - if ((f&MODE_TRAPSIG) == 0) { -#ifndef USE_TERMIO - tc.t_intrc = _POSIX_VDISABLE; - tc.t_quitc = _POSIX_VDISABLE; - tc.t_eofc = _POSIX_VDISABLE; - ltc.t_suspc = _POSIX_VDISABLE; - ltc.t_dsuspc = _POSIX_VDISABLE; -#else - tmp_tc.c_lflag &= ~ISIG; -#endif - localchars = 0; - } else { -#ifdef USE_TERMIO - tmp_tc.c_lflag |= ISIG; -#endif - localchars = 1; - } - - if (f&MODE_EDIT) { -#ifndef USE_TERMIO - sb.sg_flags &= ~CBREAK; - sb.sg_flags |= CRMOD; -#else - tmp_tc.c_lflag |= ICANON; -#endif - } else { -#ifndef USE_TERMIO - sb.sg_flags |= CBREAK; - if (f&MODE_ECHO) - sb.sg_flags |= CRMOD; - else - sb.sg_flags &= ~CRMOD; -#else - tmp_tc.c_lflag &= ~ICANON; - tmp_tc.c_iflag &= ~ICRNL; - tmp_tc.c_cc[VMIN] = 1; - tmp_tc.c_cc[VTIME] = 0; -#endif - } - - if ((f&(MODE_EDIT|MODE_TRAPSIG)) == 0) { -#ifndef USE_TERMIO - ltc.t_lnextc = _POSIX_VDISABLE; -#else -# ifdef VLNEXT - tmp_tc.c_cc[VLNEXT] = (cc_t)(_POSIX_VDISABLE); -# endif -#endif - } - - if (f&MODE_SOFT_TAB) { -#ifndef USE_TERMIO - sb.sg_flags |= XTABS; -#else -# ifdef OXTABS - tmp_tc.c_oflag |= OXTABS; -# endif -# ifdef TABDLY - tmp_tc.c_oflag &= ~TABDLY; - tmp_tc.c_oflag |= TAB3; -# endif -#endif - } else { -#ifndef USE_TERMIO - sb.sg_flags &= ~XTABS; -#else -# ifdef OXTABS - tmp_tc.c_oflag &= ~OXTABS; -# endif -# ifdef TABDLY - tmp_tc.c_oflag &= ~TABDLY; -# endif -#endif - } - - if (f&MODE_LIT_ECHO) { -#ifndef USE_TERMIO - lmode &= ~LCTLECH; -#else -# ifdef ECHOCTL - tmp_tc.c_lflag &= ~ECHOCTL; -# endif -#endif - } else { -#ifndef USE_TERMIO - lmode |= LCTLECH; -#else -# ifdef ECHOCTL - tmp_tc.c_lflag |= ECHOCTL; -# endif -#endif - } - - if (f == -1) { - onoff = 0; - } else { -#ifndef USE_TERMIO - if (f & MODE_OUTBIN) - lmode |= LLITOUT; - else - lmode &= ~LLITOUT; - - if (f & MODE_INBIN) - lmode |= LPASS8; - else - lmode &= ~LPASS8; -#else - if (f & MODE_INBIN) - tmp_tc.c_iflag &= ~ISTRIP; - else - tmp_tc.c_iflag |= ISTRIP; - if (f & MODE_OUTBIN) { - tmp_tc.c_cflag &= ~(CSIZE|PARENB); - tmp_tc.c_cflag |= CS8; - tmp_tc.c_oflag &= ~OPOST; - } else { - tmp_tc.c_cflag &= ~(CSIZE|PARENB); - tmp_tc.c_cflag |= old_tc.c_cflag & (CSIZE|PARENB); - tmp_tc.c_oflag |= OPOST; - } -#endif - onoff = 1; - } - - if (f != -1) { -#ifdef SIGINT - (void) signal(SIGINT, intr); -#endif -#ifdef SIGQUIT - (void) signal(SIGQUIT, intr2); -#endif -#ifdef SIGTSTP - (void) signal(SIGTSTP, susp); -#endif /* SIGTSTP */ -#ifdef SIGINFO - (void) signal(SIGINFO, ayt); -#endif -#if defined(USE_TERMIO) && defined(NOKERNINFO) - tmp_tc.c_lflag |= NOKERNINFO; -#endif - /* - * We don't want to process ^Y here. It's just another - * character that we'll pass on to the back end. It has - * to process it because it will be processed when the - * user attempts to read it, not when we send it. - */ -#ifndef USE_TERMIO - ltc.t_dsuspc = _POSIX_VDISABLE; -#else -# ifdef VDSUSP - tmp_tc.c_cc[VDSUSP] = (cc_t)(_POSIX_VDISABLE); -# endif -#endif -#ifdef USE_TERMIO - /* - * If the VEOL character is already set, then use VEOL2, - * otherwise use VEOL. - */ - esc = (rlogin != _POSIX_VDISABLE) ? rlogin : escape; - if ((tmp_tc.c_cc[VEOL] != esc) -# ifdef VEOL2 - && (tmp_tc.c_cc[VEOL2] != esc) -# endif - ) { - if (tmp_tc.c_cc[VEOL] == (cc_t)(_POSIX_VDISABLE)) - tmp_tc.c_cc[VEOL] = esc; -# ifdef VEOL2 - else if (tmp_tc.c_cc[VEOL2] == (cc_t)(_POSIX_VDISABLE)) - tmp_tc.c_cc[VEOL2] = esc; -# endif - } -#else - if (tc.t_brkc == (cc_t)(_POSIX_VDISABLE)) - tc.t_brkc = esc; -#endif - } else { -#ifdef SIGINFO - (void) signal(SIGINFO, (void (*)(int))ayt_status); -#endif -#ifdef SIGINT - (void) signal(SIGINT, SIG_DFL); -#endif -#ifdef SIGQUIT - (void) signal(SIGQUIT, SIG_DFL); -#endif -#ifdef SIGTSTP - (void) signal(SIGTSTP, SIG_DFL); -# ifndef SOLARIS - (void) sigsetmask(sigblock(0) & ~(1<<(SIGTSTP-1))); -# else SOLARIS - (void) sigrelse(SIGTSTP); -# endif SOLARIS -#endif /* SIGTSTP */ -#ifndef USE_TERMIO - ltc = oltc; - tc = otc; - sb = ottyb; - lmode = olmode; -#else - tmp_tc = old_tc; -#endif - } -#ifndef USE_TERMIO - ioctl(tin, TIOCLSET, (char *)&lmode); - ioctl(tin, TIOCSLTC, (char *)<c); - ioctl(tin, TIOCSETC, (char *)&tc); - ioctl(tin, TIOCSETN, (char *)&sb); -#else - if (tcsetattr(tin, TCSADRAIN, &tmp_tc) < 0) - tcsetattr(tin, TCSANOW, &tmp_tc); -#endif - - ioctl(tin, FIONBIO, (char *)&onoff); - ioctl(tout, FIONBIO, (char *)&onoff); - -} - -/* - * Try to guess whether speeds are "encoded" (4.2BSD) or just numeric (4.4BSD). - */ -#if B4800 != 4800 -#define DECODE_BAUD -#endif - -#ifdef DECODE_BAUD -#ifndef B7200 -#define B7200 B4800 -#endif - -#ifndef B14400 -#define B14400 B9600 -#endif - -#ifndef B19200 -# define B19200 B14400 -#endif - -#ifndef B28800 -#define B28800 B19200 -#endif - -#ifndef B38400 -# define B38400 B28800 -#endif - -#ifndef B57600 -#define B57600 B38400 -#endif - -#ifndef B76800 -#define B76800 B57600 -#endif - -#ifndef B115200 -#define B115200 B76800 -#endif - -#ifndef B230400 -#define B230400 B115200 -#endif - - -/* - * This code assumes that the values B0, B50, B75... - * are in ascending order. They do not have to be - * contiguous. - */ -struct termspeeds { - long speed; - long value; -} termspeeds[] = { - { 0, B0 }, { 50, B50 }, { 75, B75 }, - { 110, B110 }, { 134, B134 }, { 150, B150 }, - { 200, B200 }, { 300, B300 }, { 600, B600 }, - { 1200, B1200 }, { 1800, B1800 }, { 2400, B2400 }, - { 4800, B4800 }, { 7200, B7200 }, { 9600, B9600 }, - { 14400, B14400 }, { 19200, B19200 }, { 28800, B28800 }, - { 38400, B38400 }, { 57600, B57600 }, { 115200, B115200 }, - { 230400, B230400 }, { -1, B230400 } -}; -#endif /* DECODE_BAUD */ - -void -TerminalSpeeds(long *ispeed, long *ospeed) -{ -#ifdef DECODE_BAUD - struct termspeeds *tp; -#endif /* DECODE_BAUD */ - long in, out; - - out = cfgetospeed(&old_tc); - in = cfgetispeed(&old_tc); - if (in == 0) - in = out; - -#ifdef DECODE_BAUD - tp = termspeeds; - while ((tp->speed != -1) && (tp->value < in)) - tp++; - *ispeed = tp->speed; - - tp = termspeeds; - while ((tp->speed != -1) && (tp->value < out)) - tp++; - *ospeed = tp->speed; -#else /* DECODE_BAUD */ - *ispeed = in; - *ospeed = out; -#endif /* DECODE_BAUD */ -} - -int -TerminalWindowSize(long *rows, long *cols) -{ -#ifdef TIOCGWINSZ - struct winsize ws; - - if (ioctl(fileno(stdin), TIOCGWINSZ, (char *)&ws) >= 0) { - *rows = ws.ws_row; - *cols = ws.ws_col; - return 1; - } -#endif /* TIOCGWINSZ */ - return 0; -} - -int -NetClose(int fd) -{ - return close(fd); -} - -static void -NetNonblockingIO(int fd, int onoff) -{ - ioctl(fd, FIONBIO, (char *)&onoff); -} - - -/* - * Various signal handling routines. - */ - -/* ARGSUSED */ -static SIG_FUNC_RET -deadpeer(int sig __unused) -{ - setcommandmode(); - longjmp(peerdied, -1); -} - -/* ARGSUSED */ -SIG_FUNC_RET -intr(int sig __unused) -{ - if (localchars) { - intp(); - return; - } - setcommandmode(); - longjmp(toplevel, -1); -} - -/* ARGSUSED */ -SIG_FUNC_RET -intr2(int sig __unused) -{ - if (localchars) { -#ifdef KLUDGELINEMODE - if (kludgelinemode) - sendbrk(); - else -#endif - sendabort(); - return; - } -} - -#ifdef SIGTSTP -/* ARGSUSED */ -SIG_FUNC_RET -susp(int sig __unused) -{ - if ((rlogin != _POSIX_VDISABLE) && rlogin_susp()) - return; - if (localchars) - sendsusp(); -} -#endif - -#ifdef SIGWINCH -/* ARGSUSED */ -static SIG_FUNC_RET -sendwin(int sig __unused) -{ - if (connected) { - sendnaws(); - } -} -#endif - -#ifdef SIGINFO -/* ARGSUSED */ -SIG_FUNC_RET -ayt(int sig __unused) -{ - if (connected) - sendayt(); - else - ayt_status(); -} -#endif - - -void -sys_telnet_init(void) -{ - (void) signal(SIGINT, intr); - (void) signal(SIGQUIT, intr2); - (void) signal(SIGPIPE, deadpeer); -#ifdef SIGWINCH - (void) signal(SIGWINCH, sendwin); -#endif -#ifdef SIGTSTP - (void) signal(SIGTSTP, susp); -#endif -#ifdef SIGINFO - (void) signal(SIGINFO, ayt); -#endif - - setconnmode(0); - - NetNonblockingIO(net, 1); - -#if defined(SO_OOBINLINE) - if (SetSockOpt(net, SOL_SOCKET, SO_OOBINLINE, 1) == -1) { - perror("SetSockOpt"); - } -#endif /* defined(SO_OOBINLINE) */ -} - -/* - * Process rings - - * - * This routine tries to fill up/empty our various rings. - * - * The parameter specifies whether this is a poll operation, - * or a block-until-something-happens operation. - * - * The return value is 1 if something happened, 0 if not. - */ - -int -process_rings(int netin, int netout, int netex, int ttyin, int ttyout, int poll) -{ - int c; - int returnValue = 0; - static struct timeval TimeValue = { 0, 0 }; - int maxfd = -1; - int tmp; - - if ((netout || netin || netex) && net > maxfd) - maxfd = net; - - if (ttyout && tout > maxfd) - maxfd = tout; - if (ttyin && tin > maxfd) - maxfd = tin; - tmp = howmany(maxfd+1, NFDBITS) * sizeof(fd_mask); - if (tmp > fdsn) { - if (ibitsp) - free(ibitsp); - if (obitsp) - free(obitsp); - if (xbitsp) - free(xbitsp); - - fdsn = tmp; - if ((ibitsp = (fd_set *)malloc(fdsn)) == NULL) - err(1, "malloc"); - if ((obitsp = (fd_set *)malloc(fdsn)) == NULL) - err(1, "malloc"); - if ((xbitsp = (fd_set *)malloc(fdsn)) == NULL) - err(1, "malloc"); - memset(ibitsp, 0, fdsn); - memset(obitsp, 0, fdsn); - memset(xbitsp, 0, fdsn); - } - - if (netout) - FD_SET(net, obitsp); - if (ttyout) - FD_SET(tout, obitsp); - if (ttyin) - FD_SET(tin, ibitsp); - if (netin) - FD_SET(net, ibitsp); - if (netex) - FD_SET(net, xbitsp); - if ((c = select(maxfd + 1, ibitsp, obitsp, xbitsp, - (poll == 0)? (struct timeval *)0 : &TimeValue)) < 0) { - if (c == -1) { - /* - * we can get EINTR if we are in line mode, - * and the user does an escape (TSTP), or - * some other signal generator. - */ - if (errno == EINTR) { - return 0; - } - /* I don't like this, does it ever happen? */ - printf("sleep(5) from telnet, after select: %s\r\n", strerror(errno)); - sleep(5); - } - return 0; - } - - /* - * Any urgent data? - */ - if (FD_ISSET(net, xbitsp)) { - FD_CLR(net, xbitsp); - SYNCHing = 1; - (void) ttyflush(1); /* flush already enqueued data */ - } - - /* - * Something to read from the network... - */ - if (FD_ISSET(net, ibitsp)) { - int canread; - - FD_CLR(net, ibitsp); - canread = ring_empty_consecutive(&netiring); -#if !defined(SO_OOBINLINE) - /* - * In 4.2 (and some early 4.3) systems, the - * OOB indication and data handling in the kernel - * is such that if two separate TCP Urgent requests - * come in, one byte of TCP data will be overlaid. - * This is fatal for Telnet, but we try to live - * with it. - * - * In addition, in 4.2 (and...), a special protocol - * is needed to pick up the TCP Urgent data in - * the correct sequence. - * - * What we do is: if we think we are in urgent - * mode, we look to see if we are "at the mark". - * If we are, we do an OOB receive. If we run - * this twice, we will do the OOB receive twice, - * but the second will fail, since the second - * time we were "at the mark", but there wasn't - * any data there (the kernel doesn't reset - * "at the mark" until we do a normal read). - * Once we've read the OOB data, we go ahead - * and do normal reads. - * - * There is also another problem, which is that - * since the OOB byte we read doesn't put us - * out of OOB state, and since that byte is most - * likely the TELNET DM (data mark), we would - * stay in the TELNET SYNCH (SYNCHing) state. - * So, clocks to the rescue. If we've "just" - * received a DM, then we test for the - * presence of OOB data when the receive OOB - * fails (and AFTER we did the normal mode read - * to clear "at the mark"). - */ - if (SYNCHing) { - int atmark; - static int bogus_oob = 0, first = 1; - - ioctl(net, SIOCATMARK, (char *)&atmark); - if (atmark) { - c = recv(net, netiring.supply, canread, MSG_OOB); - if ((c == -1) && (errno == EINVAL)) { - c = recv(net, netiring.supply, canread, 0); - if (clocks.didnetreceive < clocks.gotDM) { - SYNCHing = stilloob(net); - } - } else if (first && c > 0) { - /* - * Bogosity check. Systems based on 4.2BSD - * do not return an error if you do a second - * recv(MSG_OOB). So, we do one. If it - * succeeds and returns exactly the same - * data, then assume that we are running - * on a broken system and set the bogus_oob - * flag. (If the data was different, then - * we probably got some valid new data, so - * increment the count...) - */ - int i; - i = recv(net, netiring.supply + c, canread - c, MSG_OOB); - if (i == c && - memcmp(netiring.supply, netiring.supply + c, i) == 0) { - bogus_oob = 1; - first = 0; - } else if (i < 0) { - bogus_oob = 0; - first = 0; - } else - c += i; - } - if (bogus_oob && c > 0) { - int i; - /* - * Bogosity. We have to do the read - * to clear the atmark to get out of - * an infinate loop. - */ - i = read(net, netiring.supply + c, canread - c); - if (i > 0) - c += i; - } - } else { - c = recv(net, netiring.supply, canread, 0); - } - } else { - c = recv(net, netiring.supply, canread, 0); - } - settimer(didnetreceive); -#else /* !defined(SO_OOBINLINE) */ - c = recv(net, (char *)netiring.supply, canread, 0); -#endif /* !defined(SO_OOBINLINE) */ - if (c < 0 && errno == EWOULDBLOCK) { - c = 0; - } else if (c <= 0) { - return -1; - } - if (netdata) { - Dump('<', netiring.supply, c); - } - if (c) - ring_supplied(&netiring, c); - returnValue = 1; - } - - /* - * Something to read from the tty... - */ - if (FD_ISSET(tin, ibitsp)) { - FD_CLR(tin, ibitsp); - c = TerminalRead(ttyiring.supply, ring_empty_consecutive(&ttyiring)); - if (c < 0 && errno == EIO) - c = 0; - if (c < 0 && errno == EWOULDBLOCK) { - c = 0; - } else { - /* EOF detection for line mode!!!! */ - if ((c == 0) && MODE_LOCAL_CHARS(globalmode) && isatty(tin)) { - /* must be an EOF... */ - *ttyiring.supply = termEofChar; - c = 1; - } - if (c <= 0) { - return -1; - } - if (termdata) { - Dump('<', ttyiring.supply, c); - } - ring_supplied(&ttyiring, c); - } - returnValue = 1; /* did something useful */ - } - - if (FD_ISSET(net, obitsp)) { - FD_CLR(net, obitsp); - returnValue |= netflush(); - } - if (FD_ISSET(tout, obitsp)) { - FD_CLR(tout, obitsp); - returnValue |= (ttyflush(SYNCHing|flushout) > 0); - } - - return returnValue; -} diff --git a/telnet.tproj/telnet.1 b/telnet.tproj/telnet.1 deleted file mode 100644 index bb9717c..0000000 --- a/telnet.tproj/telnet.1 +++ /dev/null @@ -1,1418 +0,0 @@ -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)telnet.1 8.6 (Berkeley) 6/1/94 -.\" $FreeBSD: src/crypto/telnet/telnet/telnet.1,v 1.4.2.9 2002/04/13 10:59:08 markm Exp $ -.\" -.Dd January 27, 2000 -.Dt TELNET 1 -.Os -.Sh NAME -.Nm telnet -.Nd user interface to the -.Tn TELNET -protocol -.Sh SYNOPSIS -.Nm -.Op Fl 468EFKLNacdfruxy -.Op Fl S Ar tos -.Op Fl X Ar authtype -.Op Fl e Ar escapechar -.Op Fl k Ar realm -.Op Fl l Ar user -.Op Fl n Ar tracefile -.Op Fl s Ar src_addr -.Oo -.Ar host -.Op Ar port -.Oc -.Sh DESCRIPTION -The -.Nm -command -is used to communicate with another host using the -.Tn TELNET -protocol. -If -.Nm -is invoked without the -.Ar host -argument, it enters command mode, -indicated by its prompt -.Pq Dq Li telnet\&> . -In this mode, it accepts and executes the commands listed below. -If it is invoked with arguments, it performs an -.Ic open -command with those arguments. -.Pp -Options: -.Bl -tag -width indent -.It Fl 4 -Forces -.Nm -to use IPv4 addresses only. -.It Fl 6 -Forces -.Nm -to use IPv6 addresses only. -.It Fl 8 -Specifies an 8-bit data path. This causes an attempt to -negotiate the -.Dv TELNET BINARY -option on both input and output. -.It Fl E -Stops any character from being recognized as an escape character. -.It Fl F -If Kerberos V5 authentication is being used, the -.Fl F -option allows the local credentials to be forwarded -to the remote system, including any credentials that -have already been forwarded into the local environment. -.It Fl K -Specifies no automatic login to the remote system. -.It Fl L -Specifies an 8-bit data path on output. This causes the -.Dv BINARY -option to be negotiated on output. -.It Fl N -Prevents IP address to name lookup when destination host is given -as an IP address. -.It Fl S Ar tos -Sets the IP type-of-service (TOS) option for the telnet -connection to the value -.Ar tos , -which can be a numeric TOS value -or, on systems that support it, a symbolic -TOS name found in the -.Pa /etc/iptos -file. -.It Fl X Ar atype -Disables the -.Ar atype -type of authentication. -.It Fl a -Attempt automatic login. -This is now the default, so this option is ignored. -Currently, this sends the user name via the -.Ev USER -variable -of the -.Ev ENVIRON -option if supported by the remote system. -The name used is that of the current user as returned by -.Xr getlogin 2 -if it agrees with the current user ID, -otherwise it is the name associated with the user ID. -.It Fl c -Disables the reading of the user's -.Pa \&.telnetrc -file. (See the -.Ic toggle skiprc -command on this man page.) -.It Fl d -Sets the initial value of the -.Ic debug -toggle to -.Dv TRUE . -.It Fl e Ar escapechar -Sets the initial -.Nm -escape character to -.Ar escapechar . -If -.Ar escapechar -is omitted, then -there will be no escape character. -.It Fl f -If Kerberos V5 authentication is being used, the -.Fl f -option allows the local credentials to be forwarded to the remote system. -.It Fl k Ar realm -If Kerberos authentication is being used, the -.Fl k -option requests that -.Nm -obtain tickets for the remote host in -realm -.Ar realm -instead of the remote host's realm, as determined by -.Xr krb_realmofhost 3 . -.It Fl l Ar user -When connecting to the remote system, if the remote system -understands the -.Ev ENVIRON -option, then -.Ar user -will be sent to the remote system as the value for the variable -.Ev USER . -This option implies the -.Fl a -option. -This option may also be used with the -.Ic open -command. -.It Fl n Ar tracefile -Opens -.Ar tracefile -for recording trace information. -See the -.Ic set tracefile -command below. -.It Fl r -Specifies a user interface similar to -.Xr rlogin 1 . -In this -mode, the escape character is set to the tilde (~) character, -unless modified by the -.Fl e -option. -.It Fl s Ar src_addr -Set the source IP address for the -.Nm -connection to -.Ar src_addr , -which can be an IP address or a host name. -.It Fl u -Forces -.Nm -to use -.Dv AF_UNIX -addresses only (e.g., -.Ux -domain sockets, accessed with a file path). -.It Fl x -Turns on encryption of the data stream if possible. -This is now the default, so this option is ignored. -.It Fl y -Suppresses encryption of the data stream. -.It Ar host -Indicates the official name, an alias, or the Internet address -of a remote host. -If -.Ar host -starts with a -.Ql / , -.Nm -establishes a connection to the corresponding named socket. -.It Ar port -Indicates a port number (address of an application). If a number is -not specified, the default -.Nm -port is used. -.El -.Pp -When in rlogin mode, a line of the form ~. disconnects from the -remote host; ~ is the -.Nm -escape character. -Similarly, the line ~^Z suspends the -.Nm -session. -The line ~^] escapes to the normal -.Nm -escape prompt. -.Pp -Once a connection has been opened, -.Nm -will attempt to enable the -.Dv TELNET LINEMODE -option. -If this fails, then -.Nm -will revert to one of two input modes: -either \*(Lqcharacter at a time\*(Rq -or \*(Lqold line by line\*(Rq -depending on what the remote system supports. -.Pp -When -.Dv LINEMODE -is enabled, character processing is done on the -local system, under the control of the remote system. When input -editing or character echoing is to be disabled, the remote system -will relay that information. The remote system will also relay -changes to any special characters that happen on the remote -system, so that they can take effect on the local system. -.Pp -In \*(Lqcharacter at a time\*(Rq mode, most -text typed is immediately sent to the remote host for processing. -.Pp -In \*(Lqold line by line\*(Rq mode, all text is echoed locally, -and (normally) only completed lines are sent to the remote host. -The \*(Lqlocal echo character\*(Rq (initially \*(Lq^E\*(Rq) may be used -to turn off and on the local echo -(this would mostly be used to enter passwords -without the password being echoed). -.Pp -If the -.Dv LINEMODE -option is enabled, or if the -.Ic localchars -toggle is -.Dv TRUE -(the default for \*(Lqold line by line\*(Rq; see below), -the user's -.Ic quit , -.Ic intr , -and -.Ic flush -characters are trapped locally, and sent as -.Tn TELNET -protocol sequences to the remote side. -If -.Dv LINEMODE -has ever been enabled, then the user's -.Ic susp -and -.Ic eof -are also sent as -.Tn TELNET -protocol sequences, -and -.Ic quit -is sent as a -.Dv TELNET ABORT -instead of -.Dv BREAK . -There are options (see -.Ic toggle -.Ic autoflush -and -.Ic toggle -.Ic autosynch -below) -which cause this action to flush subsequent output to the terminal -(until the remote host acknowledges the -.Tn TELNET -sequence) and flush previous terminal input -(in the case of -.Ic quit -and -.Ic intr ) . -.Pp -While connected to a remote host, -.Nm -command mode may be entered by typing the -.Nm -\*(Lqescape character\*(Rq (initially \*(Lq^]\*(Rq). -When in command mode, the normal terminal editing conventions are available. -.Pp -The following -.Nm -commands are available. -Only enough of each command to uniquely identify it need be typed -(this is also true for arguments to the -.Ic mode , -.Ic set , -.Ic toggle , -.Ic unset , -.Ic slc , -.Ic environ , -and -.Ic display -commands). -.Pp -.Bl -tag -width "mode type" -.It Ic auth Ar argument ... -The auth command manipulates the information sent through the -.Dv TELNET AUTHENTICATE -option. Valid arguments for the -.Ic auth -command are: -.Bl -tag -width "disable type" -.It Ic disable Ar type -Disables the specified type of authentication. To -obtain a list of available types, use the -.Ic auth disable ?\& -command. -.It Ic enable Ar type -Enables the specified type of authentication. To -obtain a list of available types, use the -.Ic auth enable ?\& -command. -.It Ic status -Lists the current status of the various types of -authentication. -.El -.It Ic close -Close a -.Tn TELNET -session and return to command mode. -.It Ic display Ar argument ... -Displays all, or some, of the -.Ic set -and -.Ic toggle -values (see below). -.It Ic encrypt Ar argument ... -The encrypt command manipulates the information sent through the -.Dv TELNET ENCRYPT -option. -.Pp -Valid arguments for the -.Ic encrypt -command are: -.Bl -tag -width Ar -.It Ic disable Ar type Xo -.Op Cm input | output -.Xc -Disables the specified type of encryption. If you -omit the input and output, both input and output -are disabled. To obtain a list of available -types, use the -.Ic encrypt disable ?\& -command. -.It Ic enable Ar type Xo -.Op Cm input | output -.Xc -Enables the specified type of encryption. If you -omit input and output, both input and output are -enabled. To obtain a list of available types, use the -.Ic encrypt enable ?\& -command. -.It Ic input -This is the same as the -.Ic encrypt start input -command. -.It Ic -input -This is the same as the -.Ic encrypt stop input -command. -.It Ic output -This is the same as the -.Ic encrypt start output -command. -.It Ic -output -This is the same as the -.Ic encrypt stop output -command. -.It Ic start Op Cm input | output -Attempts to start encryption. If you omit -.Ic input -and -.Ic output , -both input and output are enabled. To -obtain a list of available types, use the -.Ic encrypt enable ?\& -command. -.It Ic status -Lists the current status of encryption. -.It Ic stop Op Cm input | output -Stops encryption. If you omit input and output, -encryption is on both input and output. -.It Ic type Ar type -Sets the default type of encryption to be used -with later -.Ic encrypt start -or -.Ic encrypt stop -commands. -.El -.It Ic environ Ar arguments ... -The -.Ic environ -command is used to manipulate the -variables that may be sent through the -.Dv TELNET ENVIRON -option. -The initial set of variables is populated with the -contents of the following environment variables, if -present: -.Ev USER , PRINTER , DISPLAY , TERM , COLUMNS , LINES. - -Only the first three are exported, by default. -.Pp -Valid arguments for the -.Ic environ -command are: -.Bl -tag -width Fl -.It Ic define Ar variable [value] -Define the variable -.Ar variable -to have a value of -.Ar value . -If value is empty, the value is taken from the environment variable. -Any variables defined by this command are automatically exported. -The -.Ar value -may be enclosed in single or double quotes so -that tabs and spaces may be included. -.It Ic undefine Ar variable -Remove -.Ar variable -from the list of environment variables. -.It Ic export Ar variable -Mark the variable -.Ar variable -to be exported to the remote side. -.It Ic unexport Ar variable -Mark the variable -.Ar variable -to not be exported unless -explicitly asked for by the remote side. -.It Ic list -List the current set of environment variables. -Those marked with a -.Cm * -will be sent automatically, -other variables will only be sent if explicitly requested. -.It Ic ?\& -Prints out help information for the -.Ic environ -command. -.El -.It Ic logout -Sends the -.Dv TELNET LOGOUT -option to the remote side. -This command is similar to a -.Ic close -command; however, if the remote side does not support the -.Dv LOGOUT -option, nothing happens. -If, however, the remote side does support the -.Dv LOGOUT -option, this command should cause the remote side to close the -.Tn TELNET -connection. -If the remote side also supports the concept of -suspending a user's session for later reattachment, -the logout argument indicates that you -should terminate the session immediately. -.It Ic mode Ar type -.Ar Type -is one of several options, depending on the state of the -.Tn TELNET -session. -The remote host is asked for permission to go into the requested mode. -If the remote host is capable of entering that mode, the requested -mode will be entered. -.Bl -tag -width Ar -.It Ic character -Disable the -.Dv TELNET LINEMODE -option, or, if the remote side does not understand the -.Dv LINEMODE -option, then enter \*(Lqcharacter at a time\*(Rq mode. -.It Ic line -Enable the -.Dv TELNET LINEMODE -option, or, if the remote side does not understand the -.Dv LINEMODE -option, then attempt to enter \*(Lqold-line-by-line\*(Rq mode. -.It Ic isig Pq Ic \-isig -Attempt to enable (disable) the -.Dv TRAPSIG -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic edit Pq Ic \-edit -Attempt to enable (disable) the -.Dv EDIT -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic softtabs Pq Ic \-softtabs -Attempt to enable (disable) the -.Dv SOFT_TAB -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic litecho Pq Ic \-litecho -Attempt to enable (disable) the -.Dv LIT_ECHO -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic ?\& -Prints out help information for the -.Ic mode -command. -.El -.It Xo -.Ic open Ar host -.Op Fl l Ar user -.Op Oo Fl Oc Ns Ar port -.Xc -Open a connection to the named host. -If no port number -is specified, -.Nm -will attempt to contact a -.Tn TELNET -server at the default port. -The host specification may be either a host name (see -.Xr hosts 5 ) , -an Internet address specified in the \*(Lqdot notation\*(Rq (see -.Xr inet 3 ) , -or IPv6 host name or IPv6 coloned-hexadecimal addreess. -The -.Fl l -option may be used to specify the user name -to be passed to the remote system via the -.Ev ENVIRON -option. -When connecting to a non-standard port, -.Nm -omits any automatic initiation of -.Tn TELNET -options. When the port number is preceded by a minus sign, -the initial option negotiation is done. -After establishing a connection, the file -.Pa \&.telnetrc -in the -users home directory is opened. Lines beginning with a # are -comment lines. Blank lines are ignored. Lines that begin -without white space are the start of a machine entry. The -first thing on the line is the name of the machine that is -being connected to. The rest of the line, and successive -lines that begin with white space are assumed to be -.Nm -commands and are processed as if they had been typed -in manually to the -.Nm -command prompt. -.It Ic quit -Close any open -.Tn TELNET -session and exit -.Nm . -An end of file (in command mode) will also close a session and exit. -.It Ic send Ar arguments -Sends one or more special character sequences to the remote host. -The following are the arguments which may be specified -(more than one argument may be specified at a time): -.Pp -.Bl -tag -width escape -.It Ic abort -Sends the -.Dv TELNET ABORT -(Abort -processes) -sequence. -.It Ic ao -Sends the -.Dv TELNET AO -(Abort Output) sequence, which should cause the remote system to flush -all output -.Em from -the remote system -.Em to -the user's terminal. -.It Ic ayt -Sends the -.Dv TELNET AYT -(Are You There) -sequence, to which the remote system may or may not choose to respond. -.It Ic brk -Sends the -.Dv TELNET BRK -(Break) sequence, which may have significance to the remote -system. -.It Ic ec -Sends the -.Dv TELNET EC -(Erase Character) -sequence, which should cause the remote system to erase the last character -entered. -.It Ic el -Sends the -.Dv TELNET EL -(Erase Line) -sequence, which should cause the remote system to erase the line currently -being entered. -.It Ic eof -Sends the -.Dv TELNET EOF -(End Of File) -sequence. -.It Ic eor -Sends the -.Dv TELNET EOR -(End of Record) -sequence. -.It Ic escape -Sends the current -.Nm -escape character (initially \*(Lq^\*(Rq). -.It Ic ga -Sends the -.Dv TELNET GA -(Go Ahead) -sequence, which likely has no significance to the remote system. -.It Ic getstatus -If the remote side supports the -.Dv TELNET STATUS -command, -.Ic getstatus -will send the subnegotiation to request that the server send -its current option status. -.It Ic ip -Sends the -.Dv TELNET IP -(Interrupt Process) sequence, which should cause the remote -system to abort the currently running process. -.It Ic nop -Sends the -.Dv TELNET NOP -(No OPeration) -sequence. -.It Ic susp -Sends the -.Dv TELNET SUSP -(SUSPend process) -sequence. -.It Ic synch -Sends the -.Dv TELNET SYNCH -sequence. -This sequence causes the remote system to discard all previously typed -(but not yet read) input. -This sequence is sent as -.Tn TCP -urgent -data (and may not work if the remote system is a -.Bx 4.2 -system -- if -it doesn't work, a lower case \*(Lqr\*(Rq may be echoed on the terminal). -.It Ic do Ar cmd -.It Ic dont Ar cmd -.It Ic will Ar cmd -.It Ic wont Ar cmd -Sends the -.Dv TELNET DO -.Ar cmd -sequence. -.Ar Cmd -can be either a decimal number between 0 and 255, -or a symbolic name for a specific -.Dv TELNET -command. -.Ar Cmd -can also be either -.Ic help -or -.Ic ?\& -to print out help information, including -a list of known symbolic names. -.It Ic ?\& -Prints out help information for the -.Ic send -command. -.El -.It Ic set Ar argument value -.It Ic unset Ar argument value -The -.Ic set -command will set any one of a number of -.Nm -variables to a specific value or to -.Dv TRUE . -The special value -.Ic off -turns off the function associated with -the variable, this is equivalent to using the -.Ic unset -command. -The -.Ic unset -command will disable or set to -.Dv FALSE -any of the specified functions. -The values of variables may be interrogated with the -.Ic display -command. -The variables which may be set or unset, but not toggled, are -listed here. In addition, any of the variables for the -.Ic toggle -command may be explicitly set or unset using -the -.Ic set -and -.Ic unset -commands. -.Bl -tag -width escape -.It Ic ayt -If -.Tn TELNET -is in localchars mode, or -.Dv LINEMODE -is enabled, and the status character is typed, a -.Dv TELNET AYT -sequence (see -.Ic send ayt -preceding) is sent to the -remote host. The initial value for the \*(LqAre You There\*(Rq -character is the terminal's status character. -.It Ic echo -This is the value (initially \*(Lq^E\*(Rq) which, when in -\*(Lqline by line\*(Rq mode, toggles between doing local echoing -of entered characters (for normal processing), and suppressing -echoing of entered characters (for entering, say, a password). -.It Ic eof -If -.Nm -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Rq mode, entering this character -as the first character on a line will cause this character to be -sent to the remote system. -The initial value of the eof character is taken to be the terminal's -.Ic eof -character. -.It Ic erase -If -.Nm -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below), -.Sy and -if -.Nm -is operating in \*(Lqcharacter at a time\*(Rq mode, then when this -character is typed, a -.Dv TELNET EC -sequence (see -.Ic send -.Ic ec -above) -is sent to the remote system. -The initial value for the erase character is taken to be -the terminal's -.Ic erase -character. -.It Ic escape -This is the -.Nm -escape character (initially \*(Lq^[\*(Rq) which causes entry -into -.Nm -command mode (when connected to a remote system). -.It Ic flushoutput -If -.Nm -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below) -and the -.Ic flushoutput -character is typed, a -.Dv TELNET AO -sequence (see -.Ic send -.Ic ao -above) -is sent to the remote host. -The initial value for the flush character is taken to be -the terminal's -.Ic flush -character. -.It Ic forw1 -.It Ic forw2 -If -.Nm -is operating in -.Dv LINEMODE , -these are the -characters that, when typed, cause partial lines to be -forwarded to the remote system. The initial value for -the forwarding characters are taken from the terminal's -eol and eol2 characters. -.It Ic interrupt -If -.Nm -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below) -and the -.Ic interrupt -character is typed, a -.Dv TELNET IP -sequence (see -.Ic send -.Ic ip -above) -is sent to the remote host. -The initial value for the interrupt character is taken to be -the terminal's -.Ic intr -character. -.It Ic kill -If -.Nm -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below), -.Ic and -if -.Nm -is operating in \*(Lqcharacter at a time\*(Rq mode, then when this -character is typed, a -.Dv TELNET EL -sequence (see -.Ic send -.Ic el -above) -is sent to the remote system. -The initial value for the kill character is taken to be -the terminal's -.Ic kill -character. -.It Ic lnext -If -.Nm -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Rq mode, then this character is taken to -be the terminal's -.Ic lnext -character. -The initial value for the lnext character is taken to be -the terminal's -.Ic lnext -character. -.It Ic quit -If -.Nm -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below) -and the -.Ic quit -character is typed, a -.Dv TELNET BRK -sequence (see -.Ic send -.Ic brk -above) -is sent to the remote host. -The initial value for the quit character is taken to be -the terminal's -.Ic quit -character. -.It Ic reprint -If -.Nm -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Rq mode, then this character is taken to -be the terminal's -.Ic reprint -character. -The initial value for the reprint character is taken to be -the terminal's -.Ic reprint -character. -.It Ic rlogin -This is the rlogin escape character. -If set, the normal -.Nm -escape character is ignored unless it is -preceded by this character at the beginning of a line. -This character, at the beginning of a line followed by -a "." closes the connection; when followed by a ^Z it -suspends the -.Nm -command. The initial state is to -disable the -.Nm rlogin -escape character. -.It Ic start -If the -.Dv TELNET TOGGLE-FLOW-CONTROL -option has been enabled, -then this character is taken to -be the terminal's -.Ic start -character. -The initial value for the start character is taken to be -the terminal's -.Ic start -character. -.It Ic stop -If the -.Dv TELNET TOGGLE-FLOW-CONTROL -option has been enabled, -then this character is taken to -be the terminal's -.Ic stop -character. -The initial value for the stop character is taken to be -the terminal's -.Ic stop -character. -.It Ic susp -If -.Nm -is in -.Ic localchars -mode, or -.Dv LINEMODE -is enabled, and the -.Ic suspend -character is typed, a -.Dv TELNET SUSP -sequence (see -.Ic send -.Ic susp -above) -is sent to the remote host. -The initial value for the suspend character is taken to be -the terminal's -.Ic suspend -character. -.It Ic tracefile -This is the file to which the output, caused by -.Ic netdata -or -.Ic option -tracing being -.Dv TRUE , -will be written. If it is set to -.Dq Fl , -then tracing information will be written to standard output (the default). -.It Ic worderase -If -.Nm -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Rq mode, then this character is taken to -be the terminal's -.Ic worderase -character. -The initial value for the worderase character is taken to be -the terminal's -.Ic worderase -character. -.It Ic ?\& -Displays the legal -.Ic set -.Pq Ic unset -commands. -.El -.It Ic opie Ar sequence challenge -The -.Ic opie -command computes a response to the OPIE challenge. -.It Ic slc Ar state -The -.Ic slc -command (Set Local Characters) is used to set -or change the state of the special -characters when the -.Dv TELNET LINEMODE -option has -been enabled. Special characters are characters that get -mapped to -.Tn TELNET -commands sequences (like -.Ic ip -or -.Ic quit ) -or line editing characters (like -.Ic erase -and -.Ic kill ) . -By default, the local special characters are exported. -.Bl -tag -width Fl -.It Ic check -Verify the current settings for the current special characters. -The remote side is requested to send all the current special -character settings, and if there are any discrepancies with -the local side, the local side will switch to the remote value. -.It Ic export -Switch to the local defaults for the special characters. The -local default characters are those of the local terminal at -the time when -.Nm -was started. -.It Ic import -Switch to the remote defaults for the special characters. -The remote default characters are those of the remote system -at the time when the -.Tn TELNET -connection was established. -.It Ic ?\& -Prints out help information for the -.Ic slc -command. -.El -.It Ic status -Show the current status of -.Nm . -This includes the peer one is connected to, as well -as the current mode. -.It Ic toggle Ar arguments ... -Toggle (between -.Dv TRUE -and -.Dv FALSE ) -various flags that control how -.Nm -responds to events. -These flags may be set explicitly to -.Dv TRUE -or -.Dv FALSE -using the -.Ic set -and -.Ic unset -commands listed above. -More than one argument may be specified. -The state of these flags may be interrogated with the -.Ic display -command. -Valid arguments are: -.Bl -tag -width Ar -.It Ic authdebug -Turns on debugging information for the authentication code. -.It Ic autoflush -If -.Ic autoflush -and -.Ic localchars -are both -.Dv TRUE , -then when the -.Ic ao , -or -.Ic quit -characters are recognized (and transformed into -.Tn TELNET -sequences; see -.Ic set -above for details), -.Nm -refuses to display any data on the user's terminal -until the remote system acknowledges (via a -.Dv TELNET TIMING MARK -option) -that it has processed those -.Tn TELNET -sequences. -The initial value for this toggle is -.Dv TRUE -if the terminal user had not -done an "stty noflsh", otherwise -.Dv FALSE -(see -.Xr stty 1 ) . -.It Ic autodecrypt -When the -.Dv TELNET ENCRYPT -option is negotiated, by -default the actual encryption (decryption) of the data -stream does not start automatically. The autoencrypt -(autodecrypt) command states that encryption of the -output (input) stream should be enabled as soon as -possible. -.It Ic autologin -If the remote side supports the -.Dv TELNET AUTHENTICATION -option -.Nm -attempts to use it to perform automatic authentication. If the -.Dv AUTHENTICATION -option is not supported, the user's login -name are propagated through the -.Dv TELNET ENVIRON -option. -This command is the same as specifying -.Fl a -option on the -.Ic open -command. -.It Ic autosynch -If -.Ic autosynch -and -.Ic localchars -are both -.Dv TRUE , -then when either the -.Ic intr -or -.Ic quit -characters is typed (see -.Ic set -above for descriptions of the -.Ic intr -and -.Ic quit -characters), the resulting -.Tn TELNET -sequence sent is followed by the -.Dv TELNET SYNCH -sequence. -This procedure -.Ic should -cause the remote system to begin throwing away all previously -typed input until both of the -.Tn TELNET -sequences have been read and acted upon. -The initial value of this toggle is -.Dv FALSE . -.It Ic binary -Enable or disable the -.Dv TELNET BINARY -option on both input and output. -.It Ic inbinary -Enable or disable the -.Dv TELNET BINARY -option on input. -.It Ic outbinary -Enable or disable the -.Dv TELNET BINARY -option on output. -.It Ic crlf -If this is -.Dv TRUE , -then carriage returns will be sent as -.Li . -If this is -.Dv FALSE , -then carriage returns will be send as -.Li . -The initial value for this toggle is -.Dv FALSE . -.It Ic crmod -Toggle carriage return mode. -When this mode is enabled, most carriage return characters received from -the remote host will be mapped into a carriage return followed by -a line feed. -This mode does not affect those characters typed by the user, only -those received from the remote host. -This mode is not very useful unless the remote host -only sends carriage return, but never line feed. -The initial value for this toggle is -.Dv FALSE . -.It Ic debug -Toggles socket level debugging (useful only to the -.Ic super user ) . -The initial value for this toggle is -.Dv FALSE . -.It Ic encdebug -Turns on debugging information for the encryption code. -.It Ic localchars -If this is -.Dv TRUE , -then the -.Ic flush , -.Ic interrupt , -.Ic quit , -.Ic erase , -and -.Ic kill -characters (see -.Ic set -above) are recognized locally, and transformed into (hopefully) appropriate -.Tn TELNET -control sequences -(respectively -.Ic ao , -.Ic ip , -.Ic brk , -.Ic ec , -and -.Ic el ; -see -.Ic send -above). -The initial value for this toggle is -.Dv TRUE -in \*(Lqold line by line\*(Rq mode, -and -.Dv FALSE -in \*(Lqcharacter at a time\*(Rq mode. -When the -.Dv LINEMODE -option is enabled, the value of -.Ic localchars -is ignored, and assumed to always be -.Dv TRUE . -If -.Dv LINEMODE -has ever been enabled, then -.Ic quit -is sent as -.Ic abort , -and -.Ic eof -and -.Ic suspend -are sent as -.Ic eof -and -.Ic susp -(see -.Ic send -above). -.It Ic netdata -Toggles the display of all network data (in hexadecimal format). -The initial value for this toggle is -.Dv FALSE . -.It Ic options -Toggles the display of some internal -.Nm -protocol processing (having to do with -.Tn TELNET -options). -The initial value for this toggle is -.Dv FALSE . -.It Ic prettydump -When the -.Ic netdata -toggle is enabled, if -.Ic prettydump -is enabled the output from the -.Ic netdata -command will be formatted in a more user readable format. -Spaces are put between each character in the output, and the -beginning of any -.Nm -escape sequence is preceded by a '*' to aid in locating them. -.It Ic skiprc -When the skiprc toggle is -.Dv TRUE , -.Nm -skips the reading of the -.Pa \&.telnetrc -file in the users home -directory when connections are opened. The initial -value for this toggle is -.Dv FALSE . -.It Ic termdata -Toggles the display of all terminal data (in hexadecimal format). -The initial value for this toggle is -.Dv FALSE . -.It Ic verbose_encrypt -When the -.Ic verbose_encrypt -toggle is -.Dv TRUE , -.Nm -prints out a message each time encryption is enabled or -disabled. The initial value for this toggle is -.Dv FALSE . -.It Ic ?\& -Displays the legal -.Ic toggle -commands. -.El -.It Ic z -Suspend -.Nm . -This command only works when the user is using the -.Xr csh 1 . -.It Ic \&! Op Ar command -Execute a single command in a subshell on the local -system. If -.Ar command -is omitted, then an interactive -subshell is invoked. -.It Ic ?\& Op Ar command -Get help. With no arguments, -.Nm -prints a help summary. -If -.Ar command -is specified, -.Nm -will print the help information for just that command. -.El -.Sh ENVIRONMENT -.Nm -uses at least the -.Ev HOME , -.Ev SHELL , -.Ev DISPLAY , -and -.Ev TERM -environment variables. -Other environment variables may be propagated -to the other side via the -.Dv TELNET ENVIRON -option. -.Sh SEE ALSO -.Xr rlogin 1 , -.Xr rsh 1 , -.Xr hosts 5 , -.Xr nologin 5 , -.Xr telnetd 8 -.Sh FILES -.Bl -tag -width ~/.telnetrc -compact -.It Pa ~/.telnetrc -user customized telnet startup values -.El -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . -.Pp -IPv6 support was added by WIDE/KAME project. -.Sh NOTES -On some remote systems, echo has to be turned off manually when in -\*(Lqold line by line\*(Rq mode. -.Pp -In \*(Lqold line by line\*(Rq mode or -.Dv LINEMODE -the terminal's -.Ic eof -character is only recognized (and sent to the remote system) -when it is the first character on a line. diff --git a/telnet.tproj/telnet.c b/telnet.tproj/telnet.c deleted file mode 100644 index aaf3906..0000000 --- a/telnet.tproj/telnet.c +++ /dev/null @@ -1,2392 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -#ifdef __FBSDID -__FBSDID("$FreeBSD: src/crypto/telnet/telnet/telnet.c,v 1.4.2.5 2002/04/13 10:59:08 markm Exp $"); -#endif - -#ifndef __unused -#define __unused __attribute__((__unused__)) -#endif - -#ifndef lint -static const char sccsid[] = "@(#)telnet.c 8.4 (Berkeley) 5/30/95"; -#endif - -#include - -/* By the way, we need to include curses.h before telnet.h since, - * among other things, telnet.h #defines 'DO', which is a variable - * declared in curses.h. - */ - -#include -#include -#include -#include -#include -#include - -#include "ring.h" - -#include "defines.h" -#include "externs.h" -#include "types.h" -#include "general.h" - -#ifdef AUTHENTICATION -#include -#endif -#ifdef ENCRYPTION -#include -#endif -#include - -#define strip(x) ((my_want_state_is_wont(TELOPT_BINARY)) ? ((x)&0x7f) : (x)) - -static unsigned char subbuffer[SUBBUFSIZE], - *subpointer, *subend; /* buffer for sub-options */ -#define SB_CLEAR() subpointer = subbuffer; -#define SB_TERM() { subend = subpointer; SB_CLEAR(); } -#define SB_ACCUM(c) if (subpointer < (subbuffer+sizeof subbuffer)) { \ - *subpointer++ = (c); \ - } - -#define SB_GET() ((*subpointer++)&0xff) -#define SB_PEEK() ((*subpointer)&0xff) -#define SB_EOF() (subpointer >= subend) -#define SB_LEN() (subend - subpointer) - -char options[256]; /* The combined options */ -char do_dont_resp[256]; -char will_wont_resp[256]; - -int - eight = 0, - autologin = 0, /* Autologin anyone? */ - skiprc = 0, - connected, - showoptions, - ISend, /* trying to send network data in */ - debug = 0, - crmod, - netdata, /* Print out network data flow */ - crlf, /* Should '\r' be mapped to (or )? */ - telnetport, - SYNCHing, /* we are in TELNET SYNCH mode */ - flushout, /* flush output */ - autoflush = 0, /* flush output when interrupting? */ - autosynch, /* send interrupt characters with SYNCH? */ - localflow, /* we handle flow control locally */ - restartany, /* if flow control enabled, restart on any character */ - localchars, /* we recognize interrupt/quit */ - donelclchars, /* the user has set "localchars" */ - donebinarytoggle, /* the user has put us in binary */ - dontlecho, /* do we suppress local echoing right now? */ - globalmode, - doaddrlookup = 1, /* do a reverse address lookup? */ - clienteof = 0; - -char *prompt = 0; -#ifdef ENCRYPTION -char *line; /* hack around breakage in sra.c :-( !! */ -#endif - -cc_t escape; -cc_t rlogin; -#ifdef KLUDGELINEMODE -cc_t echoc; -#endif - -/* - * Telnet receiver states for fsm - */ -#define TS_DATA 0 -#define TS_IAC 1 -#define TS_WILL 2 -#define TS_WONT 3 -#define TS_DO 4 -#define TS_DONT 5 -#define TS_CR 6 -#define TS_SB 7 /* sub-option collection */ -#define TS_SE 8 /* looking for sub-option end */ - -static int telrcv_state; -#ifdef OLD_ENVIRON -unsigned char telopt_environ = TELOPT_NEW_ENVIRON; -#else -# define telopt_environ TELOPT_NEW_ENVIRON -#endif - -jmp_buf toplevel; -jmp_buf peerdied; - -int flushline; -int linemode; - -#ifdef KLUDGELINEMODE -int kludgelinemode = 1; -#endif - -static int is_unique(char *, char **, char **); - -/* - * The following are some clocks used to decide how to interpret - * the relationship between various variables. - */ - -Clocks clocks; - -/* - * Initialize telnet environment. - */ - -void -init_telnet(void) -{ - env_init(); - - SB_CLEAR(); - ClearArray(options); - - connected = ISend = localflow = donebinarytoggle = 0; -#ifdef AUTHENTICATION -#ifdef ENCRYPTION - auth_encrypt_connect(connected); -#endif -#endif - restartany = -1; - - SYNCHing = 0; - - /* Don't change NetTrace */ - - escape = CONTROL(']'); - rlogin = _POSIX_VDISABLE; -#ifdef KLUDGELINEMODE - echoc = CONTROL('E'); -#endif - - flushline = 1; - telrcv_state = TS_DATA; -} - - -/* - * These routines are in charge of sending option negotiations - * to the other side. - * - * The basic idea is that we send the negotiation if either side - * is in disagreement as to what the current state should be. - */ - -void -send_do(int c, int init) -{ - if (init) { - if (((do_dont_resp[c] == 0) && my_state_is_do(c)) || - my_want_state_is_do(c)) - return; - set_my_want_state_do(c); - do_dont_resp[c]++; - } - NET2ADD(IAC, DO); - NETADD(c); - printoption("SENT", DO, c); -} - -void -send_dont(int c, int init) -{ - if (init) { - if (((do_dont_resp[c] == 0) && my_state_is_dont(c)) || - my_want_state_is_dont(c)) - return; - set_my_want_state_dont(c); - do_dont_resp[c]++; - } - NET2ADD(IAC, DONT); - NETADD(c); - printoption("SENT", DONT, c); -} - -void -send_will(int c, int init) -{ - if (init) { - if (((will_wont_resp[c] == 0) && my_state_is_will(c)) || - my_want_state_is_will(c)) - return; - set_my_want_state_will(c); - will_wont_resp[c]++; - } - NET2ADD(IAC, WILL); - NETADD(c); - printoption("SENT", WILL, c); -} - -void -send_wont(int c, int init) -{ - if (init) { - if (((will_wont_resp[c] == 0) && my_state_is_wont(c)) || - my_want_state_is_wont(c)) - return; - set_my_want_state_wont(c); - will_wont_resp[c]++; - } - NET2ADD(IAC, WONT); - NETADD(c); - printoption("SENT", WONT, c); -} - -void -willoption(int option) -{ - int new_state_ok = 0; - - if (do_dont_resp[option]) { - --do_dont_resp[option]; - if (do_dont_resp[option] && my_state_is_do(option)) - --do_dont_resp[option]; - } - - if ((do_dont_resp[option] == 0) && my_want_state_is_dont(option)) { - - switch (option) { - - case TELOPT_ECHO: - case TELOPT_BINARY: - case TELOPT_SGA: - settimer(modenegotiated); - /* FALL THROUGH */ - case TELOPT_STATUS: -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: -#endif -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: -#endif /* ENCRYPTION */ - new_state_ok = 1; - break; - - case TELOPT_TM: - if (flushout) - flushout = 0; - /* - * Special case for TM. If we get back a WILL, - * pretend we got back a WONT. - */ - set_my_want_state_dont(option); - set_my_state_dont(option); - return; /* Never reply to TM will's/wont's */ - - case TELOPT_LINEMODE: - default: - break; - } - - if (new_state_ok) { - set_my_want_state_do(option); - send_do(option, 0); - setconnmode(0); /* possibly set new tty mode */ - } else { - do_dont_resp[option]++; - send_dont(option, 0); - } - } - set_my_state_do(option); -#ifdef ENCRYPTION - if (option == TELOPT_ENCRYPT) - encrypt_send_support(); -#endif /* ENCRYPTION */ -} - -void -wontoption(int option) -{ - if (do_dont_resp[option]) { - --do_dont_resp[option]; - if (do_dont_resp[option] && my_state_is_dont(option)) - --do_dont_resp[option]; - } - - if ((do_dont_resp[option] == 0) && my_want_state_is_do(option)) { - - switch (option) { - -#ifdef KLUDGELINEMODE - case TELOPT_SGA: - if (!kludgelinemode) - break; - /* FALL THROUGH */ -#endif - case TELOPT_ECHO: - settimer(modenegotiated); - break; - - case TELOPT_TM: - if (flushout) - flushout = 0; - set_my_want_state_dont(option); - set_my_state_dont(option); - return; /* Never reply to TM will's/wont's */ - - default: - break; - } - set_my_want_state_dont(option); - if (my_state_is_do(option)) - send_dont(option, 0); - setconnmode(0); /* Set new tty mode */ - } else if (option == TELOPT_TM) { - /* - * Special case for TM. - */ - if (flushout) - flushout = 0; - set_my_want_state_dont(option); - } - set_my_state_dont(option); -} - -static void -dooption(int option) -{ - int new_state_ok = 0; - - if (will_wont_resp[option]) { - --will_wont_resp[option]; - if (will_wont_resp[option] && my_state_is_will(option)) - --will_wont_resp[option]; - } - - if (will_wont_resp[option] == 0) { - if (my_want_state_is_wont(option)) { - - switch (option) { - - case TELOPT_TM: - /* - * Special case for TM. We send a WILL, but pretend - * we sent WONT. - */ - send_will(option, 0); - set_my_want_state_wont(TELOPT_TM); - set_my_state_wont(TELOPT_TM); - return; - - case TELOPT_BINARY: /* binary mode */ - case TELOPT_NAWS: /* window size */ - case TELOPT_TSPEED: /* terminal speed */ - case TELOPT_LFLOW: /* local flow control */ - case TELOPT_TTYPE: /* terminal type option */ - case TELOPT_SGA: /* no big deal */ -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: /* encryption variable option */ -#endif /* ENCRYPTION */ - new_state_ok = 1; - break; - - case TELOPT_NEW_ENVIRON: /* New environment variable option */ -#ifdef OLD_ENVIRON - if (my_state_is_will(TELOPT_OLD_ENVIRON)) - send_wont(TELOPT_OLD_ENVIRON, 1); /* turn off the old */ - goto env_common; - case TELOPT_OLD_ENVIRON: /* Old environment variable option */ - if (my_state_is_will(TELOPT_NEW_ENVIRON)) - break; /* Don't enable if new one is in use! */ - env_common: - telopt_environ = option; -#endif - new_state_ok = 1; - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - if (autologin) - new_state_ok = 1; - break; -#endif - - case TELOPT_XDISPLOC: /* X Display location */ - if (env_getvalue("DISPLAY")) - new_state_ok = 1; - break; - - case TELOPT_LINEMODE: -#ifdef KLUDGELINEMODE - kludgelinemode = 0; - send_do(TELOPT_SGA, 1); -#endif - set_my_want_state_will(TELOPT_LINEMODE); - send_will(option, 0); - set_my_state_will(TELOPT_LINEMODE); - slc_init(); - return; - - case TELOPT_ECHO: /* We're never going to echo... */ - default: - break; - } - - if (new_state_ok) { - set_my_want_state_will(option); - send_will(option, 0); - setconnmode(0); /* Set new tty mode */ - } else { - will_wont_resp[option]++; - send_wont(option, 0); - } - } else { - /* - * Handle options that need more things done after the - * other side has acknowledged the option. - */ - switch (option) { - case TELOPT_LINEMODE: -#ifdef KLUDGELINEMODE - kludgelinemode = 0; - send_do(TELOPT_SGA, 1); -#endif - set_my_state_will(option); - slc_init(); - send_do(TELOPT_SGA, 0); - return; - } - } - } - set_my_state_will(option); -} - -static void -dontoption(int option) -{ - - if (will_wont_resp[option]) { - --will_wont_resp[option]; - if (will_wont_resp[option] && my_state_is_wont(option)) - --will_wont_resp[option]; - } - - if ((will_wont_resp[option] == 0) && my_want_state_is_will(option)) { - switch (option) { - case TELOPT_LINEMODE: - linemode = 0; /* put us back to the default state */ - break; -#ifdef OLD_ENVIRON - case TELOPT_NEW_ENVIRON: - /* - * The new environ option wasn't recognized, try - * the old one. - */ - send_will(TELOPT_OLD_ENVIRON, 1); - telopt_environ = TELOPT_OLD_ENVIRON; - break; -#endif - } - /* we always accept a DONT */ - set_my_want_state_wont(option); - if (my_state_is_will(option)) - send_wont(option, 0); - setconnmode(0); /* Set new tty mode */ - } - set_my_state_wont(option); -} - -/* - * Given a buffer returned by tgetent(), this routine will turn - * the pipe separated list of names in the buffer into an array - * of pointers to null terminated names. We toss out any bad, - * duplicate, or verbose names (names with spaces). - */ - -static const char *name_unknown = "UNKNOWN"; -static const char *unknown[] = { NULL, NULL }; - -static const char ** -mklist(char *buf, char *name) -{ - int n; - char c, *cp, **argvp, *cp2, **argv, **avt; - - if (name) { - if (strlen(name) > 40) { - name = 0; - unknown[0] = name_unknown; - } else { - unknown[0] = name; - upcase(name); - } - } else - unknown[0] = name_unknown; - /* - * Count up the number of names. - */ - for (n = 1, cp = buf; *cp && *cp != ':'; cp++) { - if (*cp == '|') - n++; - } - /* - * Allocate an array to put the name pointers into - */ - argv = (char **)malloc((n+3)*sizeof(char *)); - if (argv == 0) - return(unknown); - - /* - * Fill up the array of pointers to names. - */ - *argv = 0; - argvp = argv+1; - n = 0; - for (cp = cp2 = buf; (c = *cp); cp++) { - if (c == '|' || c == ':') { - *cp++ = '\0'; - /* - * Skip entries that have spaces or are over 40 - * characters long. If this is our environment - * name, then put it up front. Otherwise, as - * long as this is not a duplicate name (case - * insensitive) add it to the list. - */ - if (n || (cp - cp2 > 41)) - ; - else if (name && (strncasecmp(name, cp2, cp-cp2) == 0)) - *argv = cp2; - else if (is_unique(cp2, argv+1, argvp)) - *argvp++ = cp2; - if (c == ':') - break; - /* - * Skip multiple delimiters. Reset cp2 to - * the beginning of the next name. Reset n, - * the flag for names with spaces. - */ - while ((c = *cp) == '|') - cp++; - cp2 = cp; - n = 0; - } - /* - * Skip entries with spaces or non-ascii values. - * Convert lower case letters to upper case. - */ - if ((c == ' ') || !isascii(c)) - n = 1; - else if (islower(c)) - *cp = toupper(c); - } - - /* - * Check for an old V6 2 character name. If the second - * name points to the beginning of the buffer, and is - * only 2 characters long, move it to the end of the array. - */ - if ((argv[1] == buf) && (strlen(argv[1]) == 2)) { - --argvp; - for (avt = &argv[1]; avt < argvp; avt++) - *avt = *(avt+1); - *argvp++ = buf; - } - - /* - * Duplicate last name, for TTYPE option, and null - * terminate the array. If we didn't find a match on - * our terminal name, put that name at the beginning. - */ - cp = *(argvp-1); - *argvp++ = cp; - *argvp = 0; - - if (*argv == 0) { - if (name) - *argv = name; - else { - --argvp; - for (avt = argv; avt < argvp; avt++) - *avt = *(avt+1); - } - } - if (*argv) - return((const char **)argv); - else - return(unknown); -} - -static int -is_unique(char *name, char **as, char **ae) -{ - char **ap; - int n; - - n = strlen(name) + 1; - for (ap = as; ap < ae; ap++) - if (strncasecmp(*ap, name, n) == 0) - return(0); - return (1); -} - -#ifdef TERMCAP -char termbuf[1024]; - -/*ARGSUSED*/ -static int -setupterm(char *tname, int fd, int *errp) -{ - if (tgetent(termbuf, tname) == 1) { - termbuf[1023] = '\0'; - if (errp) - *errp = 1; - return(0); - } - if (errp) - *errp = 0; - return(-1); -} -#else -#define termbuf ttytype -extern char ttytype[]; -#endif - -int resettermname = 1; - -static const char * -gettermname(void) -{ - char *tname; - static const char **tnamep = 0; - static const char **next; - int err; - - if (resettermname) { - resettermname = 0; - if (tnamep && tnamep != unknown) - free(tnamep); - if ((tname = env_getvalue("TERM")) && - (setupterm(tname, 1, &err) == 0)) { - tnamep = mklist(termbuf, tname); - } else { - if (tname && (strlen(tname) <= 40)) { - unknown[0] = tname; - upcase(tname); - } else - unknown[0] = name_unknown; - tnamep = unknown; - } - next = tnamep; - } - if (*next == 0) - next = tnamep; - return(*next++); -} -/* - * suboption() - * - * Look at the sub-option buffer, and try to be helpful to the other - * side. - * - * Currently we recognize: - * - * Terminal type, send request. - * Terminal speed (send request). - * Local flow control (is request). - * Linemode - */ - -static void -suboption(void) -{ - unsigned char subchar; - - printsub('<', subbuffer, SB_LEN()+2); - switch (subchar = SB_GET()) { - case TELOPT_TTYPE: - if (my_want_state_is_wont(TELOPT_TTYPE)) - return; - if (SB_EOF() || SB_GET() != TELQUAL_SEND) { - return; - } else { - const char *name; - unsigned char temp[50]; - int len; - - name = gettermname(); - len = strlen(name) + 4 + 2; - if (len < NETROOM()) { - sprintf(temp, "%c%c%c%c%s%c%c", IAC, SB, TELOPT_TTYPE, - TELQUAL_IS, name, IAC, SE); - ring_supply_data(&netoring, temp, len); - printsub('>', &temp[2], len-2); - } else { - ExitString("No room in buffer for terminal type.\n", 1); - /*NOTREACHED*/ - } - } - break; - case TELOPT_TSPEED: - if (my_want_state_is_wont(TELOPT_TSPEED)) - return; - if (SB_EOF()) - return; - if (SB_GET() == TELQUAL_SEND) { - long ospeed, ispeed; - unsigned char temp[50]; - int len; - - TerminalSpeeds(&ispeed, &ospeed); - - sprintf((char *)temp, "%c%c%c%c%ld,%ld%c%c", IAC, SB, TELOPT_TSPEED, - TELQUAL_IS, ospeed, ispeed, IAC, SE); - len = strlen((char *)temp+4) + 4; /* temp[3] is 0 ... */ - - if (len < NETROOM()) { - ring_supply_data(&netoring, temp, len); - printsub('>', temp+2, len - 2); - } -/*@*/ else printf("lm_will: not enough room in buffer\n"); - } - break; - case TELOPT_LFLOW: - if (my_want_state_is_wont(TELOPT_LFLOW)) - return; - if (SB_EOF()) - return; - switch(SB_GET()) { - case LFLOW_RESTART_ANY: - restartany = 1; - break; - case LFLOW_RESTART_XON: - restartany = 0; - break; - case LFLOW_ON: - localflow = 1; - break; - case LFLOW_OFF: - localflow = 0; - break; - default: - return; - } - setcommandmode(); - setconnmode(0); - break; - - case TELOPT_LINEMODE: - if (my_want_state_is_wont(TELOPT_LINEMODE)) - return; - if (SB_EOF()) - return; - switch (SB_GET()) { - case WILL: - lm_will(subpointer, SB_LEN()); - break; - case WONT: - lm_wont(subpointer, SB_LEN()); - break; - case DO: - lm_do(subpointer, SB_LEN()); - break; - case DONT: - lm_dont(subpointer, SB_LEN()); - break; - case LM_SLC: - slc(subpointer, SB_LEN()); - break; - case LM_MODE: - lm_mode(subpointer, SB_LEN(), 0); - break; - default: - break; - } - break; - -#ifdef OLD_ENVIRON - case TELOPT_OLD_ENVIRON: -#endif - case TELOPT_NEW_ENVIRON: - if (SB_EOF()) - return; - switch(SB_PEEK()) { - case TELQUAL_IS: - case TELQUAL_INFO: - if (my_want_state_is_dont(subchar)) - return; - break; - case TELQUAL_SEND: - if (my_want_state_is_wont(subchar)) { - return; - } - break; - default: - return; - } - env_opt(subpointer, SB_LEN()); - break; - - case TELOPT_XDISPLOC: - if (my_want_state_is_wont(TELOPT_XDISPLOC)) - return; - if (SB_EOF()) - return; - if (SB_GET() == TELQUAL_SEND) { - unsigned char temp[50], *dp; - int len; - - if ((dp = env_getvalue("DISPLAY")) == NULL || - strlen(dp) > sizeof(temp) - 7) { - /* - * Something happened, we no longer have a DISPLAY - * variable. Or it is too long. So, turn off the option. - */ - send_wont(TELOPT_XDISPLOC, 1); - break; - } - snprintf(temp, sizeof(temp), "%c%c%c%c%s%c%c", IAC, SB, - TELOPT_XDISPLOC, TELQUAL_IS, dp, IAC, SE); - len = strlen((char *)temp+4) + 4; /* temp[3] is 0 ... */ - - if (len < NETROOM()) { - ring_supply_data(&netoring, temp, len); - printsub('>', temp+2, len - 2); - } -/*@*/ else printf("lm_will: not enough room in buffer\n"); - } - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: { - if (!autologin) - break; - if (SB_EOF()) - return; - switch(SB_GET()) { - case TELQUAL_IS: - if (my_want_state_is_dont(TELOPT_AUTHENTICATION)) - return; - auth_is(subpointer, SB_LEN()); - break; - case TELQUAL_SEND: - if (my_want_state_is_wont(TELOPT_AUTHENTICATION)) - return; - auth_send(subpointer, SB_LEN()); - break; - case TELQUAL_REPLY: - if (my_want_state_is_wont(TELOPT_AUTHENTICATION)) - return; - auth_reply(subpointer, SB_LEN()); - break; - case TELQUAL_NAME: - if (my_want_state_is_dont(TELOPT_AUTHENTICATION)) - return; - auth_name(subpointer, SB_LEN()); - break; - } - } - break; -#endif -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - if (SB_EOF()) - return; - switch(SB_GET()) { - case ENCRYPT_START: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_start(subpointer, SB_LEN()); - break; - case ENCRYPT_END: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_end(); - break; - case ENCRYPT_SUPPORT: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_support(subpointer, SB_LEN()); - break; - case ENCRYPT_REQSTART: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_request_start(subpointer, SB_LEN()); - break; - case ENCRYPT_REQEND: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - /* - * We can always send an REQEND so that we cannot - * get stuck encrypting. We should only get this - * if we have been able to get in the correct mode - * anyhow. - */ - encrypt_request_end(); - break; - case ENCRYPT_IS: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_is(subpointer, SB_LEN()); - break; - case ENCRYPT_REPLY: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_reply(subpointer, SB_LEN()); - break; - case ENCRYPT_ENC_KEYID: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_enc_keyid(subpointer, SB_LEN()); - break; - case ENCRYPT_DEC_KEYID: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_dec_keyid(subpointer, SB_LEN()); - break; - default: - break; - } - break; -#endif /* ENCRYPTION */ - default: - break; - } -} - -static unsigned char str_lm[] = { IAC, SB, TELOPT_LINEMODE, 0, 0, IAC, SE }; - -void -lm_will(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_will: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: /* We shouldn't ever get this... */ - default: - str_lm[3] = DONT; - str_lm[4] = cmd[0]; - if (NETROOM() > (int)sizeof(str_lm)) { - ring_supply_data(&netoring, str_lm, sizeof(str_lm)); - printsub('>', &str_lm[2], sizeof(str_lm)-2); - } -/*@*/ else printf("lm_will: not enough room in buffer\n"); - break; - } -} - -void -lm_wont(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_wont: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: /* We shouldn't ever get this... */ - default: - /* We are always DONT, so don't respond */ - return; - } -} - -void -lm_do(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_do: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: - default: - str_lm[3] = WONT; - str_lm[4] = cmd[0]; - if (NETROOM() > (int)sizeof(str_lm)) { - ring_supply_data(&netoring, str_lm, sizeof(str_lm)); - printsub('>', &str_lm[2], sizeof(str_lm)-2); - } -/*@*/ else printf("lm_do: not enough room in buffer\n"); - break; - } -} - -void -lm_dont(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_dont: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: - default: - /* we are always WONT, so don't respond */ - break; - } -} - -static unsigned char str_lm_mode[] = { - IAC, SB, TELOPT_LINEMODE, LM_MODE, 0, IAC, SE -}; - -void -lm_mode(unsigned char *cmd, int len, int init) -{ - if (len != 1) - return; - if ((linemode&MODE_MASK&~MODE_ACK) == *cmd) - return; - if (*cmd&MODE_ACK) - return; - linemode = *cmd&(MODE_MASK&~MODE_ACK); - str_lm_mode[4] = linemode; - if (!init) - str_lm_mode[4] |= MODE_ACK; - if (NETROOM() > (int)sizeof(str_lm_mode)) { - ring_supply_data(&netoring, str_lm_mode, sizeof(str_lm_mode)); - printsub('>', &str_lm_mode[2], sizeof(str_lm_mode)-2); - } -/*@*/ else printf("lm_mode: not enough room in buffer\n"); - setconnmode(0); /* set changed mode */ -} - - - -/* - * slc() - * Handle special character suboption of LINEMODE. - */ - -struct spc { - cc_t val; - cc_t *valp; - char flags; /* Current flags & level */ - char mylevel; /* Maximum level & flags */ -} spc_data[NSLC+1]; - -#define SLC_IMPORT 0 -#define SLC_EXPORT 1 -#define SLC_RVALUE 2 -static int slc_mode = SLC_EXPORT; - -void -slc_init(void) -{ - struct spc *spcp; - - localchars = 1; - for (spcp = spc_data; spcp < &spc_data[NSLC+1]; spcp++) { - spcp->val = 0; - spcp->valp = 0; - spcp->flags = spcp->mylevel = SLC_NOSUPPORT; - } - -#define initfunc(func, flags) { \ - spcp = &spc_data[func]; \ - if ((spcp->valp = tcval(func))) { \ - spcp->val = *spcp->valp; \ - spcp->mylevel = SLC_VARIABLE|flags; \ - } else { \ - spcp->val = 0; \ - spcp->mylevel = SLC_DEFAULT; \ - } \ - } - - initfunc(SLC_SYNCH, 0); - /* No BRK */ - initfunc(SLC_AO, 0); - initfunc(SLC_AYT, 0); - /* No EOR */ - initfunc(SLC_ABORT, SLC_FLUSHIN|SLC_FLUSHOUT); - initfunc(SLC_EOF, 0); -#ifndef SYSV_TERMIO - initfunc(SLC_SUSP, SLC_FLUSHIN); -#endif - initfunc(SLC_EC, 0); - initfunc(SLC_EL, 0); -#ifndef SYSV_TERMIO - initfunc(SLC_EW, 0); - initfunc(SLC_RP, 0); - initfunc(SLC_LNEXT, 0); -#endif - initfunc(SLC_XON, 0); - initfunc(SLC_XOFF, 0); -#ifdef SYSV_TERMIO - spc_data[SLC_XON].mylevel = SLC_CANTCHANGE; - spc_data[SLC_XOFF].mylevel = SLC_CANTCHANGE; -#endif - initfunc(SLC_FORW1, 0); -#ifdef USE_TERMIO - initfunc(SLC_FORW2, 0); - /* No FORW2 */ -#endif - - initfunc(SLC_IP, SLC_FLUSHIN|SLC_FLUSHOUT); -#undef initfunc - - if (slc_mode == SLC_EXPORT) - slc_export(); - else - slc_import(1); - -} - -void -slcstate(void) -{ - printf("Special characters are %s values\n", - slc_mode == SLC_IMPORT ? "remote default" : - slc_mode == SLC_EXPORT ? "local" : - "remote"); -} - -void -slc_mode_export(void) -{ - slc_mode = SLC_EXPORT; - if (my_state_is_will(TELOPT_LINEMODE)) - slc_export(); -} - -void -slc_mode_import(int def) -{ - slc_mode = def ? SLC_IMPORT : SLC_RVALUE; - if (my_state_is_will(TELOPT_LINEMODE)) - slc_import(def); -} - -unsigned char slc_import_val[] = { - IAC, SB, TELOPT_LINEMODE, LM_SLC, 0, SLC_VARIABLE, 0, IAC, SE -}; -unsigned char slc_import_def[] = { - IAC, SB, TELOPT_LINEMODE, LM_SLC, 0, SLC_DEFAULT, 0, IAC, SE -}; - -void -slc_import(int def) -{ - if (NETROOM() > (int)sizeof(slc_import_val)) { - if (def) { - ring_supply_data(&netoring, slc_import_def, sizeof(slc_import_def)); - printsub('>', &slc_import_def[2], sizeof(slc_import_def)-2); - } else { - ring_supply_data(&netoring, slc_import_val, sizeof(slc_import_val)); - printsub('>', &slc_import_val[2], sizeof(slc_import_val)-2); - } - } -/*@*/ else printf("slc_import: not enough room\n"); -} - -void -slc_export(void) -{ - struct spc *spcp; - - TerminalDefaultChars(); - - slc_start_reply(); - for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) { - if (spcp->mylevel != SLC_NOSUPPORT) { - if (spcp->val == (cc_t)(_POSIX_VDISABLE)) - spcp->flags = SLC_NOSUPPORT; - else - spcp->flags = spcp->mylevel; - if (spcp->valp) - spcp->val = *spcp->valp; - slc_add_reply(spcp - spc_data, spcp->flags, spcp->val); - } - } - slc_end_reply(); - (void)slc_update(); - setconnmode(1); /* Make sure the character values are set */ -} - -void -slc(unsigned char *cp, int len) -{ - struct spc *spcp; - int func,level; - - slc_start_reply(); - - for (; len >= 3; len -=3, cp +=3) { - - func = cp[SLC_FUNC]; - - if (func == 0) { - /* - * Client side: always ignore 0 function. - */ - continue; - } - if (func > NSLC) { - if ((cp[SLC_FLAGS] & SLC_LEVELBITS) != SLC_NOSUPPORT) - slc_add_reply(func, SLC_NOSUPPORT, 0); - continue; - } - - spcp = &spc_data[func]; - - level = cp[SLC_FLAGS]&(SLC_LEVELBITS|SLC_ACK); - - if ((cp[SLC_VALUE] == (unsigned char)spcp->val) && - ((level&SLC_LEVELBITS) == (spcp->flags&SLC_LEVELBITS))) { - continue; - } - - if (level == (SLC_DEFAULT|SLC_ACK)) { - /* - * This is an error condition, the SLC_ACK - * bit should never be set for the SLC_DEFAULT - * level. Our best guess to recover is to - * ignore the SLC_ACK bit. - */ - cp[SLC_FLAGS] &= ~SLC_ACK; - } - - if (level == ((spcp->flags&SLC_LEVELBITS)|SLC_ACK)) { - spcp->val = (cc_t)cp[SLC_VALUE]; - spcp->flags = cp[SLC_FLAGS]; /* include SLC_ACK */ - continue; - } - - level &= ~SLC_ACK; - - if (level <= (spcp->mylevel&SLC_LEVELBITS)) { - spcp->flags = cp[SLC_FLAGS]|SLC_ACK; - spcp->val = (cc_t)cp[SLC_VALUE]; - } - if (level == SLC_DEFAULT) { - if ((spcp->mylevel&SLC_LEVELBITS) != SLC_DEFAULT) - spcp->flags = spcp->mylevel; - else - spcp->flags = SLC_NOSUPPORT; - } - slc_add_reply(func, spcp->flags, spcp->val); - } - slc_end_reply(); - if (slc_update()) - setconnmode(1); /* set the new character values */ -} - -void -slc_check(void) -{ - struct spc *spcp; - - slc_start_reply(); - for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) { - if (spcp->valp && spcp->val != *spcp->valp) { - spcp->val = *spcp->valp; - if (spcp->val == (cc_t)(_POSIX_VDISABLE)) - spcp->flags = SLC_NOSUPPORT; - else - spcp->flags = spcp->mylevel; - slc_add_reply(spcp - spc_data, spcp->flags, spcp->val); - } - } - slc_end_reply(); - setconnmode(1); -} - -unsigned char slc_reply[128]; -unsigned char const * const slc_reply_eom = &slc_reply[sizeof(slc_reply)]; -unsigned char *slc_replyp; - -void -slc_start_reply(void) -{ - slc_replyp = slc_reply; - *slc_replyp++ = IAC; - *slc_replyp++ = SB; - *slc_replyp++ = TELOPT_LINEMODE; - *slc_replyp++ = LM_SLC; -} - -void -slc_add_reply(unsigned char func, unsigned char flags, cc_t value) -{ - /* A sequence of up to 6 bytes my be written for this member of the SLC - * suboption list by this function. The end of negotiation command, - * which is written by slc_end_reply(), will require 2 additional - * bytes. Do not proceed unless there is sufficient space for these - * items. - */ - if (&slc_replyp[6+2] > slc_reply_eom) - return; - if ((*slc_replyp++ = func) == IAC) - *slc_replyp++ = IAC; - if ((*slc_replyp++ = flags) == IAC) - *slc_replyp++ = IAC; - if ((*slc_replyp++ = (unsigned char)value) == IAC) - *slc_replyp++ = IAC; -} - -void -slc_end_reply(void) -{ - int len; - - *slc_replyp++ = IAC; - *slc_replyp++ = SE; - len = slc_replyp - slc_reply; - if (len <= 6) - return; - if (NETROOM() > len) { - ring_supply_data(&netoring, slc_reply, slc_replyp - slc_reply); - printsub('>', &slc_reply[2], slc_replyp - slc_reply - 2); - } -/*@*/else printf("slc_end_reply: not enough room\n"); -} - -int -slc_update(void) -{ - struct spc *spcp; - int need_update = 0; - - for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) { - if (!(spcp->flags&SLC_ACK)) - continue; - spcp->flags &= ~SLC_ACK; - if (spcp->valp && (*spcp->valp != spcp->val)) { - *spcp->valp = spcp->val; - need_update = 1; - } - } - return(need_update); -} - -#ifdef OLD_ENVIRON -# ifdef ENV_HACK -/* - * Earlier version of telnet/telnetd from the BSD code had - * the definitions of VALUE and VAR reversed. To ensure - * maximum interoperability, we assume that the server is - * an older BSD server, until proven otherwise. The newer - * BSD servers should be able to handle either definition, - * so it is better to use the wrong values if we don't - * know what type of server it is. - */ -int env_auto = 1; -int old_env_var = OLD_ENV_VAR; -int old_env_value = OLD_ENV_VALUE; -# else -# define old_env_var OLD_ENV_VAR -# define old_env_value OLD_ENV_VALUE -# endif -#endif - -void -env_opt(unsigned char *buf, int len) -{ - unsigned char *ep = 0, *epc = 0; - int i; - - switch(buf[0]&0xff) { - case TELQUAL_SEND: - env_opt_start(); - if (len == 1) { - env_opt_add(NULL); - } else for (i = 1; i < len; i++) { - switch (buf[i]&0xff) { -#ifdef OLD_ENVIRON - case OLD_ENV_VAR: -# ifdef ENV_HACK - if (telopt_environ == TELOPT_OLD_ENVIRON - && env_auto) { - /* Server has the same definitions */ - old_env_var = OLD_ENV_VAR; - old_env_value = OLD_ENV_VALUE; - } - /* FALL THROUGH */ -# endif - case OLD_ENV_VALUE: - /* - * Although OLD_ENV_VALUE is not legal, we will - * still recognize it, just in case it is an - * old server that has VAR & VALUE mixed up... - */ - /* FALL THROUGH */ -#else - case NEW_ENV_VAR: -#endif - case ENV_USERVAR: - if (ep) { - *epc = 0; - env_opt_add(ep); - } - ep = epc = &buf[i+1]; - break; - case ENV_ESC: - i++; - /*FALL THROUGH*/ - default: - if (epc) - *epc++ = buf[i]; - break; - } - } - if (ep) { - *epc = 0; - env_opt_add(ep); - } - env_opt_end(1); - break; - - case TELQUAL_IS: - case TELQUAL_INFO: - /* Ignore for now. We shouldn't get it anyway. */ - break; - - default: - break; - } -} - -#define OPT_REPLY_SIZE 256 -unsigned char *opt_reply; -unsigned char *opt_replyp; -unsigned char *opt_replyend; - -void -env_opt_start(void) -{ - if (opt_reply) - opt_reply = (unsigned char *)realloc(opt_reply, OPT_REPLY_SIZE); - else - opt_reply = (unsigned char *)malloc(OPT_REPLY_SIZE); - if (opt_reply == NULL) { -/*@*/ printf("env_opt_start: malloc()/realloc() failed!!!\n"); - opt_reply = opt_replyp = opt_replyend = NULL; - return; - } - opt_replyp = opt_reply; - opt_replyend = opt_reply + OPT_REPLY_SIZE; - *opt_replyp++ = IAC; - *opt_replyp++ = SB; - *opt_replyp++ = telopt_environ; - *opt_replyp++ = TELQUAL_IS; -} - -void -env_opt_start_info(void) -{ - env_opt_start(); - if (opt_replyp) - opt_replyp[-1] = TELQUAL_INFO; -} - -void -env_opt_add(unsigned char *ep) -{ - unsigned char *vp, c; - - if (opt_reply == NULL) /*XXX*/ - return; /*XXX*/ - - if (ep == NULL || *ep == '\0') { - /* Send user defined variables first. */ - env_default(1, 0); - while ((ep = env_default(0, 0))) - env_opt_add(ep); - - /* Now add the list of well know variables. */ - env_default(1, 1); - while ((ep = env_default(0, 1))) - env_opt_add(ep); - return; - } - vp = env_getvalue(ep); - if (opt_replyp + 2*(vp ? strlen((char *)vp) : 0) + - 2*strlen((char *)ep) + 6 > opt_replyend) - { - int len; - opt_replyend += OPT_REPLY_SIZE + 2*strlen((char *)ep) + 2*(vp ? strlen((char *)vp) : 0); - len = opt_replyend - opt_reply; - opt_reply = (unsigned char *)realloc(opt_reply, len); - if (opt_reply == NULL) { -/*@*/ printf("env_opt_add: realloc() failed!!!\n"); - opt_reply = opt_replyp = opt_replyend = NULL; - return; - } - opt_replyp = opt_reply + len - (opt_replyend - opt_replyp); - opt_replyend = opt_reply + len; - } - if (opt_welldefined(ep)) -#ifdef OLD_ENVIRON - if (telopt_environ == TELOPT_OLD_ENVIRON) - *opt_replyp++ = old_env_var; - else -#endif - *opt_replyp++ = NEW_ENV_VAR; - else - *opt_replyp++ = ENV_USERVAR; - for (;;) { - while ((c = *ep++)) { - switch(c&0xff) { - case IAC: - *opt_replyp++ = IAC; - break; - case NEW_ENV_VAR: - case NEW_ENV_VALUE: - case ENV_ESC: - case ENV_USERVAR: - *opt_replyp++ = ENV_ESC; - break; - } - *opt_replyp++ = c; - } - if ((ep = vp)) { -#ifdef OLD_ENVIRON - if (telopt_environ == TELOPT_OLD_ENVIRON) - *opt_replyp++ = old_env_value; - else -#endif - *opt_replyp++ = NEW_ENV_VALUE; - vp = NULL; - } else - break; - } -} - -int -opt_welldefined(const char *ep) -{ - if ((strcmp(ep, "USER") == 0) || - (strcmp(ep, "DISPLAY") == 0) || - (strcmp(ep, "PRINTER") == 0) || - (strcmp(ep, "SYSTEMTYPE") == 0) || - (strcmp(ep, "JOB") == 0) || - (strcmp(ep, "ACCT") == 0)) - return(1); - return(0); -} - -void -env_opt_end(int emptyok) -{ - int len; - - len = opt_replyp - opt_reply + 2; - if (emptyok || len > 6) { - *opt_replyp++ = IAC; - *opt_replyp++ = SE; - if (NETROOM() > len) { - ring_supply_data(&netoring, opt_reply, len); - printsub('>', &opt_reply[2], len - 2); - } -/*@*/ else printf("slc_end_reply: not enough room\n"); - } - if (opt_reply) { - free(opt_reply); - opt_reply = opt_replyp = opt_replyend = NULL; - } -} - - - -int -telrcv(void) -{ - int c; - int scc; - unsigned char *sbp; - int count; - int returnValue = 0; - - scc = 0; - count = 0; - while (TTYROOM() > 2) { - if (scc == 0) { - if (count) { - ring_consumed(&netiring, count); - returnValue = 1; - count = 0; - } - sbp = netiring.consume; - scc = ring_full_consecutive(&netiring); - if (scc == 0) { - /* No more data coming in */ - break; - } - } - - c = *sbp++ & 0xff, scc--; count++; -#ifdef ENCRYPTION - if (decrypt_input) - c = (*decrypt_input)(c); -#endif /* ENCRYPTION */ - - switch (telrcv_state) { - - case TS_CR: - telrcv_state = TS_DATA; - if (c == '\0') { - break; /* Ignore \0 after CR */ - } - else if ((c == '\n') && my_want_state_is_dont(TELOPT_ECHO) && !crmod) { - TTYADD(c); - break; - } - /* Else, fall through */ - - case TS_DATA: - if (c == IAC) { - telrcv_state = TS_IAC; - break; - } - /* - * The 'crmod' hack (see following) is needed - * since we can't * set CRMOD on output only. - * Machines like MULTICS like to send \r without - * \n; since we must turn off CRMOD to get proper - * input, the mapping is done here (sigh). - */ - if ((c == '\r') && my_want_state_is_dont(TELOPT_BINARY)) { - if (scc > 0) { - c = *sbp&0xff; -#ifdef ENCRYPTION - if (decrypt_input) - c = (*decrypt_input)(c); -#endif /* ENCRYPTION */ - if (c == 0) { - sbp++, scc--; count++; - /* a "true" CR */ - TTYADD('\r'); - } else if (my_want_state_is_dont(TELOPT_ECHO) && - (c == '\n')) { - sbp++, scc--; count++; - TTYADD('\n'); - } else { -#ifdef ENCRYPTION - if (decrypt_input) - (*decrypt_input)(-1); -#endif /* ENCRYPTION */ - - TTYADD('\r'); - if (crmod) { - TTYADD('\n'); - } - } - } else { - telrcv_state = TS_CR; - TTYADD('\r'); - if (crmod) { - TTYADD('\n'); - } - } - } else { - TTYADD(c); - } - continue; - - case TS_IAC: -process_iac: - switch (c) { - - case WILL: - telrcv_state = TS_WILL; - continue; - - case WONT: - telrcv_state = TS_WONT; - continue; - - case DO: - telrcv_state = TS_DO; - continue; - - case DONT: - telrcv_state = TS_DONT; - continue; - - case DM: - /* - * We may have missed an urgent notification, - * so make sure we flush whatever is in the - * buffer currently. - */ - printoption("RCVD", IAC, DM); - SYNCHing = 1; - (void) ttyflush(1); - SYNCHing = stilloob(); - settimer(gotDM); - break; - - case SB: - SB_CLEAR(); - telrcv_state = TS_SB; - continue; - - case IAC: - TTYADD(IAC); - break; - - case NOP: - case GA: - default: - printoption("RCVD", IAC, c); - break; - } - telrcv_state = TS_DATA; - continue; - - case TS_WILL: - printoption("RCVD", WILL, c); - willoption(c); - telrcv_state = TS_DATA; - continue; - - case TS_WONT: - printoption("RCVD", WONT, c); - wontoption(c); - telrcv_state = TS_DATA; - continue; - - case TS_DO: - printoption("RCVD", DO, c); - dooption(c); - if (c == TELOPT_NAWS) { - sendnaws(); - } else if (c == TELOPT_LFLOW) { - localflow = 1; - setcommandmode(); - setconnmode(0); - } - telrcv_state = TS_DATA; - continue; - - case TS_DONT: - printoption("RCVD", DONT, c); - dontoption(c); - flushline = 1; - setconnmode(0); /* set new tty mode (maybe) */ - telrcv_state = TS_DATA; - continue; - - case TS_SB: - if (c == IAC) { - telrcv_state = TS_SE; - } else { - SB_ACCUM(c); - } - continue; - - case TS_SE: - if (c != SE) { - if (c != IAC) { - /* - * This is an error. We only expect to get - * "IAC IAC" or "IAC SE". Several things may - * have happend. An IAC was not doubled, the - * IAC SE was left off, or another option got - * inserted into the suboption are all possibilities. - * If we assume that the IAC was not doubled, - * and really the IAC SE was left off, we could - * get into an infinate loop here. So, instead, - * we terminate the suboption, and process the - * partial suboption if we can. - */ - SB_ACCUM(IAC); - SB_ACCUM(c); - subpointer -= 2; - SB_TERM(); - - printoption("In SUBOPTION processing, RCVD", IAC, c); - suboption(); /* handle sub-option */ - telrcv_state = TS_IAC; - goto process_iac; - } - SB_ACCUM(c); - telrcv_state = TS_SB; - } else { - SB_ACCUM(IAC); - SB_ACCUM(SE); - subpointer -= 2; - SB_TERM(); - suboption(); /* handle sub-option */ - telrcv_state = TS_DATA; - } - } - } - if (count) - ring_consumed(&netiring, count); - return returnValue||count; -} - -static int bol = 1, local = 0; - -int -rlogin_susp(void) -{ - if (local) { - local = 0; - bol = 1; - command(0, "z\n", 2); - return(1); - } - return(0); -} - -static int -telsnd(void) -{ - int tcc; - int count; - int returnValue = 0; - unsigned char *tbp; - - tcc = 0; - count = 0; - while (NETROOM() > 2) { - int sc; - int c; - - if (tcc == 0) { - if (count) { - ring_consumed(&ttyiring, count); - returnValue = 1; - count = 0; - } - tbp = ttyiring.consume; - tcc = ring_full_consecutive(&ttyiring); - if (tcc == 0) { - break; - } - } - c = *tbp++ & 0xff, sc = strip(c), tcc--; count++; - if (rlogin != _POSIX_VDISABLE) { - if (bol) { - bol = 0; - if (sc == rlogin) { - local = 1; - continue; - } - } else if (local) { - local = 0; - if (sc == '.' || c == termEofChar) { - bol = 1; - command(0, "close\n", 6); - continue; - } - if (sc == termSuspChar) { - bol = 1; - command(0, "z\n", 2); - continue; - } - if (sc == escape) { - command(0, tbp, tcc); - bol = 1; - count += tcc; - tcc = 0; - flushline = 1; - break; - } - if (sc != rlogin) { - ++tcc; - --tbp; - --count; - c = sc = rlogin; - } - } - if ((sc == '\n') || (sc == '\r')) - bol = 1; - } else if (escape != _POSIX_VDISABLE && sc == escape) { - /* - * Double escape is a pass through of a single escape character. - */ - if (tcc && strip(*tbp) == escape) { - tbp++; - tcc--; - count++; - bol = 0; - } else { - command(0, (char *)tbp, tcc); - bol = 1; - count += tcc; - tcc = 0; - flushline = 1; - break; - } - } else - bol = 0; -#ifdef KLUDGELINEMODE - if (kludgelinemode && (globalmode&MODE_EDIT) && (sc == echoc)) { - if (tcc > 0 && strip(*tbp) == echoc) { - tcc--; tbp++; count++; - } else { - dontlecho = !dontlecho; - settimer(echotoggle); - setconnmode(0); - flushline = 1; - break; - } - } -#endif - if (MODE_LOCAL_CHARS(globalmode)) { - if (TerminalSpecialChars(sc) == 0) { - bol = 1; - break; - } - } - if (my_want_state_is_wont(TELOPT_BINARY)) { - switch (c) { - case '\n': - /* - * If we are in CRMOD mode (\r ==> \n) - * on our local machine, then probably - * a newline (unix) is CRLF (TELNET). - */ - if (MODE_LOCAL_CHARS(globalmode)) { - NETADD('\r'); - } - NETADD('\n'); - bol = flushline = 1; - break; - case '\r': - if (!crlf) { - NET2ADD('\r', '\0'); - } else { - NET2ADD('\r', '\n'); - } - bol = flushline = 1; - break; - case IAC: - NET2ADD(IAC, IAC); - break; - default: - NETADD(c); - break; - } - } else if (c == IAC) { - NET2ADD(IAC, IAC); - } else { - NETADD(c); - } - } - if (count) - ring_consumed(&ttyiring, count); - return returnValue||count; /* Non-zero if we did anything */ -} - -/* - * Scheduler() - * - * Try to do something. - * - * If we do something useful, return 1; else return 0. - * - */ - -static int -Scheduler(int block) -{ - /* One wants to be a bit careful about setting returnValue - * to one, since a one implies we did some useful work, - * and therefore probably won't be called to block next - */ - int returnValue; - int netin, netout, netex, ttyin, ttyout; - - /* Decide which rings should be processed */ - - netout = ring_full_count(&netoring) && - (flushline || - (my_want_state_is_wont(TELOPT_LINEMODE) -#ifdef KLUDGELINEMODE - && (!kludgelinemode || my_want_state_is_do(TELOPT_SGA)) -#endif - ) || - my_want_state_is_will(TELOPT_BINARY)); - ttyout = ring_full_count(&ttyoring); - - ttyin = ring_empty_count(&ttyiring) && (clienteof == 0); - - netin = !ISend && ring_empty_count(&netiring); - - netex = !SYNCHing; - - /* Call to system code to process rings */ - - returnValue = process_rings(netin, netout, netex, ttyin, ttyout, !block); - - /* Now, look at the input rings, looking for work to do. */ - - if (ring_full_count(&ttyiring)) { - returnValue |= telsnd(); - } - - if (ring_full_count(&netiring)) { - returnValue |= telrcv(); - } - return returnValue; -} - -#ifdef AUTHENTICATION -#define __unusedhere -#else -#define __unusedhere __unused -#endif -/* - * Select from tty and network... - */ -void -telnet(char *user __unusedhere) -{ - sys_telnet_init(); - -#ifdef AUTHENTICATION -#ifdef ENCRYPTION - { - static char local_host[256] = { 0 }; - - if (!local_host[0]) { - gethostname(local_host, sizeof(local_host)); - local_host[sizeof(local_host)-1] = 0; - } - auth_encrypt_init(local_host, hostname, "TELNET", 0); - auth_encrypt_user(user); - } -#endif -#endif - if (telnetport) { -#ifdef AUTHENTICATION - if (autologin) - send_will(TELOPT_AUTHENTICATION, 1); -#endif -#ifdef ENCRYPTION - send_do(TELOPT_ENCRYPT, 1); - send_will(TELOPT_ENCRYPT, 1); -#endif /* ENCRYPTION */ - send_do(TELOPT_SGA, 1); - send_will(TELOPT_TTYPE, 1); - send_will(TELOPT_NAWS, 1); - send_will(TELOPT_TSPEED, 1); - send_will(TELOPT_LFLOW, 1); - send_will(TELOPT_LINEMODE, 1); - send_will(TELOPT_NEW_ENVIRON, 1); - send_do(TELOPT_STATUS, 1); - if (env_getvalue("DISPLAY")) - send_will(TELOPT_XDISPLOC, 1); - if (eight) - tel_enter_binary(eight); - } - - for (;;) { - int schedValue; - - while ((schedValue = Scheduler(0)) != 0) { - if (schedValue == -1) { - setcommandmode(); - return; - } - } - - if (Scheduler(1) == -1) { - setcommandmode(); - return; - } - } -} - -#if 0 /* XXX - this not being in is a bug */ -/* - * nextitem() - * - * Return the address of the next "item" in the TELNET data - * stream. This will be the address of the next character if - * the current address is a user data character, or it will - * be the address of the character following the TELNET command - * if the current address is a TELNET IAC ("I Am a Command") - * character. - */ - -static char * -nextitem(char *current) -{ - if ((*current&0xff) != IAC) { - return current+1; - } - switch (*(current+1)&0xff) { - case DO: - case DONT: - case WILL: - case WONT: - return current+3; - case SB: /* loop forever looking for the SE */ - { - char *look = current+2; - - for (;;) { - if ((*look++&0xff) == IAC) { - if ((*look++&0xff) == SE) { - return look; - } - } - } - } - default: - return current+2; - } -} -#endif /* 0 */ - -/* - * netclear() - * - * We are about to do a TELNET SYNCH operation. Clear - * the path to the network. - * - * Things are a bit tricky since we may have sent the first - * byte or so of a previous TELNET command into the network. - * So, we have to scan the network buffer from the beginning - * until we are up to where we want to be. - * - * A side effect of what we do, just to keep things - * simple, is to clear the urgent data pointer. The principal - * caller should be setting the urgent data pointer AFTER calling - * us in any case. - */ - -static void -netclear(void) -{ - /* Deleted */ -} - -/* - * These routines add various telnet commands to the data stream. - */ - -static void -doflush(void) -{ - NET2ADD(IAC, DO); - NETADD(TELOPT_TM); - flushline = 1; - flushout = 1; - (void) ttyflush(1); /* Flush/drop output */ - /* do printoption AFTER flush, otherwise the output gets tossed... */ - printoption("SENT", DO, TELOPT_TM); -} - -void -xmitAO(void) -{ - NET2ADD(IAC, AO); - printoption("SENT", IAC, AO); - if (autoflush) { - doflush(); - } -} - -void -xmitEL(void) -{ - NET2ADD(IAC, EL); - printoption("SENT", IAC, EL); -} - -void -xmitEC(void) -{ - NET2ADD(IAC, EC); - printoption("SENT", IAC, EC); -} - -int -dosynch(char *ch __unused) -{ - netclear(); /* clear the path to the network */ - NETADD(IAC); - setneturg(); - NETADD(DM); - printoption("SENT", IAC, DM); - return 1; -} - -int want_status_response = 0; - -int -get_status(char *ch __unused) -{ - unsigned char tmp[16]; - unsigned char *cp; - - if (my_want_state_is_dont(TELOPT_STATUS)) { - printf("Remote side does not support STATUS option\n"); - return 0; - } - cp = tmp; - - *cp++ = IAC; - *cp++ = SB; - *cp++ = TELOPT_STATUS; - *cp++ = TELQUAL_SEND; - *cp++ = IAC; - *cp++ = SE; - if (NETROOM() >= cp - tmp) { - ring_supply_data(&netoring, tmp, cp-tmp); - printsub('>', tmp+2, cp - tmp - 2); - } - ++want_status_response; - return 1; -} - -void -intp(void) -{ - NET2ADD(IAC, IP); - printoption("SENT", IAC, IP); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(NULL); - } -} - -void -sendbrk(void) -{ - NET2ADD(IAC, BREAK); - printoption("SENT", IAC, BREAK); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(NULL); - } -} - -void -sendabort(void) -{ - NET2ADD(IAC, ABORT); - printoption("SENT", IAC, ABORT); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(NULL); - } -} - -void -sendsusp(void) -{ - NET2ADD(IAC, SUSP); - printoption("SENT", IAC, SUSP); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(NULL); - } -} - -void -sendeof(void) -{ - NET2ADD(IAC, xEOF); - printoption("SENT", IAC, xEOF); -} - -void -sendayt(void) -{ - NET2ADD(IAC, AYT); - printoption("SENT", IAC, AYT); -} - -/* - * Send a window size update to the remote system. - */ - -void -sendnaws(void) -{ - long rows, cols; - unsigned char tmp[16]; - unsigned char *cp; - - if (my_state_is_wont(TELOPT_NAWS)) - return; - -#define PUTSHORT(cp, x) { if ((*cp++ = ((x)>>8)&0xff) == IAC) *cp++ = IAC; \ - if ((*cp++ = ((x))&0xff) == IAC) *cp++ = IAC; } - - if (TerminalWindowSize(&rows, &cols) == 0) { /* Failed */ - return; - } - - cp = tmp; - - *cp++ = IAC; - *cp++ = SB; - *cp++ = TELOPT_NAWS; - PUTSHORT(cp, cols); - PUTSHORT(cp, rows); - *cp++ = IAC; - *cp++ = SE; - if (NETROOM() >= cp - tmp) { - ring_supply_data(&netoring, tmp, cp-tmp); - printsub('>', tmp+2, cp - tmp - 2); - } -} - -void -tel_enter_binary(int rw) -{ - if (rw&1) - send_do(TELOPT_BINARY, 1); - if (rw&2) - send_will(TELOPT_BINARY, 1); -} - -void -tel_leave_binary(int rw) -{ - if (rw&1) - send_dont(TELOPT_BINARY, 1); - if (rw&2) - send_wont(TELOPT_BINARY, 1); -} diff --git a/telnet.tproj/terminal.c b/telnet.tproj/terminal.c deleted file mode 100644 index ab72f07..0000000 --- a/telnet.tproj/terminal.c +++ /dev/null @@ -1,242 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -#ifdef __FBSDID -__FBSDID("$FreeBSD: src/crypto/telnet/telnet/terminal.c,v 1.2.8.2 2002/04/13 10:59:08 markm Exp $"); -#endif - -#ifndef lint -static const char sccsid[] = "@(#)terminal.c 8.2 (Berkeley) 2/16/95"; -#endif - -#include -#include - -#include "ring.h" - -#include "externs.h" -#include "types.h" - -#ifdef ENCRYPTION -#include -#endif - -Ring ttyoring, ttyiring; -unsigned char ttyobuf[2*BUFSIZ], ttyibuf[BUFSIZ]; - -int termdata; /* Debugging flag */ - -#ifdef USE_TERMIO -# ifndef VDISCARD -cc_t termFlushChar; -# endif -# ifndef VLNEXT -cc_t termLiteralNextChar; -# endif -# ifndef VSUSP -cc_t termSuspChar; -# endif -# ifndef VWERASE -cc_t termWerasChar; -# endif -# ifndef VREPRINT -cc_t termRprntChar; -# endif -# ifndef VSTART -cc_t termStartChar; -# endif -# ifndef VSTOP -cc_t termStopChar; -# endif -# ifndef VEOL -cc_t termForw1Char; -# endif -# ifndef VEOL2 -cc_t termForw2Char; -# endif -# ifndef VSTATUS -cc_t termAytChar; -# endif -#else -cc_t termForw2Char; -cc_t termAytChar; -#endif - -/* - * initialize the terminal data structures. - */ - -void -init_terminal(void) -{ - if (ring_init(&ttyoring, ttyobuf, sizeof ttyobuf) != 1) { - exit(1); - } - if (ring_init(&ttyiring, ttyibuf, sizeof ttyibuf) != 1) { - exit(1); - } - autoflush = TerminalAutoFlush(); -} - -/* - * Send as much data as possible to the terminal. - * - * Return value: - * -1: No useful work done, data waiting to go out. - * 0: No data was waiting, so nothing was done. - * 1: All waiting data was written out. - * n: All data - n was written out. - */ - -int -ttyflush(int drop) -{ - int n, n0, n1; - - n0 = ring_full_count(&ttyoring); - if ((n1 = n = ring_full_consecutive(&ttyoring)) > 0) { - if (drop) { - TerminalFlushOutput(); - /* we leave 'n' alone! */ - } else { - n = TerminalWrite(ttyoring.consume, n); - } - } - if (n > 0) { - if (termdata && n) { - Dump('>', ttyoring.consume, n); - } - /* - * If we wrote everything, and the full count is - * larger than what we wrote, then write the - * rest of the buffer. - */ - if (n1 == n && n0 > n) { - n1 = n0 - n; - if (!drop) - n1 = TerminalWrite(ttyoring.bottom, n1); - if (n1 > 0) - n += n1; - } - ring_consumed(&ttyoring, n); - } - if (n < 0) - return -1; - if (n == n0) { - if (n0) - return -1; - return 0; - } - return n0 - n + 1; -} - - -/* - * These routines decides on what the mode should be (based on the values - * of various global variables). - */ - - -int -getconnmode(void) -{ - extern int linemode; - int mode = 0; -#ifdef KLUDGELINEMODE - extern int kludgelinemode; -#endif - - if (my_want_state_is_dont(TELOPT_ECHO)) - mode |= MODE_ECHO; - - if (localflow) - mode |= MODE_FLOW; - - if (my_want_state_is_will(TELOPT_BINARY)) - mode |= MODE_INBIN; - - if (his_want_state_is_will(TELOPT_BINARY)) - mode |= MODE_OUTBIN; - -#ifdef KLUDGELINEMODE - if (kludgelinemode) { - if (my_want_state_is_dont(TELOPT_SGA)) { - mode |= (MODE_TRAPSIG|MODE_EDIT); - if (dontlecho && (clocks.echotoggle > clocks.modenegotiated)) { - mode &= ~MODE_ECHO; - } - } - return(mode); - } -#endif - if (my_want_state_is_will(TELOPT_LINEMODE)) - mode |= linemode; - return(mode); -} - -void -setconnmode(int force) -{ -#ifdef ENCRYPTION - static int enc_passwd = 0; -#endif /* ENCRYPTION */ - int newmode; - - newmode = getconnmode()|(force?MODE_FORCE:0); - - TerminalNewMode(newmode); - -#ifdef ENCRYPTION - if ((newmode & (MODE_ECHO|MODE_EDIT)) == MODE_EDIT) { - if (my_want_state_is_will(TELOPT_ENCRYPT) - && (enc_passwd == 0) && !encrypt_output) { - encrypt_request_start(0, 0); - enc_passwd = 1; - } - } else { - if (enc_passwd) { - encrypt_request_end(); - enc_passwd = 0; - } - } -#endif /* ENCRYPTION */ - -} - -void -setcommandmode(void) -{ - TerminalNewMode(-1); -} diff --git a/telnet.tproj/tn3270.c b/telnet.tproj/tn3270.c deleted file mode 100644 index 875d386..0000000 --- a/telnet.tproj/tn3270.c +++ /dev/null @@ -1,434 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)tn3270.c 8.2 (Berkeley) 5/30/95"; -#endif /* not lint */ - -#include -#include - -#include "general.h" - -#include "defines.h" -#include "ring.h" -#include "externs.h" -#include "fdset.h" - -#if defined(TN3270) - -#include "../ctlr/screen.h" -#include "../general/globals.h" - -#include "../sys_curses/telextrn.h" -#include "../ctlr/externs.h" - -#if defined(unix) || defined(__APPLE__) -int - HaveInput, /* There is input available to scan */ - cursesdata, /* Do we dump curses data? */ - sigiocount; /* Number of times we got a SIGIO */ - -char tline[200]; -char *transcom = 0; /* transparent mode command (default: none) */ -#endif /* defined(unix) || defined(__APPLE__) */ - -char Ibuf[8*BUFSIZ], *Ifrontp, *Ibackp; - -static char sb_terminal[] = { IAC, SB, - TELOPT_TTYPE, TELQUAL_IS, - 'I', 'B', 'M', '-', '3', '2', '7', '8', '-', '2', - IAC, SE }; -#define SBTERMMODEL 13 - -static int - Sent3270TerminalType; /* Have we said we are a 3270? */ - -#endif /* defined(TN3270) */ - - - void -init_3270() -{ -#if defined(TN3270) -#if defined(unix) || defined(__APPLE__) - HaveInput = 0; - sigiocount = 0; -#endif /* defined(unix) || defined(__APPLE__) */ - Sent3270TerminalType = 0; - Ifrontp = Ibackp = Ibuf; - init_ctlr(); /* Initialize some things */ - init_keyboard(); - init_screen(); - init_system(); -#endif /* defined(TN3270) */ -} - - -#if defined(TN3270) - -/* - * DataToNetwork - queue up some data to go to network. If "done" is set, - * then when last byte is queued, we add on an IAC EOR sequence (so, - * don't call us with "done" until you want that done...) - * - * We actually do send all the data to the network buffer, since our - * only client needs for us to do that. - */ - - int -DataToNetwork(buffer, count, done) - register char *buffer; /* where the data is */ - register int count; /* how much to send */ - int done; /* is this the last of a logical block */ -{ - register int loop, c; - int origCount; - - origCount = count; - - while (count) { - /* If not enough room for EORs, IACs, etc., wait */ - if (NETROOM() < 6) { - fd_set o; - - FD_ZERO(&o); - netflush(); - while (NETROOM() < 6) { - FD_SET(net, &o); - (void) select(net+1, (fd_set *) 0, &o, (fd_set *) 0, - (struct timeval *) 0); - netflush(); - } - } - c = ring_empty_count(&netoring); - if (c > count) { - c = count; - } - loop = c; - while (loop) { - if (((unsigned char)*buffer) == IAC) { - break; - } - buffer++; - loop--; - } - if ((c = c-loop)) { - ring_supply_data(&netoring, buffer-c, c); - count -= c; - } - if (loop) { - NET2ADD(IAC, IAC); - count--; - buffer++; - } - } - - if (done) { - NET2ADD(IAC, EOR); - netflush(); /* try to move along as quickly as ... */ - } - return(origCount - count); -} - - -#if defined(unix) || defined(__APPLE__) - void -inputAvailable(signo) - int signo; -{ - HaveInput = 1; - sigiocount++; -} -#endif /* defined(unix) || defined(__APPLE__) */ - - void -outputPurge() -{ - (void) ttyflush(1); -} - - -/* - * The following routines are places where the various tn3270 - * routines make calls into telnet.c. - */ - -/* - * DataToTerminal - queue up some data to go to terminal. - * - * Note: there are people who call us and depend on our processing - * *all* the data at one time (thus the select). - */ - - int -DataToTerminal(buffer, count) - register char *buffer; /* where the data is */ - register int count; /* how much to send */ -{ - register int c; - int origCount; - - origCount = count; - - while (count) { - if (TTYROOM() == 0) { -#if defined(unix) || defined(__APPLE__) - fd_set o; - - FD_ZERO(&o); -#endif /* defined(unix) || defined(__APPLE__) */ - (void) ttyflush(0); - while (TTYROOM() == 0) { -#if defined(unix) || defined(__APPLE__) - FD_SET(tout, &o); - (void) select(tout+1, (fd_set *) 0, &o, (fd_set *) 0, - (struct timeval *) 0); -#endif /* defined(unix) || defined(__APPLE__) */ - (void) ttyflush(0); - } - } - c = TTYROOM(); - if (c > count) { - c = count; - } - ring_supply_data(&ttyoring, buffer, c); - count -= c; - buffer += c; - } - return(origCount); -} - - -/* - * Push3270 - Try to send data along the 3270 output (to screen) direction. - */ - - int -Push3270() -{ - int save = ring_full_count(&netiring); - - if (save) { - if (Ifrontp+save > Ibuf+sizeof Ibuf) { - if (Ibackp != Ibuf) { - memmove(Ibuf, Ibackp, Ifrontp-Ibackp); - Ifrontp -= (Ibackp-Ibuf); - Ibackp = Ibuf; - } - } - if (Ifrontp+save < Ibuf+sizeof Ibuf) { - (void)telrcv(); - } - } - return save != ring_full_count(&netiring); -} - - -/* - * Finish3270 - get the last dregs of 3270 data out to the terminal - * before quitting. - */ - - void -Finish3270() -{ - while (Push3270() || !DoTerminalOutput()) { -#if defined(unix) || defined(__APPLE__) - HaveInput = 0; -#endif /* defined(unix) || defined(__APPLE__) */ - ; - } -} - - -/* StringToTerminal - output a null terminated string to the terminal */ - - void -StringToTerminal(s) - char *s; -{ - int count; - - count = strlen(s); - if (count) { - (void) DataToTerminal(s, count); /* we know it always goes... */ - } -} - - -#if ((!defined(NOT43)) || defined(PUTCHAR)) -/* _putchar - output a single character to the terminal. This name is so that - * curses(3x) can call us to send out data. - */ - - void -_putchar(c) - char c; -{ -#if defined(sun) /* SunOS 4.0 bug */ - c &= 0x7f; -#endif /* defined(sun) */ - if (cursesdata) { - Dump('>', &c, 1); - } - if (!TTYROOM()) { - (void) DataToTerminal(&c, 1); - } else { - TTYADD(c); - } -} -#endif /* ((!defined(NOT43)) || defined(PUTCHAR)) */ - - void -SetIn3270() -{ - if (Sent3270TerminalType && my_want_state_is_will(TELOPT_BINARY) - && my_want_state_is_do(TELOPT_BINARY) && !donebinarytoggle) { - if (!In3270) { - In3270 = 1; - Init3270(); /* Initialize 3270 functions */ - /* initialize terminal key mapping */ - InitTerminal(); /* Start terminal going */ - setconnmode(0); - } - } else { - if (In3270) { - StopScreen(1); - In3270 = 0; - Stop3270(); /* Tell 3270 we aren't here anymore */ - setconnmode(0); - } - } -} - -/* - * tn3270_ttype() - * - * Send a response to a terminal type negotiation. - * - * Return '0' if no more responses to send; '1' if a response sent. - */ - - int -tn3270_ttype() -{ - /* - * Try to send a 3270 type terminal name. Decide which one based - * on the format of our screen, and (in the future) color - * capaiblities. - */ - InitTerminal(); /* Sets MaxNumberColumns, MaxNumberLines */ - if ((MaxNumberLines >= 24) && (MaxNumberColumns >= 80)) { - Sent3270TerminalType = 1; - if ((MaxNumberLines >= 27) && (MaxNumberColumns >= 132)) { - MaxNumberLines = 27; - MaxNumberColumns = 132; - sb_terminal[SBTERMMODEL] = '5'; - } else if (MaxNumberLines >= 43) { - MaxNumberLines = 43; - MaxNumberColumns = 80; - sb_terminal[SBTERMMODEL] = '4'; - } else if (MaxNumberLines >= 32) { - MaxNumberLines = 32; - MaxNumberColumns = 80; - sb_terminal[SBTERMMODEL] = '3'; - } else { - MaxNumberLines = 24; - MaxNumberColumns = 80; - sb_terminal[SBTERMMODEL] = '2'; - } - NumberLines = 24; /* before we start out... */ - NumberColumns = 80; - ScreenSize = NumberLines*NumberColumns; - if ((MaxNumberLines*MaxNumberColumns) > MAXSCREENSIZE) { - ExitString("Programming error: MAXSCREENSIZE too small.\n", - 1); - /*NOTREACHED*/ - } - printsub('>', sb_terminal+2, sizeof sb_terminal-2); - ring_supply_data(&netoring, sb_terminal, sizeof sb_terminal); - return 1; - } else { - return 0; - } -} - -#if defined(unix) || defined(__APPLE__) - int -settranscom(argc, argv) - int argc; - char *argv[]; -{ - int i; - - if (argc == 1 && transcom) { - transcom = 0; - } - if (argc == 1) { - return 1; - } - transcom = tline; - (void) strcpy(transcom, argv[1]); - for (i = 2; i < argc; ++i) { - (void) strcat(transcom, " "); - (void) strcat(transcom, argv[i]); - } - return 1; -} -#endif /* defined(unix) || defined(__APPLE__) */ - -#endif /* defined(TN3270) */ diff --git a/telnet.tproj/types.h b/telnet.tproj/types.h deleted file mode 100644 index 191d311..0000000 --- a/telnet.tproj/types.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)types.h 8.1 (Berkeley) 6/6/93 - */ - -typedef struct { - char *modedescriptions; - char modetype; -} Modelist; - -extern Modelist modelist[]; - -typedef struct { - int - system, /* what the current time is */ - echotoggle, /* last time user entered echo character */ - modenegotiated, /* last time operating mode negotiated */ - didnetreceive, /* last time we read data from network */ - gotDM; /* when did we last see a data mark */ -} Clocks; - -extern Clocks clocks; diff --git a/telnet.tproj/utilities.c b/telnet.tproj/utilities.c deleted file mode 100644 index 9935da3..0000000 --- a/telnet.tproj/utilities.c +++ /dev/null @@ -1,913 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -#ifdef __FBSDID -__FBSDID("$FreeBSD: src/crypto/telnet/telnet/utilities.c,v 1.2.8.2 2002/04/13 10:59:08 markm Exp $"); -#endif - -#ifndef lint -static const char sccsid[] = "@(#)utilities.c 8.3 (Berkeley) 5/30/95"; -#endif - -#define TELOPTS -#define TELCMDS -#define SLC_NAMES -#include -#include -#include -#include -#include -#include - -#include "general.h" - -#include "fdset.h" - -#include "ring.h" - -#include "defines.h" - -#include "externs.h" - -#ifdef AUTHENTICATION -#include -#endif -#ifdef ENCRYPTION -#include -#endif - -FILE *NetTrace = 0; /* Not in bss, since needs to stay */ -int prettydump; - -/* - * upcase() - * - * Upcase (in place) the argument. - */ - -void -upcase(char *argument) -{ - int c; - - while ((c = *argument) != 0) { - if (islower(c)) { - *argument = toupper(c); - } - argument++; - } -} - -/* - * SetSockOpt() - * - * Compensate for differences in 4.2 and 4.3 systems. - */ - -int -SetSockOpt(int fd, int level, int option, int yesno) -{ - return setsockopt(fd, level, option, - (char *)&yesno, sizeof yesno); -} - -/* - * The following are routines used to print out debugging information. - */ - -unsigned char NetTraceFile[256] = "(standard output)"; - -void -SetNetTrace(char *file) -{ - if (NetTrace && NetTrace != stdout) - fclose(NetTrace); - if (file && (strcmp(file, "-") != 0)) { - NetTrace = fopen(file, "w"); - if (NetTrace) { - strcpy((char *)NetTraceFile, file); - return; - } - fprintf(stderr, "Cannot open %s.\n", file); - } - NetTrace = stdout; - strcpy((char *)NetTraceFile, "(standard output)"); -} - -void -Dump(char direction, unsigned char *buffer, int length) -{ -# define BYTES_PER_LINE 32 -# define min(x,y) ((x= 3) { - int j; - - i = pointer[length-2]; - j = pointer[length-1]; - - if (i != IAC || j != SE) { - fprintf(NetTrace, "(terminated by "); - if (TELOPT_OK(i)) - fprintf(NetTrace, "%s ", TELOPT(i)); - else if (TELCMD_OK(i)) - fprintf(NetTrace, "%s ", TELCMD(i)); - else - fprintf(NetTrace, "%d ", i); - if (TELOPT_OK(j)) - fprintf(NetTrace, "%s", TELOPT(j)); - else if (TELCMD_OK(j)) - fprintf(NetTrace, "%s", TELCMD(j)); - else - fprintf(NetTrace, "%d", j); - fprintf(NetTrace, ", not IAC SE!) "); - } - } - length -= 2; - } - if (length < 1) { - fprintf(NetTrace, "(Empty suboption??\?)"); - if (NetTrace == stdout) - fflush(NetTrace); - return; - } - switch (pointer[0]) { - case TELOPT_TTYPE: - fprintf(NetTrace, "TERMINAL-TYPE "); - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: - fprintf(NetTrace, "SEND"); - break; - default: - fprintf(NetTrace, - "- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - case TELOPT_TSPEED: - fprintf(NetTrace, "TERMINAL-SPEED"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, " IS "); - fprintf(NetTrace, "%.*s", length-2, (char *)pointer+2); - break; - default: - if (pointer[1] == 1) - fprintf(NetTrace, " SEND"); - else - fprintf(NetTrace, " %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - } - break; - - case TELOPT_LFLOW: - fprintf(NetTrace, "TOGGLE-FLOW-CONTROL"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case LFLOW_OFF: - fprintf(NetTrace, " OFF"); break; - case LFLOW_ON: - fprintf(NetTrace, " ON"); break; - case LFLOW_RESTART_ANY: - fprintf(NetTrace, " RESTART-ANY"); break; - case LFLOW_RESTART_XON: - fprintf(NetTrace, " RESTART-XON"); break; - default: - fprintf(NetTrace, " %d (unknown)", pointer[1]); - } - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - - case TELOPT_NAWS: - fprintf(NetTrace, "NAWS"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - if (length == 2) { - fprintf(NetTrace, " ?%d?", pointer[1]); - break; - } - fprintf(NetTrace, " %d %d (%d)", - pointer[1], pointer[2], - (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2]))); - if (length == 4) { - fprintf(NetTrace, " ?%d?", pointer[3]); - break; - } - fprintf(NetTrace, " %d %d (%d)", - pointer[3], pointer[4], - (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4]))); - for (i = 5; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - fprintf(NetTrace, "AUTHENTICATION"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_REPLY: - case TELQUAL_IS: - fprintf(NetTrace, " %s ", (pointer[1] == TELQUAL_IS) ? - "IS" : "REPLY"); - if (AUTHTYPE_NAME_OK(pointer[2])) - fprintf(NetTrace, "%s ", AUTHTYPE_NAME(pointer[2])); - else - fprintf(NetTrace, "%d ", pointer[2]); - if (length < 3) { - fprintf(NetTrace, "(partial suboption??\?)"); - break; - } - fprintf(NetTrace, "%s|%s", - ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - - auth_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - fprintf(NetTrace, "%s", buf); - break; - - case TELQUAL_SEND: - i = 2; - fprintf(NetTrace, " SEND "); - while (i < length) { - if (AUTHTYPE_NAME_OK(pointer[i])) - fprintf(NetTrace, "%s ", AUTHTYPE_NAME(pointer[i])); - else - fprintf(NetTrace, "%d ", pointer[i]); - if (++i >= length) { - fprintf(NetTrace, "(partial suboption??\?)"); - break; - } - fprintf(NetTrace, "%s|%s ", - ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - ++i; - } - break; - - case TELQUAL_NAME: - i = 2; - fprintf(NetTrace, " NAME \""); - while (i < length) - putc(pointer[i++], NetTrace); - putc('"', NetTrace); - break; - - default: - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - } - break; -#endif - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - fprintf(NetTrace, "ENCRYPT"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case ENCRYPT_START: - fprintf(NetTrace, " START"); - break; - - case ENCRYPT_END: - fprintf(NetTrace, " END"); - break; - - case ENCRYPT_REQSTART: - fprintf(NetTrace, " REQUEST-START"); - break; - - case ENCRYPT_REQEND: - fprintf(NetTrace, " REQUEST-END"); - break; - - case ENCRYPT_IS: - case ENCRYPT_REPLY: - fprintf(NetTrace, " %s ", (pointer[1] == ENCRYPT_IS) ? - "IS" : "REPLY"); - if (length < 3) { - fprintf(NetTrace, " (partial suboption??\?)"); - break; - } - if (ENCTYPE_NAME_OK(pointer[2])) - fprintf(NetTrace, "%s ", ENCTYPE_NAME(pointer[2])); - else - fprintf(NetTrace, " %d (unknown)", pointer[2]); - - encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - fprintf(NetTrace, "%s", buf); - break; - - case ENCRYPT_SUPPORT: - i = 2; - fprintf(NetTrace, " SUPPORT "); - while (i < length) { - if (ENCTYPE_NAME_OK(pointer[i])) - fprintf(NetTrace, "%s ", ENCTYPE_NAME(pointer[i])); - else - fprintf(NetTrace, "%d ", pointer[i]); - i++; - } - break; - - case ENCRYPT_ENC_KEYID: - fprintf(NetTrace, " ENC_KEYID "); - goto encommon; - - case ENCRYPT_DEC_KEYID: - fprintf(NetTrace, " DEC_KEYID "); - goto encommon; - - default: - fprintf(NetTrace, " %d (unknown)", pointer[1]); - encommon: - for (i = 2; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - break; - } - break; -#endif /* ENCRYPTION */ - - case TELOPT_LINEMODE: - fprintf(NetTrace, "LINEMODE "); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case WILL: - fprintf(NetTrace, "WILL "); - goto common; - case WONT: - fprintf(NetTrace, "WONT "); - goto common; - case DO: - fprintf(NetTrace, "DO "); - goto common; - case DONT: - fprintf(NetTrace, "DONT "); - common: - if (length < 3) { - fprintf(NetTrace, "(no option??\?)"); - break; - } - switch (pointer[2]) { - case LM_FORWARDMASK: - fprintf(NetTrace, "Forward Mask"); - for (i = 3; i < length; i++) - fprintf(NetTrace, " %x", pointer[i]); - break; - default: - fprintf(NetTrace, "%d (unknown)", pointer[2]); - for (i = 3; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - break; - } - break; - - case LM_SLC: - fprintf(NetTrace, "SLC"); - for (i = 2; i < length - 2; i += 3) { - if (SLC_NAME_OK(pointer[i+SLC_FUNC])) - fprintf(NetTrace, " %s", SLC_NAME(pointer[i+SLC_FUNC])); - else - fprintf(NetTrace, " %d", pointer[i+SLC_FUNC]); - switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) { - case SLC_NOSUPPORT: - fprintf(NetTrace, " NOSUPPORT"); break; - case SLC_CANTCHANGE: - fprintf(NetTrace, " CANTCHANGE"); break; - case SLC_VARIABLE: - fprintf(NetTrace, " VARIABLE"); break; - case SLC_DEFAULT: - fprintf(NetTrace, " DEFAULT"); break; - } - fprintf(NetTrace, "%s%s%s", - pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : ""); - if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN| - SLC_FLUSHOUT| SLC_LEVELBITS)) - fprintf(NetTrace, "(0x%x)", pointer[i+SLC_FLAGS]); - fprintf(NetTrace, " %d;", pointer[i+SLC_VALUE]); - if ((pointer[i+SLC_VALUE] == IAC) && - (pointer[i+SLC_VALUE+1] == IAC)) - i++; - } - for (; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - - case LM_MODE: - fprintf(NetTrace, "MODE "); - if (length < 3) { - fprintf(NetTrace, "(no mode??\?)"); - break; - } - { - char tbuf[64]; - sprintf(tbuf, "%s%s%s%s%s", - pointer[2]&MODE_EDIT ? "|EDIT" : "", - pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "", - pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", - pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "", - pointer[2]&MODE_ACK ? "|ACK" : ""); - fprintf(NetTrace, "%s", tbuf[1] ? &tbuf[1] : "0"); - } - if (pointer[2]&~(MODE_MASK)) - fprintf(NetTrace, " (0x%x)", pointer[2]); - for (i = 3; i < length; i++) - fprintf(NetTrace, " ?0x%x?", pointer[i]); - break; - default: - fprintf(NetTrace, "%d (unknown)", pointer[1]); - for (i = 2; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - } - break; - - case TELOPT_STATUS: { - const char *cp; - int j, k; - - fprintf(NetTrace, "STATUS"); - - switch (pointer[1]) { - default: - if (pointer[1] == TELQUAL_SEND) - fprintf(NetTrace, " SEND"); - else - fprintf(NetTrace, " %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - case TELQUAL_IS: - if (--want_status_response < 0) - want_status_response = 0; - if (NetTrace == stdout) - fprintf(NetTrace, " IS\r\n"); - else - fprintf(NetTrace, " IS\n"); - - for (i = 2; i < length; i++) { - switch(pointer[i]) { - case DO: cp = "DO"; goto common2; - case DONT: cp = "DONT"; goto common2; - case WILL: cp = "WILL"; goto common2; - case WONT: cp = "WONT"; goto common2; - common2: - i++; - if (TELOPT_OK((int)pointer[i])) - fprintf(NetTrace, " %s %s", cp, TELOPT(pointer[i])); - else - fprintf(NetTrace, " %s %d", cp, pointer[i]); - - if (NetTrace == stdout) - fprintf(NetTrace, "\r\n"); - else - fprintf(NetTrace, "\n"); - break; - - case SB: - fprintf(NetTrace, " SB "); - i++; - j = k = i; - while (j < length) { - if (pointer[j] == SE) { - if (j+1 == length) - break; - if (pointer[j+1] == SE) - j++; - else - break; - } - pointer[k++] = pointer[j++]; - } - printsub(0, &pointer[i], k - i); - if (i < length) { - fprintf(NetTrace, " SE"); - i = j; - } else - i = j - 1; - - if (NetTrace == stdout) - fprintf(NetTrace, "\r\n"); - else - fprintf(NetTrace, "\n"); - - break; - - default: - fprintf(NetTrace, " %d", pointer[i]); - break; - } - } - break; - } - break; - } - - case TELOPT_XDISPLOC: - fprintf(NetTrace, "X-DISPLAY-LOCATION "); - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: - fprintf(NetTrace, "SEND"); - break; - default: - fprintf(NetTrace, "- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - - case TELOPT_NEW_ENVIRON: - fprintf(NetTrace, "NEW-ENVIRON "); -#ifdef OLD_ENVIRON - goto env_common1; - case TELOPT_OLD_ENVIRON: - fprintf(NetTrace, "OLD-ENVIRON"); - env_common1: -#endif - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, "IS "); - goto env_common; - case TELQUAL_SEND: - fprintf(NetTrace, "SEND "); - goto env_common; - case TELQUAL_INFO: - fprintf(NetTrace, "INFO "); - env_common: - { - int noquote = 2; -#if defined(ENV_HACK) && defined(OLD_ENVIRON) - extern int old_env_var, old_env_value; -#endif - for (i = 2; i < length; i++ ) { - switch (pointer[i]) { - case NEW_ENV_VALUE: -#ifdef OLD_ENVIRON - /* case NEW_ENV_OVAR: */ - if (pointer[0] == TELOPT_OLD_ENVIRON) { -# ifdef ENV_HACK - if (old_env_var == OLD_ENV_VALUE) - fprintf(NetTrace, "\" (VALUE) " + noquote); - else -# endif - fprintf(NetTrace, "\" VAR " + noquote); - } else -#endif /* OLD_ENVIRON */ - fprintf(NetTrace, "\" VALUE " + noquote); - noquote = 2; - break; - - case NEW_ENV_VAR: -#ifdef OLD_ENVIRON - /* case OLD_ENV_VALUE: */ - if (pointer[0] == TELOPT_OLD_ENVIRON) { -# ifdef ENV_HACK - if (old_env_value == OLD_ENV_VAR) - fprintf(NetTrace, "\" (VAR) " + noquote); - else -# endif - fprintf(NetTrace, "\" VALUE " + noquote); - } else -#endif /* OLD_ENVIRON */ - fprintf(NetTrace, "\" VAR " + noquote); - noquote = 2; - break; - - case ENV_ESC: - fprintf(NetTrace, "\" ESC " + noquote); - noquote = 2; - break; - - case ENV_USERVAR: - fprintf(NetTrace, "\" USERVAR " + noquote); - noquote = 2; - break; - - default: - if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { - putc('"', NetTrace); - noquote = 0; - } - putc(pointer[i], NetTrace); - } else { - fprintf(NetTrace, "\" %03o " + noquote, - pointer[i]); - noquote = 2; - } - break; - } - } - if (!noquote) - putc('"', NetTrace); - break; - } - } - break; - - default: - if (TELOPT_OK(pointer[0])) - fprintf(NetTrace, "%s (unknown)", TELOPT(pointer[0])); - else - fprintf(NetTrace, "%d (unknown)", pointer[0]); - for (i = 1; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - break; - } - if (direction) { - if (NetTrace == stdout) - fprintf(NetTrace, "\r\n"); - else - fprintf(NetTrace, "\n"); - } - if (NetTrace == stdout) - fflush(NetTrace); - } -} - -/* EmptyTerminal - called to make sure that the terminal buffer is empty. - * Note that we consider the buffer to run all the - * way to the kernel (thus the select). - */ - -static void -EmptyTerminal(void) -{ - fd_set o; - - FD_ZERO(&o); - - if (TTYBYTES() == 0) { - FD_SET(tout, &o); - (void) select(tout+1, (fd_set *) 0, &o, (fd_set *) 0, - (struct timeval *) 0); /* wait for TTLOWAT */ - } else { - while (TTYBYTES()) { - (void) ttyflush(0); - FD_SET(tout, &o); - (void) select(tout+1, (fd_set *) 0, &o, (fd_set *) 0, - (struct timeval *) 0); /* wait for TTLOWAT */ - } - } -} - -static void -SetForExit(void) -{ - setconnmode(0); - do { - (void)telrcv(); /* Process any incoming data */ - EmptyTerminal(); - } while (ring_full_count(&netiring)); /* While there is any */ - setcommandmode(); - fflush(stdout); - fflush(stderr); - setconnmode(0); - EmptyTerminal(); /* Flush the path to the tty */ - setcommandmode(); -} - -void -Exit(int returnCode) -{ - SetForExit(); - exit(returnCode); -} - -void -ExitString(const char *string, int returnCode) -{ - SetForExit(); - fwrite(string, 1, strlen(string), stderr); - exit(returnCode); -} diff --git a/telnetd.tproj/Makefile b/telnetd.tproj/Makefile deleted file mode 100644 index b254b4d..0000000 --- a/telnetd.tproj/Makefile +++ /dev/null @@ -1,56 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = telnetd - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = defs.h ext.h pathnames.h telnetd.h - -CFILES = global.c slc.c state.c sys_term.c telnetd.c\ - termstat.c utility.c vasprintf.c strlcpy.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble telnetd.8 telnet.plist - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/libexec -WINDOWS_INSTALLDIR = /usr/libexec -PDO_UNIX_INSTALLDIR = /usr/libexec -LIBS = -lcurses -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - -NEXTSTEP_PB_CFLAGS = -DLINEMODE -DKLUDGELINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON -DENV_HACK # -DAUTHENTICATION -DENCRYPTION -WINDOWS_PB_CFLAGS = -DLINEMODE -DKLUDGELINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON -DENV_HACK # -DAUTHENTICATION -DENCRYPTION -PDO_UNIX_PB_CFLAGS = -DLINEMODE -DKLUDGELINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON -DENV_HACK # -DAUTHENTICATION -DENCRYPTION - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/telnetd.tproj/Makefile.postamble b/telnetd.tproj/Makefile.postamble deleted file mode 100644 index d73e455..0000000 --- a/telnetd.tproj/Makefile.postamble +++ /dev/null @@ -1,116 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# ENGLISH - boolean flag set iff $(LANGUAGE) = "English" -# JAPANESE - boolean flag set iff $(LANGUAGE) = "Japanese" -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder that output Makefile -# APPICON - application icon file -# DOCICONS - dock icon files -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A -#COMPATIBILITY_PROJECT_VERSION = 1 - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wall -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root # User/group ownership -#INSTALL_AS_GROUP = wheel # (probably want to set both of these) -#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S # for .a archives -#DYNAMIC_STRIP_OPTS = -S # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. - -after_install: - install -o root -g wheel -m 755 -d $(DSTROOT)/usr/share/man/man8 - install -o root -g wheel -m 644 -c telnetd.8 $(DSTROOT)/usr/share/man/man8 - mkdir -p "$(DSTROOT)/System/Library/LaunchDaemons" - cp telnet.plist "$(DSTROOT)/System/Library/LaunchDaemons/" diff --git a/telnetd.tproj/Makefile.preamble b/telnetd.tproj/Makefile.preamble deleted file mode 100644 index 70aa1d8..0000000 --- a/telnetd.tproj/Makefile.preamble +++ /dev/null @@ -1,119 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set all three of these if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the specified dir on the -# specified public header files with the specified additional flags. Don't put -# $(DSTROOT) in PUBLIC_HEADER_DIR; this is done for you. -PUBLIC_HEADER_DIR = -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libraries to link against -OTHER_LIBS = -ltelnet -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# A virtual root directory (other than /) to be prepended to the $(INSTALLDIR) -# passed from ProjectBuilder. -DSTROOT = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - --include ../Makefile.include diff --git a/telnetd.tproj/PB.project b/telnetd.tproj/PB.project deleted file mode 100644 index 8dfbe1c..0000000 --- a/telnetd.tproj/PB.project +++ /dev/null @@ -1,50 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (defs.h, ext.h, pathnames.h, telnetd.h); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = ( - authenc.c, - global.c, - slc.c, - state.c, - sys_term.c, - telnetd.c, - termstat.c, - utility.c - ); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, telnetd.8); - PRECOMPILED_HEADERS = (); - PROJECT_HEADERS = (); - PUBLIC_HEADERS = (); - SUBPROJECTS = (); - }; - GENERATEMAIN = YES; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_COMPILEROPTIONS = "-DLINEMODE -DKLUDGELINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON -DENV_HACK # -DAUTHENTICATION -DENCRYPTION"; - NEXTSTEP_DOCUMENTEXTENSIONS = (); - NEXTSTEP_INSTALLDIR = /usr/libexec; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = "-DLINEMODE -DKLUDGELINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON -DENV_HACK # -DAUTHENTICATION -DENCRYPTION"; - PDO_UNIX_INSTALLDIR = /usr/libexec; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = telnetd; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = "-DLINEMODE -DKLUDGELINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON -DENV_HACK # -DAUTHENTICATION -DENCRYPTION"; - WINDOWS_INSTALLDIR = /usr/libexec; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/telnetd.tproj/defs.h b/telnetd.tproj/defs.h deleted file mode 100644 index a73d4a6..0000000 --- a/telnetd.tproj/defs.h +++ /dev/null @@ -1,296 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)defs.h 8.1 (Berkeley) 6/4/93 - */ - -/* - * Telnet server defines - */ -#include -#include - -#ifndef BSD -# define BSD 43 -#endif - -#if defined(CRAY) && !defined(LINEMODE) -# define SYSV_TERMIO -# define LINEMODE -# define KLUDGELINEMODE -# define DIAGNOSTICS -# if defined(UNICOS50) && !defined(UNICOS5) -# define UNICOS5 -# endif -# if !defined(UNICOS5) -# define BFTPDAEMON -# define HAS_IP_TOS -# endif -#endif /* CRAY */ -#if defined(UNICOS5) && !defined(NO_SETSID) -# define NO_SETSID -#endif - -#if defined(PRINTOPTIONS) && defined(DIAGNOSTICS) -#define TELOPTS -#define TELCMDS -#define SLC_NAMES -#endif - -#if defined(SYSV_TERMIO) && !defined(USE_TERMIO) -# define USE_TERMIO -#endif - -#include -#ifndef CRAY -#include -#endif /* CRAY */ -#include -#include -#include -#include -#ifndef FILIO_H -#include -#else -#include -#endif - -#include - -#include - -#include -#ifdef __STDC__ -#include -#endif -#include -#include -#include -#include -#ifndef LOG_DAEMON -#define LOG_DAEMON 0 -#endif -#ifndef LOG_ODELAY -#define LOG_ODELAY 0 -#endif -#include -#ifndef NO_STRING_H -#include -#else -#include -#endif - -#ifndef USE_TERMIO -#include -#else -# ifdef SYSV_TERMIO -# include -# else -# include -# endif -#endif -#if !defined(USE_TERMIO) || defined(NO_CC_T) -typedef unsigned char cc_t; -#endif - -#ifdef __STDC__ -#include -#endif - -#ifndef _POSIX_VDISABLE -# ifdef VDISABLE -# define _POSIX_VDISABLE VDISABLE -# else -# define _POSIX_VDISABLE ((unsigned char)'\377') -# endif -#endif - - -#ifdef CRAY -# ifdef CRAY1 -# include -# ifndef FD_ZERO -# include -# endif /* FD_ZERO */ -# endif /* CRAY1 */ - -#include -#endif /* CRAY */ - -#ifdef __hpux -#include -#endif - -#if !defined(TIOCSCTTY) && defined(TCSETCTTY) -# define TIOCSCTTY TCSETCTTY -#endif - -#ifndef FD_SET -#ifndef HAVE_fd_set -typedef struct fd_set { int fds_bits[1]; } fd_set; -#endif - -#define FD_SET(n, p) ((p)->fds_bits[0] |= (1<<(n))) -#define FD_CLR(n, p) ((p)->fds_bits[0] &= ~(1<<(n))) -#define FD_ISSET(n, p) ((p)->fds_bits[0] & (1<<(n))) -#define FD_ZERO(p) ((p)->fds_bits[0] = 0) -#endif /* FD_SET */ - -/* - * I/O data buffers defines - */ -#define NETSLOP 64 -#ifdef CRAY -#undef BUFSIZ -#define BUFSIZ 2048 -#endif - -#define NIACCUM(c) { *netip++ = c; \ - ncc++; \ - } - -/* clock manipulations */ -#define settimer(x) (clocks.x = ++clocks.system) -#define sequenceIs(x,y) (clocks.x < clocks.y) - -/* - * Linemode support states, in decreasing order of importance - */ -#define REAL_LINEMODE 0x04 -#define KLUDGE_OK 0x03 -#define NO_AUTOKLUDGE 0x02 -#define KLUDGE_LINEMODE 0x01 -#define NO_LINEMODE 0x00 - -/* - * Structures of information for each special character function. - */ -typedef struct { - unsigned char flag; /* the flags for this function */ - cc_t val; /* the value of the special character */ -} slcent, *Slcent; - -typedef struct { - slcent defset; /* the default settings */ - slcent current; /* the current settings */ - cc_t *sptr; /* a pointer to the char in */ - /* system data structures */ -} slcfun, *Slcfun; - -#ifdef DIAGNOSTICS -/* - * Diagnostics capabilities - */ -#define TD_REPORT 0x01 /* Report operations to client */ -#define TD_EXERCISE 0x02 /* Exercise client's implementation */ -#define TD_NETDATA 0x04 /* Display received data stream */ -#define TD_PTYDATA 0x08 /* Display data passed to pty */ -#define TD_OPTIONS 0x10 /* Report just telnet options */ -#endif /* DIAGNOSTICS */ - -/* - * We keep track of each side of the option negotiation. - */ - -#define MY_STATE_WILL 0x01 -#define MY_WANT_STATE_WILL 0x02 -#define MY_STATE_DO 0x04 -#define MY_WANT_STATE_DO 0x08 - -/* - * Macros to check the current state of things - */ - -#define my_state_is_do(opt) (options[opt]&MY_STATE_DO) -#define my_state_is_will(opt) (options[opt]&MY_STATE_WILL) -#define my_want_state_is_do(opt) (options[opt]&MY_WANT_STATE_DO) -#define my_want_state_is_will(opt) (options[opt]&MY_WANT_STATE_WILL) - -#define my_state_is_dont(opt) (!my_state_is_do(opt)) -#define my_state_is_wont(opt) (!my_state_is_will(opt)) -#define my_want_state_is_dont(opt) (!my_want_state_is_do(opt)) -#define my_want_state_is_wont(opt) (!my_want_state_is_will(opt)) - -#define set_my_state_do(opt) (options[opt] |= MY_STATE_DO) -#define set_my_state_will(opt) (options[opt] |= MY_STATE_WILL) -#define set_my_want_state_do(opt) (options[opt] |= MY_WANT_STATE_DO) -#define set_my_want_state_will(opt) (options[opt] |= MY_WANT_STATE_WILL) - -#define set_my_state_dont(opt) (options[opt] &= ~MY_STATE_DO) -#define set_my_state_wont(opt) (options[opt] &= ~MY_STATE_WILL) -#define set_my_want_state_dont(opt) (options[opt] &= ~MY_WANT_STATE_DO) -#define set_my_want_state_wont(opt) (options[opt] &= ~MY_WANT_STATE_WILL) - -/* - * Tricky code here. What we want to know is if the MY_STATE_WILL - * and MY_WANT_STATE_WILL bits have the same value. Since the two - * bits are adjacent, a little arithmatic will show that by adding - * in the lower bit, the upper bit will be set if the two bits were - * different, and clear if they were the same. - */ -#define my_will_wont_is_changing(opt) \ - ((options[opt]+MY_STATE_WILL) & MY_WANT_STATE_WILL) - -#define my_do_dont_is_changing(opt) \ - ((options[opt]+MY_STATE_DO) & MY_WANT_STATE_DO) - -/* - * Make everything symetrical - */ - -#define HIS_STATE_WILL MY_STATE_DO -#define HIS_WANT_STATE_WILL MY_WANT_STATE_DO -#define HIS_STATE_DO MY_STATE_WILL -#define HIS_WANT_STATE_DO MY_WANT_STATE_WILL - -#define his_state_is_do my_state_is_will -#define his_state_is_will my_state_is_do -#define his_want_state_is_do my_want_state_is_will -#define his_want_state_is_will my_want_state_is_do - -#define his_state_is_dont my_state_is_wont -#define his_state_is_wont my_state_is_dont -#define his_want_state_is_dont my_want_state_is_wont -#define his_want_state_is_wont my_want_state_is_dont - -#define set_his_state_do set_my_state_will -#define set_his_state_will set_my_state_do -#define set_his_want_state_do set_my_want_state_will -#define set_his_want_state_will set_my_want_state_do - -#define set_his_state_dont set_my_state_wont -#define set_his_state_wont set_my_state_dont -#define set_his_want_state_dont set_my_want_state_wont -#define set_his_want_state_wont set_my_want_state_dont - -#define his_will_wont_is_changing my_do_dont_is_changing -#define his_do_dont_is_changing my_will_wont_is_changing diff --git a/telnetd.tproj/ext.h b/telnetd.tproj/ext.h deleted file mode 100644 index 499f7f8..0000000 --- a/telnetd.tproj/ext.h +++ /dev/null @@ -1,238 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ext.h 8.2 (Berkeley) 12/15/93 - * $FreeBSD: src/libexec/telnetd/ext.h,v 1.9 2001/07/20 15:14:03 ru Exp $ - */ - -/* - * Telnet server variable declarations - */ -extern char options[256]; -extern char do_dont_resp[256]; -extern char will_wont_resp[256]; -extern int linemode; /* linemode on/off */ -#ifdef LINEMODE -extern int uselinemode; /* what linemode to use (on/off) */ -extern int editmode; /* edit modes in use */ -extern int useeditmode; /* edit modes to use */ -extern int alwayslinemode; /* command line option */ -# ifdef KLUDGELINEMODE -extern int lmodetype; /* Client support for linemode */ -# endif /* KLUDGELINEMODE */ -#endif /* LINEMODE */ -extern int flowmode; /* current flow control state */ -extern int restartany; /* restart output on any character state */ -#ifdef DIAGNOSTICS -extern int diagnostic; /* telnet diagnostic capabilities */ -#endif /* DIAGNOSTICS */ -#ifdef BFTPDAEMON -extern int bftpd; /* behave as bftp daemon */ -#endif /* BFTPDAEMON */ -#if defined(SecurID) -extern int require_SecurID; -#endif -#if defined(AUTHENTICATION) -extern int auth_level; -#endif - -extern slcfun slctab[NSLC + 1]; /* slc mapping table */ - -extern char *terminaltype; - -/* - * I/O data buffers, pointers, and counters. - */ -extern char ptyobuf[BUFSIZ+NETSLOP], *pfrontp, *pbackp; - -extern char netibuf[BUFSIZ], *netip; - -extern char netobuf[BUFSIZ], *nfrontp, *nbackp; -extern char *neturg; /* one past last bye of urgent data */ - -extern int pcc, ncc; - -#if defined(CRAY2) && defined(UNICOS5) -extern int unpcc; /* characters left unprocessed by CRAY-2 terminal routine */ -extern char *unptyip; /* pointer to remaining characters in buffer */ -#endif - -extern int pty, net; -extern char line[16]; -extern int SYNCHing; /* we are in TELNET SYNCH mode */ - -#ifndef P -# ifdef __STDC__ -# define P(x) x -# else -# define P(x) () -# endif -#endif - -extern void - _termstat P((void)), - add_slc P((int, int, int)), - check_slc P((void)), - change_slc P((int, int, int)), - cleanup P((int)), - clientstat P((int, int, int)), - copy_termbuf P((char *, int)), - deferslc P((void)), - defer_terminit P((void)), - do_opt_slc P((unsigned char *, int)), - doeof P((void)), - dooption P((int)), - dontoption P((int)), - edithost P((char *, char *)), - fatal P((int, char *)), - fatalperror P((int, char *)), - get_slc_defaults P((void)), - init_env P((void)), - init_termbuf P((void)), - interrupt P((void)), - localstat P((void)), - flowstat P((void)), - netclear P((void)), - netflush P((void)), -#ifdef DIAGNOSTICS - printoption P((char *, int)), - printdata P((char *, char *, int)), - printsub P((int, unsigned char *, int)), -#endif - ptyflush P((void)), - putchr P((int)), - putf P((char *, char *)), - recv_ayt P((void)), - send_do P((int, int)), - send_dont P((int, int)), - send_slc P((void)), - send_status P((void)), - send_will P((int, int)), - send_wont P((int, int)), - sendbrk P((void)), - sendsusp P((void)), - set_termbuf P((void)), - start_login P((char *, int, char *)), - start_slc P((int)), -#if defined(AUTHENTICATION) - start_slave P((char *)), -#else - start_slave P((char *, int, char *)), -#endif - suboption P((void)), - telrcv P((void)), - ttloop P((void)), - tty_binaryin P((int)), - tty_binaryout P((int)); - -extern int - end_slc P((unsigned char **)), - getnpty P((void)), -#ifndef convex - getpty P((int *)), -#endif - login_tty P((int)), - spcset P((int, cc_t *, cc_t **)), - stilloob P((int)), - terminit P((void)), - termstat P((void)), - tty_flowmode P((void)), - tty_restartany P((void)), - tty_isbinaryin P((void)), - tty_isbinaryout P((void)), - tty_iscrnl P((void)), - tty_isecho P((void)), - tty_isediting P((void)), - tty_islitecho P((void)), - tty_isnewmap P((void)), - tty_israw P((void)), - tty_issofttab P((void)), - tty_istrapsig P((void)), - tty_linemode P((void)); - -extern void - tty_rspeed P((int)), - tty_setecho P((int)), - tty_setedit P((int)), - tty_setlinemode P((int)), - tty_setlitecho P((int)), - tty_setsig P((int)), - tty_setsofttab P((int)), - tty_tspeed P((int)), - willoption P((int)), - wontoption P((int)); - -int output_data __P((const char *, ...)); -void output_datalen __P((const char *, int)); - - - -/* - * The following are some clocks used to decide how to interpret - * the relationship between various variables. - */ - -extern struct { - int - system, /* what the current time is */ - echotoggle, /* last time user entered echo character */ - modenegotiated, /* last time operating mode negotiated */ - didnetreceive, /* last time we read data from network */ - ttypesubopt, /* ttype subopt is received */ - tspeedsubopt, /* tspeed subopt is received */ - environsubopt, /* environ subopt is received */ - oenvironsubopt, /* old environ subopt is received */ - xdisplocsubopt, /* xdisploc subopt is received */ - baseline, /* time started to do timed action */ - gotDM; /* when did we last see a data mark */ -} clocks; - - -#if defined(CRAY2) && defined(UNICOS5) -extern int needtermstat; -#endif - -#ifndef DEFAULT_IM -# ifdef CRAY -# define DEFAULT_IM "\r\n\r\nCray UNICOS (%h) (%t)\r\n\r\r\n\r" -# else -# ifdef sun -# define DEFAULT_IM "\r\n\r\nSunOS UNIX (%h) (%t)\r\n\r\r\n\r" -# else -# ifdef ultrix -# define DEFAULT_IM "\r\n\r\nULTRIX (%h) (%t)\r\n\r\r\n\r" -# else -# define DEFAULT_IM "\r\n\r\nFreeBSD (%h) (%t)\r\n\r\r\n\r" -# endif -# endif -# endif -#endif diff --git a/telnetd.tproj/global.c b/telnetd.tproj/global.c deleted file mode 100644 index cedf203..0000000 --- a/telnetd.tproj/global.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -#if 0 -static char sccsid[] = "@(#)global.c 8.1 (Berkeley) 6/4/93"; -#endif -static const char rcsid[] = - "$FreeBSD: src/libexec/telnetd/global.c,v 1.3 1999/08/28 00:10:23 peter Exp $"; -#endif /* not lint */ - -/* - * Allocate global variables. We do this - * by including the header file that defines - * them all as externs, but first we define - * the keyword "extern" to be nothing, so that - * we will actually allocate the space. - */ - -#include "defs.h" -#define extern -#include "ext.h" diff --git a/telnetd.tproj/pathnames.h b/telnetd.tproj/pathnames.h deleted file mode 100644 index 5942f38..0000000 --- a/telnetd.tproj/pathnames.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/4/93 - * $FreeBSD: src/libexec/telnetd/pathnames.h,v 1.6 1999/08/28 00:10:23 peter Exp $ - */ - -#if BSD > 43 - -# include - -# ifndef _PATH_LOGIN -# define _PATH_LOGIN "/usr/bin/login" -# endif - -#else - -# define _PATH_TTY "/dev/tty" -# ifndef _PATH_LOGIN -# define _PATH_LOGIN "/bin/login" -# endif - -#endif - -#ifdef BFTPDAEMON -#define BFTPPATH "/usr/ucb/bftp" -#endif /* BFTPDAEMON */ diff --git a/telnetd.tproj/slc.c b/telnetd.tproj/slc.c deleted file mode 100644 index b7c892a..0000000 --- a/telnetd.tproj/slc.c +++ /dev/null @@ -1,494 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -#if 0 -static char sccsid[] = "@(#)slc.c 8.1 (Berkeley) 6/4/93"; -#endif -static const char rcsid[] = - "$FreeBSD: src/libexec/telnetd/slc.c,v 1.10 2001/07/20 15:14:03 ru Exp $"; -#endif /* not lint */ - -#include "telnetd.h" - -#ifdef LINEMODE -/* - * local variables - */ -static unsigned char *def_slcbuf = (unsigned char *)0; -static int def_slclen = 0; -static int slcchange; /* change to slc is requested */ -static unsigned char *slcptr; /* pointer into slc buffer */ -static unsigned char slcbuf[NSLC*6]; /* buffer for slc negotiation */ - -/* - * send_slc - * - * Write out the current special characters to the client. - */ - void -send_slc() -{ - register int i; - - /* - * Send out list of triplets of special characters - * to client. We only send info on the characters - * that are currently supported. - */ - for (i = 1; i <= NSLC; i++) { - if ((slctab[i].defset.flag & SLC_LEVELBITS) == SLC_NOSUPPORT) - continue; - add_slc((unsigned char)i, slctab[i].current.flag, - slctab[i].current.val); - } - -} /* end of send_slc */ - -/* - * default_slc - * - * Set pty special characters to all the defaults. - */ - void -default_slc() -{ - register int i; - - for (i = 1; i <= NSLC; i++) { - slctab[i].current.val = slctab[i].defset.val; - if (slctab[i].current.val == (cc_t)(_POSIX_VDISABLE)) - slctab[i].current.flag = SLC_NOSUPPORT; - else - slctab[i].current.flag = slctab[i].defset.flag; - if (slctab[i].sptr) { - *(slctab[i].sptr) = slctab[i].defset.val; - } - } - slcchange = 1; - -} /* end of default_slc */ -#endif /* LINEMODE */ - -/* - * get_slc_defaults - * - * Initialize the slc mapping table. - */ - void -get_slc_defaults() -{ - register int i; - - init_termbuf(); - - for (i = 1; i <= NSLC; i++) { - slctab[i].defset.flag = - spcset(i, &slctab[i].defset.val, &slctab[i].sptr); - slctab[i].current.flag = SLC_NOSUPPORT; - slctab[i].current.val = 0; - } - -} /* end of get_slc_defaults */ - -#ifdef LINEMODE -/* - * add_slc - * - * Add an slc triplet to the slc buffer. - */ - void -add_slc(func, flag, val) - register char func, flag; - register cc_t val; -{ - - if ((*slcptr++ = (unsigned char)func) == 0xff) - *slcptr++ = 0xff; - - if ((*slcptr++ = (unsigned char)flag) == 0xff) - *slcptr++ = 0xff; - - if ((*slcptr++ = (unsigned char)val) == 0xff) - *slcptr++ = 0xff; - -} /* end of add_slc */ - -/* - * start_slc - * - * Get ready to process incoming slc's and respond to them. - * - * The parameter getit is non-zero if it is necessary to grab a copy - * of the terminal control structures. - */ - void -start_slc(getit) - register int getit; -{ - - slcchange = 0; - if (getit) - init_termbuf(); - (void) sprintf((char *)slcbuf, "%c%c%c%c", - IAC, SB, TELOPT_LINEMODE, LM_SLC); - slcptr = slcbuf + 4; - -} /* end of start_slc */ - -/* - * end_slc - * - * Finish up the slc negotiation. If something to send, then send it. - */ - int -end_slc(bufp) - register unsigned char **bufp; -{ - register int len; - - /* - * If a change has occured, store the new terminal control - * structures back to the terminal driver. - */ - if (slcchange) { - set_termbuf(); - } - - /* - * If the pty state has not yet been fully processed and there is a - * deferred slc request from the client, then do not send any - * sort of slc negotiation now. We will respond to the client's - * request very soon. - */ - if (def_slcbuf && (terminit() == 0)) { - return(0); - } - - if (slcptr > (slcbuf + 4)) { - if (bufp) { - *bufp = &slcbuf[4]; - return(slcptr - slcbuf - 4); - } else { - (void) sprintf((char *)slcptr, "%c%c", IAC, SE); - slcptr += 2; - len = slcptr - slcbuf; - output_datalen(slcbuf, len); - netflush(); /* force it out immediately */ - DIAG(TD_OPTIONS, printsub('>', slcbuf+2, len-2);); - } - } - return (0); - -} /* end of end_slc */ - -/* - * process_slc - * - * Figure out what to do about the client's slc - */ - void -process_slc(func, flag, val) - register unsigned char func, flag; - register cc_t val; -{ - register int hislevel, mylevel, ack; - - /* - * Ensure that we know something about this function - */ - if (func > NSLC) { - add_slc(func, SLC_NOSUPPORT, 0); - return; - } - - /* - * Process the special case requests of 0 SLC_DEFAULT 0 - * and 0 SLC_VARIABLE 0. Be a little forgiving here, don't - * worry about whether the value is actually 0 or not. - */ - if (func == 0) { - if ((flag = flag & SLC_LEVELBITS) == SLC_DEFAULT) { - default_slc(); - send_slc(); - } else if (flag == SLC_VARIABLE) { - send_slc(); - } - return; - } - - /* - * Appears to be a function that we know something about. So - * get on with it and see what we know. - */ - - hislevel = flag & SLC_LEVELBITS; - mylevel = slctab[func].current.flag & SLC_LEVELBITS; - ack = flag & SLC_ACK; - /* - * ignore the command if: - * the function value and level are the same as what we already have; - * or the level is the same and the ack bit is set - */ - if (hislevel == mylevel && (val == slctab[func].current.val || ack)) { - return; - } else if (ack) { - /* - * If we get here, we got an ack, but the levels don't match. - * This shouldn't happen. If it does, it is probably because - * we have sent two requests to set a variable without getting - * a response between them, and this is the first response. - * So, ignore it, and wait for the next response. - */ - return; - } else { - change_slc(func, flag, val); - } - -} /* end of process_slc */ - -/* - * change_slc - * - * Process a request to change one of our special characters. - * Compare client's request with what we are capable of supporting. - */ - void -change_slc(func, flag, val) - register char func, flag; - register cc_t val; -{ - register int hislevel, mylevel; - - hislevel = flag & SLC_LEVELBITS; - mylevel = slctab[(int)func].defset.flag & SLC_LEVELBITS; - /* - * If client is setting a function to NOSUPPORT - * or DEFAULT, then we can easily and directly - * accomodate the request. - */ - if (hislevel == SLC_NOSUPPORT) { - slctab[(int)func].current.flag = flag; - slctab[(int)func].current.val = (cc_t)_POSIX_VDISABLE; - flag |= SLC_ACK; - add_slc(func, flag, val); - return; - } - if (hislevel == SLC_DEFAULT) { - /* - * Special case here. If client tells us to use - * the default on a function we don't support, then - * return NOSUPPORT instead of what we may have as a - * default level of DEFAULT. - */ - if (mylevel == SLC_DEFAULT) { - slctab[(int)func].current.flag = SLC_NOSUPPORT; - } else { - slctab[(int)func].current.flag = slctab[(int)func].defset.flag; - } - slctab[(int)func].current.val = slctab[(int)func].defset.val; - add_slc(func, slctab[(int)func].current.flag, - slctab[(int)func].current.val); - return; - } - - /* - * Client wants us to change to a new value or he - * is telling us that he can't change to our value. - * Some of the slc's we support and can change, - * some we do support but can't change, - * and others we don't support at all. - * If we can change it then we have a pointer to - * the place to put the new value, so change it, - * otherwise, continue the negotiation. - */ - if (slctab[(int)func].sptr) { - /* - * We can change this one. - */ - slctab[(int)func].current.val = val; - *(slctab[(int)func].sptr) = val; - slctab[(int)func].current.flag = flag; - flag |= SLC_ACK; - slcchange = 1; - add_slc(func, flag, val); - } else { - /* - * It is not possible for us to support this - * request as he asks. - * - * If our level is DEFAULT, then just ack whatever was - * sent. - * - * If he can't change and we can't change, - * then degenerate to NOSUPPORT. - * - * Otherwise we send our level back to him, (CANTCHANGE - * or NOSUPPORT) and if CANTCHANGE, send - * our value as well. - */ - if (mylevel == SLC_DEFAULT) { - slctab[(int)func].current.flag = flag; - slctab[(int)func].current.val = val; - flag |= SLC_ACK; - } else if (hislevel == SLC_CANTCHANGE && - mylevel == SLC_CANTCHANGE) { - flag &= ~SLC_LEVELBITS; - flag |= SLC_NOSUPPORT; - slctab[(int)func].current.flag = flag; - } else { - flag &= ~SLC_LEVELBITS; - flag |= mylevel; - slctab[(int)func].current.flag = flag; - if (mylevel == SLC_CANTCHANGE) { - slctab[(int)func].current.val = - slctab[(int)func].defset.val; - val = slctab[(int)func].current.val; - } - } - add_slc(func, flag, val); - } - -} /* end of change_slc */ - -#if defined(USE_TERMIO) && (VEOF == VMIN) -cc_t oldeofc = '\004'; -#endif - -/* - * check_slc - * - * Check the special characters in use and notify the client if any have - * changed. Only those characters that are capable of being changed are - * likely to have changed. If a local change occurs, kick the support level - * and flags up to the defaults. - */ - void -check_slc() -{ - register int i; - - for (i = 1; i <= NSLC; i++) { -#if defined(USE_TERMIO) && (VEOF == VMIN) - /* - * In a perfect world this would be a neat little - * function. But in this world, we should not notify - * client of changes to the VEOF char when - * ICANON is off, because it is not representing - * a special character. - */ - if (i == SLC_EOF) { - if (!tty_isediting()) - continue; - else if (slctab[i].sptr) - oldeofc = *(slctab[i].sptr); - } -#endif /* defined(USE_TERMIO) && defined(SYSV_TERMIO) */ - if (slctab[i].sptr && - (*(slctab[i].sptr) != slctab[i].current.val)) { - slctab[i].current.val = *(slctab[i].sptr); - if (*(slctab[i].sptr) == (cc_t)_POSIX_VDISABLE) - slctab[i].current.flag = SLC_NOSUPPORT; - else - slctab[i].current.flag = slctab[i].defset.flag; - add_slc((unsigned char)i, slctab[i].current.flag, - slctab[i].current.val); - } - } -} /* check_slc */ - -/* - * do_opt_slc - * - * Process an slc option buffer. Defer processing of incoming slc's - * until after the terminal state has been processed. Save the first slc - * request that comes along, but discard all others. - * - * ptr points to the beginning of the buffer, len is the length. - */ - void -do_opt_slc(ptr, len) - register unsigned char *ptr; - register int len; -{ - register unsigned char func, flag; - cc_t val; - register unsigned char *end = ptr + len; - - if (terminit()) { /* go ahead */ - while (ptr < end) { - func = *ptr++; - if (ptr >= end) break; - flag = *ptr++; - if (ptr >= end) break; - val = (cc_t)*ptr++; - - process_slc(func, flag, val); - - } - } else { - /* - * save this slc buffer if it is the first, otherwise dump - * it. - */ - if (def_slcbuf == (unsigned char *)0) { - def_slclen = len; - def_slcbuf = (unsigned char *)malloc((unsigned)len); - if (def_slcbuf == (unsigned char *)0) - return; /* too bad */ - memmove(def_slcbuf, ptr, len); - } - } - -} /* end of do_opt_slc */ - -/* - * deferslc - * - * Do slc stuff that was deferred. - */ - void -deferslc() -{ - if (def_slcbuf) { - start_slc(1); - do_opt_slc(def_slcbuf, def_slclen); - (void) end_slc(0); - free(def_slcbuf); - def_slcbuf = (unsigned char *)0; - def_slclen = 0; - } - -} /* end of deferslc */ - -#endif /* LINEMODE */ diff --git a/telnetd.tproj/state.c b/telnetd.tproj/state.c deleted file mode 100644 index 4785306..0000000 --- a/telnetd.tproj/state.c +++ /dev/null @@ -1,1591 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -#if 0 -static const char sccsid[] = "@(#)state.c 8.2 (Berkeley) 12/15/93"; -#endif -static const char rcsid[] = - "$FreeBSD: src/libexec/telnetd/state.c,v 1.13 2001/07/20 15:14:03 ru Exp $"; -#endif /* not lint */ - -#include -#include "telnetd.h" -#if defined(AUTHENTICATION) -#include -#endif - -unsigned char doopt[] = { IAC, DO, '%', 'c', 0 }; -unsigned char dont[] = { IAC, DONT, '%', 'c', 0 }; -unsigned char will[] = { IAC, WILL, '%', 'c', 0 }; -unsigned char wont[] = { IAC, WONT, '%', 'c', 0 }; -int not42 = 1; - -/* - * Buffer for sub-options, and macros - * for suboptions buffer manipulations - */ -unsigned char subbuffer[512], *subpointer= subbuffer, *subend= subbuffer; - -#define SB_CLEAR() subpointer = subbuffer -#define SB_TERM() { subend = subpointer; SB_CLEAR(); } -#define SB_ACCUM(c) if (subpointer < (subbuffer+sizeof subbuffer)) { \ - *subpointer++ = (c); \ - } -#define SB_GET() ((*subpointer++)&0xff) -#define SB_EOF() (subpointer >= subend) -#define SB_LEN() (subend - subpointer) - -#ifdef ENV_HACK -unsigned char *subsave; -#define SB_SAVE() subsave = subpointer; -#define SB_RESTORE() subpointer = subsave; -#endif - - -/* - * State for recv fsm - */ -#define TS_DATA 0 /* base state */ -#define TS_IAC 1 /* look for double IAC's */ -#define TS_CR 2 /* CR-LF ->'s CR */ -#define TS_SB 3 /* throw away begin's... */ -#define TS_SE 4 /* ...end's (suboption negotiation) */ -#define TS_WILL 5 /* will option negotiation */ -#define TS_WONT 6 /* wont " */ -#define TS_DO 7 /* do " */ -#define TS_DONT 8 /* dont " */ - - void -telrcv() -{ - register int c; - static int state = TS_DATA; -#if defined(CRAY2) && defined(UNICOS5) - char *opfrontp = pfrontp; -#endif - - while (ncc > 0) { - if ((&ptyobuf[BUFSIZ] - pfrontp) < 2) - break; - c = *netip++ & 0377, ncc--; - switch (state) { - - case TS_CR: - state = TS_DATA; - /* Strip off \n or \0 after a \r */ - if ((c == 0) || (c == '\n')) { - break; - } - /* FALL THROUGH */ - - case TS_DATA: - if (c == IAC) { - state = TS_IAC; - break; - } - /* - * We now map \r\n ==> \r for pragmatic reasons. - * Many client implementations send \r\n when - * the user hits the CarriageReturn key. - * - * We USED to map \r\n ==> \n, since \r\n says - * that we want to be in column 1 of the next - * printable line, and \n is the standard - * unix way of saying that (\r is only good - * if CRMOD is set, which it normally is). - */ - if ((c == '\r') && his_state_is_wont(TELOPT_BINARY)) { - int nc = *netip; -#ifdef LINEMODE - /* - * If we are operating in linemode, - * convert to local end-of-line. - */ - if (linemode && (ncc > 0) && (('\n' == nc) || - ((0 == nc) && tty_iscrnl())) ) { - netip++; ncc--; - c = '\n'; - } else -#endif - { - state = TS_CR; - } - } - *pfrontp++ = c; - break; - - case TS_IAC: -gotiac: switch (c) { - - /* - * Send the process on the pty side an - * interrupt. Do this with a NULL or - * interrupt char; depending on the tty mode. - */ - case IP: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - interrupt(); - break; - - case BREAK: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - sendbrk(); - break; - - /* - * Are You There? - */ - case AYT: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - recv_ayt(); - break; - - /* - * Abort Output - */ - case AO: - { - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - ptyflush(); /* half-hearted */ - init_termbuf(); - - if (slctab[SLC_AO].sptr && - *slctab[SLC_AO].sptr != (cc_t)(_POSIX_VDISABLE)) { - *pfrontp++ = - (unsigned char)*slctab[SLC_AO].sptr; - } - - netclear(); /* clear buffer back */ - output_data("%c%c", IAC, DM); - neturg = nfrontp-1; /* off by one XXX */ - DIAG(TD_OPTIONS, - printoption("td: send IAC", DM)); - break; - } - - /* - * Erase Character and - * Erase Line - */ - case EC: - case EL: - { - cc_t ch; - - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - ptyflush(); /* half-hearted */ - init_termbuf(); - if (c == EC) - ch = *slctab[SLC_EC].sptr; - else - ch = *slctab[SLC_EL].sptr; - if (ch != (cc_t)(_POSIX_VDISABLE)) - *pfrontp++ = (unsigned char)ch; - break; - } - - /* - * Check for urgent data... - */ - case DM: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - SYNCHing = stilloob(net); - settimer(gotDM); - break; - - - /* - * Begin option subnegotiation... - */ - case SB: - state = TS_SB; - SB_CLEAR(); - continue; - - case WILL: - state = TS_WILL; - continue; - - case WONT: - state = TS_WONT; - continue; - - case DO: - state = TS_DO; - continue; - - case DONT: - state = TS_DONT; - continue; - case EOR: - if (his_state_is_will(TELOPT_EOR)) - doeof(); - break; - - /* - * Handle RFC 10xx Telnet linemode option additions - * to command stream (EOF, SUSP, ABORT). - */ - case xEOF: - doeof(); - break; - - case SUSP: - sendsusp(); - break; - - case ABORT: - sendbrk(); - break; - - case IAC: - *pfrontp++ = c; - break; - } - state = TS_DATA; - break; - - case TS_SB: - if (c == IAC) { - state = TS_SE; - } else { - SB_ACCUM(c); - } - break; - - case TS_SE: - if (c != SE) { - if (c != IAC) { - /* - * bad form of suboption negotiation. - * handle it in such a way as to avoid - * damage to local state. Parse - * suboption buffer found so far, - * then treat remaining stream as - * another command sequence. - */ - - /* for DIAGNOSTICS */ - SB_ACCUM(IAC); - SB_ACCUM(c); - subpointer -= 2; - - SB_TERM(); - suboption(); - state = TS_IAC; - goto gotiac; - } - SB_ACCUM(c); - state = TS_SB; - } else { - /* for DIAGNOSTICS */ - SB_ACCUM(IAC); - SB_ACCUM(SE); - subpointer -= 2; - - SB_TERM(); - suboption(); /* handle sub-option */ - state = TS_DATA; - } - break; - - case TS_WILL: - willoption(c); - state = TS_DATA; - continue; - - case TS_WONT: - wontoption(c); - state = TS_DATA; - continue; - - case TS_DO: - dooption(c); - state = TS_DATA; - continue; - - case TS_DONT: - dontoption(c); - state = TS_DATA; - continue; - - default: - syslog(LOG_ERR, "panic state=%d", state); - printf("telnetd: panic state=%d\n", state); - exit(1); - } - } -#if defined(CRAY2) && defined(UNICOS5) - if (!linemode) { - char xptyobuf[BUFSIZ+NETSLOP]; - char xbuf2[BUFSIZ]; - register char *cp; - int n = pfrontp - opfrontp, oc; - memmove(xptyobuf, opfrontp, n); - pfrontp = opfrontp; - pfrontp += term_input(xptyobuf, pfrontp, n, BUFSIZ+NETSLOP, - xbuf2, &oc, BUFSIZ); - for (cp = xbuf2; oc > 0; --oc) - if ((*nfrontp++ = *cp++) == IAC) - *nfrontp++ = IAC; - } -#endif /* defined(CRAY2) && defined(UNICOS5) */ -} /* end of telrcv */ - -/* - * The will/wont/do/dont state machines are based on Dave Borman's - * Telnet option processing state machine. - * - * These correspond to the following states: - * my_state = the last negotiated state - * want_state = what I want the state to go to - * want_resp = how many requests I have sent - * All state defaults are negative, and resp defaults to 0. - * - * When initiating a request to change state to new_state: - * - * if ((want_resp == 0 && new_state == my_state) || want_state == new_state) { - * do nothing; - * } else { - * want_state = new_state; - * send new_state; - * want_resp++; - * } - * - * When receiving new_state: - * - * if (want_resp) { - * want_resp--; - * if (want_resp && (new_state == my_state)) - * want_resp--; - * } - * if ((want_resp == 0) && (new_state != want_state)) { - * if (ok_to_switch_to new_state) - * want_state = new_state; - * else - * want_resp++; - * send want_state; - * } - * my_state = new_state; - * - * Note that new_state is implied in these functions by the function itself. - * will and do imply positive new_state, wont and dont imply negative. - * - * Finally, there is one catch. If we send a negative response to a - * positive request, my_state will be the positive while want_state will - * remain negative. my_state will revert to negative when the negative - * acknowlegment arrives from the peer. Thus, my_state generally tells - * us not only the last negotiated state, but also tells us what the peer - * wants to be doing as well. It is important to understand this difference - * as we may wish to be processing data streams based on our desired state - * (want_state) or based on what the peer thinks the state is (my_state). - * - * This all works fine because if the peer sends a positive request, the data - * that we receive prior to negative acknowlegment will probably be affected - * by the positive state, and we can process it as such (if we can; if we - * can't then it really doesn't matter). If it is that important, then the - * peer probably should be buffering until this option state negotiation - * is complete. - * - */ - void -send_do(option, init) - int option, init; -{ - if (init) { - if ((do_dont_resp[option] == 0 && his_state_is_will(option)) || - his_want_state_is_will(option)) - return; - /* - * Special case for TELOPT_TM: We send a DO, but pretend - * that we sent a DONT, so that we can send more DOs if - * we want to. - */ - if (option == TELOPT_TM) - set_his_want_state_wont(option); - else - set_his_want_state_will(option); - do_dont_resp[option]++; - } - output_data((const char *)doopt, option); - - DIAG(TD_OPTIONS, printoption("td: send do", option)); -} - -#ifdef AUTHENTICATION -extern void auth_request(); -#endif -#ifdef LINEMODE -extern void doclientstat(); -#endif - - void -willoption(option) - int option; -{ - int changeok = 0; - void (*func)() = 0; - - /* - * process input from peer. - */ - - DIAG(TD_OPTIONS, printoption("td: recv will", option)); - - if (do_dont_resp[option]) { - do_dont_resp[option]--; - if (do_dont_resp[option] && his_state_is_will(option)) - do_dont_resp[option]--; - } - if (do_dont_resp[option] == 0) { - if (his_want_state_is_wont(option)) { - switch (option) { - - case TELOPT_BINARY: - init_termbuf(); - tty_binaryin(1); - set_termbuf(); - changeok++; - break; - - case TELOPT_ECHO: - /* - * See comments below for more info. - */ - not42 = 0; /* looks like a 4.2 system */ - break; - - case TELOPT_TM: -#if defined(LINEMODE) && defined(KLUDGELINEMODE) - /* - * This telnetd implementation does not really - * support timing marks, it just uses them to - * support the kludge linemode stuff. If we - * receive a will or wont TM in response to our - * do TM request that may have been sent to - * determine kludge linemode support, process - * it, otherwise TM should get a negative - * response back. - */ - /* - * Handle the linemode kludge stuff. - * If we are not currently supporting any - * linemode at all, then we assume that this - * is the client telling us to use kludge - * linemode in response to our query. Set the - * linemode type that is to be supported, note - * that the client wishes to use linemode, and - * eat the will TM as though it never arrived. - */ - if (lmodetype < KLUDGE_LINEMODE) { - lmodetype = KLUDGE_LINEMODE; - clientstat(TELOPT_LINEMODE, WILL, 0); - send_wont(TELOPT_SGA, 1); - } else if (lmodetype == NO_AUTOKLUDGE) { - lmodetype = KLUDGE_OK; - } -#endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */ - /* - * We never respond to a WILL TM, and - * we leave the state WONT. - */ - return; - - case TELOPT_LFLOW: - /* - * If we are going to support flow control - * option, then don't worry peer that we can't - * change the flow control characters. - */ - slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XON].defset.flag |= SLC_DEFAULT; - slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XOFF].defset.flag |= SLC_DEFAULT; - case TELOPT_TTYPE: - case TELOPT_SGA: - case TELOPT_NAWS: - case TELOPT_TSPEED: - case TELOPT_XDISPLOC: - case TELOPT_NEW_ENVIRON: - case TELOPT_OLD_ENVIRON: - changeok++; - break; - -#ifdef LINEMODE - case TELOPT_LINEMODE: -# ifdef KLUDGELINEMODE - /* - * Note client's desire to use linemode. - */ - lmodetype = REAL_LINEMODE; -# endif /* KLUDGELINEMODE */ - func = doclientstat; - changeok++; - break; -#endif /* LINEMODE */ - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - func = auth_request; - changeok++; - break; -#endif - - - default: - break; - } - if (changeok) { - set_his_want_state_will(option); - send_do(option, 0); - } else { - do_dont_resp[option]++; - send_dont(option, 0); - } - } else { - /* - * Option processing that should happen when - * we receive conformation of a change in - * state that we had requested. - */ - switch (option) { - case TELOPT_ECHO: - not42 = 0; /* looks like a 4.2 system */ - /* - * Egads, he responded "WILL ECHO". Turn - * it off right now! - */ - send_dont(option, 1); - /* - * "WILL ECHO". Kludge upon kludge! - * A 4.2 client is now echoing user input at - * the tty. This is probably undesireable and - * it should be stopped. The client will - * respond WONT TM to the DO TM that we send to - * check for kludge linemode. When the WONT TM - * arrives, linemode will be turned off and a - * change propogated to the pty. This change - * will cause us to process the new pty state - * in localstat(), which will notice that - * linemode is off and send a WILL ECHO - * so that we are properly in character mode and - * all is well. - */ - break; -#ifdef LINEMODE - case TELOPT_LINEMODE: -# ifdef KLUDGELINEMODE - /* - * Note client's desire to use linemode. - */ - lmodetype = REAL_LINEMODE; -# endif /* KLUDGELINEMODE */ - func = doclientstat; - break; -#endif /* LINEMODE */ - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - func = auth_request; - break; -#endif - - case TELOPT_LFLOW: - func = flowstat; - break; - } - } - } - set_his_state_will(option); - if (func) - (*func)(); -} /* end of willoption */ - - void -send_dont(option, init) - int option, init; -{ - if (init) { - if ((do_dont_resp[option] == 0 && his_state_is_wont(option)) || - his_want_state_is_wont(option)) - return; - set_his_want_state_wont(option); - do_dont_resp[option]++; - } - output_data((const char *)dont, option); - - DIAG(TD_OPTIONS, printoption("td: send dont", option)); -} - - void -wontoption(option) - int option; -{ - /* - * Process client input. - */ - - DIAG(TD_OPTIONS, printoption("td: recv wont", option)); - - if (do_dont_resp[option]) { - do_dont_resp[option]--; - if (do_dont_resp[option] && his_state_is_wont(option)) - do_dont_resp[option]--; - } - if (do_dont_resp[option] == 0) { - if (his_want_state_is_will(option)) { - /* it is always ok to change to negative state */ - switch (option) { - case TELOPT_ECHO: - not42 = 1; /* doesn't seem to be a 4.2 system */ - break; - - case TELOPT_BINARY: - init_termbuf(); - tty_binaryin(0); - set_termbuf(); - break; - -#ifdef LINEMODE - case TELOPT_LINEMODE: -# ifdef KLUDGELINEMODE - /* - * If real linemode is supported, then client is - * asking to turn linemode off. - */ - if (lmodetype != REAL_LINEMODE) - break; - lmodetype = KLUDGE_LINEMODE; -# endif /* KLUDGELINEMODE */ - clientstat(TELOPT_LINEMODE, WONT, 0); - break; -#endif /* LINEMODE */ - - case TELOPT_TM: - /* - * If we get a WONT TM, and had sent a DO TM, - * don't respond with a DONT TM, just leave it - * as is. Short circut the state machine to - * achive this. - */ - set_his_want_state_wont(TELOPT_TM); - return; - - case TELOPT_LFLOW: - /* - * If we are not going to support flow control - * option, then let peer know that we can't - * change the flow control characters. - */ - slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XON].defset.flag |= SLC_CANTCHANGE; - slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XOFF].defset.flag |= SLC_CANTCHANGE; - break; - -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); - break; -#endif - - /* - * For options that we might spin waiting for - * sub-negotiation, if the client turns off the - * option rather than responding to the request, - * we have to treat it here as if we got a response - * to the sub-negotiation, (by updating the timers) - * so that we'll break out of the loop. - */ - case TELOPT_TTYPE: - settimer(ttypesubopt); - break; - - case TELOPT_TSPEED: - settimer(tspeedsubopt); - break; - - case TELOPT_XDISPLOC: - settimer(xdisplocsubopt); - break; - - case TELOPT_OLD_ENVIRON: - settimer(oenvironsubopt); - break; - - case TELOPT_NEW_ENVIRON: - settimer(environsubopt); - break; - - default: - break; - } - set_his_want_state_wont(option); - if (his_state_is_will(option)) - send_dont(option, 0); - } else { - switch (option) { - case TELOPT_TM: -#if defined(LINEMODE) && defined(KLUDGELINEMODE) - if (lmodetype < NO_AUTOKLUDGE) { - lmodetype = NO_LINEMODE; - clientstat(TELOPT_LINEMODE, WONT, 0); - send_will(TELOPT_SGA, 1); - send_will(TELOPT_ECHO, 1); - } -#endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */ - break; - -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); - break; -#endif - default: - break; - } - } - } - set_his_state_wont(option); - -} /* end of wontoption */ - - void -send_will(option, init) - int option, init; -{ - if (init) { - if ((will_wont_resp[option] == 0 && my_state_is_will(option))|| - my_want_state_is_will(option)) - return; - set_my_want_state_will(option); - will_wont_resp[option]++; - } - output_data((const char *)will, option); - - DIAG(TD_OPTIONS, printoption("td: send will", option)); -} - -#if !defined(LINEMODE) || !defined(KLUDGELINEMODE) -/* - * When we get a DONT SGA, we will try once to turn it - * back on. If the other side responds DONT SGA, we - * leave it at that. This is so that when we talk to - * clients that understand KLUDGELINEMODE but not LINEMODE, - * we'll keep them in char-at-a-time mode. - */ -int turn_on_sga = 0; -#endif - - void -dooption(option) - int option; -{ - int changeok = 0; - - /* - * Process client input. - */ - - DIAG(TD_OPTIONS, printoption("td: recv do", option)); - - if (will_wont_resp[option]) { - will_wont_resp[option]--; - if (will_wont_resp[option] && my_state_is_will(option)) - will_wont_resp[option]--; - } - if ((will_wont_resp[option] == 0) && (my_want_state_is_wont(option))) { - switch (option) { - case TELOPT_ECHO: -#ifdef LINEMODE -# ifdef KLUDGELINEMODE - if (lmodetype == NO_LINEMODE) -# else - if (his_state_is_wont(TELOPT_LINEMODE)) -# endif -#endif - { - init_termbuf(); - tty_setecho(1); - set_termbuf(); - } - changeok++; - break; - - case TELOPT_BINARY: - init_termbuf(); - tty_binaryout(1); - set_termbuf(); - changeok++; - break; - - case TELOPT_SGA: -#if defined(LINEMODE) && defined(KLUDGELINEMODE) - /* - * If kludge linemode is in use, then we must - * process an incoming do SGA for linemode - * purposes. - */ - if (lmodetype == KLUDGE_LINEMODE) { - /* - * Receipt of "do SGA" in kludge - * linemode is the peer asking us to - * turn off linemode. Make note of - * the request. - */ - clientstat(TELOPT_LINEMODE, WONT, 0); - /* - * If linemode did not get turned off - * then don't tell peer that we did. - * Breaking here forces a wont SGA to - * be returned. - */ - if (linemode) - break; - } -#else - turn_on_sga = 0; -#endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */ - changeok++; - break; - - case TELOPT_STATUS: - changeok++; - break; - - case TELOPT_TM: - /* - * Special case for TM. We send a WILL, but - * pretend we sent a WONT. - */ - send_will(option, 0); - set_my_want_state_wont(option); - set_my_state_wont(option); - return; - - case TELOPT_LOGOUT: - /* - * When we get a LOGOUT option, respond - * with a WILL LOGOUT, make sure that - * it gets written out to the network, - * and then just go away... - */ - set_my_want_state_will(TELOPT_LOGOUT); - send_will(TELOPT_LOGOUT, 0); - set_my_state_will(TELOPT_LOGOUT); - (void)netflush(); - cleanup(0); - /* NOT REACHED */ - break; - - case TELOPT_LINEMODE: - case TELOPT_TTYPE: - case TELOPT_NAWS: - case TELOPT_TSPEED: - case TELOPT_LFLOW: - case TELOPT_XDISPLOC: -#ifdef TELOPT_ENVIRON - case TELOPT_NEW_ENVIRON: -#endif - case TELOPT_OLD_ENVIRON: - default: - break; - } - if (changeok) { - set_my_want_state_will(option); - send_will(option, 0); - } else { - will_wont_resp[option]++; - send_wont(option, 0); - } - } - set_my_state_will(option); - -} /* end of dooption */ - - void -send_wont(option, init) - int option, init; -{ - if (init) { - if ((will_wont_resp[option] == 0 && my_state_is_wont(option)) || - my_want_state_is_wont(option)) - return; - set_my_want_state_wont(option); - will_wont_resp[option]++; - } - output_data((const char *)wont, option); - - DIAG(TD_OPTIONS, printoption("td: send wont", option)); -} - - void -dontoption(option) - int option; -{ - /* - * Process client input. - */ - - - DIAG(TD_OPTIONS, printoption("td: recv dont", option)); - - if (will_wont_resp[option]) { - will_wont_resp[option]--; - if (will_wont_resp[option] && my_state_is_wont(option)) - will_wont_resp[option]--; - } - if ((will_wont_resp[option] == 0) && (my_want_state_is_will(option))) { - switch (option) { - case TELOPT_BINARY: - init_termbuf(); - tty_binaryout(0); - set_termbuf(); - break; - - case TELOPT_ECHO: /* we should stop echoing */ -#ifdef LINEMODE -# ifdef KLUDGELINEMODE - if ((lmodetype != REAL_LINEMODE) && - (lmodetype != KLUDGE_LINEMODE)) -# else - if (his_state_is_wont(TELOPT_LINEMODE)) -# endif -#endif - { - init_termbuf(); - tty_setecho(0); - set_termbuf(); - } - break; - - case TELOPT_SGA: -#if defined(LINEMODE) && defined(KLUDGELINEMODE) - /* - * If kludge linemode is in use, then we - * must process an incoming do SGA for - * linemode purposes. - */ - if ((lmodetype == KLUDGE_LINEMODE) || - (lmodetype == KLUDGE_OK)) { - /* - * The client is asking us to turn - * linemode on. - */ - lmodetype = KLUDGE_LINEMODE; - clientstat(TELOPT_LINEMODE, WILL, 0); - /* - * If we did not turn line mode on, - * then what do we say? Will SGA? - * This violates design of telnet. - * Gross. Very Gross. - */ - } - break; -#else - set_my_want_state_wont(option); - if (my_state_is_will(option)) - send_wont(option, 0); - set_my_state_wont(option); - if (turn_on_sga ^= 1) - send_will(option, 1); - return; -#endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */ - - default: - break; - } - - set_my_want_state_wont(option); - if (my_state_is_will(option)) - send_wont(option, 0); - } - set_my_state_wont(option); - -} /* end of dontoption */ - -#ifdef ENV_HACK -int env_ovar = -1; -int env_ovalue = -1; -#else /* ENV_HACK */ -# define env_ovar OLD_ENV_VAR -# define env_ovalue OLD_ENV_VALUE -#endif /* ENV_HACK */ - -/* - * suboption() - * - * Look at the sub-option buffer, and try to be helpful to the other - * side. - * - * Currently we recognize: - * - * Terminal type is - * Linemode - * Window size - * Terminal speed - */ - void -suboption() -{ - register int subchar; - - DIAG(TD_OPTIONS, {netflush(); printsub('<', subpointer, SB_LEN()+2);}); - - subchar = SB_GET(); - switch (subchar) { - case TELOPT_TSPEED: { - register int xspeed, rspeed; - - if (his_state_is_wont(TELOPT_TSPEED)) /* Ignore if option disabled */ - break; - - settimer(tspeedsubopt); - - if (SB_EOF() || SB_GET() != TELQUAL_IS) - return; - - xspeed = atoi((char *)subpointer); - - while (SB_GET() != ',' && !SB_EOF()); - if (SB_EOF()) - return; - - rspeed = atoi((char *)subpointer); - clientstat(TELOPT_TSPEED, xspeed, rspeed); - - break; - - } /* end of case TELOPT_TSPEED */ - - case TELOPT_TTYPE: { /* Yaaaay! */ - static char terminalname[41]; - - if (his_state_is_wont(TELOPT_TTYPE)) /* Ignore if option disabled */ - break; - settimer(ttypesubopt); - - if (SB_EOF() || SB_GET() != TELQUAL_IS) { - return; /* ??? XXX but, this is the most robust */ - } - - terminaltype = terminalname; - - while ((terminaltype < (terminalname + sizeof terminalname-1)) && - !SB_EOF()) { - register int c; - - c = SB_GET(); - if (isupper(c)) { - c = tolower(c); - } - *terminaltype++ = c; /* accumulate name */ - } - *terminaltype = 0; - terminaltype = terminalname; - break; - } /* end of case TELOPT_TTYPE */ - - case TELOPT_NAWS: { - register int xwinsize, ywinsize; - - if (his_state_is_wont(TELOPT_NAWS)) /* Ignore if option disabled */ - break; - - if (SB_EOF()) - return; - xwinsize = SB_GET() << 8; - if (SB_EOF()) - return; - xwinsize |= SB_GET(); - if (SB_EOF()) - return; - ywinsize = SB_GET() << 8; - if (SB_EOF()) - return; - ywinsize |= SB_GET(); - clientstat(TELOPT_NAWS, xwinsize, ywinsize); - - break; - - } /* end of case TELOPT_NAWS */ - -#ifdef LINEMODE - case TELOPT_LINEMODE: { - register int request; - - if (his_state_is_wont(TELOPT_LINEMODE)) /* Ignore if option disabled */ - break; - /* - * Process linemode suboptions. - */ - if (SB_EOF()) - break; /* garbage was sent */ - request = SB_GET(); /* get will/wont */ - - if (SB_EOF()) - break; /* another garbage check */ - - if (request == LM_SLC) { /* SLC is not preceded by WILL or WONT */ - /* - * Process suboption buffer of slc's - */ - start_slc(1); - do_opt_slc(subpointer, subend - subpointer); - (void) end_slc(0); - break; - } else if (request == LM_MODE) { - if (SB_EOF()) - return; - useeditmode = SB_GET(); /* get mode flag */ - clientstat(LM_MODE, 0, 0); - break; - } - - if (SB_EOF()) - break; - switch (SB_GET()) { /* what suboption? */ - case LM_FORWARDMASK: - /* - * According to spec, only server can send request for - * forwardmask, and client can only return a positive response. - * So don't worry about it. - */ - - default: - break; - } - break; - } /* end of case TELOPT_LINEMODE */ -#endif - case TELOPT_STATUS: { - int mode; - - if (SB_EOF()) - break; - mode = SB_GET(); - switch (mode) { - case TELQUAL_SEND: - if (my_state_is_will(TELOPT_STATUS)) - send_status(); - break; - - case TELQUAL_IS: - break; - - default: - break; - } - break; - } /* end of case TELOPT_STATUS */ - - case TELOPT_XDISPLOC: { - if (SB_EOF() || SB_GET() != TELQUAL_IS) - return; - settimer(xdisplocsubopt); - subpointer[SB_LEN()] = '\0'; - (void)setenv("DISPLAY", (char *)subpointer, 1); - break; - } /* end of case TELOPT_XDISPLOC */ - -#ifdef TELOPT_NEW_ENVIRON - case TELOPT_NEW_ENVIRON: -#endif - case TELOPT_OLD_ENVIRON: { - register int c; - register char *cp, *varp, *valp; - - if (SB_EOF()) - return; - c = SB_GET(); - if (c == TELQUAL_IS) { - if (subchar == TELOPT_OLD_ENVIRON) - settimer(oenvironsubopt); - else - settimer(environsubopt); - } else if (c != TELQUAL_INFO) { - return; - } - -#ifdef TELOPT_NEW_ENVIRON - if (subchar == TELOPT_NEW_ENVIRON) { - while (!SB_EOF()) { - c = SB_GET(); - if ((c == NEW_ENV_VAR) || (c == ENV_USERVAR)) - break; - } - } else -#endif - { -#ifdef ENV_HACK - /* - * We only want to do this if we haven't already decided - * whether or not the other side has its VALUE and VAR - * reversed. - */ - if (env_ovar < 0) { - register int last = -1; /* invalid value */ - int empty = 0; - int got_var = 0, got_value = 0, got_uservar = 0; - - /* - * The other side might have its VALUE and VAR values - * reversed. To be interoperable, we need to determine - * which way it is. If the first recognized character - * is a VAR or VALUE, then that will tell us what - * type of client it is. If the fist recognized - * character is a USERVAR, then we continue scanning - * the suboption looking for two consecutive - * VAR or VALUE fields. We should not get two - * consecutive VALUE fields, so finding two - * consecutive VALUE or VAR fields will tell us - * what the client is. - */ - SB_SAVE(); - while (!SB_EOF()) { - c = SB_GET(); - switch(c) { - case OLD_ENV_VAR: - if (last < 0 || last == OLD_ENV_VAR - || (empty && (last == OLD_ENV_VALUE))) - goto env_ovar_ok; - got_var++; - last = OLD_ENV_VAR; - break; - case OLD_ENV_VALUE: - if (last < 0 || last == OLD_ENV_VALUE - || (empty && (last == OLD_ENV_VAR))) - goto env_ovar_wrong; - got_value++; - last = OLD_ENV_VALUE; - break; - case ENV_USERVAR: - /* count strings of USERVAR as one */ - if (last != ENV_USERVAR) - got_uservar++; - if (empty) { - if (last == OLD_ENV_VALUE) - goto env_ovar_ok; - if (last == OLD_ENV_VAR) - goto env_ovar_wrong; - } - last = ENV_USERVAR; - break; - case ENV_ESC: - if (!SB_EOF()) - c = SB_GET(); - /* FALL THROUGH */ - default: - empty = 0; - continue; - } - empty = 1; - } - if (empty) { - if (last == OLD_ENV_VALUE) - goto env_ovar_ok; - if (last == OLD_ENV_VAR) - goto env_ovar_wrong; - } - /* - * Ok, the first thing was a USERVAR, and there - * are not two consecutive VAR or VALUE commands, - * and none of the VAR or VALUE commands are empty. - * If the client has sent us a well-formed option, - * then the number of VALUEs received should always - * be less than or equal to the number of VARs and - * USERVARs received. - * - * If we got exactly as many VALUEs as VARs and - * USERVARs, the client has the same definitions. - * - * If we got exactly as many VARs as VALUEs and - * USERVARS, the client has reversed definitions. - */ - if (got_uservar + got_var == got_value) { - env_ovar_ok: - env_ovar = OLD_ENV_VAR; - env_ovalue = OLD_ENV_VALUE; - } else if (got_uservar + got_value == got_var) { - env_ovar_wrong: - env_ovar = OLD_ENV_VALUE; - env_ovalue = OLD_ENV_VAR; - DIAG(TD_OPTIONS, - output_data("ENVIRON VALUE and VAR are reversed!\r\n")); - - } - } - SB_RESTORE(); -#endif - - while (!SB_EOF()) { - c = SB_GET(); - if ((c == env_ovar) || (c == ENV_USERVAR)) - break; - } - } - - if (SB_EOF()) - return; - - cp = varp = (char *)subpointer; - valp = 0; - - while (!SB_EOF()) { - c = SB_GET(); - if (subchar == TELOPT_OLD_ENVIRON) { - if (c == env_ovar) - c = NEW_ENV_VAR; - else if (c == env_ovalue) - c = NEW_ENV_VALUE; - } - switch (c) { - - case NEW_ENV_VALUE: - *cp = '\0'; - cp = valp = (char *)subpointer; - break; - - case NEW_ENV_VAR: - case ENV_USERVAR: - *cp = '\0'; - if (valp) - (void)setenv(varp, valp, 1); - else - unsetenv(varp); - cp = varp = (char *)subpointer; - valp = 0; - break; - - case ENV_ESC: - if (SB_EOF()) - break; - c = SB_GET(); - /* FALL THROUGH */ - default: - *cp++ = c; - break; - } - } - *cp = '\0'; - if (valp) - (void)setenv(varp, valp, 1); - else - unsetenv(varp); - break; - } /* end of case TELOPT_NEW_ENVIRON */ -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: - if (SB_EOF()) - break; - switch(SB_GET()) { - case TELQUAL_SEND: - case TELQUAL_REPLY: - /* - * These are sent by us and cannot be sent by - * the client. - */ - break; - case TELQUAL_IS: - auth_is(subpointer, SB_LEN()); - break; - case TELQUAL_NAME: - auth_name(subpointer, SB_LEN()); - break; - } - break; -#endif - - default: - break; - } /* end of switch */ - -} /* end of suboption */ - - void -doclientstat() -{ - clientstat(TELOPT_LINEMODE, WILL, 0); -} - -#define ADD(c) *ncp++ = c -#define ADD_DATA(c) { *ncp++ = c; if (c == SE) *ncp++ = c; } - void -send_status() -{ - unsigned char statusbuf[256]; - register unsigned char *ncp; - register unsigned char i; - - ncp = statusbuf; - - netflush(); /* get rid of anything waiting to go out */ - - ADD(IAC); - ADD(SB); - ADD(TELOPT_STATUS); - ADD(TELQUAL_IS); - - /* - * We check the want_state rather than the current state, - * because if we received a DO/WILL for an option that we - * don't support, and the other side didn't send a DONT/WONT - * in response to our WONT/DONT, then the "state" will be - * WILL/DO, and the "want_state" will be WONT/DONT. We - * need to go by the latter. - */ - for (i = 0; i < (unsigned char)NTELOPTS; i++) { - if (my_want_state_is_will(i)) { - ADD(WILL); - ADD_DATA(i); - if (i == IAC) - ADD(IAC); - } - if (his_want_state_is_will(i)) { - ADD(DO); - ADD_DATA(i); - if (i == IAC) - ADD(IAC); - } - } - - if (his_want_state_is_will(TELOPT_LFLOW)) { - ADD(SB); - ADD(TELOPT_LFLOW); - if (flowmode) { - ADD(LFLOW_ON); - } else { - ADD(LFLOW_OFF); - } - ADD(SE); - - if (restartany >= 0) { - ADD(SB); - ADD(TELOPT_LFLOW); - if (restartany) { - ADD(LFLOW_RESTART_ANY); - } else { - ADD(LFLOW_RESTART_XON); - } - ADD(SE); - ADD(SB); - } - } - -#ifdef LINEMODE - if (his_want_state_is_will(TELOPT_LINEMODE)) { - unsigned char *cp, *cpe; - int len; - - ADD(SB); - ADD(TELOPT_LINEMODE); - ADD(LM_MODE); - ADD_DATA(editmode); - if (editmode == IAC) - ADD(IAC); - ADD(SE); - - ADD(SB); - ADD(TELOPT_LINEMODE); - ADD(LM_SLC); - start_slc(0); - send_slc(); - len = end_slc(&cp); - for (cpe = cp + len; cp < cpe; cp++) - ADD_DATA(*cp); - ADD(SE); - } -#endif /* LINEMODE */ - - ADD(IAC); - ADD(SE); - - output_datalen(statusbuf, ncp - statusbuf); - netflush(); /* Send it on its way */ - - DIAG(TD_OPTIONS, - {printsub('>', statusbuf, ncp - statusbuf); netflush();}); -} - -/* - * This function appends data to nfrontp and advances nfrontp. - * Returns the number of characters written altogether (the - * buffer may have been flushed in the process). - */ - -int -output_data(const char *format, ...) -{ - va_list args; - int len; - char *buf; - - va_start(args, format); - if ((len = vasprintf(&buf, format, args)) == -1) - return -1; - output_datalen(buf, len); - va_end(args); - free(buf); - return (len); -} - -void -output_datalen(const char *buf, int len) -{ - int remaining, copied; - - remaining = BUFSIZ - (nfrontp - netobuf); - while (len > 0) { - /* Free up enough space if the room is too low*/ - if ((len > BUFSIZ ? BUFSIZ : len) > remaining) { - netflush(); - remaining = BUFSIZ - (nfrontp - netobuf); - } - - /* Copy out as much as will fit */ - copied = remaining > len ? len : remaining; - memmove(nfrontp, buf, copied); - nfrontp += copied; - len -= copied; - remaining -= copied; - buf += copied; - } - return; -} diff --git a/telnetd.tproj/strlcpy.c b/telnetd.tproj/strlcpy.c deleted file mode 100644 index 9b39b41..0000000 --- a/telnetd.tproj/strlcpy.c +++ /dev/null @@ -1,74 +0,0 @@ -/* $OpenBSD: strlcpy.c,v 1.4 1999/05/01 18:56:41 millert Exp $ */ - -/* - * Copyright (c) 1998 Todd C. Miller - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL - * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; - * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -#if 0 -static char *rcsid = "$OpenBSD: strlcpy.c,v 1.4 1999/05/01 18:56:41 millert Exp $"; -#endif -#endif /* LIBC_SCCS and not lint */ -#ifndef lint -static const char rcsid[] = - "$FreeBSD: src/lib/libc/string/strlcpy.c,v 1.3 2001/05/24 08:47:41 obrien Exp $"; -#endif - -#include -#include - -/* - * Copy src to string dst of size siz. At most siz-1 characters - * will be copied. Always NUL terminates (unless siz == 0). - * Returns strlen(src); if retval >= siz, truncation occurred. - */ -size_t strlcpy(dst, src, siz) - char *dst; - const char *src; - size_t siz; -{ - register char *d = dst; - register const char *s = src; - register size_t n = siz; - - /* Copy as many bytes as will fit */ - if (n != 0 && --n != 0) { - do { - if ((*d++ = *s++) == 0) - break; - } while (--n != 0); - } - - /* Not enough room in dst, add NUL and traverse rest of src */ - if (n == 0) { - if (siz != 0) - *d = '\0'; /* NUL-terminate dst */ - while (*s++) - ; - } - - return(s - src - 1); /* count does not include NUL */ -} diff --git a/telnetd.tproj/sys_term.c b/telnetd.tproj/sys_term.c deleted file mode 100644 index 25b1fe8..0000000 --- a/telnetd.tproj/sys_term.c +++ /dev/null @@ -1,2227 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -#if 0 -static const char sccsid[] = "@(#)sys_term.c 8.2 (Berkeley) 12/15/93"; -#endif -static const char rcsid[] = - "$FreeBSD: src/libexec/telnetd/sys_term.c,v 1.31 2001/07/09 09:23:42 brian Exp $"; -#endif /* not lint */ - -#include -#include "telnetd.h" -#include "pathnames.h" - -#if defined(AUTHENTICATION) -#include -#endif - -extern char *altlogin; - -#if defined(CRAY) || defined(__hpux) -# define PARENT_DOES_UTMP -#endif - -#ifdef NEWINIT -#include -#else /* NEWINIT*/ -# ifdef UTMPX -# include -struct utmpx wtmp; -# else -# include -struct utmp wtmp; -# endif /* UTMPX */ - -# ifndef PARENT_DOES_UTMP -#ifdef _PATH_WTMP -char wtmpf[] = _PATH_WTMP; -#else -char wtmpf[] = "/usr/adm/wtmp"; -#endif -#ifdef _PATH_UTMP -char utmpf[] = _PATH_UTMP; -#else -char utmpf[] = "/etc/utmp"; -#endif -# else /* PARENT_DOES_UTMP */ -char wtmpf[] = "/etc/wtmp"; -# endif /* PARENT_DOES_UTMP */ - -# ifdef CRAY -#include -#include -# if defined(_SC_CRAY_SECURE_SYS) && !defined(SCM_SECURITY) - /* - * UNICOS 6.0/6.1 do not have SCM_SECURITY defined, so we can - * use it to tell us to turn off all the socket security code, - * since that is only used in UNICOS 7.0 and later. - */ -# undef _SC_CRAY_SECURE_SYS -# endif - -# if defined(_SC_CRAY_SECURE_SYS) -#include -#include -extern int secflag; -extern struct sysv sysv; -# endif /* _SC_CRAY_SECURE_SYS */ -# endif /* CRAY */ -#endif /* NEWINIT */ - -#ifdef STREAMSPTY -#include -#include -#endif - -#define SCPYN(a, b) (void) strncpy(a, b, sizeof(a)) -#define SCMPN(a, b) strncmp(a, b, sizeof(a)) - -#ifdef STREAMS -#include -#endif -#ifdef __hpux -#include -#include -#endif -#include -#ifdef t_erase -#undef t_erase -#undef t_kill -#undef t_intrc -#undef t_quitc -#undef t_startc -#undef t_stopc -#undef t_eofc -#undef t_brkc -#undef t_suspc -#undef t_dsuspc -#undef t_rprntc -#undef t_flushc -#undef t_werasc -#undef t_lnextc -#endif - -#if defined(UNICOS5) && defined(CRAY2) && !defined(EXTPROC) -# define EXTPROC 0400 -#endif - -#ifndef USE_TERMIO -struct termbuf { - struct sgttyb sg; - struct tchars tc; - struct ltchars ltc; - int state; - int lflags; -} termbuf, termbuf2; -# define cfsetospeed(tp, val) (tp)->sg.sg_ospeed = (val) -# define cfsetispeed(tp, val) (tp)->sg.sg_ispeed = (val) -# define cfgetospeed(tp) (tp)->sg.sg_ospeed -# define cfgetispeed(tp) (tp)->sg.sg_ispeed -#else /* USE_TERMIO */ -# ifdef SYSV_TERMIO -# define termios termio -# endif -# ifndef TCSANOW -# ifdef TCSETS -# define TCSANOW TCSETS -# define TCSADRAIN TCSETSW -# define tcgetattr(f, t) ioctl(f, TCGETS, (char *)t) -# else -# ifdef TCSETA -# define TCSANOW TCSETA -# define TCSADRAIN TCSETAW -# define tcgetattr(f, t) ioctl(f, TCGETA, (char *)t) -# else -# define TCSANOW TIOCSETA -# define TCSADRAIN TIOCSETAW -# define tcgetattr(f, t) ioctl(f, TIOCGETA, (char *)t) -# endif -# endif -# define tcsetattr(f, a, t) ioctl(f, a, t) -# define cfsetospeed(tp, val) (tp)->c_cflag &= ~CBAUD; \ - (tp)->c_cflag |= (val) -# define cfgetospeed(tp) ((tp)->c_cflag & CBAUD) -# ifdef CIBAUD -# define cfsetispeed(tp, val) (tp)->c_cflag &= ~CIBAUD; \ - (tp)->c_cflag |= ((val)<c_cflag & CIBAUD)>>IBSHIFT) -# else -# define cfsetispeed(tp, val) (tp)->c_cflag &= ~CBAUD; \ - (tp)->c_cflag |= (val) -# define cfgetispeed(tp) ((tp)->c_cflag & CBAUD) -# endif -# endif /* TCSANOW */ -struct termios termbuf, termbuf2; /* pty control structure */ -# ifdef STREAMSPTY -int ttyfd = -1; -# endif -#endif /* USE_TERMIO */ - -#include -#include - -int cleanopen __P((char *)); -void scrub_env __P((void)); - -/* - * init_termbuf() - * copy_termbuf(cp) - * set_termbuf() - * - * These three routines are used to get and set the "termbuf" structure - * to and from the kernel. init_termbuf() gets the current settings. - * copy_termbuf() hands in a new "termbuf" to write to the kernel, and - * set_termbuf() writes the structure into the kernel. - */ - - void -init_termbuf() -{ -#ifndef USE_TERMIO - (void) ioctl(pty, TIOCGETP, (char *)&termbuf.sg); - (void) ioctl(pty, TIOCGETC, (char *)&termbuf.tc); - (void) ioctl(pty, TIOCGLTC, (char *)&termbuf.ltc); -# ifdef TIOCGSTATE - (void) ioctl(pty, TIOCGSTATE, (char *)&termbuf.state); -# endif -#else -# ifdef STREAMSPTY - (void) tcgetattr(ttyfd, &termbuf); -# else - (void) tcgetattr(pty, &termbuf); -# endif -#endif - termbuf2 = termbuf; -} - -#if defined(LINEMODE) && defined(TIOCPKT_IOCTL) - void -copy_termbuf(cp, len) - char *cp; - int len; -{ - if (len > sizeof(termbuf)) - len = sizeof(termbuf); - memmove((char *)&termbuf, cp, len); - termbuf2 = termbuf; -} -#endif /* defined(LINEMODE) && defined(TIOCPKT_IOCTL) */ - - void -set_termbuf() -{ - /* - * Only make the necessary changes. - */ -#ifndef USE_TERMIO - if (bcmp((char *)&termbuf.sg, (char *)&termbuf2.sg, sizeof(termbuf.sg))) - (void) ioctl(pty, TIOCSETN, (char *)&termbuf.sg); - if (bcmp((char *)&termbuf.tc, (char *)&termbuf2.tc, sizeof(termbuf.tc))) - (void) ioctl(pty, TIOCSETC, (char *)&termbuf.tc); - if (bcmp((char *)&termbuf.ltc, (char *)&termbuf2.ltc, - sizeof(termbuf.ltc))) - (void) ioctl(pty, TIOCSLTC, (char *)&termbuf.ltc); - if (termbuf.lflags != termbuf2.lflags) - (void) ioctl(pty, TIOCLSET, (char *)&termbuf.lflags); -#else /* USE_TERMIO */ - if (bcmp((char *)&termbuf, (char *)&termbuf2, sizeof(termbuf))) -# ifdef STREAMSPTY - (void) tcsetattr(ttyfd, TCSANOW, &termbuf); -# else - (void) tcsetattr(pty, TCSANOW, &termbuf); -# endif -# if defined(CRAY2) && defined(UNICOS5) - needtermstat = 1; -# endif -#endif /* USE_TERMIO */ -} - - -/* - * spcset(func, valp, valpp) - * - * This function takes various special characters (func), and - * sets *valp to the current value of that character, and - * *valpp to point to where in the "termbuf" structure that - * value is kept. - * - * It returns the SLC_ level of support for this function. - */ - -#ifndef USE_TERMIO - int -spcset(func, valp, valpp) - int func; - cc_t *valp; - cc_t **valpp; -{ - switch(func) { - case SLC_EOF: - *valp = termbuf.tc.t_eofc; - *valpp = (cc_t *)&termbuf.tc.t_eofc; - return(SLC_VARIABLE); - case SLC_EC: - *valp = termbuf.sg.sg_erase; - *valpp = (cc_t *)&termbuf.sg.sg_erase; - return(SLC_VARIABLE); - case SLC_EL: - *valp = termbuf.sg.sg_kill; - *valpp = (cc_t *)&termbuf.sg.sg_kill; - return(SLC_VARIABLE); - case SLC_IP: - *valp = termbuf.tc.t_intrc; - *valpp = (cc_t *)&termbuf.tc.t_intrc; - return(SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT); - case SLC_ABORT: - *valp = termbuf.tc.t_quitc; - *valpp = (cc_t *)&termbuf.tc.t_quitc; - return(SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT); - case SLC_XON: - *valp = termbuf.tc.t_startc; - *valpp = (cc_t *)&termbuf.tc.t_startc; - return(SLC_VARIABLE); - case SLC_XOFF: - *valp = termbuf.tc.t_stopc; - *valpp = (cc_t *)&termbuf.tc.t_stopc; - return(SLC_VARIABLE); - case SLC_AO: - *valp = termbuf.ltc.t_flushc; - *valpp = (cc_t *)&termbuf.ltc.t_flushc; - return(SLC_VARIABLE); - case SLC_SUSP: - *valp = termbuf.ltc.t_suspc; - *valpp = (cc_t *)&termbuf.ltc.t_suspc; - return(SLC_VARIABLE); - case SLC_EW: - *valp = termbuf.ltc.t_werasc; - *valpp = (cc_t *)&termbuf.ltc.t_werasc; - return(SLC_VARIABLE); - case SLC_RP: - *valp = termbuf.ltc.t_rprntc; - *valpp = (cc_t *)&termbuf.ltc.t_rprntc; - return(SLC_VARIABLE); - case SLC_LNEXT: - *valp = termbuf.ltc.t_lnextc; - *valpp = (cc_t *)&termbuf.ltc.t_lnextc; - return(SLC_VARIABLE); - case SLC_FORW1: - *valp = termbuf.tc.t_brkc; - *valpp = (cc_t *)&termbuf.ltc.t_lnextc; - return(SLC_VARIABLE); - case SLC_BRK: - case SLC_SYNCH: - case SLC_AYT: - case SLC_EOR: - *valp = (cc_t)0; - *valpp = (cc_t *)0; - return(SLC_DEFAULT); - default: - *valp = (cc_t)0; - *valpp = (cc_t *)0; - return(SLC_NOSUPPORT); - } -} - -#else /* USE_TERMIO */ - - int -spcset(func, valp, valpp) - int func; - cc_t *valp; - cc_t **valpp; -{ - -#define setval(a, b) *valp = termbuf.c_cc[a]; \ - *valpp = &termbuf.c_cc[a]; \ - return(b); -#define defval(a) *valp = ((cc_t)a); *valpp = (cc_t *)0; return(SLC_DEFAULT); - - switch(func) { - case SLC_EOF: - setval(VEOF, SLC_VARIABLE); - case SLC_EC: - setval(VERASE, SLC_VARIABLE); - case SLC_EL: - setval(VKILL, SLC_VARIABLE); - case SLC_IP: - setval(VINTR, SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT); - case SLC_ABORT: - setval(VQUIT, SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT); - case SLC_XON: -#ifdef VSTART - setval(VSTART, SLC_VARIABLE); -#else - defval(0x13); -#endif - case SLC_XOFF: -#ifdef VSTOP - setval(VSTOP, SLC_VARIABLE); -#else - defval(0x11); -#endif - case SLC_EW: -#ifdef VWERASE - setval(VWERASE, SLC_VARIABLE); -#else - defval(0); -#endif - case SLC_RP: -#ifdef VREPRINT - setval(VREPRINT, SLC_VARIABLE); -#else - defval(0); -#endif - case SLC_LNEXT: -#ifdef VLNEXT - setval(VLNEXT, SLC_VARIABLE); -#else - defval(0); -#endif - case SLC_AO: -#if !defined(VDISCARD) && defined(VFLUSHO) -# define VDISCARD VFLUSHO -#endif -#ifdef VDISCARD - setval(VDISCARD, SLC_VARIABLE|SLC_FLUSHOUT); -#else - defval(0); -#endif - case SLC_SUSP: -#ifdef VSUSP - setval(VSUSP, SLC_VARIABLE|SLC_FLUSHIN); -#else - defval(0); -#endif -#ifdef VEOL - case SLC_FORW1: - setval(VEOL, SLC_VARIABLE); -#endif -#ifdef VEOL2 - case SLC_FORW2: - setval(VEOL2, SLC_VARIABLE); -#endif - case SLC_AYT: -#ifdef VSTATUS - setval(VSTATUS, SLC_VARIABLE); -#else - defval(0); -#endif - - case SLC_BRK: - case SLC_SYNCH: - case SLC_EOR: - defval(0); - - default: - *valp = 0; - *valpp = 0; - return(SLC_NOSUPPORT); - } -} -#endif /* USE_TERMIO */ - -#ifdef CRAY -/* - * getnpty() - * - * Return the number of pty's configured into the system. - */ - int -getnpty() -{ -#ifdef _SC_CRAY_NPTY - int numptys; - - if ((numptys = sysconf(_SC_CRAY_NPTY)) != -1) - return numptys; - else -#endif /* _SC_CRAY_NPTY */ - return 128; -} -#endif /* CRAY */ - -#ifndef convex -/* - * getpty() - * - * Allocate a pty. As a side effect, the external character - * array "line" contains the name of the slave side. - * - * Returns the file descriptor of the opened pty. - */ -#ifdef CRAY -char myline[16]; -#else -/* -char line[16]; -*/ -#endif /* CRAY */ - - int -getpty(ptynum) -int *ptynum; -{ - register int p; -#ifdef STREAMSPTY - int t; - char *ptsname(); - - p = open("/dev/ptmx", 2); - if (p > 0) { - grantpt(p); - unlockpt(p); - strcpy(line, ptsname(p)); - return(p); - } - -#else /* ! STREAMSPTY */ -#ifndef CRAY - register char *cp, *p1, *p2; - register int i; -#if defined(sun) && defined(TIOCGPGRP) && BSD < 199207 - int dummy; -#endif - -#ifndef __hpux - (void) strcpy(line, _PATH_DEV); - (void) strcat(line, "ptyXX"); - p1 = &line[8]; - p2 = &line[9]; -#else - (void) strcpy(line, "/dev/ptym/ptyXX"); - p1 = &line[13]; - p2 = &line[14]; -#endif - - for (cp = "pqrsPQRS"; *cp; cp++) { - struct stat stb; - - *p1 = *cp; - *p2 = '0'; - /* - * This stat() check is just to keep us from - * looping through all 256 combinations if there - * aren't that many ptys available. - */ - if (stat(line, &stb) < 0) - break; - for (i = 0; i < 32; i++) { - *p2 = "0123456789abcdefghijklmnopqrstuv"[i]; - p = open(line, 2); - if (p > 0) { -#ifndef __hpux - line[5] = 't'; -#else - for (p1 = &line[8]; *p1; p1++) - *p1 = *(p1+1); - line[9] = 't'; -#endif - chown(line, 0, 0); - chmod(line, 0600); -#if defined(sun) && defined(TIOCGPGRP) && BSD < 199207 - if (ioctl(p, TIOCGPGRP, &dummy) == 0 - || errno != EIO) { - chmod(line, 0666); - close(p); - line[5] = 'p'; - } else -#endif /* defined(sun) && defined(TIOCGPGRP) && BSD < 199207 */ - return(p); - } - } - } -#else /* CRAY */ - extern lowpty, highpty; - struct stat sb; - - for (*ptynum = lowpty; *ptynum <= highpty; (*ptynum)++) { - (void) sprintf(myline, "%spty/%03d", _PATH_DEV, *ptynum); - p = open(myline, 2); - if (p < 0) - continue; - (void) sprintf(line, "/dev/ttyp%03d", *ptynum); - /* - * Here are some shenanigans to make sure that there - * are no listeners lurking on the line. - */ - if(stat(line, &sb) < 0) { - (void) close(p); - continue; - } - if(sb.st_uid || sb.st_gid || sb.st_mode != 0600) { - chown(line, 0, 0); - chmod(line, 0600); - (void)close(p); - p = open(myline, 2); - if (p < 0) - continue; - } - /* - * Now it should be safe...check for accessability. - */ - if (access(line, 6) == 0) - return(p); - else { - /* no tty side to pty so skip it */ - (void) close(p); - } - } -#endif /* CRAY */ -#endif /* STREAMSPTY */ - return(-1); -} -#endif /* convex */ - -#ifdef LINEMODE -/* - * tty_flowmode() Find out if flow control is enabled or disabled. - * tty_linemode() Find out if linemode (external processing) is enabled. - * tty_setlinemod(on) Turn on/off linemode. - * tty_isecho() Find out if echoing is turned on. - * tty_setecho(on) Enable/disable character echoing. - * tty_israw() Find out if terminal is in RAW mode. - * tty_binaryin(on) Turn on/off BINARY on input. - * tty_binaryout(on) Turn on/off BINARY on output. - * tty_isediting() Find out if line editing is enabled. - * tty_istrapsig() Find out if signal trapping is enabled. - * tty_setedit(on) Turn on/off line editing. - * tty_setsig(on) Turn on/off signal trapping. - * tty_issofttab() Find out if tab expansion is enabled. - * tty_setsofttab(on) Turn on/off soft tab expansion. - * tty_islitecho() Find out if typed control chars are echoed literally - * tty_setlitecho() Turn on/off literal echo of control chars - * tty_tspeed(val) Set transmit speed to val. - * tty_rspeed(val) Set receive speed to val. - */ - -#ifdef convex -static int linestate; -#endif - - int -tty_linemode() -{ -#ifndef convex -#ifndef USE_TERMIO - return(termbuf.state & TS_EXTPROC); -#else - return(termbuf.c_lflag & EXTPROC); -#endif -#else - return(linestate); -#endif -} - - void -tty_setlinemode(on) - int on; -{ -#ifdef TIOCEXT -# ifndef convex - set_termbuf(); -# else - linestate = on; -# endif - (void) ioctl(pty, TIOCEXT, (char *)&on); -# ifndef convex - init_termbuf(); -# endif -#else /* !TIOCEXT */ -# ifdef EXTPROC - if (on) - termbuf.c_lflag |= EXTPROC; - else - termbuf.c_lflag &= ~EXTPROC; -# endif -#endif /* TIOCEXT */ -} -#endif /* LINEMODE */ - - int -tty_isecho() -{ -#ifndef USE_TERMIO - return (termbuf.sg.sg_flags & ECHO); -#else - return (termbuf.c_lflag & ECHO); -#endif -} - - int -tty_flowmode() -{ -#ifndef USE_TERMIO - return(((termbuf.tc.t_startc) > 0 && (termbuf.tc.t_stopc) > 0) ? 1 : 0); -#else - return((termbuf.c_iflag & IXON) ? 1 : 0); -#endif -} - - int -tty_restartany() -{ -#ifndef USE_TERMIO -# ifdef DECCTQ - return((termbuf.lflags & DECCTQ) ? 0 : 1); -# else - return(-1); -# endif -#else - return((termbuf.c_iflag & IXANY) ? 1 : 0); -#endif -} - - void -tty_setecho(on) - int on; -{ -#ifndef USE_TERMIO - if (on) - termbuf.sg.sg_flags |= ECHO|CRMOD; - else - termbuf.sg.sg_flags &= ~(ECHO|CRMOD); -#else - if (on) - termbuf.c_lflag |= ECHO; - else - termbuf.c_lflag &= ~ECHO; -#endif -} - - int -tty_israw() -{ -#ifndef USE_TERMIO - return(termbuf.sg.sg_flags & RAW); -#else - return(!(termbuf.c_lflag & ICANON)); -#endif -} - -#if defined (AUTHENTICATION) && defined(NO_LOGIN_F) && defined(LOGIN_R) - int -tty_setraw(on) -{ -# ifndef USE_TERMIO - if (on) - termbuf.sg.sg_flags |= RAW; - else - termbuf.sg.sg_flags &= ~RAW; -# else - if (on) - termbuf.c_lflag &= ~ICANON; - else - termbuf.c_lflag |= ICANON; -# endif -} -#endif - - void -tty_binaryin(on) - int on; -{ -#ifndef USE_TERMIO - if (on) - termbuf.lflags |= LPASS8; - else - termbuf.lflags &= ~LPASS8; -#else - if (on) { - termbuf.c_iflag &= ~ISTRIP; - } else { - termbuf.c_iflag |= ISTRIP; - } -#endif -} - - void -tty_binaryout(on) - int on; -{ -#ifndef USE_TERMIO - if (on) - termbuf.lflags |= LLITOUT; - else - termbuf.lflags &= ~LLITOUT; -#else - if (on) { - termbuf.c_cflag &= ~(CSIZE|PARENB); - termbuf.c_cflag |= CS8; - termbuf.c_oflag &= ~OPOST; - } else { - termbuf.c_cflag &= ~CSIZE; - termbuf.c_cflag |= CS7|PARENB; - termbuf.c_oflag |= OPOST; - } -#endif -} - - int -tty_isbinaryin() -{ -#ifndef USE_TERMIO - return(termbuf.lflags & LPASS8); -#else - return(!(termbuf.c_iflag & ISTRIP)); -#endif -} - - int -tty_isbinaryout() -{ -#ifndef USE_TERMIO - return(termbuf.lflags & LLITOUT); -#else - return(!(termbuf.c_oflag&OPOST)); -#endif -} - -#ifdef LINEMODE - int -tty_isediting() -{ -#ifndef USE_TERMIO - return(!(termbuf.sg.sg_flags & (CBREAK|RAW))); -#else - return(termbuf.c_lflag & ICANON); -#endif -} - - int -tty_istrapsig() -{ -#ifndef USE_TERMIO - return(!(termbuf.sg.sg_flags&RAW)); -#else - return(termbuf.c_lflag & ISIG); -#endif -} - - void -tty_setedit(on) - int on; -{ -#ifndef USE_TERMIO - if (on) - termbuf.sg.sg_flags &= ~CBREAK; - else - termbuf.sg.sg_flags |= CBREAK; -#else - if (on) - termbuf.c_lflag |= ICANON; - else - termbuf.c_lflag &= ~ICANON; -#endif -} - - void -tty_setsig(on) - int on; -{ -#ifndef USE_TERMIO - if (on) - ; -#else - if (on) - termbuf.c_lflag |= ISIG; - else - termbuf.c_lflag &= ~ISIG; -#endif -} -#endif /* LINEMODE */ - - int -tty_issofttab() -{ -#ifndef USE_TERMIO - return (termbuf.sg.sg_flags & XTABS); -#else -# ifdef OXTABS - return (termbuf.c_oflag & OXTABS); -# endif -# ifdef TABDLY - return ((termbuf.c_oflag & TABDLY) == TAB3); -# endif -#endif -} - - void -tty_setsofttab(on) - int on; -{ -#ifndef USE_TERMIO - if (on) - termbuf.sg.sg_flags |= XTABS; - else - termbuf.sg.sg_flags &= ~XTABS; -#else - if (on) { -# ifdef OXTABS - termbuf.c_oflag |= OXTABS; -# endif -# ifdef TABDLY - termbuf.c_oflag &= ~TABDLY; - termbuf.c_oflag |= TAB3; -# endif - } else { -# ifdef OXTABS - termbuf.c_oflag &= ~OXTABS; -# endif -# ifdef TABDLY - termbuf.c_oflag &= ~TABDLY; - termbuf.c_oflag |= TAB0; -# endif - } -#endif -} - - int -tty_islitecho() -{ -#ifndef USE_TERMIO - return (!(termbuf.lflags & LCTLECH)); -#else -# ifdef ECHOCTL - return (!(termbuf.c_lflag & ECHOCTL)); -# endif -# ifdef TCTLECH - return (!(termbuf.c_lflag & TCTLECH)); -# endif -# if !defined(ECHOCTL) && !defined(TCTLECH) - return (0); /* assumes ctl chars are echoed '^x' */ -# endif -#endif -} - - void -tty_setlitecho(on) - int on; -{ -#ifndef USE_TERMIO - if (on) - termbuf.lflags &= ~LCTLECH; - else - termbuf.lflags |= LCTLECH; -#else -# ifdef ECHOCTL - if (on) - termbuf.c_lflag &= ~ECHOCTL; - else - termbuf.c_lflag |= ECHOCTL; -# endif -# ifdef TCTLECH - if (on) - termbuf.c_lflag &= ~TCTLECH; - else - termbuf.c_lflag |= TCTLECH; -# endif -#endif -} - - int -tty_iscrnl() -{ -#ifndef USE_TERMIO - return (termbuf.sg.sg_flags & CRMOD); -#else - return (termbuf.c_iflag & ICRNL); -#endif -} - -/* - * Try to guess whether speeds are "encoded" (4.2BSD) or just numeric (4.4BSD). - */ -#if B4800 != 4800 -#define DECODE_BAUD -#endif - -#ifdef DECODE_BAUD -/* - * A table of available terminal speeds - */ -struct termspeeds { - int speed; - int value; -} termspeeds[] = { - { 0, B0 }, { 50, B50 }, { 75, B75 }, - { 110, B110 }, { 134, B134 }, { 150, B150 }, - { 200, B200 }, { 300, B300 }, { 600, B600 }, - { 1200, B1200 }, { 1800, B1800 }, { 2400, B2400 }, - { 4800, B4800 }, { 9600, B9600 }, { 19200, B9600 }, - { 38400, B9600 }, { -1, B9600 } -}; -#endif /* DECODE_BAUD */ - - void -tty_tspeed(val) - int val; -{ -#ifdef DECODE_BAUD - register struct termspeeds *tp; - - for (tp = termspeeds; (tp->speed != -1) && (val > tp->speed); tp++) - ; - cfsetospeed(&termbuf, tp->value); -#else /* DECODE_BAUD */ - cfsetospeed(&termbuf, val); -#endif /* DECODE_BAUD */ -} - - void -tty_rspeed(val) - int val; -{ -#ifdef DECODE_BAUD - register struct termspeeds *tp; - - for (tp = termspeeds; (tp->speed != -1) && (val > tp->speed); tp++) - ; - cfsetispeed(&termbuf, tp->value); -#else /* DECODE_BAUD */ - cfsetispeed(&termbuf, val); -#endif /* DECODE_BAUD */ -} - -#if defined(CRAY2) && defined(UNICOS5) - int -tty_isnewmap() -{ - return((termbuf.c_oflag & OPOST) && (termbuf.c_oflag & ONLCR) && - !(termbuf.c_oflag & ONLRET)); -} -#endif - -#ifdef PARENT_DOES_UTMP -# ifndef NEWINIT -extern struct utmp wtmp; -extern char wtmpf[]; -# else /* NEWINIT */ -int gotalarm; - - /* ARGSUSED */ - void -nologinproc(sig) - int sig; -{ - gotalarm++; -} -# endif /* NEWINIT */ -#endif /* PARENT_DOES_UTMP */ - -#ifndef NEWINIT -# ifdef PARENT_DOES_UTMP -extern void utmp_sig_init P((void)); -extern void utmp_sig_reset P((void)); -extern void utmp_sig_wait P((void)); -extern void utmp_sig_notify P((int)); -# endif /* PARENT_DOES_UTMP */ -#endif - -/* - * getptyslave() - * - * Open the slave side of the pty, and do any initialization - * that is necessary. - */ - void -getptyslave() -{ - register int t = -1; - char erase; - -#if !defined(CRAY) || !defined(NEWINIT) -# ifdef LINEMODE - int waslm; -# endif -# ifdef TIOCGWINSZ - struct winsize ws; - extern int def_row, def_col; -# endif - extern int def_tspeed, def_rspeed; - /* - * Opening the slave side may cause initilization of the - * kernel tty structure. We need remember the state of - * if linemode was turned on - * terminal window size - * terminal speed - * erase character - * so that we can re-set them if we need to. - */ -# ifdef LINEMODE - waslm = tty_linemode(); -# endif - erase = termbuf.c_cc[VERASE]; - - /* - * Make sure that we don't have a controlling tty, and - * that we are the session (process group) leader. - */ -# ifdef TIOCNOTTY - t = open(_PATH_TTY, O_RDWR); - if (t >= 0) { - (void) ioctl(t, TIOCNOTTY, (char *)0); - (void) close(t); - } -# endif - - -# ifdef PARENT_DOES_UTMP - /* - * Wait for our parent to get the utmp stuff to get done. - */ - utmp_sig_wait(); -# endif - - t = cleanopen(line); - if (t < 0) - fatalperror(net, line); - -#ifdef STREAMSPTY -#ifdef USE_TERMIO - ttyfd = t; -#endif - if (ioctl(t, I_PUSH, "ptem") < 0) - fatal(net, "I_PUSH ptem"); - if (ioctl(t, I_PUSH, "ldterm") < 0) - fatal(net, "I_PUSH ldterm"); - if (ioctl(t, I_PUSH, "ttcompat") < 0) - fatal(net, "I_PUSH ttcompat"); - if (ioctl(pty, I_PUSH, "pckt") < 0) - fatal(net, "I_PUSH pckt"); -#endif - - /* - * set up the tty modes as we like them to be. - */ - init_termbuf(); -# ifdef TIOCGWINSZ - if (def_row || def_col) { - bzero((char *)&ws, sizeof(ws)); - ws.ws_col = def_col; - ws.ws_row = def_row; - (void)ioctl(t, TIOCSWINSZ, (char *)&ws); - } -# endif - - /* - * Settings for sgtty based systems - */ -# ifndef USE_TERMIO - termbuf.sg.sg_flags |= CRMOD|ANYP|ECHO|XTABS; -# endif /* USE_TERMIO */ - - /* - * Settings for UNICOS (and HPUX) - */ -# if defined(CRAY) || defined(__hpux) - termbuf.c_oflag = OPOST|ONLCR|TAB3; - termbuf.c_iflag = IGNPAR|ISTRIP|ICRNL|IXON; - termbuf.c_lflag = ISIG|ICANON|ECHO|ECHOE|ECHOK; - termbuf.c_cflag = EXTB|HUPCL|CS8; -# endif - - /* - * Settings for all other termios/termio based - * systems, other than 4.4BSD. In 4.4BSD the - * kernel does the initial terminal setup. - */ -# if defined(USE_TERMIO) && !(defined(CRAY) || defined(__hpux)) && (BSD <= 43) -# ifndef OXTABS -# define OXTABS 0 -# endif - termbuf.c_lflag |= ECHO; - termbuf.c_oflag |= ONLCR|OXTABS; - termbuf.c_iflag |= ICRNL; - termbuf.c_iflag &= ~IXOFF; -# endif /* defined(USE_TERMIO) && !defined(CRAY) && (BSD <= 43) */ - tty_rspeed((def_rspeed > 0) ? def_rspeed : 9600); - tty_tspeed((def_tspeed > 0) ? def_tspeed : 9600); - if (erase) - termbuf.c_cc[VERASE] = erase; -# ifdef LINEMODE - if (waslm) - tty_setlinemode(1); -# endif /* LINEMODE */ - - /* - * Set the tty modes, and make this our controlling tty. - */ - set_termbuf(); - if (login_tty(t) == -1) - fatalperror(net, "login_tty"); -#endif /* !defined(CRAY) || !defined(NEWINIT) */ - if (net > 2) - (void) close(net); -#if defined(AUTHENTICATION) && defined(NO_LOGIN_F) && defined(LOGIN_R) - /* - * Leave the pty open so that we can write out the rlogin - * protocol for /bin/login, if the authentication works. - */ -#else - if (pty > 2) { - (void) close(pty); - pty = -1; - } -#endif -} - -#if !defined(CRAY) || !defined(NEWINIT) -#ifndef O_NOCTTY -#define O_NOCTTY 0 -#endif -/* - * Open the specified slave side of the pty, - * making sure that we have a clean tty. - */ - int -cleanopen(line) - char *line; -{ - register int t; -#if defined(_SC_CRAY_SECURE_SYS) - struct secstat secbuf; -#endif /* _SC_CRAY_SECURE_SYS */ - -#ifndef STREAMSPTY - /* - * Make sure that other people can't open the - * slave side of the connection. - */ - (void) chown(line, 0, 0); - (void) chmod(line, 0600); -#endif - -# if !defined(CRAY) && (BSD > 43) - (void) revoke(line); -# endif -#if defined(_SC_CRAY_SECURE_SYS) - if (secflag) { - if (secstat(line, &secbuf) < 0) - return(-1); - if (setulvl(secbuf.st_slevel) < 0) - return(-1); - if (setucmp(secbuf.st_compart) < 0) - return(-1); - } -#endif /* _SC_CRAY_SECURE_SYS */ - - t = open(line, O_RDWR|O_NOCTTY); - -#if defined(_SC_CRAY_SECURE_SYS) - if (secflag) { - if (setulvl(sysv.sy_minlvl) < 0) - return(-1); - if (setucmp(0) < 0) - return(-1); - } -#endif /* _SC_CRAY_SECURE_SYS */ - - if (t < 0) - return(-1); - - /* - * Hangup anybody else using this ttyp, then reopen it for - * ourselves. - */ -# if !(defined(CRAY) || defined(__hpux)) && (BSD <= 43) && !defined(STREAMSPTY) - (void) signal(SIGHUP, SIG_IGN); - vhangup(); - (void) signal(SIGHUP, SIG_DFL); - t = open(line, O_RDWR|O_NOCTTY); - if (t < 0) - return(-1); -# endif -# if defined(CRAY) && defined(TCVHUP) - { - register int i; - (void) signal(SIGHUP, SIG_IGN); - (void) ioctl(t, TCVHUP, (char *)0); - (void) signal(SIGHUP, SIG_DFL); - setpgrp(); - -#if defined(_SC_CRAY_SECURE_SYS) - if (secflag) { - if (secstat(line, &secbuf) < 0) - return(-1); - if (setulvl(secbuf.st_slevel) < 0) - return(-1); - if (setucmp(secbuf.st_compart) < 0) - return(-1); - } -#endif /* _SC_CRAY_SECURE_SYS */ - - i = open(line, O_RDWR); - -#if defined(_SC_CRAY_SECURE_SYS) - if (secflag) { - if (setulvl(sysv.sy_minlvl) < 0) - return(-1); - if (setucmp(0) < 0) - return(-1); - } -#endif /* _SC_CRAY_SECURE_SYS */ - - if (i < 0) - return(-1); - (void) close(t); - t = i; - } -# endif /* defined(CRAY) && defined(TCVHUP) */ - return(t); -} -#endif /* !defined(CRAY) || !defined(NEWINIT) */ - -#if BSD <= 43 - - int -login_tty(t) - int t; -{ - if (setsid() < 0) { -#ifdef ultrix - /* - * The setsid() may have failed because we - * already have a pgrp == pid. Zero out - * our pgrp and try again... - */ - if ((setpgrp(0, 0) < 0) || (setsid() < 0)) -#endif - fatalperror(net, "setsid()"); - } -# ifdef TIOCSCTTY - if (ioctl(t, TIOCSCTTY, (char *)0) < 0) - fatalperror(net, "ioctl(sctty)"); -# if defined(CRAY) - /* - * Close the hard fd to /dev/ttypXXX, and re-open through - * the indirect /dev/tty interface. - */ - close(t); - if ((t = open(_PATH_TTY, O_RDWR)) < 0) - fatalperror(net, "open(/dev/tty)"); -# endif -# else - /* - * We get our controlling tty assigned as a side-effect - * of opening up a tty device. But on BSD based systems, - * this only happens if our process group is zero. The - * setsid() call above may have set our pgrp, so clear - * it out before opening the tty... - */ - (void) setpgrp(0, 0); - close(open(line, O_RDWR)); -# endif - if (t != 0) - (void) dup2(t, 0); - if (t != 1) - (void) dup2(t, 1); - if (t != 2) - (void) dup2(t, 2); - if (t > 2) - close(t); - return(0); -} -#endif /* BSD <= 43 */ - -#ifdef NEWINIT -char *gen_id = "fe"; -#endif - -/* - * startslave(host) - * - * Given a hostname, do whatever - * is necessary to startup the login process on the slave side of the pty. - */ - -/* ARGSUSED */ - void -startslave(host, autologin, autoname) - char *host; - int autologin; - char *autoname; -{ - register int i; -#ifdef NEWINIT - extern char *ptyip; - struct init_request request; - void nologinproc(); - register int n; -#endif /* NEWINIT */ - -#if defined(AUTHENTICATION) - if (!autoname || !autoname[0]) - autologin = 0; - - if (autologin < auth_level) { - fatal(net, "Authorization failed"); - exit(1); - } -#endif - -#ifndef NEWINIT -# ifdef PARENT_DOES_UTMP - utmp_sig_init(); -# endif /* PARENT_DOES_UTMP */ - - if ((i = fork()) < 0) - fatalperror(net, "fork"); - if (i) { -# ifdef PARENT_DOES_UTMP - /* - * Cray parent will create utmp entry for child and send - * signal to child to tell when done. Child waits for signal - * before doing anything important. - */ - register int pid = i; - void sigjob P((int)); - - setpgrp(); - utmp_sig_reset(); /* reset handler to default */ - /* - * Create utmp entry for child - */ - (void) time(&wtmp.ut_time); - wtmp.ut_type = LOGIN_PROCESS; - wtmp.ut_pid = pid; - SCPYN(wtmp.ut_user, "LOGIN"); - SCPYN(wtmp.ut_host, host); - SCPYN(wtmp.ut_line, line + sizeof(_PATH_DEV) - 1); -#ifndef __hpux - SCPYN(wtmp.ut_id, wtmp.ut_line+3); -#else - SCPYN(wtmp.ut_id, wtmp.ut_line+7); -#endif - pututline(&wtmp); - endutent(); - if ((i = open(wtmpf, O_WRONLY|O_APPEND)) >= 0) { - (void) write(i, (char *)&wtmp, sizeof(struct utmp)); - (void) close(i); - } -#ifdef CRAY - (void) signal(WJSIGNAL, sigjob); -#endif - utmp_sig_notify(pid); -# endif /* PARENT_DOES_UTMP */ - } else { - getptyslave(autologin); - start_login(host, autologin, autoname); - /*NOTREACHED*/ - } -#else /* NEWINIT */ - - /* - * Init will start up login process if we ask nicely. We only wait - * for it to start up and begin normal telnet operation. - */ - if ((i = open(INIT_FIFO, O_WRONLY)) < 0) { - char tbuf[128]; - (void) snprintf(tbuf, sizeof(tbuf), "Can't open %s\n", INIT_FIFO); - fatalperror(net, tbuf); - } - memset((char *)&request, 0, sizeof(request)); - request.magic = INIT_MAGIC; - SCPYN(request.gen_id, gen_id); - SCPYN(request.tty_id, &line[8]); - SCPYN(request.host, host); - SCPYN(request.term_type, terminaltype ? terminaltype : "network"); -#if !defined(UNICOS5) - request.signal = SIGCLD; - request.pid = getpid(); -#endif -#ifdef BFTPDAEMON - /* - * Are we working as the bftp daemon? - */ - if (bftpd) { - SCPYN(request.exec_name, BFTPPATH); - } -#endif /* BFTPDAEMON */ - if (write(i, (char *)&request, sizeof(request)) < 0) { - char tbuf[128]; - (void) snprintf(tbuf, sizeof(tbuf), "Can't write to %s\n", INIT_FIFO); - fatalperror(net, tbuf); - } - (void) close(i); - (void) signal(SIGALRM, nologinproc); - for (i = 0; ; i++) { - char tbuf[128]; - alarm(15); - n = read(pty, ptyip, BUFSIZ); - if (i == 3 || n >= 0 || !gotalarm) - break; - gotalarm = 0; - snprintf(tbuf, sizeof(tbuf), "telnetd: waiting for /etc/init to start login process on %s\r\n", line); - (void) write(net, tbuf, strlen(tbuf)); - } - if (n < 0 && gotalarm) - fatal(net, "/etc/init didn't start login process"); - pcc += n; - alarm(0); - (void) signal(SIGALRM, SIG_DFL); - - return; -#endif /* NEWINIT */ -} - -char *envinit[3]; -extern char **environ; - - void -init_env() -{ - extern char *getenv(); - char **envp; - - envp = envinit; - if ((*envp = getenv("TZ"))) - *envp++ -= 3; -#if defined(CRAY) || defined(__hpux) - else - *envp++ = "TZ=GMT0"; -#endif - *envp = 0; - environ = envinit; -} - -#ifndef NEWINIT - -/* - * start_login(host) - * - * Assuming that we are now running as a child processes, this - * function will turn us into the login process. - */ - - void -start_login(host, autologin, name) - char *host; - int autologin; - char *name; -{ - register char **argv; - char **addarg(); - extern char *getenv(); -#ifdef UTMPX - register int pid = getpid(); - struct utmpx utmpx; -#endif -#ifdef SOLARIS - char *term; - char termbuf[64]; -#endif - -#ifdef UTMPX - /* - * Create utmp entry for child - */ - - bzero(&utmpx, sizeof(utmpx)); - SCPYN(utmpx.ut_user, ".telnet"); - SCPYN(utmpx.ut_line, line + sizeof(_PATH_DEV) - 1); - utmpx.ut_pid = pid; - utmpx.ut_id[0] = 't'; - utmpx.ut_id[1] = 'n'; - utmpx.ut_id[2] = SC_WILDC; - utmpx.ut_id[3] = SC_WILDC; - utmpx.ut_type = LOGIN_PROCESS; - (void) time(&utmpx.ut_tv.tv_sec); - if (makeutx(&utmpx) == NULL) - fatal(net, "makeutx failed"); -#endif - - scrub_env(); - - /* - * -h : pass on name of host. - * WARNING: -h is accepted by login if and only if - * getuid() == 0. - * -p : don't clobber the environment (so terminal type stays set). - * - * -f : force this login, he has already been authenticated - */ - argv = addarg(0, "login"); - -#if !defined(NO_LOGIN_H) - -# if defined (AUTHENTICATION) && defined(NO_LOGIN_F) && defined(LOGIN_R) - /* - * Don't add the "-h host" option if we are going - * to be adding the "-r host" option down below... - */ - if ((auth_level < 0) || (autologin != AUTH_VALID)) -# endif - { - argv = addarg(argv, "-h"); - argv = addarg(argv, host); -#ifdef SOLARIS - /* - * SVR4 version of -h takes TERM= as second arg, or - - */ - term = getenv("TERM"); - if (term == NULL || term[0] == 0) { - term = "-"; - } else { - strcpy(termbuf, "TERM="); - strncat(termbuf, term, sizeof(termbuf) - 6); - term = termbuf; - } - argv = addarg(argv, term); -#endif - } -#endif -#if !defined(NO_LOGIN_P) - argv = addarg(argv, "-p"); -#endif -#ifdef BFTPDAEMON - /* - * Are we working as the bftp daemon? If so, then ask login - * to start bftp instead of shell. - */ - if (bftpd) { - argv = addarg(argv, "-e"); - argv = addarg(argv, BFTPPATH); - } else -#endif -#if defined (SecurID) - /* - * don't worry about the -f that might get sent. - * A -s is supposed to override it anyhow. - */ - if (require_SecurID) - argv = addarg(argv, "-s"); -#endif -#if defined (AUTHENTICATION) - if (auth_level >= 0 && autologin == AUTH_VALID) { -# if !defined(NO_LOGIN_F) - argv = addarg(argv, "-f"); - argv = addarg(argv, "--"); - argv = addarg(argv, name); -# else -# if defined(LOGIN_R) - /* - * We don't have support for "login -f", but we - * can fool /bin/login into thinking that we are - * rlogind, and allow us to log in without a - * password. The rlogin protocol expects - * local-user\0remote-user\0term/speed\0 - */ - - if (pty > 2) { - register char *cp; - char speed[128]; - int isecho, israw, xpty, len; - extern int def_rspeed; -# ifndef LOGIN_HOST - /* - * Tell login that we are coming from "localhost". - * If we passed in the real host name, then the - * user would have to allow .rhost access from - * every machine that they want authenticated - * access to work from, which sort of defeats - * the purpose of an authenticated login... - * So, we tell login that the session is coming - * from "localhost", and the user will only have - * to have "localhost" in their .rhost file. - */ -# define LOGIN_HOST "localhost" -# endif - argv = addarg(argv, "-r"); - argv = addarg(argv, LOGIN_HOST); - - xpty = pty; -# ifndef STREAMSPTY - pty = 0; -# else - ttyfd = 0; -# endif - init_termbuf(); - isecho = tty_isecho(); - israw = tty_israw(); - if (isecho || !israw) { - tty_setecho(0); /* Turn off echo */ - tty_setraw(1); /* Turn on raw */ - set_termbuf(); - } - len = strlen(name)+1; - write(xpty, name, len); - write(xpty, name, len); - snprintf(speed, sizeof(speed), - "%s/%d", (cp = getenv("TERM")) ? cp : "", - (def_rspeed > 0) ? def_rspeed : 9600); - len = strlen(speed)+1; - write(xpty, speed, len); - - if (isecho || !israw) { - init_termbuf(); - tty_setecho(isecho); - tty_setraw(israw); - set_termbuf(); - if (!israw) { - /* - * Write a newline to ensure - * that login will be able to - * read the line... - */ - write(xpty, "\n", 1); - } - } - pty = xpty; - } -# else - argv = addarg(argv, "--"); - argv = addarg(argv, name); -# endif -# endif - } else -#endif - if (getenv("USER")) { - argv = addarg(argv, "--"); - argv = addarg(argv, getenv("USER")); -#if defined(LOGIN_ARGS) && defined(NO_LOGIN_P) - { - register char **cpp; - for (cpp = environ; *cpp; cpp++) - argv = addarg(argv, *cpp); - } -#endif - /* - * Assume that login will set the USER variable - * correctly. For SysV systems, this means that - * USER will no longer be set, just LOGNAME by - * login. (The problem is that if the auto-login - * fails, and the user then specifies a different - * account name, he can get logged in with both - * LOGNAME and USER in his environment, but the - * USER value will be wrong. - */ - unsetenv("USER"); - } -#if defined(AUTHENTICATION) && defined(NO_LOGIN_F) && defined(LOGIN_R) - if (pty > 2) - close(pty); -#endif - closelog(); - - if (altlogin == NULL) { - altlogin = _PATH_LOGIN; - } - execv(altlogin, argv); - - syslog(LOG_ERR, "%s: %m", altlogin); - fatalperror(net, altlogin); - /*NOTREACHED*/ -} - - char ** -addarg(argv, val) - register char **argv; - register char *val; -{ - register char **cpp; - - if (argv == NULL) { - /* - * 10 entries, a leading length, and a null - */ - argv = (char **)malloc(sizeof(*argv) * 12); - if (argv == NULL) - return(NULL); - *argv++ = (char *)10; - *argv = (char *)0; - } - for (cpp = argv; *cpp; cpp++) - ; - if (cpp == &argv[(long)argv[-1]]) { - --argv; - *argv = (char *)((long)(*argv) + 10); - argv = (char **)realloc(argv, sizeof(*argv) * ((long)(*argv) + 2)); - if (argv == NULL) - return(NULL); - argv++; - cpp = &argv[(long)argv[-1] - 10]; - } - *cpp++ = val; - *cpp = 0; - return(argv); -} -#endif /* NEWINIT */ - -/* - * scrub_env() - * - * We only accept the environment variables listed below. - */ - void -scrub_env() -{ - static const char *reject[] = { - "TERMCAP=/", - NULL - }; - - static const char *accept[] = { - "XAUTH=", "XAUTHORITY=", "DISPLAY=", - "TERM=", - "EDITOR=", - "PAGER=", - "LOGNAME=", - "POSIXLY_CORRECT=", - "PRINTER=", - NULL - }; - - char **cpp, **cpp2; - const char **p; - - for (cpp2 = cpp = environ; *cpp; cpp++) { - int reject_it = 0; - - for(p = reject; *p; p++) - if(strncmp(*cpp, *p, strlen(*p)) == 0) { - reject_it = 1; - break; - } - if (reject_it) - continue; - - for(p = accept; *p; p++) - if(strncmp(*cpp, *p, strlen(*p)) == 0) - break; - if(*p != NULL) - *cpp2++ = *cpp; - } - *cpp2 = NULL; -} - -/* - * cleanup() - * - * This is the routine to call when we are all through, to - * clean up anything that needs to be cleaned up. - */ - /* ARGSUSED */ - void -cleanup(sig) - int sig; -{ -#ifndef PARENT_DOES_UTMP -# if (BSD > 43) || defined(convex) - char *p; - - p = line + sizeof(_PATH_DEV) - 1; - if (logout(p)) - logwtmp(p, "", ""); - (void)chmod(line, 0666); - (void)chown(line, 0, 0); - *p = 'p'; - (void)chmod(line, 0666); - (void)chown(line, 0, 0); - (void) shutdown(net, 2); - exit(1); -# else - void rmut(); - - rmut(); - vhangup(); /* XXX */ - (void) shutdown(net, 2); - exit(1); -# endif -#else /* PARENT_DOES_UTMP */ -# ifdef NEWINIT - (void) shutdown(net, 2); - exit(1); -# else /* NEWINIT */ -# ifdef CRAY - static int incleanup = 0; - register int t; - - /* - * 1: Pick up the zombie, if we are being called - * as the signal handler. - * 2: If we are a nested cleanup(), return. - * 3: Try to clean up TMPDIR. - * 4: Fill in utmp with shutdown of process. - * 5: Close down the network and pty connections. - * 6: Finish up the TMPDIR cleanup, if needed. - */ - if (sig == SIGCHLD) - while (waitpid(-1, 0, WNOHANG) > 0) - ; /* VOID */ - t = sigblock(sigmask(SIGCHLD)); - if (incleanup) { - sigsetmask(t); - return; - } - incleanup = 1; - sigsetmask(t); - if (secflag) { - /* - * We need to set ourselves back to a null - * label to clean up. - */ - - setulvl(sysv.sy_minlvl); - setucmp((long)0); - } - - t = cleantmp(&wtmp); - setutent(); /* just to make sure */ -# endif /* CRAY */ - rmut(line); - close(pty); - (void) shutdown(net, 2); -# ifdef CRAY - if (t == 0) - cleantmp(&wtmp); -# endif /* CRAY */ - exit(1); -# endif /* NEWINT */ -#endif /* PARENT_DOES_UTMP */ -} - -#if defined(PARENT_DOES_UTMP) && !defined(NEWINIT) -/* - * _utmp_sig_rcv - * utmp_sig_init - * utmp_sig_wait - * These three functions are used to coordinate the handling of - * the utmp file between the server and the soon-to-be-login shell. - * The server actually creates the utmp structure, the child calls - * utmp_sig_wait(), until the server calls utmp_sig_notify() and - * signals the future-login shell to proceed. - */ -static int caught=0; /* NZ when signal intercepted */ -static void (*func)(); /* address of previous handler */ - - void -_utmp_sig_rcv(sig) - int sig; -{ - caught = 1; - (void) signal(SIGUSR1, func); -} - - void -utmp_sig_init() -{ - /* - * register signal handler for UTMP creation - */ - if ((int)(func = signal(SIGUSR1, _utmp_sig_rcv)) == -1) - fatalperror(net, "telnetd/signal"); -} - - void -utmp_sig_reset() -{ - (void) signal(SIGUSR1, func); /* reset handler to default */ -} - -# ifdef __hpux -# define sigoff() /* do nothing */ -# define sigon() /* do nothing */ -# endif - - void -utmp_sig_wait() -{ - /* - * Wait for parent to write our utmp entry. - */ - sigoff(); - while (caught == 0) { - pause(); /* wait until we get a signal (sigon) */ - sigoff(); /* turn off signals while we check caught */ - } - sigon(); /* turn on signals again */ -} - - void -utmp_sig_notify(pid) -{ - kill(pid, SIGUSR1); -} - -# ifdef CRAY -static int gotsigjob = 0; - - /*ARGSUSED*/ - void -sigjob(sig) - int sig; -{ - register int jid; - register struct jobtemp *jp; - - while ((jid = waitjob(NULL)) != -1) { - if (jid == 0) { - return; - } - gotsigjob++; - jobend(jid, NULL, NULL); - } -} - -/* - * Clean up the TMPDIR that login created. - * The first time this is called we pick up the info - * from the utmp. If the job has already gone away, - * then we'll clean up and be done. If not, then - * when this is called the second time it will wait - * for the signal that the job is done. - */ - int -cleantmp(wtp) - register struct utmp *wtp; -{ - struct utmp *utp; - static int first = 1; - register int mask, omask, ret; - extern struct utmp *getutid P((const struct utmp *_Id)); - - - mask = sigmask(WJSIGNAL); - - if (first == 0) { - omask = sigblock(mask); - while (gotsigjob == 0) - sigpause(omask); - return(1); - } - first = 0; - setutent(); /* just to make sure */ - - utp = getutid(wtp); - if (utp == 0) { - syslog(LOG_ERR, "can't get /etc/utmp entry to clean TMPDIR"); - return(-1); - } - /* - * Nothing to clean up if the user shell was never started. - */ - if (utp->ut_type != USER_PROCESS || utp->ut_jid == 0) - return(1); - - /* - * Block the WJSIGNAL while we are in jobend(). - */ - omask = sigblock(mask); - ret = jobend(utp->ut_jid, utp->ut_tpath, utp->ut_user); - sigsetmask(omask); - return(ret); -} - - int -jobend(jid, path, user) - register int jid; - register char *path; - register char *user; -{ - static int saved_jid = 0; - static char saved_path[sizeof(wtmp.ut_tpath)+1]; - static char saved_user[sizeof(wtmp.ut_user)+1]; - - if (path) { - strncpy(saved_path, path, sizeof(wtmp.ut_tpath)); - strncpy(saved_user, user, sizeof(wtmp.ut_user)); - saved_path[sizeof(saved_path)] = '\0'; - saved_user[sizeof(saved_user)] = '\0'; - } - if (saved_jid == 0) { - saved_jid = jid; - return(0); - } - cleantmpdir(jid, saved_path, saved_user); - return(1); -} - -/* - * Fork a child process to clean up the TMPDIR - */ -cleantmpdir(jid, tpath, user) - register int jid; - register char *tpath; - register char *user; -{ - switch(fork()) { - case -1: - syslog(LOG_ERR, "TMPDIR cleanup(%s): fork() failed: %m", - tpath); - break; - case 0: - execl(CLEANTMPCMD, CLEANTMPCMD, user, tpath, (char *)0); - syslog(LOG_ERR, "TMPDIR cleanup(%s): execl(%s) failed: %m", - tpath, CLEANTMPCMD); - exit(1); - default: - /* - * Forget about child. We will exit, and - * /etc/init will pick it up. - */ - break; - } -} -# endif /* CRAY */ -#endif /* defined(PARENT_DOES_UTMP) && !defined(NEWINIT) */ - -/* - * rmut() - * - * This is the function called by cleanup() to - * remove the utmp entry for this person. - */ - -#ifdef UTMPX - void -rmut() -{ - register f; - int found = 0; - struct utmp *u, *utmp; - int nutmp; - struct stat statbf; - - struct utmpx *utxp, utmpx; - - /* - * This updates the utmpx and utmp entries and make a wtmp/x entry - */ - - SCPYN(utmpx.ut_line, line + sizeof(_PATH_DEV) - 1); - utxp = getutxline(&utmpx); - if (utxp) { - utxp->ut_type = DEAD_PROCESS; - utxp->ut_exit.e_termination = 0; - utxp->ut_exit.e_exit = 0; - (void) time(&utmpx.ut_tv.tv_sec); - utmpx.ut_tv.tv_usec = 0; - modutx(utxp); - } - endutxent(); -} /* end of rmut */ -#endif - -#if !defined(UTMPX) && !(defined(CRAY) || defined(__hpux)) && BSD <= 43 - void -rmut() -{ - register f; - int found = 0; - struct utmp *u, *utmp; - int nutmp; - struct stat statbf; - - f = open(utmpf, O_RDWR); - if (f >= 0) { - (void) fstat(f, &statbf); - utmp = (struct utmp *)malloc((unsigned)statbf.st_size); - if (!utmp) - syslog(LOG_ERR, "utmp malloc failed"); - if (statbf.st_size && utmp) { - nutmp = read(f, (char *)utmp, (int)statbf.st_size); - nutmp /= sizeof(struct utmp); - - for (u = utmp ; u < &utmp[nutmp] ; u++) { - if (SCMPN(u->ut_line, line+5) || - u->ut_name[0]==0) - continue; - (void) lseek(f, ((long)u)-((long)utmp), L_SET); - SCPYN(u->ut_name, ""); - SCPYN(u->ut_host, ""); - (void) time(&u->ut_time); - (void) write(f, (char *)u, sizeof(wtmp)); - found++; - } - } - (void) close(f); - } - if (found) { - f = open(wtmpf, O_WRONLY|O_APPEND); - if (f >= 0) { - SCPYN(wtmp.ut_line, line+5); - SCPYN(wtmp.ut_name, ""); - SCPYN(wtmp.ut_host, ""); - (void) time(&wtmp.ut_time); - (void) write(f, (char *)&wtmp, sizeof(wtmp)); - (void) close(f); - } - } - (void) chmod(line, 0666); - (void) chown(line, 0, 0); - line[strlen(_PATH_DEV)] = 'p'; - (void) chmod(line, 0666); - (void) chown(line, 0, 0); -} /* end of rmut */ -#endif /* CRAY */ - -#ifdef __hpux -rmut (line) -char *line; -{ - struct utmp utmp; - struct utmp *utptr; - int fd; /* for /etc/wtmp */ - - utmp.ut_type = USER_PROCESS; - (void) strncpy(utmp.ut_id, line+12, sizeof(utmp.ut_id)); - (void) setutent(); - utptr = getutid(&utmp); - /* write it out only if it exists */ - if (utptr) { - utptr->ut_type = DEAD_PROCESS; - utptr->ut_time = time((long *) 0); - (void) pututline(utptr); - /* set wtmp entry if wtmp file exists */ - if ((fd = open(wtmpf, O_WRONLY | O_APPEND)) >= 0) { - (void) write(fd, utptr, sizeof(utmp)); - (void) close(fd); - } - } - (void) endutent(); - - (void) chmod(line, 0666); - (void) chown(line, 0, 0); - line[14] = line[13]; - line[13] = line[12]; - line[8] = 'm'; - line[9] = '/'; - line[10] = 'p'; - line[11] = 't'; - line[12] = 'y'; - (void) chmod(line, 0666); - (void) chown(line, 0, 0); -} -#endif diff --git a/telnetd.tproj/telnet.plist b/telnetd.tproj/telnet.plist deleted file mode 100644 index 1ef785b..0000000 --- a/telnetd.tproj/telnet.plist +++ /dev/null @@ -1,29 +0,0 @@ - - - - - Disabled - - Label - com.apple.telnetd - ProgramArguments - - /usr/libexec/telnetd - - inetdCompatibility - - Wait - - - Sockets - - Listeners - - SockServiceName - telnet - Bonjour - - - - - diff --git a/telnetd.tproj/telnetd.8 b/telnetd.tproj/telnetd.8 deleted file mode 100644 index 90b448a..0000000 --- a/telnetd.tproj/telnetd.8 +++ /dev/null @@ -1,631 +0,0 @@ -.\" Copyright (c) 1983, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)telnetd.8 8.3 (Berkeley) 3/1/94 -.\" $FreeBSD: src/libexec/telnetd/telnetd.8,v 1.23 2001/07/15 07:53:42 dd Exp $ -.\" -.Dd March 1, 1994 -.Dt TELNETD 8 -.Os -.Sh NAME -.Nm telnetd -.Nd DARPA -.Tn TELNET -protocol server -.Sh SYNOPSIS -.Nm /usr/libexec/telnetd -.Op Fl Uhlkns -.Op Fl D Ar debugmode -.Op Fl I Ns Ar initid -.Op Fl S Ar tos -.Op Fl X Ar authtype -.Op Fl a Ar authmode -.Op Fl edebug -.Op Fl p Ar loginprog -.Op Fl r Ns Ar lowpty-highpty -.Op Fl u Ar len -.Op Fl debug Op Ar port -.Sh DESCRIPTION -The -.Nm -command is a server which supports the -.Tn DARPA -standard -.Tn TELNET -virtual terminal protocol. -.Nm Telnetd -is normally invoked by the internet server (see -.Xr inetd 8 ) -for requests to connect to the -.Tn TELNET -port as indicated by the -.Pa /etc/services -file (see -.Xr services 5 ) . -The -.Fl debug -option may be used to start up -.Nm -manually, instead of through -.Xr inetd 8 . -If started up this way, -.Ar port -may be specified to run -.Nm -on an alternate -.Tn TCP -port number. -.Pp -The -.Nm -command accepts the following options: -.Bl -tag -width indent -.It Fl a Ar authmode -This option may be used for specifying what mode should -be used for authentication. -Note that this option is only useful if -.Nm -has been compiled with support for the -.Dv AUTHENTICATION -option. -There are several valid values for -.Ar authmode : -.Bl -tag -width debug -.It Cm debug -Turn on authentication debugging code. -.It Cm user -Only allow connections when the remote user -can provide valid authentication information -to identify the remote user, -and is allowed access to the specified account -without providing a password. -.It Cm valid -Only allow connections when the remote user -can provide valid authentication information -to identify the remote user. -The -.Xr login 1 -command will provide any additional user verification -needed if the remote user is not allowed automatic -access to the specified account. -.It Cm other -Only allow connections that supply some authentication information. -This option is currently not supported -by any of the existing authentication mechanisms, -and is thus the same as specifying -.Fl a -.Cm valid . -.It Cm none -This is the default state. -Authentication information is not required. -If no or insufficient authentication information -is provided, then the -.Xr login 1 -program will provide the necessary user -verification. -.It Cm off -Disable the authentication code. -All user verification will happen through the -.Xr login 1 -program. -.El -.It Fl D Ar debugmode -This option may be used for debugging purposes. -This allows -.Nm -to print out debugging information -to the connection, allowing the user to see what -.Nm -is doing. -There are several possible values for -.Ar debugmode : -.Bl -tag -width exercise -.It Cm options -Print information about the negotiation of -.Tn TELNET -options. -.It Cm report -Print the -.Cm options -information, plus some additional information -about what processing is going on. -.It Cm netdata -Display the data stream received by -.Nm . -.It Cm ptydata -Display data written to the pty. -.It Cm exercise -Has not been implemented yet. -.El -.It Fl debug -Enable debugging on each socket created by -.Nm -(see -.Dv SO_DEBUG -in -.Xr socket 2 ) . -.It Fl edebug -If -.Nm -has been compiled with support for data encryption, then the -.Fl edebug -option may be used to enable encryption debugging code. -.It Fl p Ar loginprog -Specify an alternate -.Xr login 1 -command to run to complete the login. The alternate command must -understand the same command arguments as the standard login. -.It Fl h -Disable the printing of host-specific information before -login has been completed. -.It Fl I Ar initid -This option is only applicable to -.Tn UNICOS -systems prior to 7.0. -It specifies the -.Dv ID -from -.Pa /etc/inittab -to use when init starts login sessions. The default -.Dv ID -is -.Dv fe . -.It Fl k -This option is only useful if -.Nm -has been compiled with both linemode and kludge linemode -support. If the -.Fl k -option is specified, then if the remote client does not -support the -.Dv LINEMODE -option, then -.Nm -will operate in character at a time mode. -It will still support kludge linemode, but will only -go into kludge linemode if the remote client requests -it. -(This is done by the client sending -.Dv DONT SUPPRESS-GO-AHEAD -and -.Dv DONT ECHO . ) -The -.Fl k -option is most useful when there are remote clients -that do not support kludge linemode, but pass the heuristic -(if they respond with -.Dv WILL TIMING-MARK -in response to a -.Dv DO TIMING-MARK ) -for kludge linemode support. -.It Fl l -Specify line mode. Try to force clients to use line- -at-a-time mode. -If the -.Dv LINEMODE -option is not supported, it will go -into kludge linemode. -.It Fl n -Disable -.Dv TCP -keep-alives. Normally -.Nm -enables the -.Tn TCP -keep-alive mechanism to probe connections that -have been idle for some period of time to determine -if the client is still there, so that idle connections -from machines that have crashed or can no longer -be reached may be cleaned up. -.It Fl r Ar lowpty-highpty -This option is only enabled when -.Nm -is compiled for -.Dv UNICOS . -It specifies an inclusive range of pseudo-terminal devices to -use. If the system has sysconf variable -.Dv _SC_CRAY_NPTY -configured, the default pty search range is 0 to -.Dv _SC_CRAY_NPTY ; -otherwise, the default range is 0 to 128. Either -.Ar lowpty -or -.Ar highpty -may be omitted to allow changing -either end of the search range. If -.Ar lowpty -is omitted, the - character is still required so that -.Nm -can differentiate -.Ar highpty -from -.Ar lowpty . -.It Fl s -This option is only enabled if -.Nm -is compiled with support for -.Tn SecurID -cards. -It causes the -.Fl s -option to be passed on to -.Xr login 1 , -and thus is only useful if -.Xr login 1 -supports the -.Fl s -flag to indicate that only -.Tn SecurID -validated logins are allowed, and is -usually useful for controlling remote logins -from outside of a firewall. -.It Fl S Ar tos -.It Fl u Ar len -This option is used to specify the size of the field -in the -.Dv utmp -structure that holds the remote host name. -If the resolved host name is longer than -.Ar len , -the dotted decimal value will be used instead. -This allows hosts with very long host names that -overflow this field to still be uniquely identified. -Specifying -.Fl u0 -indicates that only dotted decimal addresses -should be put into the -.Pa utmp -file. -.It Fl U -This option causes -.Nm -to refuse connections from addresses that -cannot be mapped back into a symbolic name -via the -.Xr gethostbyaddr 3 -routine. -.It Fl X Ar authtype -This option is only valid if -.Nm -has been built with support for the authentication option. -It disables the use of -.Ar authtype -authentication, and -can be used to temporarily disable -a specific authentication type without having to recompile -.Nm . -.El -.Pp -.Nm Telnetd -operates by allocating a pseudo-terminal device (see -.Xr pty 4 ) -for a client, then creating a login process which has -the slave side of the pseudo-terminal as -.Dv stdin , -.Dv stdout -and -.Dv stderr . -.Nm Telnetd -manipulates the master side of the pseudo-terminal, -implementing the -.Tn TELNET -protocol and passing characters -between the remote client and the login process. -.Pp -When a -.Tn TELNET -session is started up, -.Nm -sends -.Tn TELNET -options to the client side indicating -a willingness to do the -following -.Tn TELNET -options, which are described in more detail below: -.Bd -literal -offset indent -DO AUTHENTICATION -WILL ENCRYPT -DO TERMINAL TYPE -DO TSPEED -DO XDISPLOC -DO NEW-ENVIRON -DO ENVIRON -WILL SUPPRESS GO AHEAD -DO ECHO -DO LINEMODE -DO NAWS -WILL STATUS -DO LFLOW -DO TIMING-MARK -.Ed -.Pp -The pseudo-terminal allocated to the client is configured -to operate in -.Dq cooked -mode, and with -.Dv XTABS and -.Dv CRMOD -enabled (see -.Xr tty 4 ) . -.Pp -.Nm Telnetd -has support for enabling locally the following -.Tn TELNET -options: -.Bl -tag -width "DO AUTHENTICATION" -.It "WILL ECHO" -When the -.Dv LINEMODE -option is enabled, a -.Dv WILL ECHO -or -.Dv WONT ECHO -will be sent to the client to indicate the -current state of terminal echoing. -When terminal echo is not desired, a -.Dv WILL ECHO -is sent to indicate that -.Nm -will take care of echoing any data that needs to be -echoed to the terminal, and then nothing is echoed. -When terminal echo is desired, a -.Dv WONT ECHO -is sent to indicate that -.Nm -will not be doing any terminal echoing, so the -client should do any terminal echoing that is needed. -.It "WILL BINARY" -Indicate that the client is willing to send a -8 bits of data, rather than the normal 7 bits -of the Network Virtual Terminal. -.It "WILL SGA" -Indicate that it will not be sending -.Dv IAC GA , -go ahead, commands. -.It "WILL STATUS" -Indicate a willingness to send the client, upon -request, of the current status of all -.Tn TELNET -options. -.It "WILL TIMING-MARK" -Whenever a -.Dv DO TIMING-MARK -command is received, it is always responded -to with a -.Dv WILL TIMING-MARK . -.It "WILL LOGOUT" -When a -.Dv DO LOGOUT -is received, a -.Dv WILL LOGOUT -is sent in response, and the -.Tn TELNET -session is shut down. -.It "WILL ENCRYPT" -Only sent if -.Nm -is compiled with support for data encryption, and -indicates a willingness to decrypt -the data stream. -.El -.Pp -.Nm Telnetd -has support for enabling remotely the following -.Tn TELNET -options: -.Bl -tag -width "DO AUTHENTICATION" -.It "DO BINARY" -Sent to indicate that -.Nm -is willing to receive an 8 bit data stream. -.It "DO LFLOW" -Requests that the client handle flow control -characters remotely. -.It "DO ECHO" -This is not really supported, but is sent to identify a 4.2BSD -.Xr telnet 1 -client, which will improperly respond with -.Dv WILL ECHO . -If a -.Dv WILL ECHO -is received, a -.Dv DONT ECHO -will be sent in response. -.It "DO TERMINAL-TYPE" -Indicate a desire to be able to request the -name of the type of terminal that is attached -to the client side of the connection. -.It "DO SGA" -Indicate that it does not need to receive -.Dv IAC GA , -the go ahead command. -.It "DO NAWS" -Requests that the client inform the server when -the window (display) size changes. -.It "DO TERMINAL-SPEED" -Indicate a desire to be able to request information -about the speed of the serial line to which -the client is attached. -.It "DO XDISPLOC" -Indicate a desire to be able to request the name -of the X Window System display that is associated with -the telnet client. -.It "DO NEW-ENVIRON" -Indicate a desire to be able to request environment -variable information, as described in RFC 1572. -.It "DO ENVIRON" -Indicate a desire to be able to request environment -variable information, as described in RFC 1408. -.It "DO LINEMODE" -Only sent if -.Nm -is compiled with support for linemode, and -requests that the client do line by line processing. -.It "DO TIMING-MARK" -Only sent if -.Nm -is compiled with support for both linemode and -kludge linemode, and the client responded with -.Dv WONT LINEMODE . -If the client responds with -.Dv WILL TM , -the it is assumed that the client supports -kludge linemode. -Note that the -.Op Fl k -option can be used to disable this. -.It "DO AUTHENTICATION" -Only sent if -.Nm -is compiled with support for authentication, and -indicates a willingness to receive authentication -information for automatic login. -.It "DO ENCRYPT" -Only sent if -.Nm -is compiled with support for data encryption, and -indicates a willingness to decrypt -the data stream. -.El -.Sh NOTES -By default -.Nm -will read the -.Em \&he , -.Em \&hn , -and -.Em \&im -capabilities from -.Pa /etc/gettytab -and use that information (if present) to determine -what to display before the login: prompt. You can -also use a System V style -.Pa /etc/issue -file by using the -.Em \&if -capability, which will override -.Em \&im . -The information specified in either -.Em \&im -or -.Em \&if -will be displayed to both console and remote logins. -.\" .Sh ENVIRONMENT -.Sh FILES -.Bl -tag -width /usr/ucb/bftp -compact -.It Pa /etc/services -.It Pa /etc/gettytab -.It Pa /etc/inittab -(UNICOS systems only) -.It Pa /etc/iptos -(if supported) -.It Pa /usr/ucb/bftp -(if supported) -.El -.Sh "SEE ALSO" -.Xr bftp 1 , -.Xr login 1 , -.Xr gettytab 5 , -.Xr telnet 1 -(if supported) -.Sh STANDARDS -.Bl -tag -compact -width RFC-1572 -.It Cm RFC-854 -.Tn TELNET -PROTOCOL SPECIFICATION -.It Cm RFC-855 -TELNET OPTION SPECIFICATIONS -.It Cm RFC-856 -TELNET BINARY TRANSMISSION -.It Cm RFC-857 -TELNET ECHO OPTION -.It Cm RFC-858 -TELNET SUPPRESS GO AHEAD OPTION -.It Cm RFC-859 -TELNET STATUS OPTION -.It Cm RFC-860 -TELNET TIMING MARK OPTION -.It Cm RFC-861 -TELNET EXTENDED OPTIONS - LIST OPTION -.It Cm RFC-885 -TELNET END OF RECORD OPTION -.It Cm RFC-1073 -Telnet Window Size Option -.It Cm RFC-1079 -Telnet Terminal Speed Option -.It Cm RFC-1091 -Telnet Terminal-Type Option -.It Cm RFC-1096 -Telnet X Display Location Option -.It Cm RFC-1123 -Requirements for Internet Hosts -- Application and Support -.It Cm RFC-1184 -Telnet Linemode Option -.It Cm RFC-1372 -Telnet Remote Flow Control Option -.It Cm RFC-1416 -Telnet Authentication Option -.It Cm RFC-1411 -Telnet Authentication: Kerberos Version 4 -.It Cm RFC-1412 -Telnet Authentication: SPX -.It Cm RFC-1571 -Telnet Environment Option Interoperability Issues -.It Cm RFC-1572 -Telnet Environment Option -.El -.Sh BUGS -Some -.Tn TELNET -commands are only partially implemented. -.Pp -Because of bugs in the original 4.2 BSD -.Xr telnet 1 , -.Nm -performs some dubious protocol exchanges to try to discover if the remote -client is, in fact, a 4.2 BSD -.Xr telnet 1 . -.Pp -Binary mode -has no common interpretation except between similar operating systems -(Unix in this case). -.Pp -The terminal type name received from the remote client is converted to -lower case. -.Pp -.Nm Telnetd -never sends -.Tn TELNET -.Dv IAC GA -(go ahead) commands. -.Sh HISTORY -IPv6 support was added by WIDE/KAME project. diff --git a/telnetd.tproj/telnetd.c b/telnetd.tproj/telnetd.c deleted file mode 100644 index 6f7777f..0000000 --- a/telnetd.tproj/telnetd.c +++ /dev/null @@ -1,1580 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static const char copyright[] = -"@(#) Copyright (c) 1989, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -#if 0 -static char sccsid[] = "@(#)telnetd.c 8.2 (Berkeley) 12/15/93"; -#endif -static const char rcsid[] = - "$FreeBSD: src/libexec/telnetd/telnetd.c,v 1.28 2001/07/20 15:14:03 ru Exp $"; -#endif /* not lint */ - -#include "telnetd.h" -#include "pathnames.h" - -#if defined(_SC_CRAY_SECURE_SYS) && !defined(SCM_SECURITY) -/* - * UNICOS 6.0/6.1 do not have SCM_SECURITY defined, so we can - * use it to tell us to turn off all the socket security code, - * since that is only used in UNICOS 7.0 and later. - */ -# undef _SC_CRAY_SECURE_SYS -#endif - -#include -#include -#include -#include -#include -#include -#include - -#if defined(_SC_CRAY_SECURE_SYS) -#include -#include -# ifdef SO_SEC_MULTI /* 8.0 code */ -#include -#include -# endif /* SO_SEC_MULTI */ - -/* wrapper for KAME-special getnameinfo() */ -#ifndef NI_WITHSCOPEID -#define NI_WITHSCOPEID 0 -#endif - -int secflag; -char tty_dev[16]; -struct secdev dv; -struct sysv sysv; -# ifdef SO_SEC_MULTI /* 8.0 code */ -struct socksec ss; -# else /* SO_SEC_MULTI */ /* 7.0 code */ -struct socket_security ss; -# endif /* SO_SEC_MULTI */ -#endif /* _SC_CRAY_SECURE_SYS */ - -#if defined(AUTHENTICATION) -#include -int auth_level = 0; -#endif -#if defined(SecurID) -int require_SecurID = 0; -#endif - -char remote_hostname[MAXHOSTNAMELEN]; -int utmp_len = sizeof(remote_hostname) - 1; -int registerd_host_only = 0; - -#ifdef STREAMSPTY -# include -# include -/* make sure we don't get the bsd version */ -# include "/usr/include/sys/tty.h" -# include - -/* - * Because of the way ptyibuf is used with streams messages, we need - * ptyibuf+1 to be on a full-word boundary. The following weirdness - * is simply to make that happen. - */ -long ptyibufbuf[BUFSIZ/sizeof(long)+1]; -char *ptyibuf = ((char *)&ptyibufbuf[1])-1; -char *ptyip = ((char *)&ptyibufbuf[1])-1; -char ptyibuf2[BUFSIZ]; -unsigned char ctlbuf[BUFSIZ]; -struct strbuf strbufc, strbufd; - -int readstream(); - -#else /* ! STREAMPTY */ - -/* - * I/O data buffers, - * pointers, and counters. - */ -char ptyibuf[BUFSIZ], *ptyip = ptyibuf; -char ptyibuf2[BUFSIZ]; - -#endif /* ! STREAMPTY */ - -int hostinfo = 1; /* do we print login banner? */ - -#ifdef CRAY -extern int newmap; /* nonzero if \n maps to ^M^J */ -int lowpty = 0, highpty; /* low, high pty numbers */ -#endif /* CRAY */ - -int debug = 0; -int keepalive = 1; -char *altlogin; - -void doit __P((struct sockaddr *)); -int terminaltypeok __P((char *)); -void startslave __P((char *, int, char *)); -extern void usage P((void)); - -/* - * The string to pass to getopt(). We do it this way so - * that only the actual options that we support will be - * passed off to getopt(). - */ -char valid_opts[] = { - 'd', ':', 'h', 'k', 'n', 'p', ':', 'S', ':', 'u', ':', 'U', - '4', '6', -#ifdef AUTHENTICATION - 'a', ':', 'X', ':', -#endif -#ifdef BFTPDAEMON - 'B', -#endif -#ifdef DIAGNOSTICS - 'D', ':', -#endif -#if defined(CRAY) && defined(NEWINIT) - 'I', ':', -#endif -#ifdef LINEMODE - 'l', -#endif -#ifdef CRAY - 'r', ':', -#endif -#ifdef SecurID - 's', -#endif - '\0' -}; - -int family = AF_INET; - -int -main(argc, argv) - char *argv[]; -{ - struct sockaddr_storage from; - int on = 1, fromlen; - register int ch; -#if defined(IPPROTO_IP) && defined(IP_TOS) - int tos = -1; -#endif - - pfrontp = pbackp = ptyobuf; - netip = netibuf; - nfrontp = nbackp = netobuf; - - /* - * This initialization causes linemode to default to a configuration - * that works on all telnet clients, including the FreeBSD client. - * This is not quite the same as the telnet client issuing a "mode - * character" command, but has most of the same benefits, and is - * preferable since some clients (like usofts) don't have the - * mode character command anyway and linemode breaks things. - * The most notable symptom of fix is that csh "set filec" operations - * like (filename completion) and ^D (choices) keys now work - * in telnet sessions and can be used more than once on the same line. - * CR/LF handling is also corrected in some termio modes. This - * change resolves problem reports bin/771 and bin/1037. - */ - - linemode=1; /*Default to mode that works on bulk of clients*/ - -#ifdef CRAY - /* - * Get number of pty's before trying to process options, - * which may include changing pty range. - */ - highpty = getnpty(); -#endif /* CRAY */ - - while ((ch = getopt(argc, argv, valid_opts)) != -1) { - switch(ch) { - -#ifdef AUTHENTICATION - case 'a': - /* - * Check for required authentication level - */ - if (strcmp(optarg, "debug") == 0) { - extern int auth_debug_mode; - auth_debug_mode = 1; - } else if (strcasecmp(optarg, "none") == 0) { - auth_level = 0; - } else if (strcasecmp(optarg, "other") == 0) { - auth_level = AUTH_OTHER; - } else if (strcasecmp(optarg, "user") == 0) { - auth_level = AUTH_USER; - } else if (strcasecmp(optarg, "valid") == 0) { - auth_level = AUTH_VALID; - } else if (strcasecmp(optarg, "off") == 0) { - /* - * This hack turns off authentication - */ - auth_level = -1; - } else { - warnx("unknown authorization level for -a"); - } - break; -#endif /* AUTHENTICATION */ - -#ifdef BFTPDAEMON - case 'B': - bftpd++; - break; -#endif /* BFTPDAEMON */ - - case 'd': - if (strcmp(optarg, "ebug") == 0) { - debug++; - break; - } - usage(); - /* NOTREACHED */ - break; - -#ifdef DIAGNOSTICS - case 'D': - /* - * Check for desired diagnostics capabilities. - */ - if (!strcmp(optarg, "report")) { - diagnostic |= TD_REPORT|TD_OPTIONS; - } else if (!strcmp(optarg, "exercise")) { - diagnostic |= TD_EXERCISE; - } else if (!strcmp(optarg, "netdata")) { - diagnostic |= TD_NETDATA; - } else if (!strcmp(optarg, "ptydata")) { - diagnostic |= TD_PTYDATA; - } else if (!strcmp(optarg, "options")) { - diagnostic |= TD_OPTIONS; - } else { - usage(); - /* NOT REACHED */ - } - break; -#endif /* DIAGNOSTICS */ - - - case 'h': - hostinfo = 0; - break; - -#if defined(CRAY) && defined(NEWINIT) - case 'I': - { - extern char *gen_id; - gen_id = optarg; - break; - } -#endif /* defined(CRAY) && defined(NEWINIT) */ - -#ifdef LINEMODE - case 'l': - alwayslinemode = 1; - break; -#endif /* LINEMODE */ - - case 'k': -#if defined(LINEMODE) && defined(KLUDGELINEMODE) - lmodetype = NO_AUTOKLUDGE; -#else - /* ignore -k option if built without kludge linemode */ -#endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */ - break; - - case 'n': - keepalive = 0; - break; - - case 'p': - altlogin = optarg; - break; - -#ifdef CRAY - case 'r': - { - char *strchr(); - char *c; - - /* - * Allow the specification of alterations - * to the pty search range. It is legal to - * specify only one, and not change the - * other from its default. - */ - c = strchr(optarg, '-'); - if (c) { - *c++ = '\0'; - highpty = atoi(c); - } - if (*optarg != '\0') - lowpty = atoi(optarg); - if ((lowpty > highpty) || (lowpty < 0) || - (highpty > 32767)) { - usage(); - /* NOT REACHED */ - } - break; - } -#endif /* CRAY */ - -#ifdef SecurID - case 's': - /* SecurID required */ - require_SecurID = 1; - break; -#endif /* SecurID */ - case 'S': -#ifdef HAS_GETTOS - if ((tos = parsetos(optarg, "tcp")) < 0) - warnx("%s%s%s", - "bad TOS argument '", optarg, - "'; will try to use default TOS"); -#else - warnx("TOS option unavailable; -S flag not supported"); -#endif - break; - - case 'u': - utmp_len = atoi(optarg); - if (utmp_len < 0) - utmp_len = -utmp_len; - if (utmp_len >= sizeof(remote_hostname)) - utmp_len = sizeof(remote_hostname) - 1; - break; - - case 'U': - registerd_host_only = 1; - break; - -#ifdef AUTHENTICATION - case 'X': - /* - * Check for invalid authentication types - */ - auth_disable_name(optarg); - break; -#endif /* AUTHENTICATION */ - - case '4': - family = AF_INET; - break; - -#ifdef INET6 - case '6': - family = AF_INET6; - break; -#endif - - default: - warnx("%c: unknown option", ch); - /* FALLTHROUGH */ - case '?': - usage(); - /* NOTREACHED */ - } - } - - argc -= optind; - argv += optind; - - if (debug) { - int s, ns, foo, error; - char *service = "telnet"; - struct addrinfo hints, *res; - - if (argc > 1) { - usage(); - /* NOT REACHED */ - } else if (argc == 1) - service = *argv; - - memset(&hints, 0, sizeof(hints)); - hints.ai_flags = AI_PASSIVE; - hints.ai_family = family; - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = 0; - error = getaddrinfo(NULL, service, &hints, &res); - - if (error) { - errx(1, "tcp/%s: %s\n", service, gai_strerror(error)); - if (error == EAI_SYSTEM) - errx(1, "tcp/%s: %s\n", service, strerror(errno)); - usage(); - } - - s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); - if (s < 0) - err(1, "socket"); - (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, - (char *)&on, sizeof(on)); - if (bind(s, res->ai_addr, res->ai_addrlen) < 0) - err(1, "bind"); - if (listen(s, 1) < 0) - err(1, "listen"); - foo = res->ai_addrlen; - ns = accept(s, res->ai_addr, &foo); - if (ns < 0) - err(1, "accept"); - (void) dup2(ns, 0); - (void) close(ns); - (void) close(s); -#ifdef convex - } else if (argc == 1) { - ; /* VOID*/ /* Just ignore the host/port name */ -#endif - } else if (argc > 0) { - usage(); - /* NOT REACHED */ - } - -#if defined(_SC_CRAY_SECURE_SYS) - secflag = sysconf(_SC_CRAY_SECURE_SYS); - - /* - * Get socket's security label - */ - if (secflag) { - int szss = sizeof(ss); -#ifdef SO_SEC_MULTI /* 8.0 code */ - int sock_multi; - int szi = sizeof(int); -#endif /* SO_SEC_MULTI */ - - bzero((char *)&dv, sizeof(dv)); - - if (getsysv(&sysv, sizeof(struct sysv)) != 0) - err(1, "getsysv"); - - /* - * Get socket security label and set device values - * {security label to be set on ttyp device} - */ -#ifdef SO_SEC_MULTI /* 8.0 code */ - if ((getsockopt(0, SOL_SOCKET, SO_SECURITY, - (char *)&ss, &szss) < 0) || - (getsockopt(0, SOL_SOCKET, SO_SEC_MULTI, - (char *)&sock_multi, &szi) < 0)) { - err(1, "getsockopt"); - } else { - dv.dv_actlvl = ss.ss_actlabel.lt_level; - dv.dv_actcmp = ss.ss_actlabel.lt_compart; - if (!sock_multi) { - dv.dv_minlvl = dv.dv_maxlvl = dv.dv_actlvl; - dv.dv_valcmp = dv.dv_actcmp; - } else { - dv.dv_minlvl = ss.ss_minlabel.lt_level; - dv.dv_maxlvl = ss.ss_maxlabel.lt_level; - dv.dv_valcmp = ss.ss_maxlabel.lt_compart; - } - dv.dv_devflg = 0; - } -#else /* SO_SEC_MULTI */ /* 7.0 code */ - if (getsockopt(0, SOL_SOCKET, SO_SECURITY, - (char *)&ss, &szss) >= 0) { - dv.dv_actlvl = ss.ss_slevel; - dv.dv_actcmp = ss.ss_compart; - dv.dv_minlvl = ss.ss_minlvl; - dv.dv_maxlvl = ss.ss_maxlvl; - dv.dv_valcmp = ss.ss_maxcmp; - } -#endif /* SO_SEC_MULTI */ - } -#endif /* _SC_CRAY_SECURE_SYS */ - - openlog("telnetd", LOG_PID | LOG_ODELAY, LOG_DAEMON); - fromlen = sizeof (from); - if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) { - warn("getpeername"); - _exit(1); - } - if (keepalive && - setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, - (char *)&on, sizeof (on)) < 0) { - syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); - } - -#if defined(IPPROTO_IP) && defined(IP_TOS) - if (from.ss_family == AF_INET) { -# if defined(HAS_GETTOS) - struct tosent *tp; - if (tos < 0 && (tp = gettosbyname("telnet", "tcp"))) - tos = tp->t_tos; -# endif - if (tos < 0) - tos = 020; /* Low Delay bit */ - if (tos - && (setsockopt(0, IPPROTO_IP, IP_TOS, - (char *)&tos, sizeof(tos)) < 0) - && (errno != ENOPROTOOPT) ) - syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); - } -#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */ - net = 0; - doit((struct sockaddr *)&from); - /* NOTREACHED */ - return(0); -} /* end of main */ - - void -usage() -{ - fprintf(stderr, "usage: telnetd"); -#ifdef AUTHENTICATION - fprintf(stderr, " [-a (debug|other|user|valid|off|none)]\n\t"); -#endif -#ifdef BFTPDAEMON - fprintf(stderr, " [-B]"); -#endif - fprintf(stderr, " [-debug]"); -#ifdef DIAGNOSTICS - fprintf(stderr, " [-D (options|report|exercise|netdata|ptydata)]\n\t"); -#endif -#ifdef AUTHENTICATION - fprintf(stderr, " [-edebug]"); -#endif - fprintf(stderr, " [-h]"); -#if defined(CRAY) && defined(NEWINIT) - fprintf(stderr, " [-Iinitid]"); -#endif -#if defined(LINEMODE) && defined(KLUDGELINEMODE) - fprintf(stderr, " [-k]"); -#endif -#ifdef LINEMODE - fprintf(stderr, " [-l]"); -#endif - fprintf(stderr, " [-n]"); -#ifdef CRAY - fprintf(stderr, " [-r[lowpty]-[highpty]]"); -#endif - fprintf(stderr, "\n\t"); -#ifdef SecurID - fprintf(stderr, " [-s]"); -#endif -#ifdef HAS_GETTOS - fprintf(stderr, " [-S tos]"); -#endif -#ifdef AUTHENTICATION - fprintf(stderr, " [-X auth-type]"); -#endif - fprintf(stderr, " [-u utmp_hostname_length] [-U]"); - fprintf(stderr, " [port]\n"); - exit(1); -} - -/* - * getterminaltype - * - * Ask the other end to send along its terminal type and speed. - * Output is the variable terminaltype filled in. - */ -static unsigned char ttytype_sbbuf[] = { - IAC, SB, TELOPT_TTYPE, TELQUAL_SEND, IAC, SE -}; - - int -getterminaltype(name) - char *name; -{ - int retval = -1; - void _gettermname(); - - settimer(baseline); -#if defined(AUTHENTICATION) - /* - * Handle the Authentication option before we do anything else. - */ - send_do(TELOPT_AUTHENTICATION, 1); - while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) - ttloop(); - if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name); - } -#endif - - send_do(TELOPT_TTYPE, 1); - send_do(TELOPT_TSPEED, 1); - send_do(TELOPT_XDISPLOC, 1); - send_do(TELOPT_NEW_ENVIRON, 1); - send_do(TELOPT_OLD_ENVIRON, 1); - while ( - his_will_wont_is_changing(TELOPT_TTYPE) || - his_will_wont_is_changing(TELOPT_TSPEED) || - his_will_wont_is_changing(TELOPT_XDISPLOC) || - his_will_wont_is_changing(TELOPT_NEW_ENVIRON) || - his_will_wont_is_changing(TELOPT_OLD_ENVIRON)) { - ttloop(); - } - if (his_state_is_will(TELOPT_TSPEED)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE }; - - output_datalen(sb, sizeof sb); - } - if (his_state_is_will(TELOPT_XDISPLOC)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE }; - - output_datalen(sb, sizeof sb); - } - if (his_state_is_will(TELOPT_NEW_ENVIRON)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE }; - - output_datalen(sb, sizeof sb); - } - else if (his_state_is_will(TELOPT_OLD_ENVIRON)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE }; - - output_datalen(sb, sizeof sb); - } - if (his_state_is_will(TELOPT_TTYPE)) { - - output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf); - } - if (his_state_is_will(TELOPT_TSPEED)) { - while (sequenceIs(tspeedsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_XDISPLOC)) { - while (sequenceIs(xdisplocsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_NEW_ENVIRON)) { - while (sequenceIs(environsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_OLD_ENVIRON)) { - while (sequenceIs(oenvironsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_TTYPE)) { - char first[256], last[256]; - - while (sequenceIs(ttypesubopt, baseline)) - ttloop(); - - /* - * If the other side has already disabled the option, then - * we have to just go with what we (might) have already gotten. - */ - if (his_state_is_will(TELOPT_TTYPE) && !terminaltypeok(terminaltype)) { - (void) strncpy(first, terminaltype, sizeof(first)-1); - first[sizeof(first)-1] = '\0'; - for(;;) { - /* - * Save the unknown name, and request the next name. - */ - (void) strncpy(last, terminaltype, sizeof(last)-1); - last[sizeof(last)-1] = '\0'; - _gettermname(); - if (terminaltypeok(terminaltype)) - break; - if ((strncmp(last, terminaltype, sizeof(last)) == 0) || - his_state_is_wont(TELOPT_TTYPE)) { - /* - * We've hit the end. If this is the same as - * the first name, just go with it. - */ - if (strncmp(first, terminaltype, sizeof(first)) == 0) - break; - /* - * Get the terminal name one more time, so that - * RFC1091 compliant telnets will cycle back to - * the start of the list. - */ - _gettermname(); - if (strncmp(first, terminaltype, sizeof(first)) != 0) { - (void) strncpy(terminaltype, first, sizeof(terminaltype)-1); - terminaltype[sizeof(terminaltype)-1] = '\0'; - } - break; - } - } - } - } - return(retval); -} /* end of getterminaltype */ - - void -_gettermname() -{ - /* - * If the client turned off the option, - * we can't send another request, so we - * just return. - */ - if (his_state_is_wont(TELOPT_TTYPE)) - return; - settimer(baseline); - output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf); - while (sequenceIs(ttypesubopt, baseline)) - ttloop(); -} - - int -terminaltypeok(s) - char *s; -{ - char buf[1024]; - - if (terminaltype == NULL) - return(1); - - /* - * tgetent() will return 1 if the type is known, and - * 0 if it is not known. If it returns -1, it couldn't - * open the database. But if we can't open the database, - * it won't help to say we failed, because we won't be - * able to verify anything else. So, we treat -1 like 1. - */ - if (tgetent(buf, s) == 0) - return(0); - return(1); -} - -#ifndef MAXHOSTNAMELEN -#define MAXHOSTNAMELEN 256 -#endif /* MAXHOSTNAMELEN */ - -char *hostname; -char host_name[MAXHOSTNAMELEN]; - -extern void telnet P((int, int, char *)); - -int level; -char user_name[256]; -/* - * Get a pty, scan input lines. - */ - void -doit(who) - struct sockaddr *who; -{ - char *host = NULL; - int err; - struct hostent *hp; - int ptynum; - - /* - * Find an available pty to use. - */ -#ifndef convex - pty = getpty(&ptynum); - if (pty < 0) - fatal(net, "All network ports in use"); -#else - for (;;) { - char *lp; - - if ((lp = getpty()) == NULL) - fatal(net, "Out of ptys"); - - if ((pty = open(lp, 2)) >= 0) { - strlcpy(line,lp,sizeof(line)); - line[5] = 't'; - break; - } - } -#endif - -#if defined(_SC_CRAY_SECURE_SYS) - /* - * set ttyp line security label - */ - if (secflag) { - char slave_dev[16]; - - sprintf(tty_dev, "%spty/%03d", _PATH_DEV, ptynum); - if (setdevs(tty_dev, &dv) < 0) - fatal(net, "cannot set pty security"); - sprintf(slave_dev, "%sp%03d", _PATH_TTY, ptynum); - if (setdevs(slave_dev, &dv) < 0) - fatal(net, "cannot set tty security"); - } -#endif /* _SC_CRAY_SECURE_SYS */ - - /* get name of connected client */ - hp = gethostbyaddr((char *)&((struct sockaddr_in *)who)->sin_addr, sizeof (struct in_addr), - ((struct sockaddr_in *)who)->sin_family); - - if (hp == NULL && registerd_host_only) { - fatal(net, "Couldn't resolve your address into a host name.\r\n\ - Please contact your net administrator"); - } else if (hp && - (strlen(hp->h_name) <= (unsigned int)((utmp_len < 0) ? -utmp_len - : utmp_len))) { - host = hp->h_name; - } else { - host = inet_ntoa(((struct sockaddr_in *)who)->sin_addr); - } - /* - * We must make a copy because Kerberos is probably going - * to also do a gethost* and overwrite the static data... - */ - strncpy(remote_hostname, host, sizeof(remote_hostname)-1); - remote_hostname[sizeof(remote_hostname)-1] = 0; - host = remote_hostname; - - (void) gethostname(host_name, sizeof(host_name) - 1); - host_name[sizeof(host_name) - 1] = '\0'; - hostname = host_name; - -#if defined(AUTHENTICATION) - auth_encrypt_init(hostname, remote_hostname, "TELNETD", 1); -#endif - - init_env(); - /* - * get terminal type. - */ - *user_name = 0; - level = getterminaltype(user_name); - setenv("TERM", terminaltype ? terminaltype : "network", 1); - -#if defined(_SC_CRAY_SECURE_SYS) - if (secflag) { - if (setulvl(dv.dv_actlvl) < 0) - fatal(net,"cannot setulvl()"); - if (setucmp(dv.dv_actcmp) < 0) - fatal(net, "cannot setucmp()"); - } -#endif /* _SC_CRAY_SECURE_SYS */ - - telnet(net, pty, remote_hostname); /* begin server process */ - - /*NOTREACHED*/ -} /* end of doit */ - -#if defined(CRAY2) && defined(UNICOS5) && defined(UNICOS50) - int -Xterm_output(ibufp, obuf, icountp, ocount) - char **ibufp, *obuf; - int *icountp, ocount; -{ - int ret; - ret = term_output(*ibufp, obuf, *icountp, ocount); - *ibufp += *icountp; - *icountp = 0; - return(ret); -} -#define term_output Xterm_output -#endif /* defined(CRAY2) && defined(UNICOS5) && defined(UNICOS50) */ - -/* - * Main loop. Select from pty and network, and - * hand data to telnet receiver finite state machine. - */ - void -telnet(f, p, host) - int f, p; - char *host; -{ - int on = 1; -#define TABBUFSIZ 512 - char defent[TABBUFSIZ]; - char defstrs[TABBUFSIZ]; -#undef TABBUFSIZ - char *HE; - char *HN; - char *IM; - char *IF; - char *if_buf; - int if_fd; - struct stat statbuf; - - void netflush(); - - /* - * Initialize the slc mapping table. - */ - get_slc_defaults(); - - /* - * Do some tests where it is desireable to wait for a response. - * Rather than doing them slowly, one at a time, do them all - * at once. - */ - if (my_state_is_wont(TELOPT_SGA)) - send_will(TELOPT_SGA, 1); - /* - * Is the client side a 4.2 (NOT 4.3) system? We need to know this - * because 4.2 clients are unable to deal with TCP urgent data. - * - * To find out, we send out a "DO ECHO". If the remote system - * answers "WILL ECHO" it is probably a 4.2 client, and we note - * that fact ("WILL ECHO" ==> that the client will echo what - * WE, the server, sends it; it does NOT mean that the client will - * echo the terminal input). - */ - send_do(TELOPT_ECHO, 1); - -#ifdef LINEMODE - if (his_state_is_wont(TELOPT_LINEMODE)) { - /* Query the peer for linemode support by trying to negotiate - * the linemode option. - */ - linemode = 0; - editmode = 0; - send_do(TELOPT_LINEMODE, 1); /* send do linemode */ - } -#endif /* LINEMODE */ - - /* - * Send along a couple of other options that we wish to negotiate. - */ - send_do(TELOPT_NAWS, 1); - send_will(TELOPT_STATUS, 1); - flowmode = 1; /* default flow control state */ - restartany = -1; /* uninitialized... */ - send_do(TELOPT_LFLOW, 1); - - /* - * Spin, waiting for a response from the DO ECHO. However, - * some REALLY DUMB telnets out there might not respond - * to the DO ECHO. So, we spin looking for NAWS, (most dumb - * telnets so far seem to respond with WONT for a DO that - * they don't understand...) because by the time we get the - * response, it will already have processed the DO ECHO. - * Kludge upon kludge. - */ - while (his_will_wont_is_changing(TELOPT_NAWS)) - ttloop(); - - /* - * But... - * The client might have sent a WILL NAWS as part of its - * startup code; if so, we'll be here before we get the - * response to the DO ECHO. We'll make the assumption - * that any implementation that understands about NAWS - * is a modern enough implementation that it will respond - * to our DO ECHO request; hence we'll do another spin - * waiting for the ECHO option to settle down, which is - * what we wanted to do in the first place... - */ - if (his_want_state_is_will(TELOPT_ECHO) && - his_state_is_will(TELOPT_NAWS)) { - while (his_will_wont_is_changing(TELOPT_ECHO)) - ttloop(); - } - /* - * On the off chance that the telnet client is broken and does not - * respond to the DO ECHO we sent, (after all, we did send the - * DO NAWS negotiation after the DO ECHO, and we won't get here - * until a response to the DO NAWS comes back) simulate the - * receipt of a will echo. This will also send a WONT ECHO - * to the client, since we assume that the client failed to - * respond because it believes that it is already in DO ECHO - * mode, which we do not want. - */ - if (his_want_state_is_will(TELOPT_ECHO)) { - DIAG(TD_OPTIONS, output_data("td: simulating recv\r\n")); - willoption(TELOPT_ECHO); - } - - /* - * Finally, to clean things up, we turn on our echo. This - * will break stupid 4.2 telnets out of local terminal echo. - */ - - if (my_state_is_wont(TELOPT_ECHO)) - send_will(TELOPT_ECHO, 1); - -#ifndef STREAMSPTY - /* - * Turn on packet mode - */ - (void) ioctl(p, TIOCPKT, (char *)&on); -#endif - -#if defined(LINEMODE) && defined(KLUDGELINEMODE) - /* - * Continuing line mode support. If client does not support - * real linemode, attempt to negotiate kludge linemode by sending - * the do timing mark sequence. - */ - if (lmodetype < REAL_LINEMODE) - send_do(TELOPT_TM, 1); -#endif /* defined(LINEMODE) && defined(KLUDGELINEMODE) */ - - /* - * Call telrcv() once to pick up anything received during - * terminal type negotiation, 4.2/4.3 determination, and - * linemode negotiation. - */ - telrcv(); - - (void) ioctl(f, FIONBIO, (char *)&on); - (void) ioctl(p, FIONBIO, (char *)&on); -#if defined(CRAY2) && defined(UNICOS5) - init_termdriver(f, p, interrupt, sendbrk); -#endif - -#if defined(SO_OOBINLINE) - (void) setsockopt(net, SOL_SOCKET, SO_OOBINLINE, - (char *)&on, sizeof on); -#endif /* defined(SO_OOBINLINE) */ - -#ifdef SIGTSTP - (void) signal(SIGTSTP, SIG_IGN); -#endif -#ifdef SIGTTOU - /* - * Ignoring SIGTTOU keeps the kernel from blocking us - * in ttioct() in /sys/tty.c. - */ - (void) signal(SIGTTOU, SIG_IGN); -#endif - - (void) signal(SIGCHLD, cleanup); - -#if defined(CRAY2) && defined(UNICOS5) - /* - * Cray-2 will send a signal when pty modes are changed by slave - * side. Set up signal handler now. - */ - if ((int)signal(SIGUSR1, termstat) < 0) - warn("signal"); - else if (ioctl(p, TCSIGME, (char *)SIGUSR1) < 0) - warn("ioctl:TCSIGME"); - /* - * Make processing loop check terminal characteristics early on. - */ - termstat(); -#endif - -#ifdef TIOCNOTTY - { - register int t; - t = open(_PATH_TTY, O_RDWR); - if (t >= 0) { - (void) ioctl(t, TIOCNOTTY, (char *)0); - (void) close(t); - } - } -#endif - -#if defined(CRAY) && defined(NEWINIT) && defined(TIOCSCTTY) - (void) setsid(); - ioctl(p, TIOCSCTTY, 0); -#endif - - /* - * Show banner that getty never gave. - * - * We put the banner in the pty input buffer. This way, it - * gets carriage return null processing, etc., just like all - * other pty --> client data. - */ - -#if !defined(CRAY) || !defined(NEWINIT) - if (getenv("USER")) - hostinfo = 0; -#endif - - if (getent(defent, "default") == 1) { - char *Getstr(); - char *cp=defstrs; - - HE = Getstr("he", &cp); - HN = Getstr("hn", &cp); - IM = Getstr("im", &cp); - IF = Getstr("if", &cp); - if (HN && *HN) - (void) strlcpy(host_name, HN, sizeof(host_name)); - if (IF && (if_fd = open(IF, O_RDONLY, 000)) != -1) - IM = 0; - if (IM == 0) - IM = ""; - } else { - IM = DEFAULT_IM; - HE = 0; - } - edithost(HE, host_name); - if (hostinfo && *IM) - putf(IM, ptyibuf2); - else if (IF && if_fd != -1) { - fstat (if_fd, &statbuf); - if_buf = (char *) mmap (0, statbuf.st_size, PROT_READ, - 0, if_fd, 0); - putf(if_buf, ptyibuf2); - munmap (if_buf, statbuf.st_size); - close (if_fd); - } - - if (pcc) - (void) strncat(ptyibuf2, ptyip, pcc+1); - ptyip = ptyibuf2; - pcc = strlen(ptyip); -#ifdef LINEMODE - /* - * Last check to make sure all our states are correct. - */ - init_termbuf(); - localstat(); -#endif /* LINEMODE */ - - DIAG(TD_REPORT, output_data("td: Entering processing loop\r\n")); - - /* - * Startup the login process on the slave side of the terminal - * now. We delay this until here to insure option negotiation - * is complete. - */ - startslave(host, level, user_name); - - for (;;) { - fd_set ibits, obits, xbits; - register int c; - - if (ncc < 0 && pcc < 0) - break; - -#if defined(CRAY2) && defined(UNICOS5) - if (needtermstat) - _termstat(); -#endif /* defined(CRAY2) && defined(UNICOS5) */ - FD_ZERO(&ibits); - FD_ZERO(&obits); - FD_ZERO(&xbits); - /* - * Never look for input if there's still - * stuff in the corresponding output buffer - */ - if (nfrontp - nbackp || pcc > 0) { - FD_SET(f, &obits); - } else { - FD_SET(p, &ibits); - } - if (pfrontp - pbackp || ncc > 0) { - FD_SET(p, &obits); - } else { - FD_SET(f, &ibits); - } - if (!SYNCHing) { - FD_SET(f, &xbits); - } - if ((c = select(16, &ibits, &obits, &xbits, - (struct timeval *)0)) < 1) { - if (c == -1) { - if (errno == EINTR) { - continue; - } - } - sleep(5); - continue; - } - - /* - * Any urgent data? - */ - if (FD_ISSET(net, &xbits)) { - SYNCHing = 1; - } - - /* - * Something to read from the network... - */ - if (FD_ISSET(net, &ibits)) { -#if !defined(SO_OOBINLINE) - /* - * In 4.2 (and 4.3 beta) systems, the - * OOB indication and data handling in the kernel - * is such that if two separate TCP Urgent requests - * come in, one byte of TCP data will be overlaid. - * This is fatal for Telnet, but we try to live - * with it. - * - * In addition, in 4.2 (and...), a special protocol - * is needed to pick up the TCP Urgent data in - * the correct sequence. - * - * What we do is: if we think we are in urgent - * mode, we look to see if we are "at the mark". - * If we are, we do an OOB receive. If we run - * this twice, we will do the OOB receive twice, - * but the second will fail, since the second - * time we were "at the mark", but there wasn't - * any data there (the kernel doesn't reset - * "at the mark" until we do a normal read). - * Once we've read the OOB data, we go ahead - * and do normal reads. - * - * There is also another problem, which is that - * since the OOB byte we read doesn't put us - * out of OOB state, and since that byte is most - * likely the TELNET DM (data mark), we would - * stay in the TELNET SYNCH (SYNCHing) state. - * So, clocks to the rescue. If we've "just" - * received a DM, then we test for the - * presence of OOB data when the receive OOB - * fails (and AFTER we did the normal mode read - * to clear "at the mark"). - */ - if (SYNCHing) { - int atmark; - - (void) ioctl(net, SIOCATMARK, (char *)&atmark); - if (atmark) { - ncc = recv(net, netibuf, sizeof (netibuf), MSG_OOB); - if ((ncc == -1) && (errno == EINVAL)) { - ncc = read(net, netibuf, sizeof (netibuf)); - if (sequenceIs(didnetreceive, gotDM)) { - SYNCHing = stilloob(net); - } - } - } else { - ncc = read(net, netibuf, sizeof (netibuf)); - } - } else { - ncc = read(net, netibuf, sizeof (netibuf)); - } - settimer(didnetreceive); -#else /* !defined(SO_OOBINLINE)) */ - ncc = read(net, netibuf, sizeof (netibuf)); -#endif /* !defined(SO_OOBINLINE)) */ - if (ncc < 0 && errno == EWOULDBLOCK) - ncc = 0; - else { - if (ncc <= 0) { - break; - } - netip = netibuf; - } - DIAG((TD_REPORT | TD_NETDATA), - output_data("td: netread %d chars\r\n", ncc)); - DIAG(TD_NETDATA, printdata("nd", netip, ncc)); - } - - /* - * Something to read from the pty... - */ - if (FD_ISSET(p, &ibits)) { -#ifndef STREAMSPTY - pcc = read(p, ptyibuf, BUFSIZ); -#else - pcc = readstream(p, ptyibuf, BUFSIZ); -#endif - /* - * On some systems, if we try to read something - * off the master side before the slave side is - * opened, we get EIO. - */ - if (pcc < 0 && (errno == EWOULDBLOCK || -#ifdef EAGAIN - errno == EAGAIN || -#endif - errno == EIO)) { - pcc = 0; - } else { - if (pcc <= 0) - break; -#if !defined(CRAY2) || !defined(UNICOS5) -#ifdef LINEMODE - /* - * If ioctl from pty, pass it through net - */ - if (ptyibuf[0] & TIOCPKT_IOCTL) { - copy_termbuf(ptyibuf+1, pcc-1); - localstat(); - pcc = 1; - } -#endif /* LINEMODE */ - if (ptyibuf[0] & TIOCPKT_FLUSHWRITE) { - netclear(); /* clear buffer back */ -#ifndef NO_URGENT - /* - * There are client telnets on some - * operating systems get screwed up - * royally if we send them urgent - * mode data. - */ - output_data("%c%c", IAC, DM); - neturg = nfrontp-1; /* off by one XXX */ -#endif - } - if (his_state_is_will(TELOPT_LFLOW) && - (ptyibuf[0] & - (TIOCPKT_NOSTOP|TIOCPKT_DOSTOP))) { - int newflow = - ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0; - if (newflow != flowmode) { - flowmode = newflow; - output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON - : LFLOW_OFF, - IAC, SE); - } - } - pcc--; - ptyip = ptyibuf+1; -#else /* defined(CRAY2) && defined(UNICOS5) */ - if (!uselinemode) { - unpcc = pcc; - unptyip = ptyibuf; - pcc = term_output(&unptyip, ptyibuf2, - &unpcc, BUFSIZ); - ptyip = ptyibuf2; - } else - ptyip = ptyibuf; -#endif /* defined(CRAY2) && defined(UNICOS5) */ - } - } - - while (pcc > 0) { - if ((&netobuf[BUFSIZ] - nfrontp) < 2) - break; - c = *ptyip++ & 0377, pcc--; - if (c == IAC) - output_data("%c", c); -#if defined(CRAY2) && defined(UNICOS5) - else if (c == '\n' && - my_state_is_wont(TELOPT_BINARY) && newmap) - output_data("\r"); -#endif /* defined(CRAY2) && defined(UNICOS5) */ - output_data("%c", c); - if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) { - if (pcc > 0 && ((*ptyip & 0377) == '\n')) { - output_data("%c", *ptyip++ & 0377); - pcc--; - } else - output_data("%c", '\0'); - } - } -#if defined(CRAY2) && defined(UNICOS5) - /* - * If chars were left over from the terminal driver, - * note their existence. - */ - if (!uselinemode && unpcc) { - pcc = unpcc; - unpcc = 0; - ptyip = unptyip; - } -#endif /* defined(CRAY2) && defined(UNICOS5) */ - - if (FD_ISSET(f, &obits) && (nfrontp - nbackp) > 0) - netflush(); - if (ncc > 0) - telrcv(); - if (FD_ISSET(p, &obits) && (pfrontp - pbackp) > 0) - ptyflush(); - } - cleanup(0); -} /* end of telnet */ - -#ifndef TCSIG -# ifdef TIOCSIG -# define TCSIG TIOCSIG -# endif -#endif - -#ifdef STREAMSPTY - -int flowison = -1; /* current state of flow: -1 is unknown */ - -int readstream(p, ibuf, bufsize) - int p; - char *ibuf; - int bufsize; -{ - int flags = 0; - int ret = 0; - struct termios *tsp; - struct termio *tp; - struct iocblk *ip; - char vstop, vstart; - int ixon; - int newflow; - - strbufc.maxlen = BUFSIZ; - strbufc.buf = (char *)ctlbuf; - strbufd.maxlen = bufsize-1; - strbufd.len = 0; - strbufd.buf = ibuf+1; - ibuf[0] = 0; - - ret = getmsg(p, &strbufc, &strbufd, &flags); - if (ret < 0) /* error of some sort -- probably EAGAIN */ - return(-1); - - if (strbufc.len <= 0 || ctlbuf[0] == M_DATA) { - /* data message */ - if (strbufd.len > 0) { /* real data */ - return(strbufd.len + 1); /* count header char */ - } else { - /* nothing there */ - errno = EAGAIN; - return(-1); - } - } - - /* - * It's a control message. Return 1, to look at the flag we set - */ - - switch (ctlbuf[0]) { - case M_FLUSH: - if (ibuf[1] & FLUSHW) - ibuf[0] = TIOCPKT_FLUSHWRITE; - return(1); - - case M_IOCTL: - ip = (struct iocblk *) (ibuf+1); - - switch (ip->ioc_cmd) { - case TCSETS: - case TCSETSW: - case TCSETSF: - tsp = (struct termios *) - (ibuf+1 + sizeof(struct iocblk)); - vstop = tsp->c_cc[VSTOP]; - vstart = tsp->c_cc[VSTART]; - ixon = tsp->c_iflag & IXON; - break; - case TCSETA: - case TCSETAW: - case TCSETAF: - tp = (struct termio *) (ibuf+1 + sizeof(struct iocblk)); - vstop = tp->c_cc[VSTOP]; - vstart = tp->c_cc[VSTART]; - ixon = tp->c_iflag & IXON; - break; - default: - errno = EAGAIN; - return(-1); - } - - newflow = (ixon && (vstart == 021) && (vstop == 023)) ? 1 : 0; - if (newflow != flowison) { /* it's a change */ - flowison = newflow; - ibuf[0] = newflow ? TIOCPKT_DOSTOP : TIOCPKT_NOSTOP; - return(1); - } - } - - /* nothing worth doing anything about */ - errno = EAGAIN; - return(-1); -} -#endif /* STREAMSPTY */ - -/* - * Send interrupt to process on other side of pty. - * If it is in raw mode, just write NULL; - * otherwise, write intr char. - */ - void -interrupt() -{ - ptyflush(); /* half-hearted */ - -#ifdef TCSIG - (void) ioctl(pty, TCSIG, (char *)SIGINT); -#else /* TCSIG */ - init_termbuf(); - *pfrontp++ = slctab[SLC_IP].sptr ? - (unsigned char)*slctab[SLC_IP].sptr : '\177'; -#endif /* TCSIG */ -} - -/* - * Send quit to process on other side of pty. - * If it is in raw mode, just write NULL; - * otherwise, write quit char. - */ - void -sendbrk() -{ - ptyflush(); /* half-hearted */ -#ifdef TCSIG - (void) ioctl(pty, TCSIG, (char *)SIGQUIT); -#else /* TCSIG */ - init_termbuf(); - *pfrontp++ = slctab[SLC_ABORT].sptr ? - (unsigned char)*slctab[SLC_ABORT].sptr : '\034'; -#endif /* TCSIG */ -} - - void -sendsusp() -{ -#ifdef SIGTSTP - ptyflush(); /* half-hearted */ -# ifdef TCSIG - (void) ioctl(pty, TCSIG, (char *)SIGTSTP); -# else /* TCSIG */ - *pfrontp++ = slctab[SLC_SUSP].sptr ? - (unsigned char)*slctab[SLC_SUSP].sptr : '\032'; -# endif /* TCSIG */ -#endif /* SIGTSTP */ -} - -/* - * When we get an AYT, if ^T is enabled, use that. Otherwise, - * just send back "[Yes]". - */ - void -recv_ayt() -{ -#if defined(SIGINFO) && defined(TCSIG) - if (slctab[SLC_AYT].sptr && *slctab[SLC_AYT].sptr != _POSIX_VDISABLE) { - (void) ioctl(pty, TCSIG, (char *)SIGINFO); - return; - } -#endif - output_data("\r\n[Yes]\r\n"); -} - - void -doeof() -{ - init_termbuf(); - -#if defined(LINEMODE) && defined(USE_TERMIO) && (VEOF == VMIN) - if (!tty_isediting()) { - extern char oldeofc; - *pfrontp++ = oldeofc; - return; - } -#endif - *pfrontp++ = slctab[SLC_EOF].sptr ? - (unsigned char)*slctab[SLC_EOF].sptr : '\004'; -} diff --git a/telnetd.tproj/telnetd.h b/telnetd.tproj/telnetd.h deleted file mode 100644 index 234b973..0000000 --- a/telnetd.tproj/telnetd.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)telnetd.h 8.1 (Berkeley) 6/4/93 - */ - - -#include "defs.h" -#include "ext.h" - -#ifdef DIAGNOSTICS -#define DIAG(a,b) if (diagnostic & (a)) b -#else -#define DIAG(a,b) -#endif - -/* other external variables */ -extern char **environ; -extern int errno; - diff --git a/telnetd.tproj/termstat.c b/telnetd.tproj/termstat.c deleted file mode 100644 index 0b6e1d2..0000000 --- a/telnetd.tproj/termstat.c +++ /dev/null @@ -1,646 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -#if 0 -static char sccsid[] = "@(#)termstat.c 8.1 (Berkeley) 6/4/93"; -#endif -static const char rcsid[] = - "$FreeBSD: src/libexec/telnetd/termstat.c,v 1.11 2001/07/20 15:14:03 ru Exp $"; -#endif /* not lint */ - -#include "telnetd.h" - -/* - * local variables - */ -int def_tspeed = -1, def_rspeed = -1; -#ifdef TIOCSWINSZ -int def_row = 0, def_col = 0; -#endif -#ifdef LINEMODE -static int _terminit = 0; -#endif /* LINEMODE */ - -#if defined(CRAY2) && defined(UNICOS5) -int newmap = 1; /* nonzero if \n maps to ^M^J */ -#endif - -#ifdef LINEMODE -/* - * localstat - * - * This function handles all management of linemode. - * - * Linemode allows the client to do the local editing of data - * and send only complete lines to the server. Linemode state is - * based on the state of the pty driver. If the pty is set for - * external processing, then we can use linemode. Further, if we - * can use real linemode, then we can look at the edit control bits - * in the pty to determine what editing the client should do. - * - * Linemode support uses the following state flags to keep track of - * current and desired linemode state. - * alwayslinemode : true if -l was specified on the telnetd - * command line. It means to have linemode on as much as - * possible. - * - * lmodetype: signifies whether the client can - * handle real linemode, or if use of kludgeomatic linemode - * is preferred. It will be set to one of the following: - * REAL_LINEMODE : use linemode option - * NO_KLUDGE : don't initiate kludge linemode. - * KLUDGE_LINEMODE : use kludge linemode - * NO_LINEMODE : client is ignorant of linemode - * - * linemode, uselinemode : linemode is true if linemode - * is currently on, uselinemode is the state that we wish - * to be in. If another function wishes to turn linemode - * on or off, it sets or clears uselinemode. - * - * editmode, useeditmode : like linemode/uselinemode, but - * these contain the edit mode states (edit and trapsig). - * - * The state variables correspond to some of the state information - * in the pty. - * linemode: - * In real linemode, this corresponds to whether the pty - * expects external processing of incoming data. - * In kludge linemode, this more closely corresponds to the - * whether normal processing is on or not. (ICANON in - * system V, or COOKED mode in BSD.) - * If the -l option was specified (alwayslinemode), then - * an attempt is made to force external processing on at - * all times. - * - * The following heuristics are applied to determine linemode - * handling within the server. - * 1) Early on in starting up the server, an attempt is made - * to negotiate the linemode option. If this succeeds - * then lmodetype is set to REAL_LINEMODE and all linemode - * processing occurs in the context of the linemode option. - * 2) If the attempt to negotiate the linemode option failed, - * and the "-k" (don't initiate kludge linemode) isn't set, - * then we try to use kludge linemode. We test for this - * capability by sending "do Timing Mark". If a positive - * response comes back, then we assume that the client - * understands kludge linemode (ech!) and the - * lmodetype flag is set to KLUDGE_LINEMODE. - * 3) Otherwise, linemode is not supported at all and - * lmodetype remains set to NO_LINEMODE (which happens - * to be 0 for convenience). - * 4) At any time a command arrives that implies a higher - * state of linemode support in the client, we move to that - * linemode support. - * - * A short explanation of kludge linemode is in order here. - * 1) The heuristic to determine support for kludge linemode - * is to send a do timing mark. We assume that a client - * that supports timing marks also supports kludge linemode. - * A risky proposition at best. - * 2) Further negotiation of linemode is done by changing the - * the server's state regarding SGA. If server will SGA, - * then linemode is off, if server won't SGA, then linemode - * is on. - */ - void -localstat() -{ - int need_will_echo = 0; - -#if defined(CRAY2) && defined(UNICOS5) - /* - * Keep track of that ol' CR/NL mapping while we're in the - * neighborhood. - */ - newmap = tty_isnewmap(); -#endif /* defined(CRAY2) && defined(UNICOS5) */ - - /* - * Check for changes to flow control if client supports it. - */ - flowstat(); - - /* - * Check linemode on/off state - */ - uselinemode = tty_linemode(); - - /* - * If alwayslinemode is on, and pty is changing to turn it off, then - * force linemode back on. - */ - if (alwayslinemode && linemode && !uselinemode) { - uselinemode = 1; - tty_setlinemode(uselinemode); - } - - if (uselinemode) { - - /* - * Check for state of BINARY options. - * - * We only need to do the binary dance if we are actually going - * to use linemode. As this confuses some telnet clients that dont - * support linemode, and doesnt gain us anything, we dont do it - * unless we're doing linemode. -Crh (henrich@msu.edu) - */ - - if (tty_isbinaryin()) { - if (his_want_state_is_wont(TELOPT_BINARY)) - send_do(TELOPT_BINARY, 1); - } else { - if (his_want_state_is_will(TELOPT_BINARY)) - send_dont(TELOPT_BINARY, 1); - } - - if (tty_isbinaryout()) { - if (my_want_state_is_wont(TELOPT_BINARY)) - send_will(TELOPT_BINARY, 1); - } else { - if (my_want_state_is_will(TELOPT_BINARY)) - send_wont(TELOPT_BINARY, 1); - } - - } - - /* - * Do echo mode handling as soon as we know what the - * linemode is going to be. - * If the pty has echo turned off, then tell the client that - * the server will echo. If echo is on, then the server - * will echo if in character mode, but in linemode the - * client should do local echoing. The state machine will - * not send anything if it is unnecessary, so don't worry - * about that here. - * - * If we need to send the WILL ECHO (because echo is off), - * then delay that until after we have changed the MODE. - * This way, when the user is turning off both editing - * and echo, the client will get editing turned off first. - * This keeps the client from going into encryption mode - * and then right back out if it is doing auto-encryption - * when passwords are being typed. - */ - if (uselinemode) { - if (tty_isecho()) - send_wont(TELOPT_ECHO, 1); - else - need_will_echo = 1; -#ifdef KLUDGELINEMODE - if (lmodetype == KLUDGE_OK) - lmodetype = KLUDGE_LINEMODE; -#endif - } - - /* - * If linemode is being turned off, send appropriate - * command and then we're all done. - */ - if (!uselinemode && linemode) { -# ifdef KLUDGELINEMODE - if (lmodetype == REAL_LINEMODE) { -# endif /* KLUDGELINEMODE */ - send_dont(TELOPT_LINEMODE, 1); -# ifdef KLUDGELINEMODE - } else if (lmodetype == KLUDGE_LINEMODE) - send_will(TELOPT_SGA, 1); -# endif /* KLUDGELINEMODE */ - send_will(TELOPT_ECHO, 1); - linemode = uselinemode; - goto done; - } - -# ifdef KLUDGELINEMODE - /* - * If using real linemode check edit modes for possible later use. - * If we are in kludge linemode, do the SGA negotiation. - */ - if (lmodetype == REAL_LINEMODE) { -# endif /* KLUDGELINEMODE */ - useeditmode = 0; - if (tty_isediting()) - useeditmode |= MODE_EDIT; - if (tty_istrapsig()) - useeditmode |= MODE_TRAPSIG; - if (tty_issofttab()) - useeditmode |= MODE_SOFT_TAB; - if (tty_islitecho()) - useeditmode |= MODE_LIT_ECHO; -# ifdef KLUDGELINEMODE - } else if (lmodetype == KLUDGE_LINEMODE) { - if (tty_isediting() && uselinemode) - send_wont(TELOPT_SGA, 1); - else - send_will(TELOPT_SGA, 1); - } -# endif /* KLUDGELINEMODE */ - - /* - * Negotiate linemode on if pty state has changed to turn it on. - * Send appropriate command and send along edit mode, then all done. - */ - if (uselinemode && !linemode) { -# ifdef KLUDGELINEMODE - if (lmodetype == KLUDGE_LINEMODE) { - send_wont(TELOPT_SGA, 1); - } else if (lmodetype == REAL_LINEMODE) { -# endif /* KLUDGELINEMODE */ - send_do(TELOPT_LINEMODE, 1); - /* send along edit modes */ - output_data("%c%c%c%c%c%c%c", IAC, SB, - TELOPT_LINEMODE, LM_MODE, useeditmode, - IAC, SE); - editmode = useeditmode; -# ifdef KLUDGELINEMODE - } -# endif /* KLUDGELINEMODE */ - linemode = uselinemode; - goto done; - } - -# ifdef KLUDGELINEMODE - /* - * None of what follows is of any value if not using - * real linemode. - */ - if (lmodetype < REAL_LINEMODE) - goto done; -# endif /* KLUDGELINEMODE */ - - if (linemode && his_state_is_will(TELOPT_LINEMODE)) { - /* - * If edit mode changed, send edit mode. - */ - if (useeditmode != editmode) { - /* - * Send along appropriate edit mode mask. - */ - output_data("%c%c%c%c%c%c%c", IAC, SB, - TELOPT_LINEMODE, LM_MODE, useeditmode, - IAC, SE); - editmode = useeditmode; - } - - - /* - * Check for changes to special characters in use. - */ - start_slc(0); - check_slc(); - (void) end_slc(0); - } - -done: - if (need_will_echo) - send_will(TELOPT_ECHO, 1); - /* - * Some things should be deferred until after the pty state has - * been set by the local process. Do those things that have been - * deferred now. This only happens once. - */ - if (_terminit == 0) { - _terminit = 1; - defer_terminit(); - } - - netflush(); - set_termbuf(); - return; - -} /* end of localstat */ -#endif /* LINEMODE */ - -/* - * flowstat - * - * Check for changes to flow control - */ - void -flowstat() -{ - if (his_state_is_will(TELOPT_LFLOW)) { - if (tty_flowmode() != flowmode) { - flowmode = tty_flowmode(); - output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON : LFLOW_OFF, - IAC, SE); - } - if (tty_restartany() != restartany) { - restartany = tty_restartany(); - output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - restartany ? LFLOW_RESTART_ANY - : LFLOW_RESTART_XON, - IAC, SE); - } - } -} - -/* - * clientstat - * - * Process linemode related requests from the client. - * Client can request a change to only one of linemode, editmode or slc's - * at a time, and if using kludge linemode, then only linemode may be - * affected. - */ - void -clientstat(code, parm1, parm2) - register int code, parm1, parm2; -{ - - /* - * Get a copy of terminal characteristics. - */ - init_termbuf(); - - /* - * Process request from client. code tells what it is. - */ - switch (code) { -#ifdef LINEMODE - case TELOPT_LINEMODE: - /* - * Don't do anything unless client is asking us to change - * modes. - */ - uselinemode = (parm1 == WILL); - if (uselinemode != linemode) { -# ifdef KLUDGELINEMODE - /* - * If using kludge linemode, make sure that - * we can do what the client asks. - * We can not turn off linemode if alwayslinemode - * and the ICANON bit is set. - */ - if (lmodetype == KLUDGE_LINEMODE) { - if (alwayslinemode && tty_isediting()) { - uselinemode = 1; - } - } - - /* - * Quit now if we can't do it. - */ - if (uselinemode == linemode) - return; - - /* - * If using real linemode and linemode is being - * turned on, send along the edit mode mask. - */ - if (lmodetype == REAL_LINEMODE && uselinemode) -# else /* KLUDGELINEMODE */ - if (uselinemode) -# endif /* KLUDGELINEMODE */ - { - useeditmode = 0; - if (tty_isediting()) - useeditmode |= MODE_EDIT; - if (tty_istrapsig) - useeditmode |= MODE_TRAPSIG; - if (tty_issofttab()) - useeditmode |= MODE_SOFT_TAB; - if (tty_islitecho()) - useeditmode |= MODE_LIT_ECHO; - output_data("%c%c%c%c%c%c%c", IAC, - SB, TELOPT_LINEMODE, LM_MODE, - useeditmode, IAC, SE); - editmode = useeditmode; - } - - - tty_setlinemode(uselinemode); - - linemode = uselinemode; - - if (!linemode) - send_will(TELOPT_ECHO, 1); - } - break; - - case LM_MODE: - { - register int ack, changed; - - /* - * Client has sent along a mode mask. If it agrees with - * what we are currently doing, ignore it; if not, it could - * be viewed as a request to change. Note that the server - * will change to the modes in an ack if it is different from - * what we currently have, but we will not ack the ack. - */ - useeditmode &= MODE_MASK; - ack = (useeditmode & MODE_ACK); - useeditmode &= ~MODE_ACK; - - if ((changed = (useeditmode ^ editmode))) { - /* - * This check is for a timing problem. If the - * state of the tty has changed (due to the user - * application) we need to process that info - * before we write in the state contained in the - * ack!!! This gets out the new MODE request, - * and when the ack to that command comes back - * we'll set it and be in the right mode. - */ - if (ack) - localstat(); - if (changed & MODE_EDIT) - tty_setedit(useeditmode & MODE_EDIT); - - if (changed & MODE_TRAPSIG) - tty_setsig(useeditmode & MODE_TRAPSIG); - - if (changed & MODE_SOFT_TAB) - tty_setsofttab(useeditmode & MODE_SOFT_TAB); - - if (changed & MODE_LIT_ECHO) - tty_setlitecho(useeditmode & MODE_LIT_ECHO); - - set_termbuf(); - - if (!ack) { - output_data("%c%c%c%c%c%c%c", IAC, - SB, TELOPT_LINEMODE, LM_MODE, - useeditmode|MODE_ACK, - IAC, SE); - } - - editmode = useeditmode; - } - - break; - - } /* end of case LM_MODE */ -#endif /* LINEMODE */ - - case TELOPT_NAWS: -#ifdef TIOCSWINSZ - { - struct winsize ws; - - def_col = parm1; - def_row = parm2; -#ifdef LINEMODE - /* - * Defer changing window size until after terminal is - * initialized. - */ - if (terminit() == 0) - return; -#endif /* LINEMODE */ - - /* - * Change window size as requested by client. - */ - - ws.ws_col = parm1; - ws.ws_row = parm2; - (void) ioctl(pty, TIOCSWINSZ, (char *)&ws); - } -#endif /* TIOCSWINSZ */ - - break; - - case TELOPT_TSPEED: - { - def_tspeed = parm1; - def_rspeed = parm2; -#ifdef LINEMODE - /* - * Defer changing the terminal speed. - */ - if (terminit() == 0) - return; -#endif /* LINEMODE */ - /* - * Change terminal speed as requested by client. - * We set the receive speed first, so that if we can't - * store separate receive and transmit speeds, the transmit - * speed will take precedence. - */ - tty_rspeed(parm2); - tty_tspeed(parm1); - set_termbuf(); - - break; - - } /* end of case TELOPT_TSPEED */ - - default: - /* What? */ - break; - } /* end of switch */ - -#if defined(CRAY2) && defined(UNICOS5) - /* - * Just in case of the likely event that we changed the pty state. - */ - rcv_ioctl(); -#endif /* defined(CRAY2) && defined(UNICOS5) */ - - netflush(); - -} /* end of clientstat */ - -#if defined(CRAY2) && defined(UNICOS5) - void -termstat() -{ - needtermstat = 1; -} - - void -_termstat() -{ - needtermstat = 0; - init_termbuf(); - localstat(); - rcv_ioctl(); -} -#endif /* defined(CRAY2) && defined(UNICOS5) */ - -#ifdef LINEMODE -/* - * defer_terminit - * - * Some things should not be done until after the login process has started - * and all the pty modes are set to what they are supposed to be. This - * function is called when the pty state has been processed for the first time. - * It calls other functions that do things that were deferred in each module. - */ - void -defer_terminit() -{ - - /* - * local stuff that got deferred. - */ - if (def_tspeed != -1) { - clientstat(TELOPT_TSPEED, def_tspeed, def_rspeed); - def_tspeed = def_rspeed = 0; - } - -#ifdef TIOCSWINSZ - if (def_col || def_row) { - struct winsize ws; - - bzero((char *)&ws, sizeof(ws)); - ws.ws_col = def_col; - ws.ws_row = def_row; - (void) ioctl(pty, TIOCSWINSZ, (char *)&ws); - } -#endif - - /* - * The only other module that currently defers anything. - */ - deferslc(); - -} /* end of defer_terminit */ - -/* - * terminit - * - * Returns true if the pty state has been processed yet. - */ - int -terminit() -{ - return(_terminit); - -} /* end of terminit */ -#endif /* LINEMODE */ diff --git a/telnetd.tproj/utility.c b/telnetd.tproj/utility.c deleted file mode 100644 index 32dd170..0000000 --- a/telnetd.tproj/utility.c +++ /dev/null @@ -1,997 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -#if 0 -static char sccsid[] = "@(#)utility.c 8.2 (Berkeley) 12/15/93"; -#endif -static const char rcsid[] = - "$FreeBSD: src/libexec/telnetd/utility.c,v 1.15 2001/07/20 15:14:03 ru Exp $"; -#endif /* not lint */ - -#ifdef __FreeBSD__ -#include -#include -#endif -#define PRINTOPTIONS -#include "telnetd.h" - -/* - * utility functions performing io related tasks - */ - -/* - * ttloop - * - * A small subroutine to flush the network output buffer, get some data - * from the network, and pass it through the telnet state machine. We - * also flush the pty input buffer (by dropping its data) if it becomes - * too full. - */ - - void -ttloop() -{ - - DIAG(TD_REPORT, output_data("td: ttloop\r\n")); - if (nfrontp - nbackp > 0) { - netflush(); - } - ncc = read(net, netibuf, sizeof netibuf); - if (ncc < 0) { - syslog(LOG_INFO, "ttloop: read: %m"); - exit(1); - } else if (ncc == 0) { - syslog(LOG_INFO, "ttloop: peer died: %m"); - exit(1); - } - DIAG(TD_REPORT, output_data("td: ttloop read %d chars\r\n", ncc)); - netip = netibuf; - telrcv(); /* state machine */ - if (ncc > 0) { - pfrontp = pbackp = ptyobuf; - telrcv(); - } -} /* end of ttloop */ - -/* - * Check a descriptor to see if out of band data exists on it. - */ - int -stilloob(s) - int s; /* socket number */ -{ - static struct timeval timeout = { 0 }; - fd_set excepts; - int value; - - do { - FD_ZERO(&excepts); - FD_SET(s, &excepts); - memset((char *)&timeout, 0, sizeof timeout); - value = select(s+1, (fd_set *)0, (fd_set *)0, &excepts, &timeout); - } while ((value == -1) && (errno == EINTR)); - - if (value < 0) { - fatalperror(pty, "select"); - } - if (FD_ISSET(s, &excepts)) { - return 1; - } else { - return 0; - } -} - - void -ptyflush() -{ - int n; - - if ((n = pfrontp - pbackp) > 0) { - DIAG(TD_REPORT | TD_PTYDATA, - output_data("td: ptyflush %d chars\r\n", n)); - DIAG(TD_PTYDATA, printdata("pd", pbackp, n)); - n = write(pty, pbackp, n); - } - if (n < 0) { - if (errno == EWOULDBLOCK || errno == EINTR) - return; - cleanup(0); - } - pbackp += n; - if (pbackp == pfrontp) - pbackp = pfrontp = ptyobuf; -} - -/* - * nextitem() - * - * Return the address of the next "item" in the TELNET data - * stream. This will be the address of the next character if - * the current address is a user data character, or it will - * be the address of the character following the TELNET command - * if the current address is a TELNET IAC ("I Am a Command") - * character. - */ - char * -nextitem(current) - char *current; -{ - if ((*current&0xff) != IAC) { - return current+1; - } - switch (*(current+1)&0xff) { - case DO: - case DONT: - case WILL: - case WONT: - return current+3; - case SB: /* loop forever looking for the SE */ - { - register char *look = current+2; - - for (;;) { - if ((*look++&0xff) == IAC) { - if ((*look++&0xff) == SE) { - return look; - } - } - } - } - default: - return current+2; - } -} /* end of nextitem */ - - -/* - * netclear() - * - * We are about to do a TELNET SYNCH operation. Clear - * the path to the network. - * - * Things are a bit tricky since we may have sent the first - * byte or so of a previous TELNET command into the network. - * So, we have to scan the network buffer from the beginning - * until we are up to where we want to be. - * - * A side effect of what we do, just to keep things - * simple, is to clear the urgent data pointer. The principal - * caller should be setting the urgent data pointer AFTER calling - * us in any case. - */ - void -netclear() -{ - register char *thisitem, *next; - char *good; -#define wewant(p) ((nfrontp > p) && ((*p&0xff) == IAC) && \ - ((*(p+1)&0xff) != EC) && ((*(p+1)&0xff) != EL)) - - thisitem = netobuf; - - while ((next = nextitem(thisitem)) <= nbackp) { - thisitem = next; - } - - /* Now, thisitem is first before/at boundary. */ - - good = netobuf; /* where the good bytes go */ - - while (nfrontp > thisitem) { - if (wewant(thisitem)) { - int length; - - next = thisitem; - do { - next = nextitem(next); - } while (wewant(next) && (nfrontp > next)); - length = next-thisitem; - bcopy(thisitem, good, length); - good += length; - thisitem = next; - } else { - thisitem = nextitem(thisitem); - } - } - - nbackp = netobuf; - nfrontp = good; /* next byte to be sent */ - neturg = 0; -} /* end of netclear */ - -/* - * netflush - * Send as much data as possible to the network, - * handling requests for urgent data. - */ - void -netflush() -{ - int n; - extern int not42; - - while ((n = nfrontp - nbackp) > 0) { -#if 0 - /* XXX This causes output_data() to recurse and die */ - - DIAG(TD_REPORT, { - n += output_data("td: netflush %d chars\r\n", n); - }); -#endif - /* - * if no urgent data, or if the other side appears to be an - * old 4.2 client (and thus unable to survive TCP urgent data), - * write the entire buffer in non-OOB mode. - */ - if ((neturg == 0) || (not42 == 0)) { - n = write(net, nbackp, n); /* normal write */ - } else { - n = neturg - nbackp; - /* - * In 4.2 (and 4.3) systems, there is some question about - * what byte in a sendOOB operation is the "OOB" data. - * To make ourselves compatible, we only send ONE byte - * out of band, the one WE THINK should be OOB (though - * we really have more the TCP philosophy of urgent data - * rather than the Unix philosophy of OOB data). - */ - if (n > 1) { - n = send(net, nbackp, n-1, 0); /* send URGENT all by itself */ - } else { - n = send(net, nbackp, n, MSG_OOB); /* URGENT data */ - } - } - if (n == -1) { - if (errno == EWOULDBLOCK || errno == EINTR) - continue; - cleanup(0); - /* NOTREACHED */ - } - nbackp += n; - if (nbackp >= neturg) { - neturg = 0; - } - if (nbackp == nfrontp) { - nbackp = nfrontp = netobuf; - } - } - return; -} /* end of netflush */ - - -/* - * miscellaneous functions doing a variety of little jobs follow ... - */ - - - void -fatal(f, msg) - int f; - char *msg; -{ - char buf[BUFSIZ]; - - (void) snprintf(buf, sizeof(buf), "telnetd: %s.\r\n", msg); - (void) write(f, buf, (int)strlen(buf)); - sleep(1); /*XXX*/ - exit(1); -} - - void -fatalperror(f, msg) - int f; - char *msg; -{ - char buf[BUFSIZ], *strerror(); - - (void) snprintf(buf, sizeof(buf), "%s: %s", msg, strerror(errno)); - fatal(f, buf); -} - -char editedhost[32]; - - void -edithost(pat, host) - register char *pat; - register char *host; -{ - register char *res = editedhost; - - if (!pat) - pat = ""; - while (*pat) { - switch (*pat) { - - case '#': - if (*host) - host++; - break; - - case '@': - if (*host) - *res++ = *host++; - break; - - default: - *res++ = *pat; - break; - } - if (res == &editedhost[sizeof editedhost - 1]) { - *res = '\0'; - return; - } - pat++; - } - if (*host) - (void) strncpy(res, host, - sizeof editedhost - (res - editedhost) -1); - else - *res = '\0'; - editedhost[sizeof editedhost - 1] = '\0'; -} - -static char *putlocation; - - void -putstr(s) - register char *s; -{ - - while (*s) - putchr(*s++); -} - - void -putchr(cc) - int cc; -{ - *putlocation++ = cc; -} - -#ifdef __FreeBSD__ -static char fmtstr[] = { "%+" }; -#else -/* - * This is split on two lines so that SCCS will not see the M - * between two % signs and expand it... - */ -static char fmtstr[] = { "%l:%M\ -%P on %A, %d %B %Y" }; -#endif - - void -putf(cp, where) - register char *cp; - char *where; -{ - char *slash; - time_t t; - char db[100]; -#ifdef STREAMSPTY - extern char *index(); -#else - extern char *rindex(); -#endif -#ifdef __FreeBSD__ - static struct utsname kerninfo; - - if (!*kerninfo.sysname) - uname(&kerninfo); -#endif - - putlocation = where; - - while (*cp) { - if (*cp =='\n') { - putstr("\r\n"); - cp++; - continue; - } else if (*cp != '%') { - putchr(*cp++); - continue; - } - switch (*++cp) { - - case 't': -#ifdef STREAMSPTY - /* names are like /dev/pts/2 -- we want pts/2 */ - slash = index(line+1, '/'); -#else - slash = rindex(line, '/'); -#endif - if (slash == (char *) 0) - putstr(line); - else - putstr(&slash[1]); - break; - - case 'h': - putstr(editedhost); - break; - - case 'd': -#ifdef __FreeBSD__ - setlocale(LC_TIME, ""); -#endif - (void)time(&t); - (void)strftime(db, sizeof(db), fmtstr, localtime(&t)); - putstr(db); - break; - -#ifdef __FreeBSD__ - case 's': - putstr(kerninfo.sysname); - break; - - case 'm': - putstr(kerninfo.machine); - break; - - case 'r': - putstr(kerninfo.release); - break; - - case 'v': - putstr(kerninfo.version); - break; -#endif - - case '%': - putchr('%'); - break; - } - cp++; - } -} - -#ifdef DIAGNOSTICS -/* - * Print telnet options and commands in plain text, if possible. - */ - void -printoption(fmt, option) - register char *fmt; - register int option; -{ - if (TELOPT_OK(option)) - output_data("%s %s\r\n", fmt, TELOPT(option)); - else if (TELCMD_OK(option)) - output_data("%s %s\r\n", fmt, TELCMD(option)); - else - output_data("%s %d\r\n", fmt, option); - return; -} - - void -printsub(direction, pointer, length) - char direction; /* '<' or '>' */ - unsigned char *pointer; /* where suboption data sits */ - int length; /* length of suboption data */ -{ - register int i = 0; - - if (!(diagnostic & TD_OPTIONS)) - return; - - if (direction) { - output_data("td: %s suboption ", - direction == '<' ? "recv" : "send"); - if (length >= 3) { - register int j; - - i = pointer[length-2]; - j = pointer[length-1]; - - if (i != IAC || j != SE) { - output_data("(terminated by "); - if (TELOPT_OK(i)) - output_data("%s ", TELOPT(i)); - else if (TELCMD_OK(i)) - output_data("%s ", TELCMD(i)); - else - output_data("%d ", i); - if (TELOPT_OK(j)) - output_data("%s", TELOPT(j)); - else if (TELCMD_OK(j)) - output_data("%s", TELCMD(j)); - else - output_data("%d", j); - output_data(", not IAC SE!) "); - } - } - length -= 2; - } - if (length < 1) { - output_data("(Empty suboption??\?)"); - return; - } - switch (pointer[0]) { - case TELOPT_TTYPE: - output_data("TERMINAL-TYPE "); - switch (pointer[1]) { - case TELQUAL_IS: - output_data("IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: - output_data("SEND"); - break; - default: - output_data( - "- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - case TELOPT_TSPEED: - output_data("TERMINAL-SPEED"); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_IS: - output_data(" IS %.*s", length-2, (char *)pointer+2); - break; - default: - if (pointer[1] == 1) - output_data(" SEND"); - else - output_data(" %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { - output_data(" ?%d?", pointer[i]); - } - break; - } - break; - - case TELOPT_LFLOW: - output_data("TOGGLE-FLOW-CONTROL"); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case LFLOW_OFF: - output_data(" OFF"); break; - case LFLOW_ON: - output_data(" ON"); break; - case LFLOW_RESTART_ANY: - output_data(" RESTART-ANY"); break; - case LFLOW_RESTART_XON: - output_data(" RESTART-XON"); break; - default: - output_data(" %d (unknown)", pointer[1]); - } - for (i = 2; i < length; i++) { - output_data(" ?%d?", pointer[i]); - } - break; - - case TELOPT_NAWS: - output_data("NAWS"); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - if (length == 2) { - output_data(" ?%d?", pointer[1]); - break; - } - output_data(" %d %d (%d)", - pointer[1], pointer[2], - (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2]))); - if (length == 4) { - output_data(" ?%d?", pointer[3]); - break; - } - output_data(" %d %d (%d)", - pointer[3], pointer[4], - (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4]))); - for (i = 5; i < length; i++) { - output_data(" ?%d?", pointer[i]); - } - break; - - case TELOPT_LINEMODE: - output_data("LINEMODE "); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case WILL: - output_data("WILL "); - goto common; - case WONT: - output_data("WONT "); - goto common; - case DO: - output_data("DO "); - goto common; - case DONT: - output_data("DONT "); - common: - if (length < 3) { - output_data("(no option??\?)"); - break; - } - switch (pointer[2]) { - case LM_FORWARDMASK: - output_data("Forward Mask"); - for (i = 3; i < length; i++) { - output_data(" %x", pointer[i]); - } - break; - default: - output_data("%d (unknown)", pointer[2]); - for (i = 3; i < length; i++) { - output_data(" %d", pointer[i]); - } - break; - } - break; - - case LM_SLC: - output_data("SLC"); - for (i = 2; i < length - 2; i += 3) { - if (SLC_NAME_OK(pointer[i+SLC_FUNC])) - output_data(" %s", SLC_NAME(pointer[i+SLC_FUNC])); - else - output_data(" %d", pointer[i+SLC_FUNC]); - switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) { - case SLC_NOSUPPORT: - output_data(" NOSUPPORT"); break; - case SLC_CANTCHANGE: - output_data(" CANTCHANGE"); break; - case SLC_VARIABLE: - output_data(" VARIABLE"); break; - case SLC_DEFAULT: - output_data(" DEFAULT"); break; - } - output_data("%s%s%s", - pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : ""); - if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN| - SLC_FLUSHOUT| SLC_LEVELBITS)) { - output_data("(0x%x)", pointer[i+SLC_FLAGS]); - } - output_data(" %d;", pointer[i+SLC_VALUE]); - if ((pointer[i+SLC_VALUE] == IAC) && - (pointer[i+SLC_VALUE+1] == IAC)) - i++; - } - for (; i < length; i++) { - output_data(" ?%d?", pointer[i]); - } - break; - - case LM_MODE: - output_data("MODE "); - if (length < 3) { - output_data("(no mode??\?)"); - break; - } - { - char tbuf[32]; - sprintf(tbuf, "%s%s%s%s%s", - pointer[2]&MODE_EDIT ? "|EDIT" : "", - pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "", - pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", - pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "", - pointer[2]&MODE_ACK ? "|ACK" : ""); - output_data("%s", tbuf[1] ? &tbuf[1] : "0"); - } - if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) { - output_data(" (0x%x)", pointer[2]); - } - for (i = 3; i < length; i++) { - output_data(" ?0x%x?", pointer[i]); - } - break; - default: - output_data("%d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { - output_data(" %d", pointer[i]); - } - } - break; - - case TELOPT_STATUS: { - register char *cp; - register int j, k; - - output_data("STATUS"); - - switch (pointer[1]) { - default: - if (pointer[1] == TELQUAL_SEND) - output_data(" SEND"); - else - output_data(" %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { - output_data(" ?%d?", pointer[i]); - } - break; - case TELQUAL_IS: - output_data(" IS\r\n"); - - for (i = 2; i < length; i++) { - switch(pointer[i]) { - case DO: cp = "DO"; goto common2; - case DONT: cp = "DONT"; goto common2; - case WILL: cp = "WILL"; goto common2; - case WONT: cp = "WONT"; goto common2; - common2: - i++; - if (TELOPT_OK(pointer[i])) - output_data(" %s %s", cp, TELOPT(pointer[i])); - else - output_data(" %s %d", cp, pointer[i]); - - output_data("\r\n"); - break; - - case SB: - output_data(" SB "); - i++; - j = k = i; - while (j < length) { - if (pointer[j] == SE) { - if (j+1 == length) - break; - if (pointer[j+1] == SE) - j++; - else - break; - } - pointer[k++] = pointer[j++]; - } - printsub(0, &pointer[i], k - i); - if (i < length) { - output_data(" SE"); - i = j; - } else - i = j - 1; - - output_data("\r\n"); - - break; - - default: - output_data(" %d", pointer[i]); - break; - } - } - break; - } - break; - } - - case TELOPT_XDISPLOC: - output_data("X-DISPLAY-LOCATION "); - switch (pointer[1]) { - case TELQUAL_IS: - output_data("IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: - output_data("SEND"); - break; - default: - output_data("- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - - case TELOPT_NEW_ENVIRON: - output_data("NEW-ENVIRON "); - goto env_common1; - case TELOPT_OLD_ENVIRON: - output_data("OLD-ENVIRON"); - env_common1: - switch (pointer[1]) { - case TELQUAL_IS: - output_data("IS "); - goto env_common; - case TELQUAL_SEND: - output_data("SEND "); - goto env_common; - case TELQUAL_INFO: - output_data("INFO "); - env_common: - { - register int noquote = 2; - for (i = 2; i < length; i++ ) { - switch (pointer[i]) { - case NEW_ENV_VAR: - output_data("\" VAR " + noquote); - noquote = 2; - break; - - case NEW_ENV_VALUE: - output_data("\" VALUE " + noquote); - noquote = 2; - break; - - case ENV_ESC: - output_data("\" ESC " + noquote); - noquote = 2; - break; - - case ENV_USERVAR: - output_data("\" USERVAR " + noquote); - noquote = 2; - break; - - default: - if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { - output_data("\""); - noquote = 0; - } - output_data("%c", pointer[i]); - } else { - output_data("\" %03o " + noquote, - pointer[i]); - noquote = 2; - } - break; - } - } - if (!noquote) - output_data("\""); - break; - } - } - break; - -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: - output_data("AUTHENTICATION"); - - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_REPLY: - case TELQUAL_IS: - output_data(" %s ", (pointer[1] == TELQUAL_IS) ? - "IS" : "REPLY"); - if (AUTHTYPE_NAME_OK(pointer[2])) - output_data("%s ", AUTHTYPE_NAME(pointer[2])); - else - output_data("%d ", pointer[2]); - if (length < 3) { - output_data("(partial suboption??\?)"); - break; - } - output_data("%s|%s", - ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - - { - char buf[512]; - auth_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - output_data("%s", buf); - } - break; - - case TELQUAL_SEND: - i = 2; - output_data(" SEND "); - while (i < length) { - if (AUTHTYPE_NAME_OK(pointer[i])) - output_data("%s ", AUTHTYPE_NAME(pointer[i])); - else - output_data("%d ", pointer[i]); - if (++i >= length) { - output_data("(partial suboption??\?)"); - break; - } - output_data("%s|%s ", - ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - ++i; - } - break; - - case TELQUAL_NAME: - output_data(" NAME \"%.*s\"", length - 2, pointer + 2); - break; - - default: - for (i = 2; i < length; i++) { - output_data(" ?%d?", pointer[i]); - } - break; - } - break; -#endif - - - default: - if (TELOPT_OK(pointer[0])) - output_data("%s (unknown)", TELOPT(pointer[0])); - else - output_data("%d (unknown)", pointer[i]); - for (i = 1; i < length; i++) { - output_data(" %d", pointer[i]); - } - break; - } - output_data("\r\n"); -} - -/* - * Dump a data buffer in hex and ascii to the output data stream. - */ - void -printdata(tag, ptr, cnt) - register char *tag; - register char *ptr; - register int cnt; -{ - register int i; - char xbuf[30]; - - while (cnt) { - /* flush net output buffer if no room for new data) */ - if ((&netobuf[BUFSIZ] - nfrontp) < 80) { - netflush(); - } - - /* add a line of output */ - output_data("%s: ", tag); - for (i = 0; i < 20 && cnt; i++) { - output_data("%02x", *ptr); - if (isprint(*ptr)) { - xbuf[i] = *ptr; - } else { - xbuf[i] = '.'; - } - if (i % 2) { - output_data(" "); - } - cnt--; - ptr++; - } - xbuf[i] = '\0'; - output_data(" %s\r\n", xbuf ); - } -} -#endif /* DIAGNOSTICS */ diff --git a/telnetd.tproj/vasprintf.c b/telnetd.tproj/vasprintf.c deleted file mode 100644 index ad4aed6..0000000 --- a/telnetd.tproj/vasprintf.c +++ /dev/null @@ -1,66 +0,0 @@ -/* $OpenBSD: vasprintf.c,v 1.4 1998/06/21 22:13:47 millert Exp $ */ - -/* - * Copyright (c) 1997 Todd C. Miller - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL - * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; - * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#if defined(LIBC_RCS) && !defined(lint) -static char rcsid[] = "$FreeBSD: src/lib/libc/stdio/vasprintf.c,v 1.12 2001/01/24 13:00:47 deischen Exp $"; -#endif /* LIBC_RCS and not lint */ - -#include -#include -#include -#include - -int -vasprintf(str, fmt, ap) - char **str; - const char *fmt; - va_list ap; -{ - int ret; - FILE f; - - f._file = -1; - f._flags = __SWR | __SSTR ; - f._bf._base = f._p = (unsigned char *)malloc(128); - if (f._bf._base == NULL) { - *str = NULL; - errno = ENOMEM; - return (-1); - } - f._bf._size = f._w = 127; /* Leave room for the NULL */ - ret = vfprintf(&f, fmt, ap); - *f._p = '\0'; - f._bf._base = realloc(f._bf._base, f._bf._size + 1); - if (f._bf._base == NULL) { - errno = ENOMEM; - ret = -1; - } - *str = (char *)f._bf._base; - return (ret); -} diff --git a/tftp.tproj/Makefile b/tftp.tproj/Makefile deleted file mode 100644 index e0fe8f1..0000000 --- a/tftp.tproj/Makefile +++ /dev/null @@ -1,52 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = tftp - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = extern.h tftpsubs.h tftp.h - -CFILES = main.c tftp.c tftpsubs.c - -OTHERSRCS = Makefile.preamble Makefile tftp.1 Makefile.postamble - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /usr/bin -PDO_UNIX_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/tftp.tproj/Makefile.postamble b/tftp.tproj/Makefile.postamble deleted file mode 100644 index 22d6cdd..0000000 --- a/tftp.tproj/Makefile.postamble +++ /dev/null @@ -1,3 +0,0 @@ -after_install: - install -d $(DSTROOT)/usr/share/man/man1 - install -c -m 444 tftp.1 $(DSTROOT)/usr/share/man/man1 diff --git a/tftp.tproj/Makefile.preamble b/tftp.tproj/Makefile.preamble deleted file mode 100644 index 925a5c7..0000000 --- a/tftp.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -CLEAN_ALL_SUBPROJECTS = YES -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include diff --git a/tftp.tproj/PB.project b/tftp.tproj/PB.project deleted file mode 100644 index 83d2fde..0000000 --- a/tftp.tproj/PB.project +++ /dev/null @@ -1,27 +0,0 @@ -{ - DOCICONFILES = (); - FILESTABLE = { - C_FILES = (); - H_FILES = (extern.h, tftpsubs.h); - OTHER_LIBS = (); - OTHER_LINKED = (main.c, tftp.c, tftpsubs.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, tftp.1); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_INSTALLDIR = /usr/bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = tftp; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_INSTALLDIR = /usr/bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/tftp.tproj/extern.h b/tftp.tproj/extern.h deleted file mode 100644 index 6cdac3d..0000000 --- a/tftp.tproj/extern.h +++ /dev/null @@ -1,35 +0,0 @@ -/* $NetBSD: extern.h,v 1.3 2003/08/07 11:16:13 agc Exp $ */ - -/* - * Copyright (c) 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)extern.h 8.1 (Berkeley) 6/6/93 - */ - -void recvfile __P((int, char *, char *)); -void sendfile __P((int, char *, char *)); diff --git a/tftp.tproj/main.c b/tftp.tproj/main.c deleted file mode 100644 index 1202ab9..0000000 --- a/tftp.tproj/main.c +++ /dev/null @@ -1,844 +0,0 @@ -/* $NetBSD: main.c,v 1.19 2003/10/02 23:31:52 itojun Exp $ */ - -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#ifndef lint -__COPYRIGHT("@(#) Copyright (c) 1983, 1993\n\ - The Regents of the University of California. All rights reserved.\n"); -#if 0 -static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 6/6/93"; -#else -__RCSID("$NetBSD: main.c,v 1.19 2003/10/02 23:31:52 itojun Exp $"); -#endif -#endif /* not lint */ - -/* Many bug fixes are from Jim Guyton */ - -/* - * TFTP User Program -- Command Interface. - */ -#include -#include - -#include - -#include -#include "tftp.h" - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "extern.h" - -#define TIMEOUT 5 /* secs between rexmt's */ -#define LBUFLEN 200 /* size of input buffer */ -#define MAXSEGSIZE 65464 -struct sockaddr_storage peeraddr; -int f; -int trace; -int verbose; -int tsize=0; -int tout=0; -int def_blksize=SEGSIZE; -int blksize=SEGSIZE; -int connected; -char mode[32]; -char line[LBUFLEN]; -int margc; -char *margv[20]; -char *prompt = "tftp"; -jmp_buf toplevel; - -void get __P((int, char **)); -void help __P((int, char **)); -void modecmd __P((int, char **)); -void put __P((int, char **)); -void quit __P((int, char **)); -void setascii __P((int, char **)); -void setbinary __P((int, char **)); -void setpeer0 __P((char *, char *)); -void setpeer __P((int, char **)); -void setrexmt __P((int, char **)); -void settimeout __P((int, char **)); -void settrace __P((int, char **)); -void setverbose __P((int, char **)); -void setblksize __P((int, char **)); -void settsize __P((int, char **)); -void settimeoutopt __P((int, char **)); -void status __P((int, char **)); -char *tail __P((char *)); -int main __P((int, char *[])); -void intr __P((int)); -struct cmd *getcmd __P((char *)); - -static __dead void command __P((void)); - -static void getusage __P((char *)); -static void makeargv __P((void)); -static void putusage __P((char *)); -static void settftpmode __P((char *)); - -#define HELPINDENT (sizeof("connect")) - -struct cmd { - char *name; - char *help; - void (*handler) __P((int, char **)); -}; - -char vhelp[] = "toggle verbose mode"; -char thelp[] = "toggle packet tracing"; -char tshelp[] = "toggle extended tsize option"; -char tohelp[] = "toggle extended timeout option"; -char blhelp[] = "set an alternative blocksize (def. 512)"; -char chelp[] = "connect to remote tftp"; -char qhelp[] = "exit tftp"; -char hhelp[] = "print help information"; -char shelp[] = "send file"; -char rhelp[] = "receive file"; -char mhelp[] = "set file transfer mode"; -char sthelp[] = "show current status"; -char xhelp[] = "set per-packet retransmission timeout"; -char ihelp[] = "set total retransmission timeout"; -char ashelp[] = "set mode to netascii"; -char bnhelp[] = "set mode to octet"; - -struct cmd cmdtab[] = { - { "connect", chelp, setpeer }, - { "mode", mhelp, modecmd }, - { "put", shelp, put }, - { "get", rhelp, get }, - { "quit", qhelp, quit }, - { "verbose", vhelp, setverbose }, - { "blksize", blhelp, setblksize }, - { "tsize", tshelp, settsize }, - { "trace", thelp, settrace }, - { "status", sthelp, status }, - { "binary", bnhelp, setbinary }, - { "ascii", ashelp, setascii }, - { "rexmt", xhelp, setrexmt }, - { "timeout", ihelp, settimeout }, - { "tout", tohelp, settimeoutopt }, - { "?", hhelp, help }, - { 0 } -}; - -int -main(argc, argv) - int argc; - char *argv[]; -{ - int c; - - f = -1; - strcpy(mode, "netascii"); - signal(SIGINT, intr); - - setprogname(argv[0]); - while ((c = getopt(argc, argv, "e")) != -1) { - switch (c) { - case 'e': - blksize = MAXSEGSIZE; - strcpy(mode, "octet"); - tsize = 1; - tout = 1; - break; - default: - printf("usage: %s [-e] host-name [port]\n", - getprogname()); - exit(1); - } - } - argc -= optind; - argv += optind; - - if (argc >= 1) { - if (setjmp(toplevel) != 0) - exit(0); - argc++; - argv--; - setpeer(argc, argv); - } - if (setjmp(toplevel) != 0) - (void)putchar('\n'); - command(); - return (0); -} - -char hostname[100]; - -void -setpeer0(host, port) - char *host; - char *port; -{ - struct addrinfo hints, *res0, *res; - int error, soopt; - struct sockaddr_storage ss; - char *cause = "unknown"; - - if (connected) { - close(f); - f = -1; - } - connected = 0; - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_DGRAM; - hints.ai_protocol = IPPROTO_UDP; - hints.ai_flags = AI_CANONNAME; - if (!port) - port = "tftp"; - error = getaddrinfo(host, port, &hints, &res0); - if (error) { - warnx("%s", gai_strerror(error)); - return; - } - - for (res = res0; res; res = res->ai_next) { - if (res->ai_addrlen > sizeof(peeraddr)) - continue; - f = socket(res->ai_family, res->ai_socktype, res->ai_protocol); - if (f < 0) { - cause = "socket"; - continue; - } - - memset(&ss, 0, sizeof(ss)); - ss.ss_family = res->ai_family; - ss.ss_len = res->ai_addrlen; - if (bind(f, (struct sockaddr *)&ss, ss.ss_len) < 0) { - cause = "bind"; - close(f); - f = -1; - continue; - } - - break; - } - - if (f >= 0) { - soopt = 65536; - if (setsockopt(f, SOL_SOCKET, SO_SNDBUF, &soopt, sizeof(soopt)) - < 0) { - close(f); - f = -1; - cause = "setsockopt SNDBUF"; - } - if (setsockopt(f, SOL_SOCKET, SO_RCVBUF, &soopt, sizeof(soopt)) - < 0) { - close(f); - f = -1; - cause = "setsockopt RCVBUF"; - } - } - - if (f < 0) - warn("%s", cause); - else { - /* res->ai_addr <= sizeof(peeraddr) is guaranteed */ - memcpy(&peeraddr, res->ai_addr, res->ai_addrlen); - if (res->ai_canonname) { - (void) strlcpy(hostname, res->ai_canonname, - sizeof(hostname)); - } else - (void) strlcpy(hostname, host, sizeof(hostname)); - connected = 1; - } - - freeaddrinfo(res0); -} - -void -setpeer(argc, argv) - int argc; - char *argv[]; -{ - - if (argc < 2) { - strcpy(line, "Connect "); - printf("(to) "); - fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); - makeargv(); - argc = margc; - argv = margv; - } - if ((argc < 2) || (argc > 3)) { - printf("usage: %s [-e] host-name [port]\n", getprogname()); - return; - } - if (argc == 2) - setpeer0(argv[1], NULL); - else - setpeer0(argv[1], argv[2]); -} - -struct modes { - char *m_name; - char *m_mode; -} modes[] = { - { "ascii", "netascii" }, - { "netascii", "netascii" }, - { "binary", "octet" }, - { "image", "octet" }, - { "octet", "octet" }, -/* { "mail", "mail" }, */ - { 0, 0 } -}; - -void -modecmd(argc, argv) - int argc; - char *argv[]; -{ - struct modes *p; - char *sep; - - if (argc < 2) { - printf("Using %s mode to transfer files.\n", mode); - return; - } - if (argc == 2) { - for (p = modes; p->m_name; p++) - if (strcmp(argv[1], p->m_name) == 0) - break; - if (p->m_name) { - settftpmode(p->m_mode); - return; - } - printf("%s: unknown mode\n", argv[1]); - /* drop through and print usage message */ - } - - printf("usage: %s [", argv[0]); - sep = " "; - for (p = modes; p->m_name; p++) { - printf("%s%s", sep, p->m_name); - if (*sep == ' ') - sep = " | "; - } - printf(" ]\n"); - return; -} - -void -setbinary(argc, argv) - int argc; - char *argv[]; -{ - - settftpmode("octet"); -} - -void -setascii(argc, argv) - int argc; - char *argv[]; -{ - - settftpmode("netascii"); -} - -static void -settftpmode(newmode) - char *newmode; -{ - strcpy(mode, newmode); - if (verbose) - printf("mode set to %s\n", mode); -} - - -/* - * Send file(s). - */ -void -put(argc, argv) - int argc; - char *argv[]; -{ - int fd; - int n; - char *cp, *targ; - - if (argc < 2) { - strcpy(line, "send "); - printf("(file) "); - fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); - makeargv(); - argc = margc; - argv = margv; - } - if (argc < 2) { - putusage(argv[0]); - return; - } - targ = argv[argc - 1]; - if (strrchr(argv[argc - 1], ':')) { - char *cp; - - for (n = 1; n < argc - 1; n++) - if (strchr(argv[n], ':')) { - putusage(argv[0]); - return; - } - cp = argv[argc - 1]; - targ = strrchr(cp, ':'); - *targ++ = 0; - if (cp[0] == '[' && cp[strlen(cp) - 1] == ']') { - cp[strlen(cp) - 1] = '\0'; - cp++; - } - setpeer0(cp, NULL); - } - if (!connected) { - printf("No target machine specified.\n"); - return; - } - if (argc < 4) { - cp = argc == 2 ? tail(targ) : argv[1]; - fd = open(cp, O_RDONLY); - if (fd < 0) { - warn("%s", cp); - return; - } - if (verbose) - printf("putting %s to %s:%s [%s]\n", - cp, hostname, targ, mode); - sendfile(fd, targ, mode); - return; - } - /* this assumes the target is a directory */ - /* on a remote unix system. hmmmm. */ - cp = strchr(targ, '\0'); - *cp++ = '/'; - for (n = 1; n < argc - 1; n++) { - strcpy(cp, tail(argv[n])); - fd = open(argv[n], O_RDONLY); - if (fd < 0) { - warn("%s", argv[n]); - continue; - } - if (verbose) - printf("putting %s to %s:%s [%s]\n", - argv[n], hostname, targ, mode); - sendfile(fd, targ, mode); - } -} - -static void -putusage(s) - char *s; -{ - printf("usage: %s file ... host:target, or\n", s); - printf(" %s file ... target (when already connected)\n", s); -} - -/* - * Receive file(s). - */ -void -get(argc, argv) - int argc; - char *argv[]; -{ - int fd; - int n; - char *cp; - char *src; - - if (argc < 2) { - strcpy(line, "get "); - printf("(files) "); - fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); - makeargv(); - argc = margc; - argv = margv; - } - if (argc < 2) { - getusage(argv[0]); - return; - } - if (!connected) { - for (n = 1; n < argc ; n++) - if (strrchr(argv[n], ':') == 0) { - getusage(argv[0]); - return; - } - } - for (n = 1; n < argc ; n++) { - src = strrchr(argv[n], ':'); - if (src == NULL) - src = argv[n]; - else { - char *cp; - *src++ = 0; - cp = argv[n]; - if (cp[0] == '[' && cp[strlen(cp) - 1] == ']') { - cp[strlen(cp) - 1] = '\0'; - cp++; - } - setpeer0(cp, NULL); - if (!connected) - continue; - } - if (argc < 4) { - cp = argc == 3 ? argv[2] : tail(src); - fd = creat(cp, 0644); - if (fd < 0) { - warn("%s", cp); - return; - } - if (verbose) - printf("getting from %s:%s to %s [%s]\n", - hostname, src, cp, mode); - recvfile(fd, src, mode); - break; - } - cp = tail(src); /* new .. jdg */ - fd = creat(cp, 0644); - if (fd < 0) { - warn("%s", cp); - continue; - } - if (verbose) - printf("getting from %s:%s to %s [%s]\n", - hostname, src, cp, mode); - recvfile(fd, src, mode); - } -} - -static void -getusage(s) - char *s; -{ - printf("usage: %s host:file host:file ... file, or\n", s); - printf(" %s file file ... file if connected\n", s); -} - -void -setblksize(argc, argv) - int argc; - char *argv[]; -{ - int t; - - if (argc < 2) { - strcpy(line, "blksize "); - printf("(blksize) "); - fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); - makeargv(); - argc = margc; - argv = margv; - } - if (argc != 2) { - printf("usage: %s value\n", argv[0]); - return; - } - t = atoi(argv[1]); - if (t < 8 || t > 65464) - printf("%s: bad value\n", argv[1]); - else - blksize = t; -} - -int def_rexmtval = TIMEOUT; -int rexmtval = TIMEOUT; - -void -setrexmt(argc, argv) - int argc; - char *argv[]; -{ - int t; - - if (argc < 2) { - strcpy(line, "Rexmt-timeout "); - printf("(value) "); - fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); - makeargv(); - argc = margc; - argv = margv; - } - if (argc != 2) { - printf("usage: %s value\n", argv[0]); - return; - } - t = atoi(argv[1]); - if (t < 0) - printf("%s: bad value\n", argv[1]); - else - rexmtval = t; -} - -int maxtimeout = 5 * TIMEOUT; - -void -settimeout(argc, argv) - int argc; - char *argv[]; -{ - int t; - - if (argc < 2) { - strcpy(line, "Maximum-timeout "); - printf("(value) "); - fgets(&line[strlen(line)], LBUFLEN-strlen(line), stdin); - makeargv(); - argc = margc; - argv = margv; - } - if (argc != 2) { - printf("usage: %s value\n", argv[0]); - return; - } - t = atoi(argv[1]); - if (t < 0) - printf("%s: bad value\n", argv[1]); - else - maxtimeout = t; -} - -void -status(argc, argv) - int argc; - char *argv[]; -{ - if (connected) - printf("Connected to %s.\n", hostname); - else - printf("Not connected.\n"); - printf("Mode: %s Verbose: %s Tracing: %s\n", mode, - verbose ? "on" : "off", trace ? "on" : "off"); - printf("Rexmt-interval: %d seconds, Max-timeout: %d seconds\n", - rexmtval, maxtimeout); -} - -void -intr(dummy) - int dummy; -{ - - signal(SIGALRM, SIG_IGN); - alarm(0); - longjmp(toplevel, -1); -} - -char * -tail(filename) - char *filename; -{ - char *s; - - while (*filename) { - s = strrchr(filename, '/'); - if (s == NULL) - break; - if (s[1]) - return (s + 1); - *s = '\0'; - } - return (filename); -} - -/* - * Command parser. - */ -static __dead void -command() -{ - struct cmd *c; - - for (;;) { - printf("%s> ", prompt); - if (fgets(line, LBUFLEN, stdin) == 0) { - if (feof(stdin)) { - exit(0); - } else { - continue; - } - } - if ((line[0] == 0) || (line[0] == '\n')) - continue; - makeargv(); - if (margc == 0) - continue; - c = getcmd(margv[0]); - if (c == (struct cmd *)-1) { - printf("?Ambiguous command\n"); - continue; - } - if (c == 0) { - printf("?Invalid command\n"); - continue; - } - (*c->handler)(margc, margv); - } -} - -struct cmd * -getcmd(name) - char *name; -{ - char *p, *q; - struct cmd *c, *found; - int nmatches, longest; - - longest = 0; - nmatches = 0; - found = 0; - for (c = cmdtab; (p = c->name) != NULL; c++) { - for (q = name; *q == *p++; q++) - if (*q == 0) /* exact match? */ - return (c); - if (!*q) { /* the name was a prefix */ - if (q - name > longest) { - longest = q - name; - nmatches = 1; - found = c; - } else if (q - name == longest) - nmatches++; - } - } - if (nmatches > 1) - return ((struct cmd *)-1); - return (found); -} - -/* - * Slice a string up into argc/argv. - */ -static void -makeargv() -{ - char *cp; - char **argp = margv; - - margc = 0; - for (cp = line; *cp;) { - while (isspace((unsigned char)*cp)) - cp++; - if (*cp == '\0') - break; - *argp++ = cp; - margc += 1; - while (*cp != '\0' && !isspace((unsigned char)*cp)) - cp++; - if (*cp == '\0') - break; - *cp++ = '\0'; - } - *argp++ = 0; -} - -void -quit(argc, argv) - int argc; - char *argv[]; -{ - - exit(0); -} - -/* - * Help command. - */ -void -help(argc, argv) - int argc; - char *argv[]; -{ - struct cmd *c; - - if (argc == 1) { - printf("Commands may be abbreviated. Commands are:\n\n"); - for (c = cmdtab; c->name; c++) - printf("%-*s\t%s\n", (int)HELPINDENT, c->name, c->help); - return; - } - while (--argc > 0) { - char *arg; - arg = *++argv; - c = getcmd(arg); - if (c == (struct cmd *)-1) - printf("?Ambiguous help command %s\n", arg); - else if (c == (struct cmd *)0) - printf("?Invalid help command %s\n", arg); - else - printf("%s\n", c->help); - } -} - -void -settrace(argc, argv) - int argc; - char **argv; -{ - trace = !trace; - printf("Packet tracing %s.\n", trace ? "on" : "off"); -} - -void -setverbose(argc, argv) - int argc; - char **argv; -{ - verbose = !verbose; - printf("Verbose mode %s.\n", verbose ? "on" : "off"); -} - -void -settsize(argc, argv) - int argc; - char **argv; -{ - tsize = !tsize; - printf("Tsize mode %s.\n", tsize ? "on" : "off"); -} - -void -settimeoutopt(argc, argv) - int argc; - char **argv; -{ - tout = !tout; - printf("Timeout option %s.\n", tout ? "on" : "off"); -} diff --git a/tftp.tproj/tftp.1 b/tftp.tproj/tftp.1 deleted file mode 100644 index 604609d..0000000 --- a/tftp.tproj/tftp.1 +++ /dev/null @@ -1,219 +0,0 @@ -.\" $NetBSD: tftp.1,v 1.18 2003/08/07 11:16:14 agc Exp $ -.\" -.\" Copyright (c) 1990, 1993, 1994 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)tftp.1 8.2 (Berkeley) 4/18/94 -.\" -.Dd June 11, 2003 -.Dt TFTP 1 -.Os -.Sh NAME -.Nm tftp -.Nd trivial file transfer program -.Sh SYNOPSIS -.Nm -.Op Fl e -.Op Ar host -.Op Ar port -.Sh DESCRIPTION -.Nm -is the user interface to the Internet -.Tn TFTP -(Trivial File Transfer Protocol), -which allows users to transfer files to and from a remote machine. -The remote -.Ar host -(and optional -.Ar port ) -may be specified on the command line, in which case -.Nm -uses -.Ar host -(and -.Ar port ) -as the default for future transfers (see the -.Cm connect -command below). -.Pp -The optional -.Fl e -argument sets a binary transfer mode as well as setting the extended options -as if -.Cm tout , -.Cm tsize , -and -.Cm blksize 65464 , -had been given. -.Sh COMMANDS -Once -.Nm -is running, it issues the prompt -.Ql tftp\*[Gt] -and recognizes the following commands: -.Pp -.Bl -tag -width verbose -compact -.It Cm \&? Ar command-name ... -Print help information. -.Pp -.It Cm ascii -Shorthand for "mode ascii" -.Pp -.It Cm binary -Shorthand for "mode binary" -.Pp -.It Cm blksize Ar blk-size -Set the tftp blksize option to -.Ar blk-size -octets (8-bit bytes). Since the number of blocks in a tftp -.Cm get -or -.Cm put -is 65535, the default block size of 512 bytes only allows a maximum of -just under 32 megabytes to be transferred. The value given for -.Ar blk-size -must be between 8 and 65464, inclusive. -Note that many servers will not respect this option. -.Pp -.It Cm connect Ar host-name Op Ar port -Set the -.Ar host -(and optionally -.Ar port ) -for transfers. -Note that the -.Tn TFTP -protocol, unlike the -.Tn FTP -protocol, -does not maintain connections between transfers; thus, the -.Cm connect -command does not actually create a connection, -but merely remembers what host is to be used for transfers. -You do not have to use the -.Cm connect -command; the remote host can be specified as part of the -.Cm get -or -.Cm put -commands. -.Pp -.It Cm get Ar filename -.It Cm get Ar remotename localname -.It Cm get Ar file1 file2 ... fileN -Get a file or set of files from the specified -.Ar sources . -.Ar Source -can be in one of two forms: -a filename on the remote host, if the host has already been specified, -or a string of the form -.Ar hosts:filename -to specify both a host and filename at the same time. -If the latter form is used, -the last hostname specified becomes the default for future transfers. -.Pp -.It Cm mode Ar transfer-mode -Set the mode for transfers; -.Ar transfer-mode -may be one of -.Em ascii -or -.Em binary . -The default is -.Em ascii . -.Pp -.It Cm put Ar file -.It Cm put Ar localfile remotefile -.It Cm put Ar file1 file2 ... fileN remote-directory -Put a file or set of files to the specified -remote file or directory. -The destination -can be in one of two forms: -a filename on the remote host, if the host has already been specified, -or a string of the form -.Ar hosts:filename -to specify both a host and filename at the same time. -If the latter form is used, -the hostname specified becomes the default for future transfers. -If the remote-directory form is used, the remote host is -assumed to be a -.Ux -machine. -If you need to specify IPv6 numeric address to -.Ar hosts , -wrap them using square bracket like -.Ar [hosts]:filename -to disambiguate the colon. -.Pp -.It Cm quit -Exit -.Nm . -An end of file also exits. -.Pp -.It Cm rexmt Ar retransmission-timeout -Set the per-packet retransmission timeout, in seconds. -.Pp -.It Cm status -Show current status. -.Pp -.It Cm timeout Ar total-transmission-timeout -Set the total transmission timeout, in seconds. -.Pp -.It Cm tout -Toggle the tftp "timeout" option. If enabled, the client will pass its -.Ar retransmission-timeout -to the server. -Note that many servers will not respect this option. -.Pp -.It Cm trace -Toggle packet tracing. -.Pp -.It Cm tsize -Toggle the tftp "tsize" option. If enabled, the client will pass and -request the filesize of a file at the beginning of a file transfer. -Note that many servers will not respect this option. -.Pp -.It Cm verbose -Toggle verbose mode. -.El -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.3 . -IPv6 support was implemented by WIDE/KAME project in 1999. -TFTP options were implemented by Wasabi Systems, Inc., in 2003, -and first appeared in -.Nx 2.0 . -.Sh SECURITY CONSIDERATIONS -Because there is no user-login or validation within -the -.Tn TFTP -protocol, the remote site will probably have some -sort of file-access restrictions in place. -The exact methods are specific to each site and therefore -difficult to document here. diff --git a/tftp.tproj/tftp.c b/tftp.tproj/tftp.c deleted file mode 100644 index 048c970..0000000 --- a/tftp.tproj/tftp.c +++ /dev/null @@ -1,686 +0,0 @@ -/* $NetBSD: tftp.c,v 1.18 2003/08/07 11:16:14 agc Exp $ */ - -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#ifndef lint -#if 0 -static char sccsid[] = "@(#)tftp.c 8.1 (Berkeley) 6/6/93"; -#else -__RCSID("$NetBSD: tftp.c,v 1.18 2003/08/07 11:16:14 agc Exp $"); -#endif -#endif /* not lint */ - -/* Many bug fixes are from Jim Guyton */ - -/* - * TFTP User Program -- Protocol Machines - */ -#include -#include -#include -#include -#include - -#include - -#include "tftp.h" - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "extern.h" -#include "tftpsubs.h" - -extern struct sockaddr_storage peeraddr; /* filled in by main */ -extern int f; /* the opened socket */ -extern int trace; -extern int verbose; -extern int def_rexmtval; -extern int rexmtval; -extern int maxtimeout; -extern int tsize; -extern int tout; -extern int def_blksize; -extern int blksize; - -char ackbuf[PKTSIZE]; -int timeout; -extern jmp_buf toplevel; -jmp_buf timeoutbuf; - -static void nak __P((int, struct sockaddr *)); -static int makerequest __P((int, const char *, struct tftphdr *, const char *, off_t)); -static void printstats __P((const char *, unsigned long)); -static void startclock __P((void)); -static void stopclock __P((void)); -static void timer __P((int)); -static void tpacket __P((const char *, struct tftphdr *, int)); -static int cmpport __P((struct sockaddr *, struct sockaddr *)); - -static void get_options(struct tftphdr *, int); - -static void -get_options(struct tftphdr *ap, int size) -{ - unsigned long val; - char *opt, *endp, *nextopt, *valp; - int l; - - size -= 2; /* skip over opcode */ - opt = ap->th_stuff; - endp = opt + size - 1; - *endp = '\0'; - - while (opt < endp) { - l = strlen(opt) + 1; - valp = opt + l; - if (valp < endp) { - val = strtoul(valp, NULL, 10); - l = strlen(valp) + 1; - nextopt = valp + l; - if (val == ULONG_MAX && errno == ERANGE) { - /* Report illegal value */ - opt = nextopt; - continue; - } - } else { - /* Badly formed OACK */ - break; - } - if (strcmp(opt, "tsize") == 0) { - /* cool, but we'll ignore it */ - } else if (strcmp(opt, "timeout") == 0) { - if (val >= 1 && val <= 255) { - rexmtval = val; - } else { - /* Report error? */ - } - } else if (strcmp(opt, "blksize") == 0) { - if (val >= 8 && val <= MAXSEGSIZE) { - blksize = val; - } else { - /* Report error? */ - } - } else { - /* unknown option */ - } - opt = nextopt; - } -} - -/* - * Send the requested file. - */ -void -sendfile(fd, name, mode) - int fd; - char *name; - char *mode; -{ - struct tftphdr *ap; /* data and ack packets */ - struct tftphdr *dp; - int n; - volatile unsigned int block; - volatile int size, convert; - volatile unsigned long amount; - struct sockaddr_storage from; - struct stat sbuf; - off_t filesize=0; - int fromlen; - FILE *file; - struct sockaddr_storage peer; - struct sockaddr_storage serv; /* valid server port number */ - - startclock(); /* start stat's clock */ - dp = r_init(); /* reset fillbuf/read-ahead code */ - ap = (struct tftphdr *)ackbuf; - if (tsize) { - if (fstat(fd, &sbuf) == 0) { - filesize = sbuf.st_size; - } else { - filesize = -1ULL; - } - } - file = fdopen(fd, "r"); - convert = !strcmp(mode, "netascii"); - block = 0; - amount = 0; - memcpy(&peer, &peeraddr, peeraddr.ss_len); - memset(&serv, 0, sizeof(serv)); - - signal(SIGALRM, timer); - do { - if (block == 0) - size = makerequest(WRQ, name, dp, mode, filesize) - 4; - else { - /* size = read(fd, dp->th_data, SEGSIZE); */ - size = readit(file, &dp, blksize, convert); - if (size < 0) { - nak(errno + 100, (struct sockaddr *)&peer); - break; - } - dp->th_opcode = htons((u_short)DATA); - dp->th_block = htons((u_short)block); - } - timeout = 0; - (void) setjmp(timeoutbuf); -send_data: - if (trace) - tpacket("sent", dp, size + 4); - n = sendto(f, dp, size + 4, 0, - (struct sockaddr *)&peer, peer.ss_len); - if (n != size + 4) { - warn("sendto"); - goto abort; - } - if (block) - read_ahead(file, blksize, convert); - for ( ; ; ) { - alarm(rexmtval); - do { - fromlen = sizeof(from); - n = recvfrom(f, ackbuf, sizeof(ackbuf), 0, - (struct sockaddr *)&from, &fromlen); - } while (n <= 0); - alarm(0); - if (n < 0) { - warn("recvfrom"); - goto abort; - } - if (!serv.ss_family) - serv = from; - else if (!cmpport((struct sockaddr *)&serv, - (struct sockaddr *)&from)) { - warn("server port mismatch"); - goto abort; - } - peer = from; - if (trace) - tpacket("received", ap, n); - /* should verify packet came from server */ - ap->th_opcode = ntohs(ap->th_opcode); - ap->th_block = ntohs(ap->th_block); - if (ap->th_opcode == ERROR) { - printf("Error code %d: %s\n", ap->th_code, - ap->th_msg); - goto abort; - } - if (ap->th_opcode == ACK) { - int j; - - if (ap->th_block == 0) { - /* - * If the extended options are enabled, - * the server just refused 'em all. - * The only one that _really_ - * matters is blksize, but we'll - * clear timeout, too. - */ - blksize = def_blksize; - rexmtval = def_rexmtval; - } - if (ap->th_block == block) { - break; - } - /* On an error, try to synchronize - * both sides. - */ - j = synchnet(f, blksize+4); - if (j && trace) { - printf("discarded %d packets\n", - j); - } - if (ap->th_block == (block-1)) { - goto send_data; - } - } - if (ap->th_opcode == OACK) { - if (block == 0) { - blksize = def_blksize; - rexmtval = def_rexmtval; - get_options(ap, n); - break; - } - } - } - if (block > 0) - amount += size; - block++; - } while (size == blksize || block == 1); -abort: - fclose(file); - stopclock(); - if (amount > 0) - printstats("Sent", amount); -} - -/* - * Receive a file. - */ -void -recvfile(fd, name, mode) - int fd; - char *name; - char *mode; -{ - struct tftphdr *ap; - struct tftphdr *dp; - int n, oack=0; - volatile unsigned int block; - volatile int size, firsttrip; - volatile unsigned long amount; - struct sockaddr_storage from; - int fromlen, readlen; - FILE *file; - volatile int convert; /* true if converting crlf -> lf */ - struct sockaddr_storage peer; - struct sockaddr_storage serv; /* valid server port number */ - - startclock(); - dp = w_init(); - ap = (struct tftphdr *)ackbuf; - file = fdopen(fd, "w"); - convert = !strcmp(mode, "netascii"); - block = 1; - firsttrip = 1; - amount = 0; - memcpy(&peer, &peeraddr, peeraddr.ss_len); - memset(&serv, 0, sizeof(serv)); - - signal(SIGALRM, timer); - do { - if (firsttrip) { - size = makerequest(RRQ, name, ap, mode, 0); - readlen = PKTSIZE; - firsttrip = 0; - } else { - ap->th_opcode = htons((u_short)ACK); - ap->th_block = htons((u_short)(block)); - readlen = blksize+4; - size = 4; - block++; - } - timeout = 0; - (void) setjmp(timeoutbuf); -send_ack: - if (trace) - tpacket("sent", ap, size); - if (sendto(f, ackbuf, size, 0, (struct sockaddr *)&peer, - peer.ss_len) != size) { - alarm(0); - warn("sendto"); - goto abort; - } - write_behind(file, convert); - for ( ; ; ) { - alarm(rexmtval); - do { - fromlen = sizeof(from); - n = recvfrom(f, dp, readlen, 0, - (struct sockaddr *)&from, &fromlen); - } while (n <= 0); - alarm(0); - if (n < 0) { - warn("recvfrom"); - goto abort; - } - if (!serv.ss_family) - serv = from; - else if (!cmpport((struct sockaddr *)&serv, - (struct sockaddr *)&from)) { - warn("server port mismatch"); - goto abort; - } - peer = from; - if (trace) - tpacket("received", dp, n); - /* should verify client address */ - dp->th_opcode = ntohs(dp->th_opcode); - dp->th_block = ntohs(dp->th_block); - if (dp->th_opcode == ERROR) { - printf("Error code %d: %s\n", dp->th_code, - dp->th_msg); - goto abort; - } - if (dp->th_opcode == DATA) { - int j; - - if (dp->th_block == 1 && !oack) { - /* no OACK, revert to defaults */ - blksize = def_blksize; - rexmtval = def_rexmtval; - } - if (dp->th_block == block) { - break; /* have next packet */ - } - /* On an error, try to synchronize - * both sides. - */ - j = synchnet(f, blksize); - if (j && trace) { - printf("discarded %d packets\n", j); - } - if (dp->th_block == (block-1)) { - goto send_ack; /* resend ack */ - } - } - if (dp->th_opcode == OACK) { - if (block == 1) { - oack = 1; - blksize = def_blksize; - rexmtval = def_rexmtval; - get_options(dp, n); - ap->th_opcode = htons(ACK); - ap->th_block = 0; - readlen = blksize+4; - size = 4; - goto send_ack; - } - } - } - /* size = write(fd, dp->th_data, n - 4); */ - size = writeit(file, &dp, n - 4, convert); - if (size < 0) { - nak(errno + 100, (struct sockaddr *)&peer); - break; - } - amount += size; - } while (size == blksize || block == 1); -abort: /* ok to ack, since user */ - ap->th_opcode = htons((u_short)ACK); /* has seen err msg */ - ap->th_block = htons((u_short)block); - (void) sendto(f, ackbuf, 4, 0, (struct sockaddr *)&peer, - peer.ss_len); - write_behind(file, convert); /* flush last buffer */ - fclose(file); - stopclock(); - if (amount > 0) - printstats("Received", amount); -} - -static int -makerequest(request, name, tp, mode, filesize) - int request; - const char *name; - struct tftphdr *tp; - const char *mode; - off_t filesize; -{ - char *cp; - - tp->th_opcode = htons((u_short)request); -#ifndef __SVR4 - cp = tp->th_stuff; -#else - cp = (void *)&tp->th_stuff; -#endif - strcpy(cp, name); - cp += strlen(name); - *cp++ = '\0'; - strcpy(cp, mode); - cp += strlen(mode); - *cp++ = '\0'; - if (tsize) { - strcpy(cp, "tsize"); - cp += strlen(cp); - *cp++ = '\0'; - sprintf(cp, "%lu", (unsigned long) filesize); - cp += strlen(cp); - *cp++ = '\0'; - } - if (tout) { - strcpy(cp, "timeout"); - cp += strlen(cp); - *cp++ = '\0'; - sprintf(cp, "%d", rexmtval); - cp += strlen(cp); - *cp++ = '\0'; - } - if (blksize != SEGSIZE) { - strcpy(cp, "blksize"); - cp += strlen(cp); - *cp++ = '\0'; - sprintf(cp, "%d", blksize); - cp += strlen(cp); - *cp++ = '\0'; - } - return (cp - (char *)tp); -} - -const struct errmsg { - int e_code; - const char *e_msg; -} errmsgs[] = { - { EUNDEF, "Undefined error code" }, - { ENOTFOUND, "File not found" }, - { EACCESS, "Access violation" }, - { ENOSPACE, "Disk full or allocation exceeded" }, - { EBADOP, "Illegal TFTP operation" }, - { EBADID, "Unknown transfer ID" }, - { EEXISTS, "File already exists" }, - { ENOUSER, "No such user" }, - { EOPTNEG, "Option negotiation failed" }, - { -1, 0 } -}; - -/* - * Send a nak packet (error message). - * Error code passed in is one of the - * standard TFTP codes, or a UNIX errno - * offset by 100. - */ -static void -nak(error, peer) - int error; - struct sockaddr *peer; -{ - const struct errmsg *pe; - struct tftphdr *tp; - int length; - size_t msglen; - - tp = (struct tftphdr *)ackbuf; - tp->th_opcode = htons((u_short)ERROR); - msglen = sizeof(ackbuf) - (&tp->th_msg[0] - ackbuf); - for (pe = errmsgs; pe->e_code >= 0; pe++) - if (pe->e_code == error) - break; - if (pe->e_code < 0) { - tp->th_code = EUNDEF; - strlcpy(tp->th_msg, strerror(error - 100), msglen); - } else { - tp->th_code = htons((u_short)error); - strlcpy(tp->th_msg, pe->e_msg, msglen); - } - length = strlen(tp->th_msg); - msglen = &tp->th_msg[length + 1] - ackbuf; - if (trace) - tpacket("sent", tp, (int)msglen); - if (sendto(f, ackbuf, msglen, 0, peer, peer->sa_len) != msglen) - warn("nak"); -} - -static void -tpacket(s, tp, n) - const char *s; - struct tftphdr *tp; - int n; -{ - static char *opcodes[] = - { "#0", "RRQ", "WRQ", "DATA", "ACK", "ERROR", "OACK" }; - char *cp, *file, *endp, *opt, *spc; - u_short op = ntohs(tp->th_opcode); - int i, o; - - if (op < RRQ || op > OACK) - printf("%s opcode=%x ", s, op); - else - printf("%s %s ", s, opcodes[op]); - switch (op) { - - case RRQ: - case WRQ: - n -= 2; -#ifndef __SVR4 - cp = tp->th_stuff; -#else - cp = (void *) &tp->th_stuff; -#endif - endp = cp + n - 1; - if (*endp != '\0') { /* Shouldn't happen, but... */ - *endp = '\0'; - } - file = cp; - cp = strchr(cp, '\0') + 1; - printf("\n"); - break; - - case DATA: - printf("\n", ntohs(tp->th_block), n - 4); - break; - - case ACK: - printf("\n", ntohs(tp->th_block)); - break; - - case ERROR: - printf("\n", ntohs(tp->th_code), tp->th_msg); - break; - - case OACK: - o = 0; - n -= 2; - cp = tp->th_stuff; - endp = cp + n - 1; - if (*endp != '\0') { /* Shouldn't happen, but... */ - *endp = '\0'; - } - printf("<"); - spc = ""; - while (cp < endp) { - i = strlen(cp) + 1; - if (o) { - printf("%s%s=%s", spc, opt, cp); - spc = ", "; - } else { - opt = cp; - } - o = (o+1) % 2; - cp += i; - } - printf(">\n"); - break; - } -} - -struct timeval tstart; -struct timeval tstop; - -static void -startclock() -{ - - (void)gettimeofday(&tstart, NULL); -} - -static void -stopclock() -{ - - (void)gettimeofday(&tstop, NULL); -} - -static void -printstats(direction, amount) - const char *direction; - unsigned long amount; -{ - double delta; - - /* compute delta in 1/10's second units */ - delta = ((tstop.tv_sec*10.)+(tstop.tv_usec/100000)) - - ((tstart.tv_sec*10.)+(tstart.tv_usec/100000)); - delta = delta/10.; /* back to seconds */ - printf("%s %ld bytes in %.1f seconds", direction, amount, delta); - if (verbose) - printf(" [%.0f bits/sec]", (amount*8.)/delta); - putchar('\n'); -} - -static void -timer(sig) - int sig; -{ - - timeout += rexmtval; - if (timeout >= maxtimeout) { - printf("Transfer timed out.\n"); - longjmp(toplevel, -1); - } - longjmp(timeoutbuf, 1); -} - -static int -cmpport(sa, sb) - struct sockaddr *sa; - struct sockaddr *sb; -{ - char a[NI_MAXSERV], b[NI_MAXSERV]; - - if (getnameinfo(sa, sa->sa_len, NULL, 0, a, sizeof(a), NI_NUMERICSERV)) - return 0; - if (getnameinfo(sb, sb->sa_len, NULL, 0, b, sizeof(b), NI_NUMERICSERV)) - return 0; - if (strcmp(a, b) != 0) - return 0; - - return 1; -} diff --git a/tftp.tproj/tftp.h b/tftp.tproj/tftp.h deleted file mode 100644 index 70c3356..0000000 --- a/tftp.tproj/tftp.h +++ /dev/null @@ -1,84 +0,0 @@ -/* $NetBSD: tftp.h,v 1.8 2003/08/07 09:44:12 agc Exp $ */ - -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)tftp.h 8.1 (Berkeley) 6/2/93 - */ - -#ifndef _ARPA_TFTP_H_ -#define _ARPA_TFTP_H_ - -/* - * Trivial File Transfer Protocol (IEN-133) - */ -#define SEGSIZE 512 /* data segment size */ -#define MAXSEGSIZE 65464 /* maximum negotiated data segment size */ - -#define PKTSIZE SEGSIZE + 4 -#define MAXPKTSIZE MAXSEGSIZE + 4 - -/* - * Packet types. - */ -#define RRQ 01 /* read request */ -#define WRQ 02 /* write request */ -#define DATA 03 /* data packet */ -#define ACK 04 /* acknowledgement */ -#define ERROR 05 /* error code */ -#define OACK 06 /* option acknowledgement */ - -struct tftphdr { - short th_opcode; /* packet type */ - union { - unsigned short tu_block; /* block # */ - short tu_code; /* error code */ - char tu_stuff[1]; /* request packet stuff */ - } th_u; - char th_data[1]; /* data or error string */ -}; - -#define th_block th_u.tu_block -#define th_code th_u.tu_code -#define th_stuff th_u.tu_stuff -#define th_msg th_data - -/* - * Error codes. - */ -#define EUNDEF 0 /* not defined */ -#define ENOTFOUND 1 /* file not found */ -#define EACCESS 2 /* access violation */ -#define ENOSPACE 3 /* disk full or allocation exceeded */ -#define EBADOP 4 /* illegal TFTP operation */ -#define EBADID 5 /* unknown transfer ID */ -#define EEXISTS 6 /* file already exists */ -#define ENOUSER 7 /* no such user */ -#define EOPTNEG 8 /* option negotiation failed */ - -#endif /* _ARPA_TFTP_H_ */ diff --git a/tftp.tproj/tftpsubs.c b/tftp.tproj/tftpsubs.c deleted file mode 100644 index 89fb0e4..0000000 --- a/tftp.tproj/tftpsubs.c +++ /dev/null @@ -1,285 +0,0 @@ -/* $NetBSD: tftpsubs.c,v 1.8 2003/08/07 11:16:14 agc Exp $ */ - -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#ifndef lint -#if 0 -static char sccsid[] = "@(#)tftpsubs.c 8.1 (Berkeley) 6/6/93"; -#else -__RCSID("$NetBSD: tftpsubs.c,v 1.8 2003/08/07 11:16:14 agc Exp $"); -#endif -#endif /* not lint */ - -/* Simple minded read-ahead/write-behind subroutines for tftp user and - server. Written originally with multiple buffers in mind, but current - implementation has two buffer logic wired in. - - Todo: add some sort of final error check so when the write-buffer - is finally flushed, the caller can detect if the disk filled up - (or had an i/o error) and return a nak to the other side. - - Jim Guyton 10/85 - */ - -#include -#include -#include -#include -#include "tftp.h" - -#include -#include - -#include "tftpsubs.h" - -struct bf { - int counter; /* size of data in buffer, or flag */ - char buf[MAXPKTSIZE]; /* room for data packet */ -} bfs[2]; - - /* Values for bf.counter */ -#define BF_ALLOC -3 /* alloc'd but not yet filled */ -#define BF_FREE -2 /* free */ -/* [-1 .. SEGSIZE] = size of data in the data buffer */ - -static int nextone; /* index of next buffer to use */ -static int current; /* index of buffer in use */ - - /* control flags for crlf conversions */ -int newline = 0; /* fillbuf: in middle of newline expansion */ -int prevchar = -1; /* putbuf: previous char (cr check) */ - -static struct tftphdr *rw_init __P((int)); - -struct tftphdr * -w_init() /* write-behind */ -{ - return rw_init(0); -} - -struct tftphdr * -r_init() /* read-ahead */ -{ - return rw_init(1); -} - -static struct tftphdr * -rw_init(x) /* init for either read-ahead or write-behind */ - int x; /* zero for write-behind, one for read-head */ -{ - newline = 0; /* init crlf flag */ - prevchar = -1; - bfs[0].counter = BF_ALLOC; /* pass out the first buffer */ - current = 0; - bfs[1].counter = BF_FREE; - nextone = x; /* ahead or behind? */ - return (struct tftphdr *)bfs[0].buf; -} - -/* Have emptied current buffer by sending to net and getting ack. - Free it and return next buffer filled with data. - */ -int -readit(file, dpp, amt, convert) - FILE *file; /* file opened for read */ - struct tftphdr **dpp; - int amt; - int convert; /* if true, convert to ascii */ -{ - struct bf *b; - - bfs[current].counter = BF_FREE; /* free old one */ - current = !current; /* "incr" current */ - - b = &bfs[current]; /* look at new buffer */ - if (b->counter == BF_FREE) /* if it's empty */ - read_ahead(file, amt, convert); /* fill it */ -/* assert(b->counter != BF_FREE);*//* check */ - *dpp = (struct tftphdr *)b->buf; /* set caller's ptr */ - return b->counter; -} - -/* - * fill the input buffer, doing ascii conversions if requested - * conversions are lf -> cr,lf and cr -> cr, nul - */ -void -read_ahead(file, amt, convert) - FILE *file; /* file opened for read */ - int amt; /* number of bytes to read */ - int convert; /* if true, convert to ascii */ -{ - int i; - char *p; - int c; - struct bf *b; - struct tftphdr *dp; - - b = &bfs[nextone]; /* look at "next" buffer */ - if (b->counter != BF_FREE) /* nop if not free */ - return; - nextone = !nextone; /* "incr" next buffer ptr */ - - dp = (struct tftphdr *)b->buf; - - if (convert == 0) { - b->counter = read(fileno(file), dp->th_data, amt); - return; - } - - p = dp->th_data; - for (i = 0 ; i < amt; i++) { - if (newline) { - if (prevchar == '\n') - c = '\n'; /* lf to cr,lf */ - else c = '\0'; /* cr to cr,nul */ - newline = 0; - } - else { - c = getc(file); - if (c == EOF) break; - if (c == '\n' || c == '\r') { - prevchar = c; - c = '\r'; - newline = 1; - } - } - *p++ = c; - } - b->counter = (int)(p - dp->th_data); -} - -/* Update count associated with the buffer, get new buffer - from the queue. Calls write_behind only if next buffer not - available. - */ -int -writeit(file, dpp, ct, convert) - FILE *file; - struct tftphdr **dpp; - int ct, convert; -{ - bfs[current].counter = ct; /* set size of data to write */ - current = !current; /* switch to other buffer */ - if (bfs[current].counter != BF_FREE) /* if not free */ - (void)write_behind(file, convert); /* flush it */ - bfs[current].counter = BF_ALLOC; /* mark as alloc'd */ - *dpp = (struct tftphdr *)bfs[current].buf; - return ct; /* this is a lie of course */ -} - -/* - * Output a buffer to a file, converting from netascii if requested. - * CR,NUL -> CR and CR,LF => LF. - * Note spec is undefined if we get CR as last byte of file or a - * CR followed by anything else. In this case we leave it alone. - */ -int -write_behind(file, convert) - FILE *file; - int convert; -{ - char *buf; - int count; - int ct; - char *p; - int c; /* current character */ - struct bf *b; - struct tftphdr *dp; - - b = &bfs[nextone]; - if (b->counter < -1) /* anything to flush? */ - return 0; /* just nop if nothing to do */ - - count = b->counter; /* remember byte count */ - b->counter = BF_FREE; /* reset flag */ - dp = (struct tftphdr *)b->buf; - nextone = !nextone; /* incr for next time */ - buf = dp->th_data; - - if (count <= 0) return -1; /* nak logic? */ - - if (convert == 0) - return write(fileno(file), buf, count); - - p = buf; - ct = count; - while (ct--) { /* loop over the buffer */ - c = *p++; /* pick up a character */ - if (prevchar == '\r') { /* if prev char was cr */ - if (c == '\n') /* if have cr,lf then just */ - fseek(file, -1, 1); /* smash lf on top of the cr */ - else - if (c == '\0') /* if have cr,nul then */ - goto skipit; /* just skip over the putc */ - /* else just fall through and allow it */ - } - putc(c, file); -skipit: - prevchar = c; - } - return count; -} - - -/* When an error has occurred, it is possible that the two sides - * are out of synch. Ie: that what I think is the other side's - * response to packet N is really their response to packet N-1. - * - * So, to try to prevent that, we flush all the input queued up - * for us on the network connection on our host. - * - * We return the number of packets we flushed (mostly for reporting - * when trace is active). - */ - -int -synchnet(f, bsize) - int f; /* socket to flush */ - int bsize; /* size of buffer to sync */ -{ - int i, j = 0; - char rbuf[PKTSIZE]; - struct sockaddr_storage from; - int fromlen; - - while (1) { - (void) ioctl(f, FIONREAD, &i); - if (i) { - j++; - fromlen = sizeof from; - (void) recvfrom(f, rbuf, sizeof (rbuf), 0, - (struct sockaddr *)&from, &fromlen); - } else { - return(j); - } - } -} diff --git a/tftp.tproj/tftpsubs.h b/tftp.tproj/tftpsubs.h deleted file mode 100644 index 98284f8..0000000 --- a/tftp.tproj/tftpsubs.h +++ /dev/null @@ -1,48 +0,0 @@ -/* $NetBSD: tftpsubs.h,v 1.4 2003/08/07 11:16:14 agc Exp $ */ - -/* - * Copyright (c) 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)tftpsubs.h 8.1 (Berkeley) 6/6/93 - */ - -/* - * Prototypes for read-ahead/write-behind subroutines for tftp user and - * server. - */ - - -struct tftphdr *r_init __P((void)); -void read_ahead __P((FILE *, int, int)); -int readit __P((FILE *, struct tftphdr **, int, int)); - -int synchnet __P((int, int)); - -struct tftphdr *w_init __P((void)); -int write_behind __P((FILE *, int)); -int writeit __P((FILE *, struct tftphdr **, int, int)); diff --git a/tftpd.tproj/Makefile b/tftpd.tproj/Makefile deleted file mode 100644 index cdcc207..0000000 --- a/tftpd.tproj/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = tftpd - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = tftp.h tftpsubs.h -CFILES = tftpd.c tftpsubs.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble tftpd.8 tftp.plist tftp.plist-SERVER - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/libexec -WINDOWS_INSTALLDIR = /usr/libexec -PDO_UNIX_INSTALLDIR = /usr/libexec -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/tftpd.tproj/Makefile.postamble b/tftpd.tproj/Makefile.postamble deleted file mode 100644 index 0505ae0..0000000 --- a/tftpd.tproj/Makefile.postamble +++ /dev/null @@ -1,118 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# ENGLISH - boolean flag set iff $(LANGUAGE) = "English" -# JAPANESE - boolean flag set iff $(LANGUAGE) = "Japanese" -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder that output Makefile -# APPICON - application icon file -# DOCICONS - dock icon files -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A -#COMPATIBILITY_PROJECT_VERSION = 1 - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wall -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root # User/group ownership -#INSTALL_AS_GROUP = wheel # (probably want to set both of these) -#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S # for .a archives -#DYNAMIC_STRIP_OPTS = -S # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. - -after_install: - mkdir -p "$(DSTROOT)/usr/share/man/man8" - cp tftpd.8 "$(DSTROOT)/usr/share/man/man8/" - mkdir -p "$(DSTROOT)/System/Library/LaunchDaemons" - cp tftp.plist "$(DSTROOT)/System/Library/LaunchDaemons/" - cp tftp.plist-SERVER "$(DSTROOT)/System/Library/LaunchDaemons/" - mkdir -p "$(DSTROOT)/private/tftpboot" diff --git a/tftpd.tproj/Makefile.preamble b/tftpd.tproj/Makefile.preamble deleted file mode 100644 index dcbd1c8..0000000 --- a/tftpd.tproj/Makefile.preamble +++ /dev/null @@ -1,119 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set all three of these if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the specified dir on the -# specified public header files with the specified additional flags. Don't put -# $(DSTROOT) in PUBLIC_HEADER_DIR; this is done for you. -PUBLIC_HEADER_DIR = -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# A virtual root directory (other than /) to be prepended to the $(INSTALLDIR) -# passed from ProjectBuilder. -DSTROOT = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - --include ../Makefile.include diff --git a/tftpd.tproj/PB.project b/tftpd.tproj/PB.project deleted file mode 100644 index 39cfa7e..0000000 --- a/tftpd.tproj/PB.project +++ /dev/null @@ -1,41 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - HEADERSEARCH = (../tftp.tproj); - H_FILES = (); - M_FILES = (); - OTHER_LIBS = (); - OTHER_LINKED = (tftpd.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, tftpd.8); - PRECOMPILED_HEADERS = (); - PROJECT_HEADERS = (); - PUBLIC_HEADERS = (); - SUBPROJECTS = (); - }; - GENERATEMAIN = YES; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_DOCUMENTEXTENSIONS = (); - NEXTSTEP_INSTALLDIR = /usr/libexec; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/libexec; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = tftpd; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/libexec; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/tftpd.tproj/tftp.h b/tftpd.tproj/tftp.h deleted file mode 100644 index 70c3356..0000000 --- a/tftpd.tproj/tftp.h +++ /dev/null @@ -1,84 +0,0 @@ -/* $NetBSD: tftp.h,v 1.8 2003/08/07 09:44:12 agc Exp $ */ - -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)tftp.h 8.1 (Berkeley) 6/2/93 - */ - -#ifndef _ARPA_TFTP_H_ -#define _ARPA_TFTP_H_ - -/* - * Trivial File Transfer Protocol (IEN-133) - */ -#define SEGSIZE 512 /* data segment size */ -#define MAXSEGSIZE 65464 /* maximum negotiated data segment size */ - -#define PKTSIZE SEGSIZE + 4 -#define MAXPKTSIZE MAXSEGSIZE + 4 - -/* - * Packet types. - */ -#define RRQ 01 /* read request */ -#define WRQ 02 /* write request */ -#define DATA 03 /* data packet */ -#define ACK 04 /* acknowledgement */ -#define ERROR 05 /* error code */ -#define OACK 06 /* option acknowledgement */ - -struct tftphdr { - short th_opcode; /* packet type */ - union { - unsigned short tu_block; /* block # */ - short tu_code; /* error code */ - char tu_stuff[1]; /* request packet stuff */ - } th_u; - char th_data[1]; /* data or error string */ -}; - -#define th_block th_u.tu_block -#define th_code th_u.tu_code -#define th_stuff th_u.tu_stuff -#define th_msg th_data - -/* - * Error codes. - */ -#define EUNDEF 0 /* not defined */ -#define ENOTFOUND 1 /* file not found */ -#define EACCESS 2 /* access violation */ -#define ENOSPACE 3 /* disk full or allocation exceeded */ -#define EBADOP 4 /* illegal TFTP operation */ -#define EBADID 5 /* unknown transfer ID */ -#define EEXISTS 6 /* file already exists */ -#define ENOUSER 7 /* no such user */ -#define EOPTNEG 8 /* option negotiation failed */ - -#endif /* _ARPA_TFTP_H_ */ diff --git a/tftpd.tproj/tftp.plist b/tftpd.tproj/tftp.plist deleted file mode 100644 index 7010bc4..0000000 --- a/tftpd.tproj/tftp.plist +++ /dev/null @@ -1,33 +0,0 @@ - - - - - Disabled - - Label - com.apple.tftpd - ProgramArguments - - /usr/libexec/tftpd - -s - /private/tftpboot - - inetdCompatibility - - Wait - - - InitGroups - - Sockets - - Listeners - - SockServiceName - tftp - SockType - dgram - - - - diff --git a/tftpd.tproj/tftp.plist-SERVER b/tftpd.tproj/tftp.plist-SERVER deleted file mode 100644 index e31e08b..0000000 --- a/tftpd.tproj/tftp.plist-SERVER +++ /dev/null @@ -1,33 +0,0 @@ - - - - - Disabled - - Label - com.apple.tftpd - ProgramArguments - - /usr/libexec/tftpd - -i - /private/tftpboot - - inetdCompatibility - - Wait - - - InitGroups - - Sockets - - Listeners - - SockServiceName - tftp - SockType - dgram - - - - diff --git a/tftpd.tproj/tftpd.8 b/tftpd.tproj/tftpd.8 deleted file mode 100644 index 7254fc8..0000000 --- a/tftpd.tproj/tftpd.8 +++ /dev/null @@ -1,226 +0,0 @@ -.\" $NetBSD: tftpd.8,v 1.21 2003/08/07 09:46:53 agc Exp $ -.\" -.\" Copyright (c) 1983, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" from: @(#)tftpd.8 8.1 (Berkeley) 6/4/93 -.\" -.Dd June 11, 2003 -.Dt TFTPD 8 -.Os -.Sh NAME -.Nm tftpd -.Nd -.Tn DARPA -Internet Trivial File Transfer Protocol server -.Sh SYNOPSIS -.Nm -.Op Fl d -.Op Fl g Ar group -.Op Fl i -.Op Fl l -.Op Fl n -.Op Fl s Ar directory -.Op Fl u Ar user -.Op Ar directory ... -.Sh DESCRIPTION -.Nm -is a server which supports the -.Tn DARPA -Trivial File Transfer Protocol. -The -.Tn TFTP -server operates at the port indicated in the -.Ql tftp -service description; see -.Xr services 5 . -The server is normally started by -.Xr inetd 8 . -.Pp -The use of -.Xr tftp 1 -does not require an account or password on the remote system. -Due to the lack of authentication information, -.Nm -will allow only publicly readable files to be accessed. -Filenames beginning in ``\|\fB.\|.\fP\|/'' or -containing ``/\|\fB.\|.\fP\|/'' are not allowed. -Files may be written to only if they already exist and are publicly writable. -.Pp -Note that this extends the concept of -.Qq public -to include -all users on all hosts that can be reached through the network; -this may not be appropriate on all systems, and its implications -should be considered before enabling tftp service. -The server should have the user ID with the lowest possible privilege. -.Pp -Access to files may be restricted by invoking -.Nm -with a list of directories by including up to 20 pathnames -as server program arguments in -.Pa /etc/inetd.conf . -In this case access is restricted to files whose -names are prefixed by the one of the given directories. -The given directories are also treated as a search path for -relative filename requests. -.Pp -The options are: -.Bl -tag -width "directory" -.It Fl d -Enable verbose debugging messages to -.Xr syslogd 8 . -.It Fl g Ar group -Change gid to that of -.Ar group -on startup. -If this isn't specified, the gid is set to that of the -.Ar user -specified with -.Fl u . -.It Fl i -Enable insecure mode, no -.Xr realpath 3 . -.It Fl l -Logs all requests using -.Xr syslog 3 . -.It Fl n -Suppresses negative acknowledgement of requests for nonexistent -relative filenames. -.It Fl s Ar directory -.Nm -will -.Xr chroot 2 -to -.Ar directory -on startup. -This is recommended for security reasons (so that files other than -those in the -.Pa /tftpboot -directory aren't accessible). -If the remote host passes the directory name as part of the -file name to transfer, you may have to create a symbolic link -from -.Sq tftpboot -to -.Sq \&. -under -.Pa /tftpboot . -.It Fl u Ar user -Change uid to that of -.Ar user -on startup. -If -.Fl u -isn't given, -.Ar user -defaults to -.Dq nobody . -If -.Fl g -isn't also given, change the gid to that of -.Ar user -as well. -.El -.Sh SEE ALSO -.Xr tftp 1 , -.Xr inetd 8 -.Rs -.%R RFC -.%N 1350 -.%D July 1992 -.%T "The TFTP Protocol (Revision 2)" -.Re -.Rs -.%R RFC -.%N 2347 -.%D May 1998 -.%T "TFTP Option Extension" -.Re -.Rs -.%R RFC -.%N 2348 -.%D May 1998 -.%T "TFTP Blocksize Option" -.Re -.Rs -.%R RFC -.%N 2349 -.%D May 1998 -.%T "TFTP Timeout Interval and Transfer Size Options" -.Re -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . -.Pp -The -.Fl s -flag appeared in -.Nx 1.0 . -.Pp -The -.Fl g -and -.Fl u -flags appeared in -.Nx 1.4 . -.Pp -IPv6 support was implemented by WIDE/KAME project in 1999. -.Pp -TFTP options were implemented by Wasabi Systems, Inc., in 2003, -and first appeared in -NetBSD 2.0 . -.Sh BUGS -Files larger than 33488896 octets (65535 blocks) cannot be transferred -without client and server supporting blocksize negotiation (RFCs -2347 and 2348). -.Pp -Many tftp clients will not transfer files over 16744448 octets (32767 blocks). -.Sh SECURITY CONSIDERATIONS -You are -.Em strongly -advised to set up -.Nm -using the -.Fl s -flag in conjunction with the name of the directory that -contains the files that -.Nm -will serve to remote hosts (e.g., -.Pa /tftpboot ) . -This ensures that only the files that should be served -to remote hosts can be accessed by them. -.Pp -Because there is no user-login or validation within -the -.Tn TFTP -protocol, the remote site will probably have some -sort of file-access restrictions in place. -The exact methods are specific to each site and therefore -difficult to document here. diff --git a/tftpd.tproj/tftpd.c b/tftpd.tproj/tftpd.c deleted file mode 100644 index d8043c4..0000000 --- a/tftpd.tproj/tftpd.c +++ /dev/null @@ -1,1171 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $NetBSD: tftpd.c,v 1.28 2004/05/05 20:15:45 kleink Exp $ */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#ifndef lint -__COPYRIGHT("@(#) Copyright (c) 1983, 1993\n\ - The Regents of the University of California. All rights reserved.\n"); -#if 0 -static char sccsid[] = "@(#)tftpd.c 8.1 (Berkeley) 6/4/93"; -#else -__RCSID("$NetBSD: tftpd.c,v 1.28 2004/05/05 20:15:45 kleink Exp $"); -#endif -#endif /* not lint */ - -/* - * Trivial file transfer protocol server. - * - * This version includes many modifications by Jim Guyton - * . - */ - -#include -#include -#include -#include - -#include -#include "tftp.h" -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "tftpsubs.h" - -#define DEFAULTUSER "nobody" - -#define TIMEOUT 5 - -int peer; -int rexmtval = TIMEOUT; -int maxtimeout = 5*TIMEOUT; - -char buf[MAXPKTSIZE]; -char ackbuf[PKTSIZE]; -char oackbuf[PKTSIZE]; -struct sockaddr_storage from; -int fromlen; -int debug; - -int tftp_opt_tsize = 0; -int tftp_blksize = SEGSIZE; -int tftp_tsize = 0; - -/* - * Null-terminated directory prefix list for absolute pathname requests and - * search list for relative pathname requests. - * - * MAXDIRS should be at least as large as the number of arguments that - * inetd allows (currently 20). - */ -#define MAXDIRS 20 -static struct dirlist { - char *name; - int len; -} dirs[MAXDIRS+1]; -static int suppress_naks; -static int logging; -static int insecure=0; -static int secure; -static char *securedir; - -struct formats; - -static const char *errtomsg(int); -static void nak(int); -static void tftp(struct tftphdr *, int); -static void usage(void); -static char *verifyhost(struct sockaddr *); -void justquit(int); -int main(int, char **); -void recvfile(struct formats *, int, int); -void sendfile(struct formats *, int, int); -void timer(int); -static const char *opcode(int); -int validate_access(char **, int); - -struct formats { - const char *f_mode; - int (*f_validate)(char **, int); - void (*f_send)(struct formats *, int, int); - void (*f_recv)(struct formats *, int, int); - int f_convert; -} formats[] = { - { "netascii", validate_access, sendfile, recvfile, 1 }, - { "octet", validate_access, sendfile, recvfile, 0 }, - { 0 } -}; - -static void -usage(void) -{ - - syslog(LOG_ERR, - "Usage: %s [-diln] [-u user] [-g group] [-s directory] [directory ...]", - getprogname()); - exit(1); -} - -int -main(int argc, char *argv[]) -{ - struct sockaddr_storage me; - struct passwd *pwent; - struct group *grent; - struct tftphdr *tp; - char *tgtuser, *tgtgroup, *ep; - int n, ch, on, fd; - int len, soopt; - uid_t curuid, tgtuid; - gid_t curgid, tgtgid; - long nid; - - n = 0; - fd = 0; - tzset(); - openlog("tftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON); - tgtuser = DEFAULTUSER; - tgtgroup = NULL; - curuid = getuid(); - curgid = getgid(); - - while ((ch = getopt(argc, argv, "dg:ilns:u:")) != -1) - switch (ch) { - case 'd': - debug++; - break; - - case 'g': - tgtgroup = optarg; - break; - - case 'i': - insecure = 1; - break; - - case 'l': - logging = 1; - break; - - case 'n': - suppress_naks = 1; - break; - - case 's': - secure = 1; - securedir = optarg; - break; - - case 'u': - tgtuser = optarg; - break; - - default: - usage(); - break; - } - - if (optind < argc) { - struct dirlist *dirp; - - /* Get list of directory prefixes. Skip relative pathnames. */ - for (dirp = dirs; optind < argc && dirp < &dirs[MAXDIRS]; - optind++) { - if (argv[optind][0] == '/') { - dirp->name = argv[optind]; - dirp->len = strlen(dirp->name); - dirp++; - } - } - } - - if (*tgtuser == '\0' || (tgtgroup != NULL && *tgtgroup == '\0')) - usage(); - - nid = (strtol(tgtuser, &ep, 10)); - if (*ep == '\0') { - if (nid > UID_MAX) { - syslog(LOG_ERR, "uid %ld is too large", nid); - exit(1); - } - pwent = getpwuid((uid_t)nid); - } else - pwent = getpwnam(tgtuser); - if (pwent == NULL) { - syslog(LOG_ERR, "unknown user `%s'", tgtuser); - exit(1); - } - tgtuid = pwent->pw_uid; - tgtgid = pwent->pw_gid; - - if (tgtgroup != NULL) { - nid = (strtol(tgtgroup, &ep, 10)); - if (*ep == '\0') { - if (nid > GID_MAX) { - syslog(LOG_ERR, "gid %ld is too large", nid); - exit(1); - } - grent = getgrgid((gid_t)nid); - } else - grent = getgrnam(tgtgroup); - if (grent != NULL) - tgtgid = grent->gr_gid; - else { - syslog(LOG_ERR, "unknown group `%s'", tgtgroup); - exit(1); - } - } - - if (secure) { - if (chdir(securedir) < 0) { - syslog(LOG_ERR, "chdir %s: %m", securedir); - exit(1); - } - if (chroot(".")) { - syslog(LOG_ERR, "chroot: %m"); - exit(1); - } - } - - if (logging) - syslog(LOG_DEBUG, "running as user `%s' (%d), group `%s' (%d)", - tgtuser, tgtuid, tgtgroup ? tgtgroup : "(unspecified)", - tgtgid); - if (curgid != tgtgid) { - if (setgid(tgtgid)) { - syslog(LOG_ERR, "setgid to %d: %m", (int)tgtgid); - exit(1); - } - if (setgroups(0, NULL)) { - syslog(LOG_ERR, "setgroups: %m"); - exit(1); - } - } - - if (curuid != tgtuid) { - if (setuid(tgtuid)) { - syslog(LOG_ERR, "setuid to %d: %m", (int)tgtuid); - exit(1); - } - } - - on = 1; - if (ioctl(fd, FIONBIO, &on) < 0) { - syslog(LOG_ERR, "ioctl(FIONBIO): %m"); - exit(1); - } - fromlen = sizeof (from); - n = recvfrom(fd, buf, sizeof (buf), 0, - (struct sockaddr *)&from, &fromlen); - if (n < 0) { - syslog(LOG_ERR, "recvfrom: %m"); - exit(1); - } - /* - * Now that we have read the message out of the UDP - * socket, we fork and exit. Thus, inetd will go back - * to listening to the tftp port, and the next request - * to come in will start up a new instance of tftpd. - * - * We do this so that inetd can run tftpd in "wait" mode. - * The problem with tftpd running in "nowait" mode is that - * inetd may get one or more successful "selects" on the - * tftp port before we do our receive, so more than one - * instance of tftpd may be started up. Worse, if tftpd - * break before doing the above "recvfrom", inetd would - * spawn endless instances, clogging the system. - */ - { - int pid; - int i, j; - - for (i = 1; i < 20; i++) { - pid = fork(); - if (pid < 0) { - sleep(i); - /* - * flush out to most recently sent request. - * - * This may drop some request, but those - * will be resent by the clients when - * they timeout. The positive effect of - * this flush is to (try to) prevent more - * than one tftpd being started up to service - * a single request from a single client. - */ - j = sizeof from; - i = recvfrom(fd, buf, sizeof (buf), 0, - (struct sockaddr *)&from, &j); - if (i > 0) { - n = i; - fromlen = j; - } - } else { - break; - } - } - if (pid < 0) { - syslog(LOG_ERR, "fork: %m"); - exit(1); - } else if (pid != 0) { - exit(0); - } - } - - /* - * remember what address this was sent to, so we can respond on the - * same interface - */ - len = sizeof(me); - if (getsockname(fd, (struct sockaddr *)&me, &len) == 0) { - switch (me.ss_family) { - case AF_INET: - ((struct sockaddr_in *)&me)->sin_port = 0; - break; - case AF_INET6: - ((struct sockaddr_in6 *)&me)->sin6_port = 0; - break; - default: - /* unsupported */ - break; - } - } else { - memset(&me, 0, sizeof(me)); - me.ss_family = from.ss_family; - me.ss_len = from.ss_len; - } - - alarm(0); - close(fd); - close(1); - peer = socket(from.ss_family, SOCK_DGRAM, 0); - if (peer < 0) { - syslog(LOG_ERR, "socket: %m"); - exit(1); - } - if (bind(peer, (struct sockaddr *)&me, me.ss_len) < 0) { - syslog(LOG_ERR, "bind: %m"); - exit(1); - } - if (connect(peer, (struct sockaddr *)&from, from.ss_len) < 0) { - syslog(LOG_ERR, "connect: %m"); - exit(1); - } - soopt = 65536; /* larger than we'll ever need */ - if (setsockopt(peer, SOL_SOCKET, SO_SNDBUF, (void *) &soopt, sizeof(soopt)) < 0) { - syslog(LOG_ERR, "set SNDBUF: %m"); - exit(1); - } - if (setsockopt(peer, SOL_SOCKET, SO_RCVBUF, (void *) &soopt, sizeof(soopt)) < 0) { - syslog(LOG_ERR, "set RCVBUF: %m"); - exit(1); - } - - tp = (struct tftphdr *)buf; - tp->th_opcode = ntohs(tp->th_opcode); - if (tp->th_opcode == RRQ || tp->th_opcode == WRQ) - tftp(tp, n); - exit(1); -} - -static int -blk_handler(struct tftphdr *tp, char *opt, char *val, char *ack, - int *ackl, int *ec) -{ - unsigned long bsize; - char *endp; - int l; - - /* - * On these failures, we could just ignore the blocksize option. - * Perhaps that should be a command-line option. - */ - errno = 0; - bsize = strtoul(val, &endp, 10); - if ((bsize == ULONG_MAX && errno == ERANGE) || *endp) { - syslog(LOG_NOTICE, "%s: %s request for %s: " - "illegal value %s for blksize option", - verifyhost((struct sockaddr *)&from), - tp->th_opcode == WRQ ? "write" : "read", - tp->th_stuff, val); - return 0; - } - if (bsize < 8 || bsize > 65464) { - syslog(LOG_NOTICE, "%s: %s request for %s: " - "out of range value %s for blksize option", - verifyhost((struct sockaddr *)&from), - tp->th_opcode == WRQ ? "write" : "read", - tp->th_stuff, val); - return 0; - } - - tftp_blksize = bsize; - strcpy(ack + *ackl, "blksize"); - *ackl += 8; - l = sprintf(ack + *ackl, "%lu", bsize); - *ackl += l + 1; - - return 0; -} - -static int -timeout_handler(struct tftphdr *tp, char *opt, char *val, char *ack, - int *ackl, int *ec) -{ - unsigned long tout; - char *endp; - int l; - - errno = 0; - tout = strtoul(val, &endp, 10); - if ((tout == ULONG_MAX && errno == ERANGE) || *endp) { - syslog(LOG_NOTICE, "%s: %s request for %s: " - "illegal value %s for timeout option", - verifyhost((struct sockaddr *)&from), - tp->th_opcode == WRQ ? "write" : "read", - tp->th_stuff, val); - return 0; - } - if (tout < 1 || tout > 255) { - syslog(LOG_NOTICE, "%s: %s request for %s: " - "out of range value %s for timeout option", - verifyhost((struct sockaddr *)&from), - tp->th_opcode == WRQ ? "write" : "read", - tp->th_stuff, val); - return 0; - } - - rexmtval = tout; - strcpy(ack + *ackl, "timeout"); - *ackl += 8; - l = sprintf(ack + *ackl, "%lu", tout); - *ackl += l + 1; - - /* - * Arbitrarily pick a maximum timeout on a request to 3 - * retransmissions if the interval timeout is more than - * one minute. Longest possible timeout is therefore - * 3 * 255 - 1, or 764 seconds. - */ - if (rexmtval > 60) { - maxtimeout = rexmtval * 3; - } else { - maxtimeout = rexmtval * 5; - } - - return 0; -} - -static int -tsize_handler(struct tftphdr *tp, char *opt, char *val, char *ack, - int *ackl, int *ec) -{ - unsigned long fsize; - char *endp; - - /* - * Maximum file even with extended tftp is 65535 blocks of - * length 65464, or 4290183240 octets (4784056 less than 2^32). - * unsigned long is at least 32 bits on all NetBSD archs. - */ - - errno = 0; - fsize = strtoul(val, &endp, 10); - if ((fsize == ULONG_MAX && errno == ERANGE) || *endp) { - syslog(LOG_NOTICE, "%s: %s request for %s: " - "illegal value %s for tsize option", - verifyhost((struct sockaddr *)&from), - tp->th_opcode == WRQ ? "write" : "read", - tp->th_stuff, val); - return 0; - } - if (fsize > (unsigned long) 65535 * 65464) { - syslog(LOG_NOTICE, "%s: %s request for %s: " - "out of range value %s for tsize option", - verifyhost((struct sockaddr *)&from), - tp->th_opcode == WRQ ? "write" : "read", - tp->th_stuff, val); - return 0; - } - - tftp_opt_tsize = 1; - tftp_tsize = fsize; - /* - * We will report this later -- either replying with the fsize (WRQ) - * or replying with the actual filesize (RRQ). - */ - - return 0; -} - -struct tftp_options { - char *o_name; - int (*o_handler)(struct tftphdr *, char *, char *, char *, - int *, int *); -} options[] = { - { "blksize", blk_handler }, - { "timeout", timeout_handler }, - { "tsize", tsize_handler }, - { NULL, NULL } -}; - -/* - * Get options for an extended tftp session. Stuff the ones we - * recognize in oackbuf. - */ -static int -get_options(struct tftphdr *tp, char *cp, int size, char *ackb, - int *alen, int *err) -{ - struct tftp_options *op; - char *option, *value, *endp; - int r, rv=0, ec=0; - - endp = cp + size; - while (cp < endp) { - option = cp; - while (*cp && cp < endp) { - *cp = tolower(*cp); - cp++; - } - if (*cp) { - /* if we have garbage at the end, just ignore it */ - break; - } - cp++; /* skip over NUL */ - value = cp; - while (*cp && cp < endp) { - cp++; - } - if (*cp) { - /* if we have garbage at the end, just ignore it */ - break; - } - cp++; - for (op = options; op->o_name; op++) { - if (strcmp(op->o_name, option) == 0) - break; - } - if (op->o_name) { - r = op->o_handler(tp, option, value, ackb, alen, &ec); - if (r < 0) { - rv = -1; - break; - } - rv++; - } /* else ignore unknown options */ - } - - if (rv < 0) - *err = ec; - - return rv; -} - -/* - * Handle initial connection protocol. - */ -static void -tftp(struct tftphdr *tp, int size) -{ - struct formats *pf; - char *cp; - char *filename, *mode; - int first, ecode, alen, etftp=0, r; - - first = 1; - mode = NULL; - - filename = cp = tp->th_stuff; -again: - while (cp < buf + size) { - if (*cp == '\0') - break; - cp++; - } - if (*cp != '\0') { - nak(EBADOP); - exit(1); - } - if (first) { - mode = ++cp; - first = 0; - goto again; - } - for (cp = mode; *cp; cp++) - if (isupper(*cp)) - *cp = tolower(*cp); - for (pf = formats; pf->f_mode; pf++) - if (strcmp(pf->f_mode, mode) == 0) - break; - if (pf->f_mode == 0) { - nak(EBADOP); - exit(1); - } - /* - * cp currently points to the NUL byte following the mode. - * - * If we have some valid options, then let's assume that we're - * now dealing with an extended tftp session. Note that if we - * don't get any options, then we *must* assume that we do not - * have an extended tftp session. If we get options, we fill - * in the ack buf to acknowledge them. If we skip that, then - * the client *must* assume that we are not using an extended - * session. - */ - size -= (++cp - (char *) tp); - if (size > 0 && *cp) { - alen = 2; /* Skip over opcode */ - r = get_options(tp, cp, size, oackbuf, &alen, &ecode); - if (r > 0) { - etftp = 1; - } else if (r < 0) { - nak(ecode); - exit(1); - } - } - ecode = (*pf->f_validate)(&filename, tp->th_opcode); - if (logging) { - syslog(LOG_INFO, "%s: %s request for %s: %s", - verifyhost((struct sockaddr *)&from), - tp->th_opcode == WRQ ? "write" : "read", - filename, errtomsg(ecode)); - } - if (ecode) { - /* - * Avoid storms of naks to a RRQ broadcast for a relative - * bootfile pathname from a diskless Sun. - */ - if (suppress_naks && *filename != '/' && ecode == ENOTFOUND) - exit(0); - nak(ecode); - exit(1); - } - - if (etftp) { - struct tftphdr *oack_h; - - if (tftp_opt_tsize) { - int l; - - strcpy(oackbuf + alen, "tsize"); - alen += 6; - l = sprintf(oackbuf + alen, "%u", tftp_tsize); - alen += l + 1; - } - oack_h = (struct tftphdr *) oackbuf; - oack_h->th_opcode = htons(OACK); - } - - if (tp->th_opcode == WRQ) - (*pf->f_recv)(pf, etftp, alen); - else - (*pf->f_send)(pf, etftp, alen); - exit(0); -} - - -FILE *file; - -/* - * Validate file access. Since we - * have no uid or gid, for now require - * file to exist and be publicly - * readable/writable. - * If we were invoked with arguments - * from inetd then the file must also be - * in one of the given directory prefixes. - */ -int -validate_access(char **filep, int mode) -{ - struct stat stbuf; - struct dirlist *dirp; - static char pathname[MAXPATHLEN]; - int fd; - char *filename; -#ifdef __APPLE__ - static char resolved_path[PATH_MAX+1]; - bzero(resolved_path,PATH_MAX+1); - if(insecure) { - filename = *filep; - } else { - if (realpath(*filep, resolved_path)==NULL) { - return (EACCESS); - } - filename = resolved_path; - } -#else - filename = *filep; -#endif - /* - * Prevent tricksters from getting around the directory restrictions - */ - if (strstr(filename, "/../")) - return (EACCESS); - - if (*filename == '/') { - /* - * Allow the request if it's in one of the approved locations. - * Special case: check the null prefix ("/") by looking - * for length = 1 and relying on the arg. processing that - * it's a /. - */ - for (dirp = dirs; dirp->name != NULL; dirp++) { - if (dirp->len == 1 || - (!strncmp(filename, dirp->name, dirp->len) && - filename[dirp->len] == '/')) - break; - } - /* If directory list is empty, allow access to any file */ - if (dirp->name == NULL && dirp != dirs) - return (EACCESS); - if (stat(filename, &stbuf) < 0) - return (errno == ENOENT ? ENOTFOUND : EACCESS); - if (!S_ISREG(stbuf.st_mode)) - return (ENOTFOUND); - if (mode == RRQ) { - if ((stbuf.st_mode & S_IROTH) == 0) - return (EACCESS); - } else { - if ((stbuf.st_mode & S_IWOTH) == 0) - return (EACCESS); - } - } else { - /* - * Relative file name: search the approved locations for it. - */ - - if (!strncmp(filename, "../", 3)) - return (EACCESS); - - /* - * Find the first file that exists in any of the directories, - * check access on it. - */ - if (dirs[0].name != NULL) { - for (dirp = dirs; dirp->name != NULL; dirp++) { - snprintf(pathname, sizeof pathname, "%s/%s", - dirp->name, filename); - if (stat(pathname, &stbuf) == 0 && - (stbuf.st_mode & S_IFMT) == S_IFREG) { - break; - } - } - if (dirp->name == NULL) - return (ENOTFOUND); - if (mode == RRQ && !(stbuf.st_mode & S_IROTH)) - return (EACCESS); - if (mode == WRQ && !(stbuf.st_mode & S_IWOTH)) - return (EACCESS); - filename = pathname; - *filep = filename; - } else { - /* - * If there's no directory list, take our cue from the - * absolute file request check above (*filename == '/'), - * and allow access to anything. - */ - if (stat(filename, &stbuf) < 0) - return (errno == ENOENT ? ENOTFOUND : EACCESS); - if (!S_ISREG(stbuf.st_mode)) - return (ENOTFOUND); - if (mode == RRQ) { - if ((stbuf.st_mode & S_IROTH) == 0) - return (EACCESS); - } else { - if ((stbuf.st_mode & S_IWOTH) == 0) - return (EACCESS); - } - *filep = filename; - } - } - - if (tftp_opt_tsize && mode == RRQ) - tftp_tsize = (unsigned long) stbuf.st_size; - - fd = open(filename, mode == RRQ ? O_RDONLY : O_WRONLY | O_TRUNC); - if (fd < 0) - return (errno + 100); - file = fdopen(fd, (mode == RRQ)? "r":"w"); - if (file == NULL) { - close(fd); - return (errno + 100); - } - return (0); -} - -int timeout; -jmp_buf timeoutbuf; - -void -timer(int dummy) -{ - - timeout += rexmtval; - if (timeout >= maxtimeout) - exit(1); - longjmp(timeoutbuf, 1); -} - -static const char * -opcode(int code) -{ - static char buf[64]; - - switch (code) { - case RRQ: - return "RRQ"; - case WRQ: - return "WRQ"; - case DATA: - return "DATA"; - case ACK: - return "ACK"; - case ERROR: - return "ERROR"; - case OACK: - return "OACK"; - default: - (void)snprintf(buf, sizeof(buf), "*code %d*", code); - return buf; - } -} - -/* - * Send the requested file. - */ -void -sendfile(struct formats *pf, int etftp, int acklength) -{ - volatile unsigned int block; - struct tftphdr *dp; - struct tftphdr *ap; /* ack packet */ - int size, n; - - signal(SIGALRM, timer); - ap = (struct tftphdr *)ackbuf; - if (etftp) { - dp = (struct tftphdr *)oackbuf; - size = acklength - 4; - block = 0; - } else { - dp = r_init(); - size = 0; - block = 1; - } - - do { - if (block > 0) { - size = readit(file, &dp, tftp_blksize, pf->f_convert); - if (size < 0) { - nak(errno + 100); - goto abort; - } - dp->th_opcode = htons((u_short)DATA); - dp->th_block = htons((u_short)block); - } - timeout = 0; - (void)setjmp(timeoutbuf); - -send_data: - if (!etftp && debug) - syslog(LOG_DEBUG, "Send DATA %u", block); - if ((n = send(peer, dp, size + 4, 0)) != size + 4) { - syslog(LOG_ERR, "tftpd: write: %m"); - goto abort; - } - if (block) - read_ahead(file, tftp_blksize, pf->f_convert); - for ( ; ; ) { - alarm(rexmtval); /* read the ack */ - n = recv(peer, ackbuf, tftp_blksize, 0); - alarm(0); - if (n < 0) { - syslog(LOG_ERR, "tftpd: read: %m"); - goto abort; - } - ap->th_opcode = ntohs((u_short)ap->th_opcode); - ap->th_block = ntohs((u_short)ap->th_block); - switch (ap->th_opcode) { - case ERROR: - goto abort; - - case ACK: - if (ap->th_block == 0) { - etftp = 0; - acklength = 0; - dp = r_init(); - goto done; - } - if (ap->th_block == block) - goto done; - if (debug) - syslog(LOG_DEBUG, "Resync ACK %u != %u", - (unsigned int)ap->th_block, block); - /* Re-synchronize with the other side */ - (void) synchnet(peer, tftp_blksize); - if (ap->th_block == (block -1)) - goto send_data; - default: - syslog(LOG_INFO, "Received %s in sendfile\n", - opcode(dp->th_opcode)); - } - - } -done: - if (debug) - syslog(LOG_DEBUG, "Received ACK for block %u", block); - block++; - } while (size == tftp_blksize || block == 1); -abort: - (void) fclose(file); -} - -void -justquit(int dummy) -{ - - exit(0); -} - -/* - * Receive a file. - */ -void -recvfile(struct formats *pf, int etftp, int acklength) -{ - volatile unsigned int block; - struct tftphdr *dp; - struct tftphdr *ap; /* ack buffer */ - int n, size; - - signal(SIGALRM, timer); - dp = w_init(); - ap = (struct tftphdr *)oackbuf; - block = 0; - do { - timeout = 0; - if (etftp == 0) { - ap = (struct tftphdr *)ackbuf; - ap->th_opcode = htons((u_short)ACK); - ap->th_block = htons((u_short)block); - acklength = 4; - } - if (debug) - syslog(LOG_DEBUG, "Sending ACK for block %u\n", block); - block++; - (void) setjmp(timeoutbuf); -send_ack: - if (send(peer, ap, acklength, 0) != acklength) { - syslog(LOG_ERR, "tftpd: write: %m"); - goto abort; - } - write_behind(file, pf->f_convert); - for ( ; ; ) { - alarm(rexmtval); - n = recv(peer, dp, tftp_blksize + 4, 0); - alarm(0); - if (n < 0) { /* really? */ - syslog(LOG_ERR, "tftpd: read: %m"); - goto abort; - } - etftp = 0; - dp->th_opcode = ntohs((u_short)dp->th_opcode); - dp->th_block = ntohs((u_short)dp->th_block); - if (debug) - syslog(LOG_DEBUG, "Received %s for block %u", - opcode(dp->th_opcode), - (unsigned int)dp->th_block); - - switch (dp->th_opcode) { - case ERROR: - goto abort; - case DATA: - if (dp->th_block == block) - goto done; /* normal */ - if (debug) - syslog(LOG_DEBUG, "Resync %u != %u", - (unsigned int)dp->th_block, block); - /* Re-synchronize with the other side */ - (void) synchnet(peer, tftp_blksize); - if (dp->th_block == (block-1)) - goto send_ack; /* rexmit */ - break; - default: - syslog(LOG_INFO, "Received %s in recvfile\n", - opcode(dp->th_opcode)); - break; - } - } -done: - if (debug) - syslog(LOG_DEBUG, "Got block %u", block); - /* size = write(file, dp->th_data, n - 4); */ - size = writeit(file, &dp, n - 4, pf->f_convert); - if (size != (n-4)) { /* ahem */ - if (size < 0) nak(errno + 100); - else nak(ENOSPACE); - goto abort; - } - } while (size == tftp_blksize); - write_behind(file, pf->f_convert); - (void) fclose(file); /* close data file */ - - ap->th_opcode = htons((u_short)ACK); /* send the "final" ack */ - ap->th_block = htons((u_short)(block)); - if (debug) - syslog(LOG_DEBUG, "Send final ACK %u", block); - (void) send(peer, ackbuf, 4, 0); - - signal(SIGALRM, justquit); /* just quit on timeout */ - alarm(rexmtval); - n = recv(peer, buf, sizeof (buf), 0); /* normally times out and quits */ - alarm(0); - if (n >= 4 && /* if read some data */ - dp->th_opcode == DATA && /* and got a data block */ - block == dp->th_block) { /* then my last ack was lost */ - (void) send(peer, ackbuf, 4, 0); /* resend final ack */ - } -abort: - return; -} - -const struct errmsg { - int e_code; - const char *e_msg; -} errmsgs[] = { - { EUNDEF, "Undefined error code" }, - { ENOTFOUND, "File not found" }, - { EACCESS, "Access violation" }, - { ENOSPACE, "Disk full or allocation exceeded" }, - { EBADOP, "Illegal TFTP operation" }, - { EBADID, "Unknown transfer ID" }, - { EEXISTS, "File already exists" }, - { ENOUSER, "No such user" }, - { EOPTNEG, "Option negotiation failed" }, - { -1, 0 } -}; - -static const char * -errtomsg(int error) -{ - static char ebuf[20]; - const struct errmsg *pe; - - if (error == 0) - return ("success"); - for (pe = errmsgs; pe->e_code >= 0; pe++) - if (pe->e_code == error) - return (pe->e_msg); - snprintf(ebuf, sizeof(ebuf), "error %d", error); - return (ebuf); -} - -/* - * Send a nak packet (error message). - * Error code passed in is one of the - * standard TFTP codes, or a UNIX errno - * offset by 100. - */ -static void -nak(int error) -{ - const struct errmsg *pe; - struct tftphdr *tp; - int length; - size_t msglen; - - tp = (struct tftphdr *)buf; - tp->th_opcode = htons((u_short)ERROR); - msglen = sizeof(buf) - (&tp->th_msg[0] - buf); - for (pe = errmsgs; pe->e_code >= 0; pe++) - if (pe->e_code == error) - break; - if (pe->e_code < 0) { - tp->th_code = EUNDEF; /* set 'undef' errorcode */ - strlcpy(tp->th_msg, strerror(error - 100), msglen); - } else { - tp->th_code = htons((u_short)error); - strlcpy(tp->th_msg, pe->e_msg, msglen); - } - if (debug) - syslog(LOG_DEBUG, "Send NACK %s", tp->th_msg); - length = strlen(tp->th_msg); - msglen = &tp->th_msg[length + 1] - buf; - if (send(peer, buf, msglen, 0) != msglen) - syslog(LOG_ERR, "nak: %m"); -} - -static char * -verifyhost(struct sockaddr *fromp) -{ - static char hbuf[MAXHOSTNAMELEN]; - - if (getnameinfo(fromp, fromp->sa_len, hbuf, sizeof(hbuf), NULL, 0, 0)) - strlcpy(hbuf, "?", sizeof(hbuf)); - return (hbuf); -} diff --git a/tftpd.tproj/tftpsubs.c b/tftpd.tproj/tftpsubs.c deleted file mode 100644 index 89fb0e4..0000000 --- a/tftpd.tproj/tftpsubs.c +++ /dev/null @@ -1,285 +0,0 @@ -/* $NetBSD: tftpsubs.c,v 1.8 2003/08/07 11:16:14 agc Exp $ */ - -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#ifndef lint -#if 0 -static char sccsid[] = "@(#)tftpsubs.c 8.1 (Berkeley) 6/6/93"; -#else -__RCSID("$NetBSD: tftpsubs.c,v 1.8 2003/08/07 11:16:14 agc Exp $"); -#endif -#endif /* not lint */ - -/* Simple minded read-ahead/write-behind subroutines for tftp user and - server. Written originally with multiple buffers in mind, but current - implementation has two buffer logic wired in. - - Todo: add some sort of final error check so when the write-buffer - is finally flushed, the caller can detect if the disk filled up - (or had an i/o error) and return a nak to the other side. - - Jim Guyton 10/85 - */ - -#include -#include -#include -#include -#include "tftp.h" - -#include -#include - -#include "tftpsubs.h" - -struct bf { - int counter; /* size of data in buffer, or flag */ - char buf[MAXPKTSIZE]; /* room for data packet */ -} bfs[2]; - - /* Values for bf.counter */ -#define BF_ALLOC -3 /* alloc'd but not yet filled */ -#define BF_FREE -2 /* free */ -/* [-1 .. SEGSIZE] = size of data in the data buffer */ - -static int nextone; /* index of next buffer to use */ -static int current; /* index of buffer in use */ - - /* control flags for crlf conversions */ -int newline = 0; /* fillbuf: in middle of newline expansion */ -int prevchar = -1; /* putbuf: previous char (cr check) */ - -static struct tftphdr *rw_init __P((int)); - -struct tftphdr * -w_init() /* write-behind */ -{ - return rw_init(0); -} - -struct tftphdr * -r_init() /* read-ahead */ -{ - return rw_init(1); -} - -static struct tftphdr * -rw_init(x) /* init for either read-ahead or write-behind */ - int x; /* zero for write-behind, one for read-head */ -{ - newline = 0; /* init crlf flag */ - prevchar = -1; - bfs[0].counter = BF_ALLOC; /* pass out the first buffer */ - current = 0; - bfs[1].counter = BF_FREE; - nextone = x; /* ahead or behind? */ - return (struct tftphdr *)bfs[0].buf; -} - -/* Have emptied current buffer by sending to net and getting ack. - Free it and return next buffer filled with data. - */ -int -readit(file, dpp, amt, convert) - FILE *file; /* file opened for read */ - struct tftphdr **dpp; - int amt; - int convert; /* if true, convert to ascii */ -{ - struct bf *b; - - bfs[current].counter = BF_FREE; /* free old one */ - current = !current; /* "incr" current */ - - b = &bfs[current]; /* look at new buffer */ - if (b->counter == BF_FREE) /* if it's empty */ - read_ahead(file, amt, convert); /* fill it */ -/* assert(b->counter != BF_FREE);*//* check */ - *dpp = (struct tftphdr *)b->buf; /* set caller's ptr */ - return b->counter; -} - -/* - * fill the input buffer, doing ascii conversions if requested - * conversions are lf -> cr,lf and cr -> cr, nul - */ -void -read_ahead(file, amt, convert) - FILE *file; /* file opened for read */ - int amt; /* number of bytes to read */ - int convert; /* if true, convert to ascii */ -{ - int i; - char *p; - int c; - struct bf *b; - struct tftphdr *dp; - - b = &bfs[nextone]; /* look at "next" buffer */ - if (b->counter != BF_FREE) /* nop if not free */ - return; - nextone = !nextone; /* "incr" next buffer ptr */ - - dp = (struct tftphdr *)b->buf; - - if (convert == 0) { - b->counter = read(fileno(file), dp->th_data, amt); - return; - } - - p = dp->th_data; - for (i = 0 ; i < amt; i++) { - if (newline) { - if (prevchar == '\n') - c = '\n'; /* lf to cr,lf */ - else c = '\0'; /* cr to cr,nul */ - newline = 0; - } - else { - c = getc(file); - if (c == EOF) break; - if (c == '\n' || c == '\r') { - prevchar = c; - c = '\r'; - newline = 1; - } - } - *p++ = c; - } - b->counter = (int)(p - dp->th_data); -} - -/* Update count associated with the buffer, get new buffer - from the queue. Calls write_behind only if next buffer not - available. - */ -int -writeit(file, dpp, ct, convert) - FILE *file; - struct tftphdr **dpp; - int ct, convert; -{ - bfs[current].counter = ct; /* set size of data to write */ - current = !current; /* switch to other buffer */ - if (bfs[current].counter != BF_FREE) /* if not free */ - (void)write_behind(file, convert); /* flush it */ - bfs[current].counter = BF_ALLOC; /* mark as alloc'd */ - *dpp = (struct tftphdr *)bfs[current].buf; - return ct; /* this is a lie of course */ -} - -/* - * Output a buffer to a file, converting from netascii if requested. - * CR,NUL -> CR and CR,LF => LF. - * Note spec is undefined if we get CR as last byte of file or a - * CR followed by anything else. In this case we leave it alone. - */ -int -write_behind(file, convert) - FILE *file; - int convert; -{ - char *buf; - int count; - int ct; - char *p; - int c; /* current character */ - struct bf *b; - struct tftphdr *dp; - - b = &bfs[nextone]; - if (b->counter < -1) /* anything to flush? */ - return 0; /* just nop if nothing to do */ - - count = b->counter; /* remember byte count */ - b->counter = BF_FREE; /* reset flag */ - dp = (struct tftphdr *)b->buf; - nextone = !nextone; /* incr for next time */ - buf = dp->th_data; - - if (count <= 0) return -1; /* nak logic? */ - - if (convert == 0) - return write(fileno(file), buf, count); - - p = buf; - ct = count; - while (ct--) { /* loop over the buffer */ - c = *p++; /* pick up a character */ - if (prevchar == '\r') { /* if prev char was cr */ - if (c == '\n') /* if have cr,lf then just */ - fseek(file, -1, 1); /* smash lf on top of the cr */ - else - if (c == '\0') /* if have cr,nul then */ - goto skipit; /* just skip over the putc */ - /* else just fall through and allow it */ - } - putc(c, file); -skipit: - prevchar = c; - } - return count; -} - - -/* When an error has occurred, it is possible that the two sides - * are out of synch. Ie: that what I think is the other side's - * response to packet N is really their response to packet N-1. - * - * So, to try to prevent that, we flush all the input queued up - * for us on the network connection on our host. - * - * We return the number of packets we flushed (mostly for reporting - * when trace is active). - */ - -int -synchnet(f, bsize) - int f; /* socket to flush */ - int bsize; /* size of buffer to sync */ -{ - int i, j = 0; - char rbuf[PKTSIZE]; - struct sockaddr_storage from; - int fromlen; - - while (1) { - (void) ioctl(f, FIONREAD, &i); - if (i) { - j++; - fromlen = sizeof from; - (void) recvfrom(f, rbuf, sizeof (rbuf), 0, - (struct sockaddr *)&from, &fromlen); - } else { - return(j); - } - } -} diff --git a/tftpd.tproj/tftpsubs.h b/tftpd.tproj/tftpsubs.h deleted file mode 100644 index 98284f8..0000000 --- a/tftpd.tproj/tftpsubs.h +++ /dev/null @@ -1,48 +0,0 @@ -/* $NetBSD: tftpsubs.h,v 1.4 2003/08/07 11:16:14 agc Exp $ */ - -/* - * Copyright (c) 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)tftpsubs.h 8.1 (Berkeley) 6/6/93 - */ - -/* - * Prototypes for read-ahead/write-behind subroutines for tftp user and - * server. - */ - - -struct tftphdr *r_init __P((void)); -void read_ahead __P((FILE *, int, int)); -int readit __P((FILE *, struct tftphdr **, int, int)); - -int synchnet __P((int, int)); - -struct tftphdr *w_init __P((void)); -int write_behind __P((FILE *, int)); -int writeit __P((FILE *, struct tftphdr **, int, int)); diff --git a/timed.tproj/Makefile b/timed.tproj/Makefile deleted file mode 100644 index fc8a78d..0000000 --- a/timed.tproj/Makefile +++ /dev/null @@ -1,44 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = timed - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Aggregate - -TOOLS = timed.tproj timedc.tproj - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = aggregate.make -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/timed.tproj/Makefile.postamble b/timed.tproj/Makefile.postamble deleted file mode 100644 index 18167b9..0000000 --- a/timed.tproj/Makefile.postamble +++ /dev/null @@ -1,109 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# ENGLISH - boolean flag set iff $(LANGUAGE) = "English" -# JAPANESE - boolean flag set iff $(LANGUAGE) = "Japanese" -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder that output Makefile -# APPICON - application icon file -# DOCICONS - dock icon files -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A -#COMPATIBILITY_PROJECT_VERSION = 1 - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wall -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root # User/group ownership -#INSTALL_AS_GROUP = wheel # (probably want to set both of these) -#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S # for .a archives -#DYNAMIC_STRIP_OPTS = -S # for bundles and shared libraries - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. diff --git a/timed.tproj/Makefile.preamble b/timed.tproj/Makefile.preamble deleted file mode 100644 index cc5c371..0000000 --- a/timed.tproj/Makefile.preamble +++ /dev/null @@ -1,121 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set all three of these if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the specified dir on the -# specified public header files with the specified additional flags. Don't put -# $(DSTROOT) in PUBLIC_HEADER_DIR; this is done for you. -PUBLIC_HEADER_DIR = -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libs to link against -OTHER_LIBS = -# Additional libs to link against when $(JAPANESE) = "YES" -OTHER_JAPANESE_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# A virtual root directory (other than /) to be prepended to the $(INSTALLDIR) -# passed from ProjectBuilder. -DSTROOT = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - --include ../Makefile.include diff --git a/timed.tproj/PB.project b/timed.tproj/PB.project deleted file mode 100644 index 624995d..0000000 --- a/timed.tproj/PB.project +++ /dev/null @@ -1,21 +0,0 @@ -{ - FILESTABLE = { - H_FILES = (); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble); - SUBPROJECTS = (timed.tproj, timedc.tproj); - TOOLS = (); - }; - GENERATEMAIN = YES; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_DOCUMENTEXTENSIONS = (); - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = timed; - PROJECTTYPE = Aggregate; - PROJECTVERSION = 2.8; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/timed.tproj/timed.tproj/Makefile b/timed.tproj/timed.tproj/Makefile deleted file mode 100644 index 8636bc9..0000000 --- a/timed.tproj/timed.tproj/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = timed - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = extern.h globals.h pathnames.h - -CFILES = acksend.c byteorder.c candidate.c cksum.c correct.c master.c\ - measure.c networkdelta.c readmsg.c slave.c timed.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble timed.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/timed.tproj/timed.tproj/Makefile.postamble b/timed.tproj/timed.tproj/Makefile.postamble deleted file mode 100644 index ff71833..0000000 --- a/timed.tproj/timed.tproj/Makefile.postamble +++ /dev/null @@ -1,125 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder project (NS3.X = 1.1, NS4.0 = 2.0) -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES - # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A - # This should be incremented as your API changes. -#COMPATIBILITY_PROJECT_VERSION = 1 - # This should be incremented as your API grows. -#CURRENT_PROJECT_VERSION = 1 - # Defaults to using the "vers_string" hack. - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wmost -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S - # for .a archives -#DYNAMIC_STRIP_OPTS = -S - # for bundles and shared libraries - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -# Note: on MS Windows, executables, have an extension, so rules and dependencies -# for generated tools should use $(EXECUTABLE_EXT) on the end. -after_install: - mkdir -p "$(DSTROOT)/usr/share/man/man8" - install -c -m 644 timed.8 "$(DSTROOT)/usr/share/man/man8/timed.8" diff --git a/timed.tproj/timed.tproj/Makefile.preamble b/timed.tproj/timed.tproj/Makefile.preamble deleted file mode 100644 index 692cd82..0000000 --- a/timed.tproj/timed.tproj/Makefile.preamble +++ /dev/null @@ -1,131 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# If you do not want any headers exported before compilations begin, -# uncomment the following line. This can be a big time saver. -#SKIP_EXPORTING_HEADERS = YES - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set these two macros if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the public header directory -# on the specified public header files with the specified additional flags. -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -# Set this for library projects if you want to publish header files. If your -# app or tool project exports headers Don't -# include $(DSTROOT); this is added for you automatically. -PUBLIC_HEADER_DIR = -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Set this for dynamic library projects on platforms where code which references -# a dynamic library must link against an import library (i.e., Windows NT) -# Don't include $(DSTROOT); this is added for you automatically. -IMPORT_LIBRARY_DIR = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Uncomment this to produce a static archive-style (.a) library -#LIBRARY_STYLE = STATIC - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = -# .x files that should have rpcgen run on them -RPCFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - -AFTER_INSTALL = after_install diff --git a/timed.tproj/timed.tproj/PB.project b/timed.tproj/timed.tproj/PB.project deleted file mode 100644 index e3accbc..0000000 --- a/timed.tproj/timed.tproj/PB.project +++ /dev/null @@ -1,38 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (extern.h, globals.h, pathnames.h); - OTHER_LINKED = ( - acksend.c, - byteorder.c, - candidate.c, - cksum.c, - correct.c, - master.c, - measure.c, - networkdelta.c, - readmsg.c, - slave.c, - timed.c - ); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, timed.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = timed; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/timed.tproj/timed.tproj/acksend.c b/timed.tproj/timed.tproj/acksend.c deleted file mode 100644 index f4ac330..0000000 --- a/timed.tproj/timed.tproj/acksend.c +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)acksend.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include "globals.h" - -struct tsp *answer; - -extern u_short sequence; - -void -xmit(type, seq, addr) - int type; - u_int seq; - struct sockaddr_in *addr; -{ - static struct tsp msg; - - msg.tsp_type = type; - msg.tsp_seq = seq; - msg.tsp_vers = TSPVERSION; - (void)strcpy(msg.tsp_name, hostname); - bytenetorder(&msg); - if (sendto(sock, (char *)&msg, sizeof(struct tsp), 0, - (struct sockaddr*)addr, sizeof(struct sockaddr)) < 0) { - trace_sendto_err(addr->sin_addr); - } -} - - -/* - * Acksend implements reliable datagram transmission by using sequence - * numbers and retransmission when necessary. - * If `name' is ANYADDR, this routine implements reliable broadcast. - * - * Because this function calls readmsg(), none of its args may be in - * a message provided by readmsg(). - */ -struct tsp * -acksend(message, addr, name, ack, net, bad) - struct tsp *message; /* this message */ - struct sockaddr_in *addr; /* to here */ - char *name; - int ack; /* look for this ack */ - struct netinfo *net; /* receive from this network */ - int bad; /* 1=losing patience */ -{ - struct timeval twait; - int count; - long msec; - - message->tsp_vers = TSPVERSION; - message->tsp_seq = sequence; - if (trace) { - fprintf(fd, "acksend: to %s: ", - (name == ANYADDR ? "broadcast" : name)); - print(message, addr); - } - bytenetorder(message); - - msec = 200; - count = bad ? 1 : 5; /* 5 packets in 6.4 seconds */ - answer = 0; - do { - if (!answer) { - /* do not go crazy transmitting just because the - * other guy cannot keep our sequence numbers - * straight. - */ - if (sendto(sock, (char *)message, sizeof(struct tsp), - 0, (struct sockaddr*)addr, - sizeof(struct sockaddr)) < 0) { - trace_sendto_err(addr->sin_addr); - break; - } - } - - mstotvround(&twait, msec); - answer = readmsg(ack, name, &twait, net); - if (answer != 0) { - if (answer->tsp_seq != sequence) { - if (trace) - fprintf(fd,"acksend: seq # %u!=%u\n", - answer->tsp_seq, sequence); - continue; - } - break; - } - - msec *= 2; - } while (--count > 0); - sequence++; - - return(answer); -} diff --git a/timed.tproj/timed.tproj/byteorder.c b/timed.tproj/timed.tproj/byteorder.c deleted file mode 100644 index 59a5e8c..0000000 --- a/timed.tproj/timed.tproj/byteorder.c +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)byteorder.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include "globals.h" - -/* - * Two routines to do the necessary byte swapping for timed protocol - * messages. Protocol is defined in /usr/include/protocols/timed.h - */ -void -bytenetorder(ptr) - struct tsp *ptr; -{ - ptr->tsp_seq = htons((u_short)ptr->tsp_seq); - switch (ptr->tsp_type) { - - case TSP_SETTIME: - case TSP_ADJTIME: - case TSP_SETDATE: - case TSP_SETDATEREQ: - ptr->tsp_time.tv_sec = htonl((u_long)ptr->tsp_time.tv_sec); - ptr->tsp_time.tv_usec = htonl((u_long)ptr->tsp_time.tv_usec); - break; - - default: - break; /* nothing more needed */ - } -} - -void -bytehostorder(ptr) - struct tsp *ptr; -{ - ptr->tsp_seq = ntohs((u_short)ptr->tsp_seq); - switch (ptr->tsp_type) { - - case TSP_SETTIME: - case TSP_ADJTIME: - case TSP_SETDATE: - case TSP_SETDATEREQ: - ptr->tsp_time.tv_sec = ntohl((u_long)ptr->tsp_time.tv_sec); - ptr->tsp_time.tv_usec = ntohl((u_long)ptr->tsp_time.tv_usec); - break; - - default: - break; /* nothing more needed */ - } -} diff --git a/timed.tproj/timed.tproj/candidate.c b/timed.tproj/timed.tproj/candidate.c deleted file mode 100644 index f3d2bab..0000000 --- a/timed.tproj/timed.tproj/candidate.c +++ /dev/null @@ -1,190 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)candidate.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include "globals.h" - -/* - * `election' candidates a host as master: it is called by a slave - * which runs with the -M option set when its election timeout expires. - * Note the conservative approach: if a new timed comes up, or another - * candidate sends an election request, the candidature is withdrawn. - */ -int -election(net) - struct netinfo *net; -{ - struct tsp *resp, msg; - struct timeval then, wait; - struct tsp *answer; - struct hosttbl *htp; - char loop_lim = 0; - -/* This code can get totally confused if it gets slightly behind. For - * example, if readmsg() has some QUIT messages waiting from the last - * round, we would send an ELECTION message, get the stale QUIT, - * and give up. This results in network storms when several machines - * do it at once. - */ - wait.tv_sec = 0; - wait.tv_usec = 0; - while (0 != readmsg(TSP_REFUSE, ANYADDR, &wait, net)) { - if (trace) - fprintf(fd, "election: discarded stale REFUSE\n"); - } - while (0 != readmsg(TSP_QUIT, ANYADDR, &wait, net)) { - if (trace) - fprintf(fd, "election: discarded stale QUIT\n"); - } - -again: - syslog(LOG_INFO, "This machine is a candidate time master"); - if (trace) - fprintf(fd, "This machine is a candidate time master\n"); - msg.tsp_type = TSP_ELECTION; - msg.tsp_vers = TSPVERSION; - (void)strcpy(msg.tsp_name, hostname); - bytenetorder(&msg); - if (sendto(sock, (char *)&msg, sizeof(struct tsp), 0, - (struct sockaddr*)&net->dest_addr, - sizeof(struct sockaddr)) < 0) { - trace_sendto_err(net->dest_addr.sin_addr); - return(SLAVE); - } - - (void)gettimeofday(&then, 0); - then.tv_sec += 3; - for (;;) { - (void)gettimeofday(&wait, 0); - timevalsub(&wait,&then,&wait); - resp = readmsg(TSP_ANY, ANYADDR, &wait, net); - if (!resp) - return(MASTER); - - switch (resp->tsp_type) { - - case TSP_ACCEPT: - (void)addmach(resp->tsp_name, &from,fromnet); - break; - - case TSP_MASTERUP: - case TSP_MASTERREQ: - /* - * If another timedaemon is coming up at the same - * time, give up, and let it be the master. - */ - if (++loop_lim < 5 - && !good_host_name(resp->tsp_name)) { - (void)addmach(resp->tsp_name, &from,fromnet); - suppress(&from, resp->tsp_name, net); - goto again; - } - rmnetmachs(net); - return(SLAVE); - - case TSP_QUIT: - case TSP_REFUSE: - /* - * Collision: change value of election timer - * using exponential backoff. - * - * Fooey. - * An exponential backoff on a delay starting at - * 6 to 15 minutes for a process that takes - * milliseconds is silly. It is particularly - * strange that the original code would increase - * the backoff without bound. - */ - rmnetmachs(net); - return(SLAVE); - - case TSP_ELECTION: - /* no master for another round */ - htp = addmach(resp->tsp_name,&from,fromnet); - msg.tsp_type = TSP_REFUSE; - (void)strcpy(msg.tsp_name, hostname); - answer = acksend(&msg, &htp->addr, htp->name, - TSP_ACK, 0, htp->noanswer); - if (!answer) { - syslog(LOG_ERR, "error in election from %s", - htp->name); - } - break; - - case TSP_SLAVEUP: - (void)addmach(resp->tsp_name, &from,fromnet); - break; - - case TSP_SETDATE: - case TSP_SETDATEREQ: - break; - - default: - if (trace) { - fprintf(fd, "candidate: "); - print(resp, &from); - } - break; - } - } -} diff --git a/timed.tproj/timed.tproj/cksum.c b/timed.tproj/timed.tproj/cksum.c deleted file mode 100644 index 0b36514..0000000 --- a/timed.tproj/timed.tproj/cksum.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)cksum.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include - -/* - * I N _ C K S U M - * - * Checksum routine for Internet Protocol family headers (C Version) - * - * There is no profit in a specialized version of the checksum - * function for any machine where int's are 32 bits and shorts are 16. - * - * All timed packets are smaller than 32K shorts, so there is no need to - * worry about carries except at the end. - */ -int -in_cksum(addr, len) - u_short *addr; - int len; -{ - register int nleft = len; - register u_short *w = addr; - register u_short answer; - register int sum = 0; - - /* - * Our algorithm is simple, using a 32 bit accumulator (sum), - * we add sequential 16 bit words to it, and at the end, fold - * back all the carry bits from the top 16 bits into the lower - * 16 bits. - */ - while( nleft > 1 ) { - sum += *w++; - nleft -= 2; - } - - /* mop up an odd byte, if necessary */ - if( nleft == 1 ) - sum += (*(u_char *)w) << 8; - - /* - * add back carry outs from top 16 bits to low 16 bits - */ - sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */ - sum += (sum >> 16); /* add carry */ - answer = ~sum; /* truncate to 16 bits */ - return (answer); -} diff --git a/timed.tproj/timed.tproj/correct.c b/timed.tproj/timed.tproj/correct.c deleted file mode 100644 index be98677..0000000 --- a/timed.tproj/timed.tproj/correct.c +++ /dev/null @@ -1,317 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)correct.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include "globals.h" -#include -#include -#include -#ifdef sgi -#include -#endif /* sgi */ - -static void adjclock __P((struct timeval *)); - -/* - * sends to the slaves the corrections for their clocks after fixing our - * own - */ -void -correct(avdelta) - long avdelta; -{ - struct hosttbl *htp; - int corr; - struct timeval adjlocal; - struct tsp to; - struct tsp *answer; - - mstotvround(&adjlocal, avdelta); - - for (htp = self.l_fwd; htp != &self; htp = htp->l_fwd) { - if (htp->delta != HOSTDOWN) { - corr = avdelta - htp->delta; -/* If the other machine is off in the weeds, set its time directly. - * If a slave gets the wrong day, the original code would simply - * fix the minutes. If you fix a network partition, you can get - * into such situations. - */ - if (htp->need_set - || corr >= MAXADJ*1000 - || corr <= -MAXADJ*1000) { - htp->need_set = 0; - (void)gettimeofday(&to.tsp_time,0); - timevaladd(&to.tsp_time, &adjlocal); - to.tsp_type = TSP_SETTIME; - } else { - mstotvround(&to.tsp_time, corr); - to.tsp_type = TSP_ADJTIME; - } - (void)strcpy(to.tsp_name, hostname); - answer = acksend(&to, &htp->addr, htp->name, - TSP_ACK, 0, 0); - if (!answer) { - htp->delta = HOSTDOWN; - syslog(LOG_WARNING, - "no reply to time correction from %s", - htp->name); - if (++htp->noanswer >= LOSTHOST) { - if (trace) { - fprintf(fd, - "purging %s for not answering\n", - htp->name); - (void)fflush(fd); - } - htp = remmach(htp); - } - } - } - } - - /* - * adjust our own clock now that we are not sending it out - */ - adjclock(&adjlocal); -} - - -static void -adjclock(corr) - struct timeval *corr; -{ - static int passes = 0; - static int smoother = 0; - long delta; /* adjustment in usec */ - long ndelta; - struct timeval now; - struct timeval adj; - - if (!timerisset(corr)) - return; - - adj = *corr; - if (adj.tv_sec < MAXADJ && adj.tv_sec > - MAXADJ) { - delta = adj.tv_sec*1000000 + adj.tv_usec; - /* If the correction is less than the minimum round - * trip time for an ICMP packet, and thus - * less than the likely error in the measurement, - * do not do the entire correction. Do half - * or a quarter of it. - */ - - if (delta > -MIN_ROUND*1000 - && delta < MIN_ROUND*1000) { - if (smoother <= 4) - smoother++; - ndelta = delta >> smoother; - if (trace) - fprintf(fd, - "trimming delta %ld usec to %ld\n", - delta, ndelta); - adj.tv_usec = ndelta; - adj.tv_sec = 0; - } else if (smoother > 0) { - smoother--; - } - if (0 > adjtime(corr, 0)) { - syslog(LOG_ERR, "adjtime: %m"); - } - if (passes > 1 - && (delta < -BIG_ADJ || delta > BIG_ADJ)) { - smoother = 0; - passes = 0; - syslog(LOG_WARNING, - "large time adjustment of %+.3f sec", - delta/1000000.0); - } - } else { - syslog(LOG_WARNING, - "clock correction %d sec too large to adjust", - adj.tv_sec); - (void) gettimeofday(&now, 0); - timevaladd(&now, corr); - if (settimeofday(&now, 0) < 0) - syslog(LOG_ERR, "settimeofday: %m"); - } - -#ifdef sgi - /* Accumulate the total change, and use it to adjust the basic - * clock rate. - */ - if (++passes > 2) { -#define F_USEC_PER_SEC (1000000*1.0) /* reduce typos */ -#define F_NSEC_PER_SEC (F_USEC_PER_SEC*1000.0) - - extern char *timetrim_fn; - extern char *timetrim_wpat; - extern long timetrim; - extern double tot_adj, hr_adj; /* totals in nsec */ - extern double tot_ticks, hr_ticks; - - static double nag_tick; - double cur_ticks, hr_delta_ticks, tot_delta_ticks; - double tru_tot_adj, tru_hr_adj; /* nsecs of adjustment */ - double tot_trim, hr_trim; /* nsec/sec */ - struct tms tm; - FILE *timetrim_st; - - cur_ticks = times(&tm); - tot_adj += delta*1000.0; - hr_adj += delta*1000.0; - - tot_delta_ticks = cur_ticks-tot_ticks; - if (tot_delta_ticks >= 16*SECDAY*CLK_TCK) { - tot_adj -= rint(tot_adj/16); - tot_ticks += rint(tot_delta_ticks/16); - tot_delta_ticks = cur_ticks-tot_ticks; - } - hr_delta_ticks = cur_ticks-hr_ticks; - - tru_hr_adj = hr_adj + timetrim*rint(hr_delta_ticks/CLK_TCK); - tru_tot_adj = (tot_adj - + timetrim*rint(tot_delta_ticks/CLK_TCK)); - - if (hr_delta_ticks >= SECDAY*CLK_TCK - || (tot_delta_ticks < 4*SECDAY*CLK_TCK - && hr_delta_ticks >= SECHR*CLK_TCK) - || (trace && hr_delta_ticks >= (SECHR/10)*CLK_TCK)) { - - tot_trim = rint(tru_tot_adj*CLK_TCK/tot_delta_ticks); - hr_trim = rint(tru_hr_adj*CLK_TCK/hr_delta_ticks); - - if (trace - || (abs(timetrim - hr_trim) > 100000.0 - && 0 == timetrim_fn - && ((cur_ticks - nag_tick) - >= 24*SECDAY*CLK_TCK))) { - nag_tick = cur_ticks; - syslog(LOG_NOTICE, - "%+.3f/%.2f or %+.3f/%.2f sec/hr; timetrim=%+.0f or %+.0f", - tru_tot_adj/F_NSEC_PER_SEC, - tot_delta_ticks/(SECHR*CLK_TCK*1.0), - tru_hr_adj/F_NSEC_PER_SEC, - hr_delta_ticks/(SECHR*CLK_TCK*1.0), - tot_trim, - hr_trim); - } - - if (tot_trim < -MAX_TRIM || tot_trim > MAX_TRIM) { - tot_ticks = hr_ticks; - tot_adj = hr_adj; - } else if (0 > syssgi(SGI_SETTIMETRIM, - (long)tot_trim)) { - syslog(LOG_ERR, "SETTIMETRIM(%d): %m", - (long)tot_trim); - } else { - if (0 != timetrim_fn) { - timetrim_st = fopen(timetrim_fn, "w"); - if (0 == timetrim_st) { - syslog(LOG_ERR, "fopen(%s): %m", - timetrim_fn); - } else { - if (0 > fprintf(timetrim_st, - timetrim_wpat, - (long)tot_trim, - tru_tot_adj, - tot_delta_ticks)) { - syslog(LOG_ERR, - "fprintf(%s): %m", - timetrim_fn); - } - (void)fclose(timetrim_st); - } - } - - tot_adj -= ((tot_trim - timetrim) - * rint(tot_delta_ticks/CLK_TCK)); - timetrim = tot_trim; - } - - hr_ticks = cur_ticks; - hr_adj = 0; - } - } -#endif /* sgi */ -} - - -/* adjust the time in a message by the time it - * spent in the queue - */ -void -adj_msg_time(msg, now) - struct tsp *msg; - struct timeval *now; -{ - msg->tsp_time.tv_sec += (now->tv_sec - from_when.tv_sec); - msg->tsp_time.tv_usec += (now->tv_usec - from_when.tv_usec); - - while (msg->tsp_time.tv_usec < 0) { - msg->tsp_time.tv_sec--; - msg->tsp_time.tv_usec += 1000000; - } - while (msg->tsp_time.tv_usec >= 1000000) { - msg->tsp_time.tv_sec++; - msg->tsp_time.tv_usec -= 1000000; - } -} diff --git a/timed.tproj/timed.tproj/extern.h b/timed.tproj/timed.tproj/extern.h deleted file mode 100644 index 00f9d35..0000000 --- a/timed.tproj/timed.tproj/extern.h +++ /dev/null @@ -1,112 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)extern.h 8.1 (Berkeley) 6/6/93 - */ - -struct hosttbl; -struct netinfo; -struct sockaddr_in; -struct timeval; -struct tsp; - -struct hosttbl *addmach __P((char *, struct sockaddr_in *, struct netinfo *)); -struct hosttbl *findhost __P((char *)); -struct hosttbl *remmach __P((struct hosttbl *)); - -struct tsp *readmsg __P((int, - char *, struct timeval *, struct netinfo *)); -struct tsp *acksend __P((struct tsp *, - struct sockaddr_in *, char *, int, struct netinfo *, int)); - -void addnetname __P((char *)); -void adj_msg_time __P((struct tsp *, struct timeval *)); -void bytehostorder __P((struct tsp *)); -void bytenetorder __P((struct tsp *)); -void byteorder __P((struct tsp *)); -long casual __P((long, long)); -int cksum __P((u_short *, int)); -void correct __P((long)); -char *date __P((void)); -void doquit __P((struct tsp *)); -int election __P((struct netinfo *)); -void get_goodgroup __P((int)); -int good_host_name __P((char *)); -void ignoreack __P((void)); -int in_cksum __P((u_short *, int)); -void lookformaster __P((struct netinfo *)); -void makeslave __P((struct netinfo *)); -int master __P((void)); -void masterack __P((void)); -void masterup __P((struct netinfo *)); -int measure __P((u_long, u_long, char *, struct sockaddr_in *, int)); -void msterup __P((struct netinfo *)); -void mstotvround __P((struct timeval *, long)); -long networkdelta __P((void)); -void newslave __P((struct tsp *)); -void print __P((struct tsp *, struct sockaddr_in *)); -void prthp __P((clock_t)); -void rmnetmachs __P((struct netinfo *)); -void setstatus __P((void)); -int slave __P((void)); -void slaveack __P((void)); -void spreadtime __P((void)); -void suppress __P((struct sockaddr_in *, char *, struct netinfo *)); -void synch __P((long)); -void timevaladd __P((struct timeval *, struct timeval *)); -void timevalsub __P((struct timeval *, struct timeval *, struct timeval *)); -void traceoff __P((char *)); -void traceon __P((void)); -void xmit __P((int, u_int, struct sockaddr_in *)); diff --git a/timed.tproj/timed.tproj/globals.h b/timed.tproj/timed.tproj/globals.h deleted file mode 100644 index b3452fc..0000000 --- a/timed.tproj/timed.tproj/globals.h +++ /dev/null @@ -1,209 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)globals.h 8.1 (Berkeley) 6/6/93 - */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#ifdef sgi -#include -#include -/* use the constant HZ instead of the function CLK_TCK */ -#undef CLK_TCK -#define CLK_TCK HZ -#else -#define SECHR (60*60) -#define SECDAY (24*SECHR) -#endif /* sgi */ - -extern int errno; -extern int sock; - -/* Best expected round trip for a measurement. - * This is essentially the number of milliseconds per CPU tick (CLK_TCK?). - * All delays shorter than this are usually reported as 0. - */ -#define MIN_ROUND ((1000-1)/CLK_TCK) - - -#define SAMPLEINTVL 240 /* synch() freq for master in sec */ -#define MAXADJ 20 /* max adjtime() correction in sec */ - -#define MAX_TRIM 3000000 /* max drift in nsec/sec, 0.3% */ -#define BIG_ADJ (MAX_TRIM/1000*SAMPLEINTVL*2) /* max good adj */ - -#define MINTOUT 360 /* election delays, 6-15 minutes */ -#define MAXTOUT 900 - -#define BAD_STATUS (-1) -#define GOOD 1 -#define UNREACHABLE 2 -#define NONSTDTIME 3 -#define HOSTDOWN 0x7fffffff - -#define OFF 0 -#define ON 1 - -#define MAX_HOPCNT 10 /* max value for tsp_hpcnt */ - -#define LOSTHOST 3 /* forget after this many failures */ - -#define VALID_RANGE (MAXADJ*1000) /* good times in milliseconds */ -#define GOOD_RANGE (MIN_ROUND*2) -#define VGOOD_RANGE (MIN_ROUND-1) - - -/* - * Global and per-network states. - */ -#define NOMASTER 0 /* no good master */ -#define SLAVE 1 -#define MASTER 2 -#define IGNORE 4 -#define ALL (SLAVE|MASTER|IGNORE) -#define SUBMASTER (SLAVE|MASTER) - -#define NHOSTS 1013 /* max of hosts controlled by timed - * This must be a prime number. - */ -struct hosttbl { - struct hosttbl *h_bak; /* hash chain */ - struct hosttbl *h_fwd; - struct hosttbl *l_bak; /* "sequential" list */ - struct hosttbl *l_fwd; - struct netinfo *ntp; - struct sockaddr_in addr; - char name[MAXHOSTNAMELEN+1]; - u_char head; /* 1=head of hash chain */ - u_char good; /* 0=trusted host, for averaging */ - u_char noanswer; /* count of failures to answer */ - u_char need_set; /* need a SETTIME */ - u_short seq; - long delta; -}; - -/* closed hash table with internal chaining */ -extern struct hosttbl hosttbl[NHOSTS+1]; -#define self hosttbl[0] -#define hostname (self.name) - - -struct netinfo { - struct netinfo *next; - struct in_addr net; - u_long mask; - struct in_addr my_addr; - struct sockaddr_in dest_addr; /* broadcast addr or point-point */ - long status; - struct timeval slvwait; /* delay before sending our time */ - int quit_count; /* recent QUITs */ -}; - -#include "extern.h" - -#define tvtomsround(tv) ((tv).tv_sec*1000 + ((tv).tv_usec + 500)/1000) - -extern struct netinfo *nettab; -extern int status; -extern int trace; -extern int sock; -extern struct sockaddr_in from; -extern struct timeval from_when; /* when the last msg arrived */ -extern u_short sequence; /* TSP message sequence number */ -extern struct netinfo *fromnet, *slavenet; -extern FILE *fd; -extern long delay1, delay2; -extern int nslavenets; /* nets were I could be a slave */ -extern int nmasternets; /* nets were I could be a master */ -extern int nignorednets; /* ignored nets */ -extern int nnets; /* nets I am connected to */ - - -#define trace_msg(msg) {if (trace) fprintf(fd, msg);} - -#define trace_sendto_err(addr) { \ - int st_errno = errno; \ - syslog(LOG_ERR, "%s %d: sendto %s: %m", \ - __FILE__, __LINE__, inet_ntoa(addr)); \ - if (trace) \ - fprintf(fd, "%s %d: sendto %s: %d", __FILE__, __LINE__, \ - inet_ntoa(addr), st_errno); \ -} - - -# define max(a,b) (ab ? b : a) -# define abs(x) (x>=0 ? x : -(x)) diff --git a/timed.tproj/timed.tproj/master.c b/timed.tproj/timed.tproj/master.c deleted file mode 100644 index f4dbd7d..0000000 --- a/timed.tproj/timed.tproj/master.c +++ /dev/null @@ -1,930 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)master.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include "globals.h" -#include -#include -#include -#include -#ifdef sgi -#include -#endif /* sgi */ -#include -#include "pathnames.h" - -extern int measure_delta; -extern jmp_buf jmpenv; -extern int Mflag; -extern int justquit; - -static int dictate; -static int slvcount; /* slaves listening to our clock */ - -static void mchgdate __P((struct tsp *)); - -#ifdef sgi -extern void logwtmp __P((struct timeval *, struct timeval *)); -#else -extern void logwtmp __P((char *, char *, char *)); -#endif /* sgi */ - -/* - * The main function of `master' is to periodically compute the differences - * (deltas) between its clock and the clocks of the slaves, to compute the - * network average delta, and to send to the slaves the differences between - * their individual deltas and the network delta. - * While waiting, it receives messages from the slaves (i.e. requests for - * master's name, remote requests to set the network time, ...), and - * takes the appropriate action. - */ -int -master() -{ - struct hosttbl *htp; - long pollingtime; -#define POLLRATE 4 - int polls; - struct timeval wait, ntime; - struct tsp *msg, *answer, to; - char newdate[32]; - struct sockaddr_in taddr; - char tname[MAXHOSTNAMELEN]; - struct netinfo *ntp; - int i; - - syslog(LOG_NOTICE, "This machine is master"); - if (trace) - fprintf(fd, "This machine is master\n"); - for (ntp = nettab; ntp != NULL; ntp = ntp->next) { - if (ntp->status == MASTER) - masterup(ntp); - } - (void)gettimeofday(&ntime, 0); - pollingtime = ntime.tv_sec+3; - if (justquit) - polls = 0; - else - polls = POLLRATE-1; - -/* Process all outstanding messages before spending the long time necessary - * to update all timers. - */ -loop: - (void)gettimeofday(&ntime, 0); - wait.tv_sec = pollingtime - ntime.tv_sec; - if (wait.tv_sec < 0) - wait.tv_sec = 0; - wait.tv_usec = 0; - msg = readmsg(TSP_ANY, ANYADDR, &wait, 0); - if (!msg) { - (void)gettimeofday(&ntime, 0); - if (ntime.tv_sec >= pollingtime) { - pollingtime = ntime.tv_sec + SAMPLEINTVL; - get_goodgroup(0); - -/* If a bogus master told us to quit, we can have decided to ignore a - * network. Therefore, periodically try to take over everything. - */ - polls = (polls + 1) % POLLRATE; - if (0 == polls && nignorednets > 0) { - trace_msg("Looking for nets to re-master\n"); - for (ntp = nettab; ntp; ntp = ntp->next) { - if (ntp->status == IGNORE - || ntp->status == NOMASTER) { - lookformaster(ntp); - if (ntp->status == MASTER) { - masterup(ntp); - polls = POLLRATE-1; - } - } - if (ntp->status == MASTER - && --ntp->quit_count < 0) - ntp->quit_count = 0; - } - if (polls != 0) - setstatus(); - } - - synch(0L); - - for (ntp = nettab; ntp != NULL; ntp = ntp->next) { - to.tsp_type = TSP_LOOP; - to.tsp_vers = TSPVERSION; - to.tsp_seq = sequence++; - to.tsp_hopcnt = MAX_HOPCNT; - (void)strcpy(to.tsp_name, hostname); - bytenetorder(&to); - if (sendto(sock, (char *)&to, - sizeof(struct tsp), 0, - (struct sockaddr*)&ntp->dest_addr, - sizeof(ntp->dest_addr)) < 0) { - trace_sendto_err(ntp->dest_addr.sin_addr); - } - } - } - - - } else { - switch (msg->tsp_type) { - - case TSP_MASTERREQ: - break; - - case TSP_SLAVEUP: - newslave(msg); - break; - - case TSP_SETDATE: - /* - * XXX check to see it is from ourself - */ -#ifdef sgi - (void)cftime(newdate, "%D %T", &msg->tsp_time.tv_sec); -#else - (void)strcpy(newdate, ctime(&msg->tsp_time.tv_sec)); -#endif /* sgi */ - if (!good_host_name(msg->tsp_name)) { - syslog(LOG_NOTICE, - "attempted date change by %s to %s", - msg->tsp_name, newdate); - spreadtime(); - break; - } - - mchgdate(msg); - (void)gettimeofday(&ntime, 0); - pollingtime = ntime.tv_sec + SAMPLEINTVL; - break; - - case TSP_SETDATEREQ: - if (!fromnet || fromnet->status != MASTER) - break; -#ifdef sgi - (void)cftime(newdate, "%D %T", &msg->tsp_time.tv_sec); -#else - (void)strcpy(newdate, ctime(&msg->tsp_time.tv_sec)); -#endif /* sgi */ - htp = findhost(msg->tsp_name); - if (htp == 0) { - syslog(LOG_ERR, - "attempted SET DATEREQ by uncontrolled %s to %s", - msg->tsp_name, newdate); - break; - } - if (htp->seq == msg->tsp_seq) - break; - htp->seq = msg->tsp_seq; - if (!htp->good) { - syslog(LOG_NOTICE, - "attempted SET DATEREQ by untrusted %s to %s", - msg->tsp_name, newdate); - spreadtime(); - break; - } - - mchgdate(msg); - (void)gettimeofday(&ntime, 0); - pollingtime = ntime.tv_sec + SAMPLEINTVL; - break; - - case TSP_MSITE: - xmit(TSP_ACK, msg->tsp_seq, &from); - break; - - case TSP_MSITEREQ: - break; - - case TSP_TRACEON: - traceon(); - break; - - case TSP_TRACEOFF: - traceoff("Tracing ended at %s\n"); - break; - - case TSP_ELECTION: - if (!fromnet) - break; - if (fromnet->status == MASTER) { - pollingtime = 0; - (void)addmach(msg->tsp_name, &from,fromnet); - } - taddr = from; - (void)strcpy(tname, msg->tsp_name); - to.tsp_type = TSP_QUIT; - (void)strcpy(to.tsp_name, hostname); - answer = acksend(&to, &taddr, tname, - TSP_ACK, 0, 1); - if (answer == NULL) { - syslog(LOG_ERR, "election error by %s", - tname); - } - break; - - case TSP_CONFLICT: - /* - * After a network partition, there can be - * more than one master: the first slave to - * come up will notify here the situation. - */ - if (!fromnet || fromnet->status != MASTER) - break; - (void)strcpy(to.tsp_name, hostname); - - /* The other master often gets into the same state, - * with boring results if we stay at it forever. - */ - ntp = fromnet; /* (acksend() can leave fromnet=0 */ - for (i = 0; i < 3; i++) { - to.tsp_type = TSP_RESOLVE; - (void)strcpy(to.tsp_name, hostname); - answer = acksend(&to, &ntp->dest_addr, - ANYADDR, TSP_MASTERACK, - ntp, 0); - if (!answer) - break; - htp = addmach(answer->tsp_name,&from,ntp); - to.tsp_type = TSP_QUIT; - msg = acksend(&to, &htp->addr, htp->name, - TSP_ACK, 0, htp->noanswer); - if (msg == NULL) { - syslog(LOG_ERR, - "no response from %s to CONFLICT-QUIT", - htp->name); - } - } - masterup(ntp); - pollingtime = 0; - break; - - case TSP_RESOLVE: - if (!fromnet || fromnet->status != MASTER) - break; - /* - * do not want to call synch() while waiting - * to be killed! - */ - (void)gettimeofday(&ntime, (struct timezone *)0); - pollingtime = ntime.tv_sec + SAMPLEINTVL; - break; - - case TSP_QUIT: - doquit(msg); /* become a slave */ - break; - - case TSP_LOOP: - if (!fromnet || fromnet->status != MASTER - || !strcmp(msg->tsp_name, hostname)) - break; - /* - * We should not have received this from a net - * we are master on. There must be two masters. - */ - htp = addmach(msg->tsp_name, &from,fromnet); - to.tsp_type = TSP_QUIT; - (void)strcpy(to.tsp_name, hostname); - answer = acksend(&to, &htp->addr, htp->name, - TSP_ACK, 0, 1); - if (!answer) { - syslog(LOG_WARNING, - "loop breakage: no reply from %s=%s to QUIT", - htp->name, inet_ntoa(htp->addr.sin_addr)); - (void)remmach(htp); - } - - case TSP_TEST: - if (trace) { - fprintf(fd, - "\tnets = %d, masters = %d, slaves = %d, ignored = %d\n", - nnets, nmasternets, nslavenets, nignorednets); - setstatus(); - } - pollingtime = 0; - polls = POLLRATE-1; - break; - - default: - if (trace) { - fprintf(fd, "garbage message: "); - print(msg, &from); - } - break; - } - } - goto loop; -} - - -/* - * change the system date on the master - */ -static void -mchgdate(msg) - struct tsp *msg; -{ - char tname[MAXHOSTNAMELEN]; - char olddate[32]; - struct timeval otime, ntime; - - (void)strcpy(tname, msg->tsp_name); - - xmit(TSP_DATEACK, msg->tsp_seq, &from); - - (void)strcpy(olddate, date()); - - /* adjust time for residence on the queue */ - (void)gettimeofday(&otime, 0); - adj_msg_time(msg,&otime); - - timevalsub(&ntime, &msg->tsp_time, &otime); - if (ntime.tv_sec < MAXADJ && ntime.tv_sec > -MAXADJ) { - /* - * do not change the clock if we can adjust it - */ - dictate = 3; - synch(tvtomsround(ntime)); - } else { -#ifdef sgi - if (0 > settimeofday(&msg->tsp_time, 0)) { - syslog(LOG_ERR, "settimeofday(): %m"); - } - logwtmp(&otime, &msg->tsp_time); -#else - logwtmp("|", "date", ""); - (void)settimeofday(&msg->tsp_time, 0); - logwtmp("}", "date", ""); -#endif /* sgi */ - spreadtime(); - } - - syslog(LOG_NOTICE, "date changed by %s from %s", - tname, olddate); -} - - -/* - * synchronize all of the slaves - */ -void -synch(mydelta) - long mydelta; -{ - struct hosttbl *htp; - int measure_status; - struct timeval check, stop, wait; -#ifdef sgi - int pri; -#endif /* sgi */ - - if (slvcount > 0) { - if (trace) - fprintf(fd, "measurements starting at %s\n", date()); - (void)gettimeofday(&check, 0); -#ifdef sgi - /* run fast to get good time */ - pri = schedctl(NDPRI,0,NDPHIMIN); - if (pri < 0) - syslog(LOG_ERR, "schedctl(): %m"); -#endif /* sgi */ - for (htp = self.l_fwd; htp != &self; htp = htp->l_fwd) { - if (htp->noanswer != 0) { - measure_status = measure(500, 100, - htp->name, - &htp->addr,0); - } else { - measure_status = measure(3000, 100, - htp->name, - &htp->addr,0); - } - if (measure_status != GOOD) { - /* The slave did not respond. We have - * just wasted lots of time on it. - */ - htp->delta = HOSTDOWN; - if (++htp->noanswer >= LOSTHOST) { - if (trace) { - fprintf(fd, - "purging %s for not answering ICMP\n", - htp->name); - (void)fflush(fd); - } - htp = remmach(htp); - } - } else { - htp->delta = measure_delta; - } - (void)gettimeofday(&stop, 0); - timevalsub(&stop, &stop, &check); - if (stop.tv_sec >= 1) { - if (trace) - (void)fflush(fd); - /* - * ack messages periodically - */ - wait.tv_sec = 0; - wait.tv_usec = 0; - if (0 != readmsg(TSP_TRACEON,ANYADDR, - &wait,0)) - traceon(); - (void)gettimeofday(&check, 0); - } - } -#ifdef sgi - if (pri >= 0) - (void)schedctl(NDPRI,0,pri); -#endif /* sgi */ - if (trace) - fprintf(fd, "measurements finished at %s\n", date()); - } - if (!(status & SLAVE)) { - if (!dictate) { - mydelta = networkdelta(); - } else { - dictate--; - } - } - if (trace && (mydelta != 0 || (status & SLAVE))) - fprintf(fd,"local correction of %ld ms.\n", mydelta); - correct(mydelta); -} - -/* - * sends the time to each slave after the master - * has received the command to set the network time - */ -void -spreadtime() -{ - struct hosttbl *htp; - struct tsp to; - struct tsp *answer; - -/* Do not listen to the consensus after forcing the time. This is because - * the consensus takes a while to reach the time we are dictating. - */ - dictate = 2; - for (htp = self.l_fwd; htp != &self; htp = htp->l_fwd) { - to.tsp_type = TSP_SETTIME; - (void)strcpy(to.tsp_name, hostname); - (void)gettimeofday(&to.tsp_time, 0); - answer = acksend(&to, &htp->addr, htp->name, - TSP_ACK, 0, htp->noanswer); - if (answer == 0) { - /* We client does not respond, then we have - * just wasted lots of time on it. - */ - syslog(LOG_WARNING, - "no reply to SETTIME from %s", htp->name); - if (++htp->noanswer >= LOSTHOST) { - if (trace) { - fprintf(fd, - "purging %s for not answering", - htp->name); - (void)fflush(fd); - } - htp = remmach(htp); - } - } - } -} - -void -prthp(delta) - clock_t delta; -{ - static time_t next_time; - time_t this_time; - struct tms tm; - struct hosttbl *htp; - int length, l; - int i; - - if (!fd) /* quit if tracing already off */ - return; - - this_time = times(&tm); - if (this_time + delta < next_time) - return; - next_time = this_time + CLK_TCK; - - fprintf(fd, "host table: %d entries at %s\n", slvcount, date()); - htp = self.l_fwd; - length = 1; - for (i = 1; i <= slvcount; i++, htp = htp->l_fwd) { - l = strlen(htp->name) + 1; - if (length+l >= 80) { - fprintf(fd, "\n"); - length = 0; - } - length += l; - fprintf(fd, " %s", htp->name); - } - fprintf(fd, "\n"); -} - - -static struct hosttbl *newhost_hash; -static struct hosttbl *lasthfree = &hosttbl[0]; - - -struct hosttbl * /* answer or 0 */ -findhost(name) - char *name; -{ - int i, j; - struct hosttbl *htp; - char *p; - - j= 0; - for (p = name, i = 0; i < 8 && *p != '\0'; i++, p++) - j = (j << 2) ^ *p; - newhost_hash = &hosttbl[j % NHOSTS]; - - htp = newhost_hash; - if (htp->name[0] == '\0') - return(0); - do { - if (!strcmp(name, htp->name)) - return(htp); - htp = htp->h_fwd; - } while (htp != newhost_hash); - return(0); -} - -/* - * add a host to the list of controlled machines if not already there - */ -struct hosttbl * -addmach(name, addr, ntp) - char *name; - struct sockaddr_in *addr; - struct netinfo *ntp; -{ - struct hosttbl *ret, *p, *b, *f; - - ret = findhost(name); - if (ret == 0) { - if (slvcount >= NHOSTS) { - if (trace) { - fprintf(fd, "no more slots in host table\n"); - prthp(CLK_TCK); - } - syslog(LOG_ERR, "no more slots in host table"); - Mflag = 0; - longjmp(jmpenv, 2); /* give up and be a slave */ - } - - /* if our home hash slot is occupied, find a free entry - * in the hash table - */ - if (newhost_hash->name[0] != '\0') { - do { - ret = lasthfree; - if (++lasthfree > &hosttbl[NHOSTS]) - lasthfree = &hosttbl[1]; - } while (ret->name[0] != '\0'); - - if (!newhost_hash->head) { - /* Move an interloper using our home. Use - * scratch pointers in case the new head is - * pointing to itself. - */ - f = newhost_hash->h_fwd; - b = newhost_hash->h_bak; - f->h_bak = ret; - b->h_fwd = ret; - f = newhost_hash->l_fwd; - b = newhost_hash->l_bak; - f->l_bak = ret; - b->l_fwd = ret; - bcopy(newhost_hash,ret,sizeof(*ret)); - ret = newhost_hash; - ret->head = 1; - ret->h_fwd = ret; - ret->h_bak = ret; - } else { - /* link to an existing chain in our home - */ - ret->head = 0; - p = newhost_hash->h_bak; - ret->h_fwd = newhost_hash; - ret->h_bak = p; - p->h_fwd = ret; - newhost_hash->h_bak = ret; - } - } else { - ret = newhost_hash; - ret->head = 1; - ret->h_fwd = ret; - ret->h_bak = ret; - } - ret->addr = *addr; - ret->ntp = ntp; - (void)strncpy(ret->name, name, sizeof(ret->name)); - ret->good = good_host_name(name); - ret->l_fwd = &self; - ret->l_bak = self.l_bak; - self.l_bak->l_fwd = ret; - self.l_bak = ret; - slvcount++; - - ret->noanswer = 0; - ret->need_set = 1; - - } else { - ret->noanswer = (ret->noanswer != 0); - } - - /* need to clear sequence number anyhow */ - ret->seq = 0; - return(ret); -} - -/* - * remove the machine with the given index in the host table. - */ -struct hosttbl * -remmach(htp) - struct hosttbl *htp; -{ - struct hosttbl *lprv, *hnxt, *f, *b; - - if (trace) - fprintf(fd, "remove %s\n", htp->name); - - /* get out of the lists */ - htp->l_fwd->l_bak = lprv = htp->l_bak; - htp->l_bak->l_fwd = htp->l_fwd; - htp->h_fwd->h_bak = htp->h_bak; - htp->h_bak->h_fwd = hnxt = htp->h_fwd; - - /* If we are in the home slot, pull up the chain */ - if (htp->head && hnxt != htp) { - if (lprv == hnxt) - lprv = htp; - - /* Use scratch pointers in case the new head is pointing to - * itself. - */ - f = hnxt->h_fwd; - b = hnxt->h_bak; - f->h_bak = htp; - b->h_fwd = htp; - f = hnxt->l_fwd; - b = hnxt->l_bak; - f->l_bak = htp; - b->l_fwd = htp; - hnxt->head = 1; - bcopy(hnxt, htp, sizeof(*htp)); - lasthfree = hnxt; - } else { - lasthfree = htp; - } - - lasthfree->name[0] = '\0'; - lasthfree->h_fwd = 0; - lasthfree->l_fwd = 0; - slvcount--; - - return lprv; -} - - -/* - * Remove all the machines from the host table that exist on the given - * network. This is called when a master transitions to a slave on a - * given network. - */ -void -rmnetmachs(ntp) - struct netinfo *ntp; -{ - struct hosttbl *htp; - - if (trace) - prthp(CLK_TCK); - for (htp = self.l_fwd; htp != &self; htp = htp->l_fwd) { - if (ntp == htp->ntp) - htp = remmach(htp); - } - if (trace) - prthp(CLK_TCK); -} - -void -masterup(net) - struct netinfo *net; -{ - xmit(TSP_MASTERUP, 0, &net->dest_addr); - - /* - * Do not tell new slaves our time for a while. This ensures - * we do not tell them to start using our time, before we have - * found a good master. - */ - (void)gettimeofday(&net->slvwait, 0); -} - -void -newslave(msg) - struct tsp *msg; -{ - struct hosttbl *htp; - struct tsp *answer, to; - struct timeval now; - - if (!fromnet || fromnet->status != MASTER) - return; - - htp = addmach(msg->tsp_name, &from,fromnet); - htp->seq = msg->tsp_seq; - if (trace) - prthp(0); - - /* - * If we are stable, send our time to the slave. - * Do not go crazy if the date has been changed. - */ - (void)gettimeofday(&now, 0); - if (now.tv_sec >= fromnet->slvwait.tv_sec+3 - || now.tv_sec < fromnet->slvwait.tv_sec) { - to.tsp_type = TSP_SETTIME; - (void)strcpy(to.tsp_name, hostname); - (void)gettimeofday(&to.tsp_time, 0); - answer = acksend(&to, &htp->addr, - htp->name, TSP_ACK, - 0, htp->noanswer); - if (answer) { - htp->need_set = 0; - } else { - syslog(LOG_WARNING, - "no reply to initial SETTIME from %s", - htp->name); - htp->noanswer = LOSTHOST; - } - } -} - - -/* - * react to a TSP_QUIT: - */ -void -doquit(msg) - struct tsp *msg; -{ - if (fromnet->status == MASTER) { - if (!good_host_name(msg->tsp_name)) { - if (fromnet->quit_count <= 0) { - syslog(LOG_NOTICE,"untrusted %s told us QUIT", - msg->tsp_name); - suppress(&from, msg->tsp_name, fromnet); - fromnet->quit_count = 1; - return; - } - syslog(LOG_NOTICE, "untrusted %s told us QUIT twice", - msg->tsp_name); - fromnet->quit_count = 2; - fromnet->status = NOMASTER; - } else { - fromnet->status = SLAVE; - } - rmnetmachs(fromnet); - longjmp(jmpenv, 2); /* give up and be a slave */ - - } else { - if (!good_host_name(msg->tsp_name)) { - syslog(LOG_NOTICE, "untrusted %s told us QUIT", - msg->tsp_name); - fromnet->quit_count = 2; - } - } -} - -void -traceon() -{ - if (!fd) { - fd = fopen(_PATH_TIMEDLOG, "w"); - if (!fd) { - trace = 0; - return; - } - fprintf(fd,"Tracing started at %s\n", date()); - } - trace = 1; - get_goodgroup(1); - setstatus(); - prthp(CLK_TCK); -} - - -void -traceoff(msg) - char *msg; -{ - get_goodgroup(1); - setstatus(); - prthp(CLK_TCK); - if (trace) { - fprintf(fd, msg, date()); - (void)fclose(fd); - fd = 0; - } -#ifdef GPROF - moncontrol(0); - _mcleanup(); - moncontrol(1); -#endif - trace = OFF; -} - - -#ifdef sgi -void -logwtmp(otime, ntime) - struct timeval *otime, *ntime; -{ - static struct utmp wtmp[2] = { - {"","",OTIME_MSG,0,OLD_TIME,0,0,0}, - {"","",NTIME_MSG,0,NEW_TIME,0,0,0} - }; - static char *wtmpfile = WTMP_FILE; - int f; - - wtmp[0].ut_time = otime->tv_sec + (otime->tv_usec + 500000) / 1000000; - wtmp[1].ut_time = ntime->tv_sec + (ntime->tv_usec + 500000) / 1000000; - if (wtmp[0].ut_time == wtmp[1].ut_time) - return; - - setutent(); - (void)pututline(&wtmp[0]); - (void)pututline(&wtmp[1]); - endutent(); - if ((f = open(wtmpfile, O_WRONLY|O_APPEND)) >= 0) { - (void) write(f, (char *)wtmp, sizeof(wtmp)); - (void) close(f); - } -} -#endif /* sgi */ diff --git a/timed.tproj/timed.tproj/measure.c b/timed.tproj/timed.tproj/measure.c deleted file mode 100644 index a943ef6..0000000 --- a/timed.tproj/timed.tproj/measure.c +++ /dev/null @@ -1,376 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)measure.c 8.2 (Berkeley) 3/26/95"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include "globals.h" -#include -#include -#include - -#define MSEC_DAY (SECDAY*1000) - -#define PACKET_IN 1024 - -#define MSGS 5 /* timestamps to average */ -#define TRIALS 10 /* max # of timestamps sent */ - -extern int sock_raw; - -int measure_delta; - -static n_short seqno = 0; - -/* - * Measures the differences between machines' clocks using - * ICMP timestamp messages. - */ -int /* status val defined in globals.h */ -measure(maxmsec, wmsec, hname, addr, print) - u_long maxmsec; /* wait this many msec at most */ - u_long wmsec; /* msec to wait for an answer */ - char *hname; - struct sockaddr_in *addr; - int print; /* print complaints on stderr */ -{ - int length; - int measure_status; - int rcvcount, trials; - int cc, count; - fd_set ready; - long sendtime, recvtime, histime1, histime2; - long idelta, odelta, total; - long min_idelta, min_odelta; - struct timeval tdone, tcur, ttrans, twait, tout; - u_char packet[PACKET_IN], opacket[64]; - register struct icmp *icp = (struct icmp *) packet; - register struct icmp *oicp = (struct icmp *) opacket; - struct ip *ip = (struct ip *) packet; - - min_idelta = min_odelta = 0x7fffffff; - measure_status = HOSTDOWN; - measure_delta = HOSTDOWN; - errno = 0; - - /* open raw socket used to measure time differences */ - if (sock_raw < 0) { - sock_raw = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); - if (sock_raw < 0) { - syslog(LOG_ERR, "opening raw socket: %m"); - goto quit; - } - } - - - /* - * empty the icmp input queue - */ - FD_ZERO(&ready); - for (;;) { - tout.tv_sec = tout.tv_usec = 0; - FD_SET(sock_raw, &ready); - if (select(sock_raw+1, &ready, 0,0, &tout)) { - length = sizeof(struct sockaddr_in); - cc = recvfrom(sock_raw, (char *)packet, PACKET_IN, 0, - 0,&length); - if (cc < 0) - goto quit; - continue; - } - break; - } - - /* - * Choose the smallest transmission time in each of the two - * directions. Use these two latter quantities to compute the delta - * between the two clocks. - */ - - oicp->icmp_type = ICMP_TSTAMP; - oicp->icmp_code = 0; - oicp->icmp_id = getpid(); - oicp->icmp_rtime = 0; - oicp->icmp_ttime = 0; - oicp->icmp_seq = seqno; - - FD_ZERO(&ready); - -#ifdef sgi - sginap(1); /* start at a clock tick */ -#endif /* sgi */ - - (void)gettimeofday(&tdone, 0); - mstotvround(&tout, maxmsec); - timevaladd(&tdone, &tout); /* when we give up */ - - mstotvround(&twait, wmsec); - - rcvcount = 0; - trials = 0; - while (rcvcount < MSGS) { - (void)gettimeofday(&tcur, 0); - - /* - * keep sending until we have sent the max - */ - if (trials < TRIALS) { - trials++; - oicp->icmp_otime = htonl((tcur.tv_sec % SECDAY) * 1000 - + tcur.tv_usec / 1000); - oicp->icmp_cksum = 0; - oicp->icmp_cksum = in_cksum((u_short*)oicp, - sizeof(*oicp)); - - count = sendto(sock_raw, opacket, sizeof(*oicp), 0, - (struct sockaddr*)addr, - sizeof(struct sockaddr)); - if (count < 0) { - if (measure_status == HOSTDOWN) - measure_status = UNREACHABLE; - goto quit; - } - ++oicp->icmp_seq; - - ttrans = tcur; - timevaladd(&ttrans, &twait); - } else { - ttrans = tdone; - } - - while (rcvcount < trials) { - timevalsub(&tout, &ttrans, &tcur); - if (tout.tv_sec < 0) - tout.tv_sec = 0; - - FD_SET(sock_raw, &ready); - count = select(sock_raw+1, &ready, (fd_set *)0, - (fd_set *)0, &tout); - (void)gettimeofday(&tcur, (struct timezone *)0); - if (count <= 0) - break; - - length = sizeof(struct sockaddr_in); - cc = recvfrom(sock_raw, (char *)packet, PACKET_IN, 0, - 0,&length); - if (cc < 0) - goto quit; - - /* - * got something. See if it is ours - */ - icp = (struct icmp *)(packet + (ip->ip_hl << 2)); - if (cc < sizeof(*ip) - || icp->icmp_type != ICMP_TSTAMPREPLY - || icp->icmp_id != oicp->icmp_id - || icp->icmp_seq < seqno - || icp->icmp_seq >= oicp->icmp_seq) - continue; - - - sendtime = ntohl(icp->icmp_otime); - recvtime = ((tcur.tv_sec % SECDAY) * 1000 + - tcur.tv_usec / 1000); - - total = recvtime-sendtime; - if (total < 0) /* do not hassle midnight */ - continue; - - rcvcount++; - histime1 = ntohl(icp->icmp_rtime); - histime2 = ntohl(icp->icmp_ttime); - /* - * a host using a time format different from - * msec. since midnight UT (as per RFC792) should - * set the high order bit of the 32-bit time - * value it transmits. - */ - if ((histime1 & 0x80000000) != 0) { - measure_status = NONSTDTIME; - goto quit; - } - measure_status = GOOD; - - idelta = recvtime-histime2; - odelta = histime1-sendtime; - - /* do not be confused by midnight */ - if (idelta < -MSEC_DAY/2) idelta += MSEC_DAY; - else if (idelta > MSEC_DAY/2) idelta -= MSEC_DAY; - - if (odelta < -MSEC_DAY/2) odelta += MSEC_DAY; - else if (odelta > MSEC_DAY/2) odelta -= MSEC_DAY; - - /* save the quantization error so that we can get a - * measurement finer than our system clock. - */ - if (total < MIN_ROUND) { - measure_delta = (odelta - idelta)/2; - goto quit; - } - - if (idelta < min_idelta) - min_idelta = idelta; - if (odelta < min_odelta) - min_odelta = odelta; - - measure_delta = (min_odelta - min_idelta)/2; - } - - if (tcur.tv_sec > tdone.tv_sec - || (tcur.tv_sec == tdone.tv_sec - && tcur.tv_usec >= tdone.tv_usec)) - break; - } - -quit: - seqno += TRIALS; /* allocate our sequence numbers */ - - /* - * If no answer is received for TRIALS consecutive times, - * the machine is assumed to be down - */ - if (measure_status == GOOD) { - if (trace) { - fprintf(fd, - "measured delta %4d, %d trials to %-15s %s\n", - measure_delta, trials, - inet_ntoa(addr->sin_addr), hname); - } - } else if (print) { - if (errno != 0) - fprintf(stderr, "measure %s: %s\n", hname, - strerror(errno)); - } else { - if (errno != 0) { - syslog(LOG_ERR, "measure %s: %m", hname); - } else { - syslog(LOG_ERR, "measure: %s did not respond", hname); - } - if (trace) { - fprintf(fd, - "measure: %s failed after %d trials\n", - hname, trials); - (void)fflush(fd); - } - } - - return(measure_status); -} - - - - - -/* - * round a number of milliseconds into a struct timeval - */ -void -mstotvround(res, x) - struct timeval *res; - long x; -{ -#ifndef sgi - if (x < 0) - x = -((-x + 3)/5); - else - x = (x+3)/5; - x *= 5; -#endif /* sgi */ - res->tv_sec = x/1000; - res->tv_usec = (x-res->tv_sec*1000)*1000; - if (res->tv_usec < 0) { - res->tv_usec += 1000000; - res->tv_sec--; - } -} - -void -timevaladd(tv1, tv2) - struct timeval *tv1, *tv2; -{ - tv1->tv_sec += tv2->tv_sec; - tv1->tv_usec += tv2->tv_usec; - if (tv1->tv_usec >= 1000000) { - tv1->tv_sec++; - tv1->tv_usec -= 1000000; - } - if (tv1->tv_usec < 0) { - tv1->tv_sec--; - tv1->tv_usec += 1000000; - } -} - -void -timevalsub(res, tv1, tv2) - struct timeval *res, *tv1, *tv2; -{ - res->tv_sec = tv1->tv_sec - tv2->tv_sec; - res->tv_usec = tv1->tv_usec - tv2->tv_usec; - if (res->tv_usec >= 1000000) { - res->tv_sec++; - res->tv_usec -= 1000000; - } - if (res->tv_usec < 0) { - res->tv_sec--; - res->tv_usec += 1000000; - } -} diff --git a/timed.tproj/timed.tproj/networkdelta.c b/timed.tproj/timed.tproj/networkdelta.c deleted file mode 100644 index 0556bbe..0000000 --- a/timed.tproj/timed.tproj/networkdelta.c +++ /dev/null @@ -1,297 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)networkdelta.c 8.3 (Berkeley) 4/27/95"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include "globals.h" - -static long median __P((double, float *, long *, long *, unsigned int)); - -/* - * Compute a corrected date. - * Compute the median of the reasonable differences. First compute - * the median of all authorized differences, and then compute the - * median of all differences that are reasonably close to the first - * median. - * - * This differs from the original BSD implementation, which looked for - * the largest group of machines with essentially the same date. - * That assumed that machines with bad clocks would be uniformly - * distributed. Unfortunately, in real life networks, the distribution - * of machines is not uniform among models of machines, and the - * distribution of errors in clocks tends to be quite consistent - * for a given model. In other words, all model VI Supre Servres - * from GoFast Inc. tend to have about the same error. - * The original BSD implementation would chose the clock of the - * most common model, and discard all others. - * - * Therefore, get best we can do is to try to average over all - * of the machines in the network, while discarding "obviously" - * bad values. - */ -long -networkdelta() -{ - struct hosttbl *htp; - long med; - long lodelta, hidelta; - long logood, higood; - long x[NHOSTS]; - long *xp; - int numdelta; - float eps; - - /* - * compute the median of the good values - */ - med = 0; - numdelta = 1; - xp = &x[0]; - *xp = 0; /* account for ourself */ - for (htp = self.l_fwd; htp != &self; htp = htp->l_fwd) { - if (htp->good - && htp->noanswer == 0 - && htp->delta != HOSTDOWN) { - med += htp->delta; - numdelta++; - *++xp = htp->delta; - } - } - - /* - * If we are the only trusted time keeper, then do not change our - * clock. There may be another time keeping service active. - */ - if (numdelta == 1) - return 0; - - /* get average of trusted values */ - med /= numdelta; - - if (trace) - fprintf(fd, "median of %d values starting at %ld is about ", - numdelta, med); - /* get median of all trusted values, using average as initial guess */ - eps = med - x[0]; - med = median(med, &eps, &x[0], xp+1, VALID_RANGE); - - /* Compute the median of all good values. - * Good values are those of all clocks, including untrusted clocks, - * that are - * - trusted and somewhat close to the median of the - * trusted clocks - * - trusted or untrusted and very close to the median of the - * trusted clocks - */ - hidelta = med + GOOD_RANGE; - lodelta = med - GOOD_RANGE; - higood = med + VGOOD_RANGE; - logood = med - VGOOD_RANGE; - xp = &x[0]; - htp = &self; - do { - if (htp->noanswer == 0 - && htp->delta >= lodelta - && htp->delta <= hidelta - && (htp->good - || (htp->delta >= logood - && htp->delta <= higood))) { - *xp++ = htp->delta; - } - } while (&self != (htp = htp->l_fwd)); - - if (xp == &x[0]) { - if (trace) - fprintf(fd, "nothing close to median %ld\n", med); - return med; - } - - if (xp == &x[1]) { - if (trace) - fprintf(fd, "only value near median is %ld\n", x[0]); - return x[0]; - } - - if (trace) - fprintf(fd, "median of %d values starting at %ld is ", - xp-&x[0], med); - return median(med, &eps, &x[0], xp, 1); -} - - -/* - * compute the median of an array of signed integers, using the idea - * in <>. - */ -static long -median(a0, eps_ptr, x, xlim, gnuf) - double a0; /* initial guess for the median */ - float *eps_ptr; /* spacing near the median */ - long *x, *xlim; /* the data */ - unsigned int gnuf; /* good enough estimate */ -{ - long *xptr; - float a = a0; - float ap = LONG_MAX; /* bounds on the median */ - float am = -LONG_MAX; - float aa; - int npts; /* # of points above & below guess */ - float xp; /* closet point above the guess */ - float xm; /* closet point below the guess */ - float eps; - float dum, sum, sumx; - int pass; -#define AMP 1.5 /* smoothing constants */ -#define AFAC 1.5 - - eps = *eps_ptr; - if (eps < 1.0) { - eps = -eps; - if (eps < 1.0) - eps = 1.0; - } - - for (pass = 1; ; pass++) { /* loop over the data */ - sum = 0.0; - sumx = 0.0; - npts = 0; - xp = LONG_MAX; - xm = -LONG_MAX; - - for (xptr = x; xptr != xlim; xptr++) { - float xx = *xptr; - - dum = xx - a; - if (dum != 0.0) { /* avoid dividing by 0 */ - if (dum > 0.0) { - npts++; - if (xx < xp) - xp = xx; - } else { - npts--; - if (xx > xm) - xm = xx; - dum = -dum; - } - dum = 1.0/(eps + dum); - sum += dum; - sumx += xx * dum; - } - } - - if (ap-am < gnuf || sum == 0) { - if (trace) - fprintf(fd, - "%ld in %d passes;" - " early out balance=%d\n", - (long)a, pass, npts); - return a; /* guess was good enough */ - } - - aa = (sumx/sum-a)*AMP; - if (npts >= 2) { /* guess was too low */ - am = a; - aa = xp + max(0.0, aa); - if (aa >= ap) - aa = (a + ap)/2; - - } else if (npts <= -2) { /* guess was two high */ - ap = a; - aa = xm + min(0.0, aa); - if (aa <= am) - aa = (a + am)/2; - - } else { - break; /* got it */ - } - - if (a == aa) { - if (trace) - fprintf(fd, "%ld in %d passes;" - " force out balance=%d\n", - (long)a, pass, npts); - return a; - } - eps = AFAC*abs(aa - a); - *eps_ptr = eps; - a = aa; - } - - if (((x - xlim) % 2) != 0) { /* even number of points? */ - if (npts == 0) /* yes, return an average */ - a = (xp+xm)/2; - else if (npts > 0) - a = (a+xp)/2; - else - a = (xm+a)/2; - - } else if (npts != 0) { /* odd number of points */ - if (npts > 0) - a = xp; - else - a = xm; - } - - if (trace) - fprintf(fd, "%ld in %d passes\n", (long)a, pass); - return a; -} diff --git a/timed.tproj/timed.tproj/pathnames.h b/timed.tproj/timed.tproj/pathnames.h deleted file mode 100644 index 1a3faf3..0000000 --- a/timed.tproj/timed.tproj/pathnames.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/6/93 - */ - -#include - -#ifdef sgi -#define _PATH_MASTERLOG "/usr/adm/timed.masterlog" -#define _PATH_TIMEDLOG "/usr/adm/timed.log" -#else -#define _PATH_MASTERLOG "/var/log/timed.masterlog" -#define _PATH_TIMEDLOG "/var/log/timed.log" -#endif diff --git a/timed.tproj/timed.tproj/readmsg.c b/timed.tproj/timed.tproj/readmsg.c deleted file mode 100644 index 88efb49..0000000 --- a/timed.tproj/timed.tproj/readmsg.c +++ /dev/null @@ -1,533 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)readmsg.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.2 $" -#endif - -#include "globals.h" - -extern char *tsptype[]; - -/* - * LOOKAT checks if the message is of the requested type and comes from - * the right machine, returning 1 in case of affirmative answer - */ -#define LOOKAT(msg, mtype, mfrom, netp, froms) \ - (((mtype) == TSP_ANY || (mtype) == (msg).tsp_type) && \ - ((mfrom) == 0 || !strcmp((mfrom), (msg).tsp_name)) && \ - ((netp) == 0 || \ - ((netp)->mask & (froms).sin_addr.s_addr) == (netp)->net.s_addr)) - -struct timeval rtime, rwait, rtout; -struct tsp msgin; -static struct tsplist { - struct tsp info; - struct timeval when; - struct sockaddr_in addr; - struct tsplist *p; -} msgslist; -struct sockaddr_in from; -struct netinfo *fromnet; -struct timeval from_when; - -/* - * `readmsg' returns message `type' sent by `machfrom' if it finds it - * either in the receive queue, or in a linked list of previously received - * messages that it maintains. - * Otherwise it waits to see if the appropriate message arrives within - * `intvl' seconds. If not, it returns NULL. - */ - -struct tsp * -readmsg(type, machfrom, intvl, netfrom) - int type; - char *machfrom; - struct timeval *intvl; - struct netinfo *netfrom; -{ - int length; - fd_set ready; - static struct tsplist *head = &msgslist; - static struct tsplist *tail = &msgslist; - static int msgcnt = 0; - struct tsplist *prev; - register struct netinfo *ntp; - register struct tsplist *ptr; - ssize_t n; - - if (trace) { - fprintf(fd, "readmsg: looking for %s from %s, %s\n", - tsptype[type], machfrom == NULL ? "ANY" : machfrom, - netfrom == NULL ? "ANYNET" : inet_ntoa(netfrom->net)); - if (head->p != 0) { - length = 1; - for (ptr = head->p; ptr != 0; ptr = ptr->p) { - /* do not repeat the hundreds of messages */ - if (++length > 3) { - if (ptr == tail) { - fprintf(fd,"\t ...%d skipped\n", - length); - } else { - continue; - } - } - fprintf(fd, length > 1 ? "\t" : "queue:\t"); - print(&ptr->info, &ptr->addr); - } - } - } - - ptr = head->p; - prev = head; - - /* - * Look for the requested message scanning through the - * linked list. If found, return it and free the space - */ - - while (ptr != NULL) { - if (LOOKAT(ptr->info, type, machfrom, netfrom, ptr->addr)) { -again: - msgin = ptr->info; - from = ptr->addr; - from_when = ptr->when; - prev->p = ptr->p; - if (ptr == tail) - tail = prev; - free((char *)ptr); - fromnet = NULL; - if (netfrom == NULL) - for (ntp = nettab; ntp != NULL; ntp = ntp->next) { - if ((ntp->mask & from.sin_addr.s_addr) == - ntp->net.s_addr) { - fromnet = ntp; - break; - } - } - else - fromnet = netfrom; - if (trace) { - fprintf(fd, "readmsg: found "); - print(&msgin, &from); - } - -/* The protocol can get far behind. When it does, it gets - * hopelessly confused. So delete duplicate messages. - */ - for (ptr = prev; (ptr = ptr->p) != NULL; prev = ptr) { - if (ptr->addr.sin_addr.s_addr - == from.sin_addr.s_addr - && ptr->info.tsp_type == msgin.tsp_type) { - if (trace) - fprintf(fd, "\tdup "); - goto again; - } - } - msgcnt--; - return(&msgin); - } else { - prev = ptr; - ptr = ptr->p; - } - } - - /* - * If the message was not in the linked list, it may still be - * coming from the network. Set the timer and wait - * on a select to read the next incoming message: if it is the - * right one, return it, otherwise insert it in the linked list. - */ - - (void)gettimeofday(&rtout, 0); - timevaladd(&rtout, intvl); - FD_ZERO(&ready); - for (;;) { - (void)gettimeofday(&rtime, 0); - timevalsub(&rwait, &rtout, &rtime); - if (rwait.tv_sec < 0) - rwait.tv_sec = rwait.tv_usec = 0; - else if (rwait.tv_sec == 0 - && rwait.tv_usec < 1000000/CLK_TCK) - rwait.tv_usec = 1000000/CLK_TCK; - - if (trace) { - fprintf(fd, "readmsg: wait %ld.%6ld at %s\n", - rwait.tv_sec, rwait.tv_usec, date()); - /* Notice a full disk, as we flush trace info. - * It is better to flush periodically than at - * every line because the tracing consists of bursts - * of many lines. Without care, tracing slows - * down the code enough to break the protocol. - */ - if (rwait.tv_sec != 0 - && EOF == fflush(fd)) - traceoff("Tracing ended for cause at %s\n"); - } - - FD_SET(sock, &ready); - if (!select(sock+1, &ready, (fd_set *)0, (fd_set *)0, - &rwait)) { - if (rwait.tv_sec == 0 && rwait.tv_usec == 0) - return(0); - continue; - } - length = sizeof(from); - if ((n = recvfrom(sock, (char *)&msgin, sizeof(struct tsp), 0, - (struct sockaddr*)&from, &length)) < 0) { - syslog(LOG_ERR, "recvfrom: %m"); - exit(1); - } - if (n < (ssize_t)sizeof(struct tsp)) { - syslog(LOG_NOTICE, - "short packet (%u/%u bytes) from %s", - n, sizeof(struct tsp), - inet_ntoa(from.sin_addr)); - continue; - } - (void)gettimeofday(&from_when, (struct timezone *)0); - bytehostorder(&msgin); - - if (msgin.tsp_vers > TSPVERSION) { - if (trace) { - fprintf(fd,"readmsg: version mismatch\n"); - /* should do a dump of the packet */ - } - continue; - } - - if (memchr(msgin.tsp_name, - '\0', sizeof msgin.tsp_name) == NULL) { - syslog(LOG_NOTICE, "hostname field not NUL terminated " - "in packet from %s", inet_ntoa(from.sin_addr)); - continue; - } - - fromnet = NULL; - for (ntp = nettab; ntp != NULL; ntp = ntp->next) - if ((ntp->mask & from.sin_addr.s_addr) == - ntp->net.s_addr) { - fromnet = ntp; - break; - } - - /* - * drop packets from nets we are ignoring permanently - */ - if (fromnet == NULL) { - /* - * The following messages may originate on - * this host with an ignored network address - */ - if (msgin.tsp_type != TSP_TRACEON && - msgin.tsp_type != TSP_SETDATE && - msgin.tsp_type != TSP_MSITE && - msgin.tsp_type != TSP_TEST && - msgin.tsp_type != TSP_TRACEOFF) { - if (trace) { - fprintf(fd,"readmsg: discard null net "); - print(&msgin, &from); - } - continue; - } - } - - /* - * Throw away messages coming from this machine, - * unless they are of some particular type. - * This gets rid of broadcast messages and reduces - * master processing time. - */ - if (!strcmp(msgin.tsp_name, hostname) - && msgin.tsp_type != TSP_SETDATE - && msgin.tsp_type != TSP_TEST - && msgin.tsp_type != TSP_MSITE - && msgin.tsp_type != TSP_TRACEON - && msgin.tsp_type != TSP_TRACEOFF - && msgin.tsp_type != TSP_LOOP) { - if (trace) { - fprintf(fd, "readmsg: discard own "); - print(&msgin, &from); - } - continue; - } - - /* - * Send acknowledgements here; this is faster and - * avoids deadlocks that would occur if acks were - * sent from a higher level routine. Different - * acknowledgements are necessary, depending on - * status. - */ - if (fromnet == NULL) /* do not de-reference 0 */ - ignoreack(); - else if (fromnet->status == MASTER) - masterack(); - else if (fromnet->status == SLAVE) - slaveack(); - else - ignoreack(); - - if (LOOKAT(msgin, type, machfrom, netfrom, from)) { - if (trace) { - fprintf(fd, "readmsg: "); - print(&msgin, &from); - } - return(&msgin); - } else if (++msgcnt > NHOSTS*3) { - -/* The protocol gets hopelessly confused if it gets too far -* behind. However, it seems able to recover from all cases of lost -* packets. Therefore, if we are swamped, throw everything away. -*/ - if (trace) - fprintf(fd, - "readmsg: discarding %d msgs\n", - msgcnt); - msgcnt = 0; - while ((ptr=head->p) != NULL) { - head->p = ptr->p; - free((char *)ptr); - } - tail = head; - } else { - tail->p = (struct tsplist *) - malloc(sizeof(struct tsplist)); - tail = tail->p; - tail->p = NULL; - tail->info = msgin; - tail->addr = from; - /* timestamp msgs so SETTIMEs are correct */ - tail->when = from_when; - } - } -} - -/* - * Send the necessary acknowledgements: - * only the type ACK is to be sent by a slave - */ -void -slaveack() -{ - switch(msgin.tsp_type) { - - case TSP_ADJTIME: - case TSP_SETTIME: - case TSP_ACCEPT: - case TSP_REFUSE: - case TSP_TRACEON: - case TSP_TRACEOFF: - case TSP_QUIT: - if (trace) { - fprintf(fd, "Slaveack: "); - print(&msgin, &from); - } - xmit(TSP_ACK,msgin.tsp_seq, &from); - break; - - default: - if (trace) { - fprintf(fd, "Slaveack: no ack: "); - print(&msgin, &from); - } - break; - } -} - -/* - * Certain packets may arrive from this machine on ignored networks. - * These packets should be acknowledged. - */ -void -ignoreack() -{ - switch(msgin.tsp_type) { - - case TSP_TRACEON: - case TSP_TRACEOFF: - case TSP_QUIT: - if (trace) { - fprintf(fd, "Ignoreack: "); - print(&msgin, &from); - } - xmit(TSP_ACK,msgin.tsp_seq, &from); - break; - - default: - if (trace) { - fprintf(fd, "Ignoreack: no ack: "); - print(&msgin, &from); - } - break; - } -} - -/* - * `masterack' sends the necessary acknowledgments - * to the messages received by a master - */ -void -masterack() -{ - struct tsp resp; - - resp = msgin; - resp.tsp_vers = TSPVERSION; - (void)strcpy(resp.tsp_name, hostname); - - switch(msgin.tsp_type) { - - case TSP_QUIT: - case TSP_TRACEON: - case TSP_TRACEOFF: - case TSP_MSITEREQ: - if (trace) { - fprintf(fd, "Masterack: "); - print(&msgin, &from); - } - xmit(TSP_ACK,msgin.tsp_seq, &from); - break; - - case TSP_RESOLVE: - case TSP_MASTERREQ: - if (trace) { - fprintf(fd, "Masterack: "); - print(&msgin, &from); - } - xmit(TSP_MASTERACK,msgin.tsp_seq, &from); - break; - - default: - if (trace) { - fprintf(fd,"Masterack: no ack: "); - print(&msgin, &from); - } - break; - } -} - -/* - * Print a TSP message - */ -void -print(msg, addr) - struct tsp *msg; - struct sockaddr_in *addr; -{ - char tm[26]; - - if (msg->tsp_type >= TSPTYPENUMBER) { - fprintf(fd, "bad type (%u) on packet from %s\n", - msg->tsp_type, inet_ntoa(addr->sin_addr)); - return; - } - - switch (msg->tsp_type) { - - case TSP_LOOP: - fprintf(fd, "%s %d %-6u #%d %-15s %s\n", - tsptype[msg->tsp_type], - msg->tsp_vers, - msg->tsp_seq, - msg->tsp_hopcnt, - inet_ntoa(addr->sin_addr), - msg->tsp_name); - break; - - case TSP_SETTIME: - case TSP_SETDATE: - case TSP_SETDATEREQ: -#ifdef sgi - (void)cftime(tm, "%D %T", &msg->tsp_time.tv_sec); -#else - strncpy(tm, ctime(&msg->tsp_time.tv_sec)+3+1, sizeof(tm)); - tm[15] = '\0'; /* ugh */ -#endif /* sgi */ - fprintf(fd, "%s %d %-6u %s %-15s %s\n", - tsptype[msg->tsp_type], - msg->tsp_vers, - msg->tsp_seq, - tm, - inet_ntoa(addr->sin_addr), - msg->tsp_name); - break; - - case TSP_ADJTIME: - fprintf(fd, "%s %d %-6u (%ld,%ld) %-15s %s\n", - tsptype[msg->tsp_type], - msg->tsp_vers, - msg->tsp_seq, - msg->tsp_time.tv_sec, - msg->tsp_time.tv_usec, - inet_ntoa(addr->sin_addr), - msg->tsp_name); - break; - - default: - fprintf(fd, "%s %d %-6u %-15s %s\n", - tsptype[msg->tsp_type], - msg->tsp_vers, - msg->tsp_seq, - inet_ntoa(addr->sin_addr), - msg->tsp_name); - break; - } -} diff --git a/timed.tproj/timed.tproj/slave.c b/timed.tproj/timed.tproj/slave.c deleted file mode 100644 index 657d23d..0000000 --- a/timed.tproj/timed.tproj/slave.c +++ /dev/null @@ -1,738 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)slave.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include "globals.h" -#include -#include "pathnames.h" - -extern jmp_buf jmpenv; -extern int Mflag; -extern int justquit; - -extern u_short sequence; - -static char master_name[MAXHOSTNAMELEN+1]; -static struct netinfo *old_slavenet; -static int old_status; - -static void schgdate __P((struct tsp *, char *)); -static void setmaster __P((struct tsp *)); -static void answerdelay __P((void)); - -#ifdef sgi -extern void logwtmp __P((struct timeval *, struct timeval *)); -#else -extern void logwtmp __P((char *, char *, char *)); -#endif /* sgi */ - -int -slave() -{ - int tries; - long electiontime, refusetime, looktime, looptime, adjtime; - u_short seq; - long fastelection; -#define FASTTOUT 3 - struct in_addr cadr; - struct timeval otime; - struct sockaddr_in taddr; - char tname[MAXHOSTNAMELEN]; - struct tsp *msg, to; - struct timeval ntime, wait; - struct tsp *answer; - int timeout(); - char olddate[32]; - char newdate[32]; - struct netinfo *ntp; - struct hosttbl *htp; - - - old_slavenet = 0; - seq = 0; - refusetime = 0; - adjtime = 0; - - (void)gettimeofday(&ntime, 0); - electiontime = ntime.tv_sec + delay2; - fastelection = ntime.tv_sec + FASTTOUT; - if (justquit) - looktime = electiontime; - else - looktime = fastelection; - looptime = fastelection; - - if (slavenet) - xmit(TSP_SLAVEUP, 0, &slavenet->dest_addr); - if (status & MASTER) { - for (ntp = nettab; ntp != NULL; ntp = ntp->next) { - if (ntp->status == MASTER) - masterup(ntp); - } - } - -loop: - get_goodgroup(0); - (void)gettimeofday(&ntime, (struct timezone *)0); - if (ntime.tv_sec > electiontime) { - if (trace) - fprintf(fd, "election timer expired\n"); - longjmp(jmpenv, 1); - } - - if (ntime.tv_sec >= looktime) { - if (trace) - fprintf(fd, "Looking for nets to master\n"); - - if (Mflag && nignorednets > 0) { - for (ntp = nettab; ntp != NULL; ntp = ntp->next) { - if (ntp->status == IGNORE - || ntp->status == NOMASTER) { - lookformaster(ntp); - if (ntp->status == MASTER) { - masterup(ntp); - } else if (ntp->status == MASTER) { - ntp->status = NOMASTER; - } - } - if (ntp->status == MASTER - && --ntp->quit_count < 0) - ntp->quit_count = 0; - } - makeslave(slavenet); /* prune extras */ - setstatus(); - } - (void)gettimeofday(&ntime, 0); - looktime = ntime.tv_sec + delay2; - } - if (ntime.tv_sec >= looptime) { - if (trace) - fprintf(fd, "Looking for loops\n"); - for (ntp = nettab; ntp != NULL; ntp = ntp->next) { - if (ntp->status == MASTER) { - to.tsp_type = TSP_LOOP; - to.tsp_vers = TSPVERSION; - to.tsp_seq = sequence++; - to.tsp_hopcnt = MAX_HOPCNT; - (void)strcpy(to.tsp_name, hostname); - bytenetorder(&to); - if (sendto(sock, (char *)&to, sizeof(struct tsp), 0, - (struct sockaddr*)&ntp->dest_addr, - sizeof(ntp->dest_addr)) < 0) { - trace_sendto_err(ntp->dest_addr.sin_addr); - } - } - } - (void)gettimeofday(&ntime, 0); - looptime = ntime.tv_sec + delay2; - } - - wait.tv_sec = min(electiontime,min(looktime,looptime)) - ntime.tv_sec; - if (wait.tv_sec < 0) - wait.tv_sec = 0; - wait.tv_sec += FASTTOUT; - wait.tv_usec = 0; - msg = readmsg(TSP_ANY, ANYADDR, &wait, 0); - - if (msg != NULL) { - /* - * filter stuff not for us - */ - switch (msg->tsp_type) { - case TSP_SETDATE: - case TSP_TRACEOFF: - case TSP_TRACEON: - /* - * XXX check to see they are from ourself - */ - break; - - case TSP_TEST: - case TSP_MSITE: - break; - - case TSP_MASTERUP: - if (!fromnet) { - if (trace) { - fprintf(fd, "slave ignored: "); - print(msg, &from); - } - goto loop; - } - break; - - default: - if (!fromnet - || fromnet->status == IGNORE - || fromnet->status == NOMASTER) { - if (trace) { - fprintf(fd, "slave ignored: "); - print(msg, &from); - } - goto loop; - } - break; - } - - - /* - * now process the message - */ - switch (msg->tsp_type) { - - case TSP_ADJTIME: - if (fromnet != slavenet) - break; - if (!good_host_name(msg->tsp_name)) { - syslog(LOG_NOTICE, - "attempted time adjustment by %s", - msg->tsp_name); - suppress(&from, msg->tsp_name, fromnet); - break; - } - /* - * Speed up loop detection in case we have a loop. - * Otherwise the clocks can race until the loop - * is found. - */ - (void)gettimeofday(&otime, 0); - if (adjtime < otime.tv_sec) - looptime -= (looptime-otime.tv_sec)/2 + 1; - - setmaster(msg); - if (seq != msg->tsp_seq) { - seq = msg->tsp_seq; - synch(tvtomsround(msg->tsp_time)); - } - (void)gettimeofday(&ntime, 0); - electiontime = ntime.tv_sec + delay2; - fastelection = ntime.tv_sec + FASTTOUT; - adjtime = ntime.tv_sec + SAMPLEINTVL*2; - break; - - case TSP_SETTIME: - if (fromnet != slavenet) - break; - if (seq == msg->tsp_seq) - break; - seq = msg->tsp_seq; - - /* adjust time for residence on the queue */ - (void)gettimeofday(&otime, 0); - adj_msg_time(msg,&otime); -#ifdef sgi - (void)cftime(newdate, "%D %T", &msg->tsp_time.tv_sec); - (void)cftime(olddate, "%D %T", &otime.tv_sec); -#else - /* - * the following line is necessary due to syslog - * calling ctime() which clobbers the static buffer - */ - (void)strcpy(olddate, date()); - (void)strcpy(newdate, ctime(&msg->tsp_time.tv_sec)); -#endif /* sgi */ - - if (!good_host_name(msg->tsp_name)) { - syslog(LOG_NOTICE, - "attempted time setting by untrusted %s to %s", - msg->tsp_name, newdate); - suppress(&from, msg->tsp_name, fromnet); - break; - } - - setmaster(msg); - timevalsub(&ntime, &msg->tsp_time, &otime); - if (ntime.tv_sec < MAXADJ && ntime.tv_sec > -MAXADJ) { - /* - * do not change the clock if we can adjust it - */ - synch(tvtomsround(ntime)); - } else { -#ifdef sgi - if (0 > settimeofday(&msg->tsp_time, 0)) { - syslog(LOG_ERR,"settimeofdate(): %m"); - break; - } - logwtmp(&otime, &msg->tsp_time); -#else - logwtmp("|", "date", ""); - (void)settimeofday(&msg->tsp_time, 0); - logwtmp("}", "date", ""); -#endif /* sgi */ - syslog(LOG_NOTICE, - "date changed by %s from %s", - msg->tsp_name, olddate); - if (status & MASTER) - spreadtime(); - } - (void)gettimeofday(&ntime, 0); - electiontime = ntime.tv_sec + delay2; - fastelection = ntime.tv_sec + FASTTOUT; - -/* This patches a bad protocol bug. Imagine a system with several networks, - * where there are a pair of redundant gateways between a pair of networks, - * each running timed. Assume that we start with a third machine mastering - * one of the networks, and one of the gateways mastering the other. - * Imagine that the third machine goes away and the non-master gateway - * decides to replace it. If things are timed just 'right,' we will have - * each gateway mastering one network for a little while. If a SETTIME - * message gets into the network at that time, perhaps from the newly - * masterful gateway as it was taking control, the SETTIME will loop - * forever. Each time a gateway receives it on its slave side, it will - * call spreadtime to forward it on its mastered network. We are now in - * a permanent loop, since the SETTIME msgs will keep any clock - * in the network from advancing. Normally, the 'LOOP' stuff will detect - * and correct the situation. However, with the clocks stopped, the - * 'looptime' timer cannot expire. While they are in this state, the - * masters will try to saturate the network with SETTIME packets. - */ - looptime = ntime.tv_sec + (looptime-otime.tv_sec)/2-1; - break; - - case TSP_MASTERUP: - if (slavenet && fromnet != slavenet) - break; - if (!good_host_name(msg->tsp_name)) { - suppress(&from, msg->tsp_name, fromnet); - if (electiontime > fastelection) - electiontime = fastelection; - break; - } - makeslave(fromnet); - setmaster(msg); - setstatus(); - answerdelay(); - xmit(TSP_SLAVEUP, 0, &from); - (void)gettimeofday(&ntime, 0); - electiontime = ntime.tv_sec + delay2; - fastelection = ntime.tv_sec + FASTTOUT; - refusetime = 0; - break; - - case TSP_MASTERREQ: - if (fromnet->status != SLAVE) - break; - (void)gettimeofday(&ntime, 0); - electiontime = ntime.tv_sec + delay2; - break; - - case TSP_SETDATE: -#ifdef sgi - (void)cftime(newdate, "%D %T", &msg->tsp_time.tv_sec); -#else - (void)strcpy(newdate, ctime(&msg->tsp_time.tv_sec)); -#endif /* sgi */ - schgdate(msg, newdate); - break; - - case TSP_SETDATEREQ: - if (fromnet->status != MASTER) - break; -#ifdef sgi - (void)cftime(newdate, "%D %T", &msg->tsp_time.tv_sec); -#else - (void)strcpy(newdate, ctime(&msg->tsp_time.tv_sec)); -#endif /* sgi */ - htp = findhost(msg->tsp_name); - if (0 == htp) { - syslog(LOG_WARNING, - "DATEREQ from uncontrolled machine"); - break; - } - if (!htp->good) { - syslog(LOG_WARNING, - "attempted date change by untrusted %s to %s", - htp->name, newdate); - spreadtime(); - break; - } - schgdate(msg, newdate); - break; - - case TSP_TRACEON: - traceon(); - break; - - case TSP_TRACEOFF: - traceoff("Tracing ended at %s\n"); - break; - - case TSP_SLAVEUP: - newslave(msg); - break; - - case TSP_ELECTION: - if (fromnet->status == SLAVE) { - (void)gettimeofday(&ntime, 0); - electiontime = ntime.tv_sec + delay2; - fastelection = ntime.tv_sec + FASTTOUT; - seq = 0; - if (!good_host_name(msg->tsp_name)) { - syslog(LOG_NOTICE, - "suppress election of %s", - msg->tsp_name); - to.tsp_type = TSP_QUIT; - electiontime = fastelection; - } else if (cadr.s_addr != from.sin_addr.s_addr - && ntime.tv_sec < refusetime) { -/* if the candidate has to repeat itself, the old code would refuse it - * the second time. That would prevent elections. - */ - to.tsp_type = TSP_REFUSE; - } else { - cadr.s_addr = from.sin_addr.s_addr; - to.tsp_type = TSP_ACCEPT; - refusetime = ntime.tv_sec + 30; - } - taddr = from; - (void)strcpy(tname, msg->tsp_name); - (void)strcpy(to.tsp_name, hostname); - answerdelay(); - if (!acksend(&to, &taddr, tname, - TSP_ACK, 0, 0)) - syslog(LOG_WARNING, - "no answer from candidate %s\n", - tname); - - } else { /* fromnet->status == MASTER */ - htp = addmach(msg->tsp_name, &from,fromnet); - to.tsp_type = TSP_QUIT; - (void)strcpy(to.tsp_name, hostname); - if (!acksend(&to, &htp->addr, htp->name, - TSP_ACK, 0, htp->noanswer)) { - syslog(LOG_ERR, - "no reply from %s to ELECTION-QUIT", - htp->name); - (void)remmach(htp); - } - } - break; - - case TSP_CONFLICT: - if (fromnet->status != MASTER) - break; - /* - * After a network partition, there can be - * more than one master: the first slave to - * come up will notify here the situation. - */ - (void)strcpy(to.tsp_name, hostname); - - /* The other master often gets into the same state, - * with boring results. - */ - ntp = fromnet; /* (acksend() can leave fromnet=0 */ - for (tries = 0; tries < 3; tries++) { - to.tsp_type = TSP_RESOLVE; - answer = acksend(&to, &ntp->dest_addr, - ANYADDR, TSP_MASTERACK, - ntp, 0); - if (answer == NULL) - break; - htp = addmach(answer->tsp_name,&from,ntp); - to.tsp_type = TSP_QUIT; - answer = acksend(&to, &htp->addr, htp->name, - TSP_ACK, 0, htp->noanswer); - if (!answer) { - syslog(LOG_WARNING, - "conflict error: no reply from %s to QUIT", - htp->name); - (void)remmach(htp); - } - } - masterup(ntp); - break; - - case TSP_MSITE: - if (!slavenet) - break; - taddr = from; - to.tsp_type = TSP_MSITEREQ; - to.tsp_vers = TSPVERSION; - to.tsp_seq = 0; - (void)strcpy(to.tsp_name, hostname); - answer = acksend(&to, &slavenet->dest_addr, - ANYADDR, TSP_ACK, - slavenet, 0); - if (answer != NULL - && good_host_name(answer->tsp_name)) { - setmaster(answer); - to.tsp_type = TSP_ACK; - (void)strcpy(to.tsp_name, answer->tsp_name); - bytenetorder(&to); - if (sendto(sock, (char *)&to, - sizeof(struct tsp), 0, - (struct sockaddr*)&taddr, sizeof(taddr)) < 0) { - trace_sendto_err(taddr.sin_addr); - } - } - break; - - case TSP_MSITEREQ: - break; - - case TSP_ACCEPT: - case TSP_REFUSE: - case TSP_RESOLVE: - break; - - case TSP_QUIT: - doquit(msg); /* become a slave */ - break; - - case TSP_TEST: - electiontime = 0; - break; - - case TSP_LOOP: - /* looking for loops of masters */ - if (!(status & MASTER)) - break; - if (fromnet->status == SLAVE) { - if (!strcmp(msg->tsp_name, hostname)) { - /* - * Someone forwarded our message back to - * us. There must be a loop. Tell the - * master of this network to quit. - * - * The other master often gets into - * the same state, with boring results. - */ - ntp = fromnet; - for (tries = 0; tries < 3; tries++) { - to.tsp_type = TSP_RESOLVE; - answer = acksend(&to, &ntp->dest_addr, - ANYADDR, TSP_MASTERACK, - ntp,0); - if (answer == NULL) - break; - taddr = from; - (void)strcpy(tname, answer->tsp_name); - to.tsp_type = TSP_QUIT; - (void)strcpy(to.tsp_name, hostname); - if (!acksend(&to, &taddr, tname, - TSP_ACK, 0, 1)) { - syslog(LOG_ERR, - "no reply from %s to slave LOOP-QUIT", - tname); - } else { - electiontime = 0; - } - } - (void)gettimeofday(&ntime, 0); - looptime = ntime.tv_sec + FASTTOUT; - } else { - if (msg->tsp_hopcnt-- < 1) - break; - bytenetorder(msg); - for (ntp = nettab; ntp != 0; ntp = ntp->next) { - if (ntp->status == MASTER - && 0 > sendto(sock, (char *)msg, - sizeof(struct tsp), 0, - (struct sockaddr*)&ntp->dest_addr, - sizeof(ntp->dest_addr))) - trace_sendto_err(ntp->dest_addr.sin_addr); - } - } - } else { /* fromnet->status == MASTER */ - /* - * We should not have received this from a net - * we are master on. There must be two masters, - * unless the packet was really from us. - */ - if (from.sin_addr.s_addr - == fromnet->my_addr.s_addr) { - if (trace) - fprintf(fd,"discarding forwarded LOOP\n"); - break; - } - - /* - * The other master often gets into the same - * state, with boring results. - */ - ntp = fromnet; - for (tries = 0; tries < 3; tries++) { - to.tsp_type = TSP_RESOLVE; - answer = acksend(&to, &ntp->dest_addr, - ANYADDR, TSP_MASTERACK, - ntp,0); - if (!answer) - break; - htp = addmach(answer->tsp_name, - &from,ntp); - to.tsp_type = TSP_QUIT; - (void)strcpy(to.tsp_name, hostname); - if (!acksend(&to,&htp->addr,htp->name, - TSP_ACK, 0, htp->noanswer)) { - syslog(LOG_ERR, - "no reply from %s to master LOOP-QUIT", - htp->name); - (void)remmach(htp); - } - } - (void)gettimeofday(&ntime, 0); - looptime = ntime.tv_sec + FASTTOUT; - } - break; - default: - if (trace) { - fprintf(fd, "garbage message: "); - print(msg, &from); - } - break; - } - } - goto loop; -} - - -/* - * tell the world who our master is - */ -static void -setmaster(msg) - struct tsp *msg; -{ - if (slavenet - && (slavenet != old_slavenet - || strcmp(msg->tsp_name, master_name) - || old_status != status)) { - (void)strcpy(master_name, msg->tsp_name); - old_slavenet = slavenet; - old_status = status; - - if (status & MASTER) { - syslog(LOG_NOTICE, "submaster to %s", master_name); - if (trace) - fprintf(fd, "submaster to %s\n", master_name); - - } else { - syslog(LOG_NOTICE, "slave to %s", master_name); - if (trace) - fprintf(fd, "slave to %s\n", master_name); - } - } -} - - - -/* - * handle date change request on a slave - */ -static void -schgdate(msg, newdate) - struct tsp *msg; - char *newdate; -{ - struct tsp to; - u_short seq; - struct sockaddr_in taddr; - struct timeval otime; - - if (!slavenet) - return; /* no where to forward */ - - taddr = from; - seq = msg->tsp_seq; - - syslog(LOG_INFO, - "forwarding date change by %s to %s", - msg->tsp_name, newdate); - - /* adjust time for residence on the queue */ - (void)gettimeofday(&otime, 0); - adj_msg_time(msg, &otime); - - to.tsp_type = TSP_SETDATEREQ; - to.tsp_time = msg->tsp_time; - (void)strcpy(to.tsp_name, hostname); - if (!acksend(&to, &slavenet->dest_addr, - ANYADDR, TSP_DATEACK, - slavenet, 0)) - return; /* no answer */ - - xmit(TSP_DATEACK, seq, &taddr); -} - - -/* - * Used before answering a broadcast message to avoid network - * contention and likely collisions. - */ -static void -answerdelay() -{ -#ifdef sgi - sginap(delay1); -#else - struct timeval timeout; - - timeout.tv_sec = 0; - timeout.tv_usec = delay1; - - (void)select(0, (fd_set *)NULL, (fd_set *)NULL, (fd_set *)NULL, - &timeout); - return; -#endif /* sgi */ -} diff --git a/timed.tproj/timed.tproj/timed.8 b/timed.tproj/timed.tproj/timed.8 deleted file mode 100644 index 880ce2e..0000000 --- a/timed.tproj/timed.tproj/timed.8 +++ /dev/null @@ -1,219 +0,0 @@ -.\" Copyright (c) 1980, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)timed.8 8.1 (Berkeley) 6/6/93 -.\" -.Dd June 6, 1993 -.Dt TIMED 8 -.Os BSD 4.3 -.Sh NAME -.Nm timed -.Nd time server daemon -.Sh SYNOPSIS -.Nm timed -.Op Fl M -.Op Fl t -.Op Fl d -.Op Fl i Ar network -.Op Fl n Ar network -.Op Fl F Ar host1 host2 ... -.Sh DESCRIPTION -This -is a time server daemon and is normally invoked -at boot time from the -.Xr rc 8 -file. -It synchronizes the host's time with the time of other -machines in a local area network running -.Nm timed 8 . -These time servers will slow down the clocks of some machines -and speed up the clocks of others to bring them to the average network time. -The average network time is computed from measurements of clock differences -using the -.Tn ICMP -timestamp request message. -.Pp -The service provided by -.Nm timed -is based on a master-slave -scheme. -When -.Nm timed 8 -is started on a machine, it asks the master for the network time -and sets the host's clock to that time. -After that, it accepts synchronization messages periodically sent by -the master and calls -.Xr adjtime 2 -to perform the needed corrections on the host's clock. -.Pp -It also communicates with -.Xr date 1 -in order to set the date globally, -and with -.Xr timedc 8 , -a timed control program. -If the machine running the master crashes, then the slaves will elect -a new master from among slaves running with the -.Fl M -flag. -A -.Nm timed -running without the -.Fl M -or -.Fl F -flags will remain a slave. -The -.Fl t -flag enables -.Nm timed -to trace the messages it receives in the -file -.Pa /var/log/timed.log . -Tracing can be turned on or off by the program -.Xr timedc 8 . -The -.Fl d -flag is for debugging the daemon. -It causes the program to not put itself into the background. -Normally -.Nm timed -checks for a master time server on each network to which -it is connected, except as modified by the options described below. -It will request synchronization service from the first master server -located. -If permitted by the -.Fl M -flag, it will provide synchronization service on any attached networks -on which no current master server was detected. -Such a server propagates the time computed by the top-level master. -The -.Fl n -flag, followed by the name of a network which the host is connected to -(see -.Xr networks 5 ) , -overrides the default choice of the -network addresses made by the program. -Each time the -.Fl n -flag appears, that network name is added to a list of valid networks. -All other networks are ignored. -The -.Fl i -flag, followed by the name of a network to which the host is connected -(see -.Xr networks 5 ) , -overrides the default choice of the network addresses made by the program. -Each time the -.Fl i -flag appears, that network name is added to a list of networks to ignore. -All other networks are used by the time daemon. -The -.Fl n -and -.Fl i -flags are meaningless if used together. -.Pp -.Nm Timed -checks for a master time server on each network to which -it is connected, except as modified by the -.Fl n -and -.Fl i -options described above. -If it finds masters on more than one network, it chooses one network -on which to be a "slave," and then periodically checks the other -networks to see if the masters there have disappeared. -.Pp -One way to synchronize a group of machines is to use an NTP daemon to -synchronize the clock of one machine to a distant standard or a radio -receiver and -.Fl F Ar hostname -to tell its timed daemon to trust only itself. -.Pp -Messages printed by the kernel on the system console occur with -interrupts disabled. -This means that the clock stops while they are printing. -A machine with many disk or network hardware problems and consequent -messages cannot keep good time by itself. Each message typically causes -the clock to lose a dozen milliseconds. A time daemon can -correct the result. -.Pp -Messages in the system log about machines that failed to respond -usually indicate machines that crashed or were turned off. -Complaints about machines that failed to respond to initial time -settings are often associated with "multi-homed" machines -that looked for time masters on more than one network and eventually -chose to become a slave on the other network. -.Sh WARNING -If two or more time daemons, whether -.Nm timed , -.Xr NTP , -try to adjust the same clock, temporal chaos will result. -If both -.Nm -and another time daemon are run on the same machine, -ensure that the -.Fl F -flag is used, so that -.Nm timed -never attempts to adjust the local clock. -.Pp -The protocol is based on UDP/IP broadcasts. All machines within -the range of a broadcast that are using the TSP protocol must cooperate. -There cannot be more than a single administrative domain using the -.Fl F -flag among all machines reached by a broadcast packet. -Failure to follow this rule is usually indicated by complaints concerning -"untrusted" machines in the system log. -.Sh FILES -.Bl -tag -width /var/log/timed.masterlog -compact -.It Pa /var/log/timed.log -tracing file for timed -.It Pa /var/log/timed.masterlog -log file for master timed -.El -.Sh SEE ALSO -.Xr date 1 , -.Xr adjtime 2 , -.Xr gettimeofday 2 , -.Xr icmp 4 , -.Xr timedc 8 , -.Rs -.%T "TSP: The Time Synchronization Protocol for UNIX 4.3BSD" -.%A R. Gusella -.%A S. Zatti -.Re -.Sh HISTORY -The -.Nm -daemon appeared in -.Bx 4.3 . diff --git a/timed.tproj/timed.tproj/timed.c b/timed.tproj/timed.tproj/timed.c deleted file mode 100644 index 0079b16..0000000 --- a/timed.tproj/timed.tproj/timed.c +++ /dev/null @@ -1,1006 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1985, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -static char sccsid[] = "@(#)timed.c 8.2 (Berkeley) 3/26/95"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif /* sgi */ - -#define TSPTYPES -#include "globals.h" -#include -#include -#include -#include -#include "pathnames.h" -#include -#include -#include -#ifdef sgi -#include -#include -#include -#endif /* sgi */ - -int trace = 0; -int sock, sock_raw = -1; -int status = 0; -u_short sequence; /* sequence number */ -long delay1; -long delay2; - -int nslavenets; /* nets were I could be a slave */ -int nmasternets; /* nets were I could be a master */ -int nignorednets; /* ignored nets */ -int nnets; /* nets I am connected to */ - -FILE *fd; /* trace file FD */ - -jmp_buf jmpenv; - -struct netinfo *nettab = 0; -struct netinfo *slavenet; -int Mflag; -int justquit = 0; -int debug; - -static struct nets { - char *name; - long net; - struct nets *next; -} *nets = 0; - -struct hosttbl hosttbl[NHOSTS+1]; /* known hosts */ - -static struct goodhost { /* hosts that we trust */ - char name[MAXHOSTNAMELEN+1]; - struct goodhost *next; - char perm; -} *goodhosts; - -static char *goodgroup; /* net group of trusted hosts */ -static void checkignorednets __P((void)); -static void pickslavenet __P((struct netinfo *)); -static void add_good_host __P((char *, int)); - -#ifdef sgi -char *timetrim_fn; -char *timetrim_wpat = "long timetrim = %ld;\ndouble tot_adj = %.0f;\ndouble tot_ticks = %.0f;\n/* timed version 2 */\n"; -char *timetrim_rpat = "long timetrim = %ld;\ndouble tot_adj = %lf;\ndouble tot_ticks = %lf;"; -long timetrim; -double tot_adj, hr_adj; /* totals in nsec */ -double tot_ticks, hr_ticks; - -int bufspace = 60*1024; -#endif - - -/* - * The timedaemons synchronize the clocks of hosts in a local area network. - * One daemon runs as master, all the others as slaves. The master - * performs the task of computing clock differences and sends correction - * values to the slaves. - * Slaves start an election to choose a new master when the latter disappears - * because of a machine crash, network partition, or when killed. - * A resolution protocol is used to kill all but one of the masters - * that happen to exist in segments of a partitioned network when the - * network partition is fixed. - * - * Authors: Riccardo Gusella & Stefano Zatti - * - * overhauled at Silicon Graphics - */ -int -main(argc, argv) - int argc; - char *argv[]; -{ - int on; - int ret; - int nflag, iflag; - struct timeval ntime; - struct servent *srvp; - char buf[BUFSIZ], *cp, *cplim; - struct ifconf ifc; - struct ifreq ifreq, ifreqf, *ifr; - register struct netinfo *ntp; - struct netinfo *ntip; - struct netinfo *savefromnet; - struct netent *nentp; - struct nets *nt; - static struct sockaddr_in server; - u_short port; - char c; - extern char *optarg; - extern int optind, opterr; -#ifdef sgi - FILE *timetrim_st; -#endif - -#define IN_MSG "timed: -i and -n make no sense together\n" -#ifdef sgi - struct tms tms; -#define USAGE "timed: [-dtM] [-i net|-n net] [-F host1 host2 ...] [-G netgp] [-P trimfile]\n" -#else -#ifdef HAVENIS -#define USAGE "timed: [-dtM] [-i net|-n net] [-F host1 host2 ...] [-G netgp]\n" -#else -#define USAGE "timed: [-dtM] [-i net|-n net] [-F host1 host2 ...]\n" -#endif /* HAVENIS */ -#endif /* sgi */ - -#ifdef lint - ntip = NULL; -#endif - - on = 1; - nflag = OFF; - iflag = OFF; - -#ifdef sgi - if (0 > syssgi(SGI_GETTIMETRIM, &timetrim)) { - perror("timed: syssgi(GETTIMETRIM)"); - timetrim = 0; - } - tot_ticks = hr_ticks = times(&tms); -#endif /* sgi */ - - opterr = 0; - while ((c = getopt(argc, argv, "Mtdn:i:F:G:P:")) != EOF) { - switch (c) { - case 'M': - Mflag = 1; - break; - - case 't': - trace = 1; - break; - - case 'n': - if (iflag) { - fprintf(stderr, IN_MSG); - exit(1); - } else { - nflag = ON; - addnetname(optarg); - } - break; - - case 'i': - if (nflag) { - fprintf(stderr, IN_MSG); - exit(1); - } else { - iflag = ON; - addnetname(optarg); - } - break; - - case 'F': - add_good_host(optarg,1); - while (optind < argc && argv[optind][0] != '-') - add_good_host(argv[optind++], 1); - break; - - case 'd': - debug = 1; - break; - case 'G': - if (goodgroup != 0) { - fprintf(stderr,"timed: only one net group\n"); - exit(1); - } - goodgroup = optarg; - break; -#ifdef sgi - case 'P': - timetrim_fn = optarg; - break; -#endif /* sgi */ - - default: - fprintf(stderr, USAGE); - exit(1); - break; - } - } - if (optind < argc) { - fprintf(stderr, USAGE); - exit(1); - } - -#ifdef sgi - if (timetrim_fn == 0) { - ; - } else if (0 == (timetrim_st = fopen(timetrim_fn, "r+"))) { - if (errno != ENOENT) { - (void)fprintf(stderr,"timed: "); - perror(timetrim_fn); - timetrim_fn = 0; - } - } else { - int i; - long trim; - double adj, ticks; - - i = fscanf(timetrim_st, timetrim_rpat, - &trim, &adj, &ticks); - if (i < 1 - || trim > MAX_TRIM - || trim < -MAX_TRIM - || i == 2 - || (i == 3 - && trim != rint(adj*CLK_TCK/ticks))) { - if (trace && i != EOF) - (void)fprintf(stderr, - "timed: unrecognized contents in %s\n", - timetrim_fn); - } else { - if (0 > syssgi(SGI_SETTIMETRIM, - trim)) { - perror("timed: syssgi(SETTIMETRIM)"); - } else { - timetrim = trim; - } - if (i == 3) - tot_ticks -= ticks; - } - (void)fclose(timetrim_st); - } -#endif /* sgi */ - - /* If we care about which machine is the master, then we must - * be willing to be a master - */ - if (0 != goodgroup || 0 != goodhosts) - Mflag = 1; - - if (gethostname(hostname, sizeof(hostname) - 1) < 0) { - perror("gethostname"); - exit(1); - } - self.l_bak = &self; - self.l_fwd = &self; - self.h_bak = &self; - self.h_fwd = &self; - self.head = 1; - self.good = 1; - - if (goodhosts != 0) /* trust ourself */ - add_good_host(hostname,1); - - srvp = getservbyname("timed", "udp"); - if (srvp == 0) { - fprintf(stderr, "unknown service 'timed/udp'\n"); - exit(1); - } - port = srvp->s_port; - server.sin_addr.s_addr = INADDR_ANY; - server.sin_port = srvp->s_port; - server.sin_family = AF_INET; - sock = socket(AF_INET, SOCK_DGRAM, 0); - if (sock < 0) { - perror("socket"); - exit(1); - } - if (setsockopt(sock, SOL_SOCKET, SO_BROADCAST, (char *)&on, - sizeof(on)) < 0) { - perror("setsockopt"); - exit(1); - } - if (bind(sock, (struct sockaddr*)&server, sizeof(server))) { - if (errno == EADDRINUSE) - fprintf(stderr,"timed: time daemon already running\n"); - else - perror("bind"); - exit(1); - } -#ifdef sgi - /* - * handle many slaves with our buffer - */ - if (0 > setsockopt(sock, SOL_SOCKET, SO_RCVBUF, (char*)&bufspace, - sizeof(bufspace))) { - perror("setsockopt"); - exit(1); - } -#endif /* sgi */ - - /* choose a unique seed for random number generation */ - (void)gettimeofday(&ntime, 0); - srandom(ntime.tv_sec + ntime.tv_usec); - - sequence = random(); /* initial seq number */ - -#ifndef sgi - /* rounds kernel variable time to multiple of 5 ms. */ - ntime.tv_sec = 0; - ntime.tv_usec = -((ntime.tv_usec/1000) % 5) * 1000; - (void)adjtime(&ntime, (struct timeval *)0); -#endif /* sgi */ - - for (nt = nets; nt; nt = nt->next) { - nentp = getnetbyname(nt->name); - if (nentp == 0) { - nt->net = inet_network(nt->name); - if (nt->net != INADDR_NONE) - nentp = getnetbyaddr(nt->net, AF_INET); - } - if (nentp != 0) { - nt->net = nentp->n_net; - } else if (nt->net == INADDR_NONE) { - fprintf(stderr, "timed: unknown net %s\n", nt->name); - exit(1); - } else if (nt->net == INADDR_ANY) { - fprintf(stderr, "timed: bad net %s\n", nt->name); - exit(1); - } else { - fprintf(stderr, - "timed: warning: %s unknown in /etc/networks\n", - nt->name); - } - - if (0 == (nt->net & 0xff000000)) - nt->net <<= 8; - if (0 == (nt->net & 0xff000000)) - nt->net <<= 8; - if (0 == (nt->net & 0xff000000)) - nt->net <<= 8; - } - ifc.ifc_len = sizeof(buf); - ifc.ifc_buf = buf; - if (ioctl(sock, SIOCGIFCONF, (char *)&ifc) < 0) { - perror("timed: get interface configuration"); - exit(1); - } - ntp = NULL; -#ifdef sgi -#define size(p) (sizeof(*ifr) - sizeof(ifr->ifr_name)) /* XXX hack. kludge */ -#else -#define size(p) max((p).sa_len, sizeof(p)) -#endif - cplim = buf + ifc.ifc_len; /*skip over if's with big ifr_addr's */ - for (cp = buf; cp < cplim; - cp += sizeof (ifr->ifr_name) + size(ifr->ifr_addr)) { - ifr = (struct ifreq *)cp; - if (ifr->ifr_addr.sa_family != AF_INET) - continue; - if (!ntp) - ntp = (struct netinfo*)malloc(sizeof(struct netinfo)); - bzero(ntp,sizeof(*ntp)); - ntp->my_addr=((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr; - ntp->status = NOMASTER; - ifreq = *ifr; - ifreqf = *ifr; - - if (ioctl(sock, SIOCGIFFLAGS, (char *)&ifreqf) < 0) { - perror("get interface flags"); - continue; - } - if ((ifreqf.ifr_flags & IFF_UP) == 0) - continue; - if ((ifreqf.ifr_flags & IFF_BROADCAST) == 0 && - (ifreqf.ifr_flags & IFF_POINTOPOINT) == 0) { - continue; - } - - - if (ioctl(sock, SIOCGIFNETMASK, (char *)&ifreq) < 0) { - perror("get netmask"); - continue; - } - ntp->mask = ((struct sockaddr_in *) - &ifreq.ifr_addr)->sin_addr.s_addr; - - if (ifreqf.ifr_flags & IFF_BROADCAST) { - if (ioctl(sock, SIOCGIFBRDADDR, (char *)&ifreq) < 0) { - perror("get broadaddr"); - continue; - } - ntp->dest_addr = *(struct sockaddr_in *)&ifreq.ifr_broadaddr; - /* What if the broadcast address is all ones? - * So we cannot just mask ntp->dest_addr. */ - ntp->net = ntp->my_addr; - ntp->net.s_addr &= ntp->mask; - } else { - if (ioctl(sock, SIOCGIFDSTADDR, - (char *)&ifreq) < 0) { - perror("get destaddr"); - continue; - } - ntp->dest_addr = *(struct sockaddr_in *)&ifreq.ifr_dstaddr; - ntp->net = ntp->dest_addr.sin_addr; - } - - ntp->dest_addr.sin_port = port; - - for (nt = nets; nt; nt = nt->next) { - if (ntp->net.s_addr == nt->net) - break; - } - if (nflag && !nt || iflag && nt) - continue; - - ntp->next = NULL; - if (nettab == NULL) { - nettab = ntp; - } else { - ntip->next = ntp; - } - ntip = ntp; - ntp = NULL; - } - if (ntp) - (void) free((char *)ntp); - if (nettab == NULL) { - fprintf(stderr, "timed: no network usable\n"); - exit(1); - } - - -#ifdef sgi - (void)schedctl(RENICE,0,10); /* run fast to get good time */ - - /* ticks to delay before responding to a broadcast */ - delay1 = casual(0, CLK_TCK/10); -#else - - /* microseconds to delay before responding to a broadcast */ - delay1 = casual(1, 100*1000); -#endif /* sgi */ - - /* election timer delay in secs. */ - delay2 = casual(MINTOUT, MAXTOUT); - - -#ifdef sgi - (void)_daemonize(debug ? _DF_NOFORK|_DF_NOCHDIR : 0, sock, -1, -1); -#else - if (!debug) - daemon(debug, 0); -#endif /* sgi */ - - if (trace) - traceon(); - openlog("timed", LOG_CONS|LOG_PID, LOG_DAEMON); - - /* - * keep returning here - */ - ret = setjmp(jmpenv); - savefromnet = fromnet; - setstatus(); - - if (Mflag) { - switch (ret) { - - case 0: - checkignorednets(); - pickslavenet(0); - break; - case 1: - /* Just lost our master */ - if (slavenet != 0) - slavenet->status = election(slavenet); - if (!slavenet || slavenet->status == MASTER) { - checkignorednets(); - pickslavenet(0); - } else { - makeslave(slavenet); /* prune extras */ - } - break; - - case 2: - /* Just been told to quit */ - justquit = 1; - pickslavenet(savefromnet); - break; - } - - setstatus(); - if (!(status & MASTER) && sock_raw != -1) { - /* sock_raw is not being used now */ - (void)close(sock_raw); - sock_raw = -1; - } - - if (status == MASTER) - master(); - else - slave(); - - } else { - if (sock_raw != -1) { - (void)close(sock_raw); - sock_raw = -1; - } - - if (ret) { - /* we just lost our master or were told to quit */ - justquit = 1; - } - for (ntp = nettab; ntp != NULL; ntp = ntp->next) { - if (ntp->status == MASTER) - rmnetmachs(ntp); - ntp->status = NOMASTER; - } - checkignorednets(); - pickslavenet(0); - setstatus(); - - slave(); - } - /* NOTREACHED */ -#ifdef lint - return(0); -#endif -} - -/* - * suppress an upstart, untrustworthy, self-appointed master - */ -void -suppress(addr, name,net) - struct sockaddr_in *addr; - char *name; - struct netinfo *net; -{ - struct sockaddr_in tgt; - char tname[MAXHOSTNAMELEN]; - struct tsp msg; - static struct timeval wait; - - if (trace) - fprintf(fd, "suppress: %s\n", name); - tgt = *addr; - (void)strcpy(tname, name); - - while (0 != readmsg(TSP_ANY, ANYADDR, &wait, net)) { - if (trace) - fprintf(fd, "suppress:\tdiscarded packet from %s\n", - name); - } - - syslog(LOG_NOTICE, "suppressing false master %s", tname); - msg.tsp_type = TSP_QUIT; - (void)strcpy(msg.tsp_name, hostname); - (void)acksend(&msg, &tgt, tname, TSP_ACK, 0, 1); -} - -void -lookformaster(ntp) - struct netinfo *ntp; -{ - struct tsp resp, conflict, *answer; - struct timeval ntime; - char mastername[MAXHOSTNAMELEN]; - struct sockaddr_in masteraddr; - - get_goodgroup(0); - ntp->status = SLAVE; - - /* look for master */ - resp.tsp_type = TSP_MASTERREQ; - (void)strcpy(resp.tsp_name, hostname); - answer = acksend(&resp, &ntp->dest_addr, ANYADDR, - TSP_MASTERACK, ntp, 0); - if (answer != 0 && !good_host_name(answer->tsp_name)) { - suppress(&from, answer->tsp_name, ntp); - ntp->status = NOMASTER; - answer = 0; - } - if (answer == 0) { - /* - * Various conditions can cause conflict: races between - * two just started timedaemons when no master is - * present, or timedaemons started during an election. - * A conservative approach is taken. Give up and became a - * slave, postponing election of a master until first - * timer expires. - */ - ntime.tv_sec = ntime.tv_usec = 0; - answer = readmsg(TSP_MASTERREQ, ANYADDR, &ntime, ntp); - if (answer != 0) { - if (!good_host_name(answer->tsp_name)) { - suppress(&from, answer->tsp_name, ntp); - ntp->status = NOMASTER; - } - return; - } - - ntime.tv_sec = ntime.tv_usec = 0; - answer = readmsg(TSP_MASTERUP, ANYADDR, &ntime, ntp); - if (answer != 0) { - if (!good_host_name(answer->tsp_name)) { - suppress(&from, answer->tsp_name, ntp); - ntp->status = NOMASTER; - } - return; - } - - ntime.tv_sec = ntime.tv_usec = 0; - answer = readmsg(TSP_ELECTION, ANYADDR, &ntime, ntp); - if (answer != 0) { - if (!good_host_name(answer->tsp_name)) { - suppress(&from, answer->tsp_name, ntp); - ntp->status = NOMASTER; - } - return; - } - - if (Mflag) - ntp->status = MASTER; - else - ntp->status = NOMASTER; - return; - } - - ntp->status = SLAVE; - (void)strcpy(mastername, answer->tsp_name); - masteraddr = from; - - /* - * If network has been partitioned, there might be other - * masters; tell the one we have just acknowledged that - * it has to gain control over the others. - */ - ntime.tv_sec = 0; - ntime.tv_usec = 300000; - answer = readmsg(TSP_MASTERACK, ANYADDR, &ntime, ntp); - /* - * checking also not to send CONFLICT to ack'ed master - * due to duplicated MASTERACKs - */ - if (answer != NULL && - strcmp(answer->tsp_name, mastername) != 0) { - conflict.tsp_type = TSP_CONFLICT; - (void)strcpy(conflict.tsp_name, hostname); - if (!acksend(&conflict, &masteraddr, mastername, - TSP_ACK, 0, 0)) { - syslog(LOG_ERR, - "error on sending TSP_CONFLICT"); - } - } -} - -/* - * based on the current network configuration, set the status, and count - * networks; - */ -void -setstatus() -{ - struct netinfo *ntp; - - status = 0; - nmasternets = nslavenets = nnets = nignorednets = 0; - if (trace) - fprintf(fd, "Net status:\n"); - for (ntp = nettab; ntp != NULL; ntp = ntp->next) { - switch ((int)ntp->status) { - case MASTER: - nmasternets++; - break; - case SLAVE: - nslavenets++; - break; - case NOMASTER: - case IGNORE: - nignorednets++; - break; - } - if (trace) { - fprintf(fd, "\t%-16s", inet_ntoa(ntp->net)); - switch ((int)ntp->status) { - case NOMASTER: - fprintf(fd, "NOMASTER\n"); - break; - case MASTER: - fprintf(fd, "MASTER\n"); - break; - case SLAVE: - fprintf(fd, "SLAVE\n"); - break; - case IGNORE: - fprintf(fd, "IGNORE\n"); - break; - default: - fprintf(fd, "invalid state %d\n", - (int)ntp->status); - break; - } - } - nnets++; - status |= ntp->status; - } - status &= ~IGNORE; - if (trace) - fprintf(fd, - "\tnets=%d masters=%d slaves=%d ignored=%d delay2=%d\n", - nnets, nmasternets, nslavenets, nignorednets, delay2); -} - -void -makeslave(net) - struct netinfo *net; -{ - register struct netinfo *ntp; - - for (ntp = nettab; ntp != NULL; ntp = ntp->next) { - if (ntp->status == SLAVE && ntp != net) - ntp->status = IGNORE; - } - slavenet = net; -} - -/* - * Try to become master over ignored nets.. - */ -static void -checkignorednets() -{ - register struct netinfo *ntp; - - for (ntp = nettab; ntp != NULL; ntp = ntp->next) { - if (!Mflag && ntp->status == SLAVE) - break; - - if (ntp->status == IGNORE || ntp->status == NOMASTER) { - lookformaster(ntp); - if (!Mflag && ntp->status == SLAVE) - break; - } - } -} - -/* - * choose a good network on which to be a slave - * The ignored networks must have already been checked. - * Take a hint about for a good network. - */ -static void -pickslavenet(ntp) - struct netinfo *ntp; -{ - if (slavenet != 0 && slavenet->status == SLAVE) { - makeslave(slavenet); /* prune extras */ - return; - } - - if (ntp == 0 || ntp->status != SLAVE) { - for (ntp = nettab; ntp != 0; ntp = ntp->next) { - if (ntp->status == SLAVE) - break; - } - } - makeslave(ntp); -} - -/* - * returns a random number in the range [inf, sup] - */ -long -casual(inf, sup) - long inf, sup; -{ - double value; - - value = ((double)(random() & 0x7fffffff)) / (0x7fffffff*1.0); - return(inf + (sup - inf)*value); -} - -char * -date() -{ -#ifdef sgi - struct timeval tv; - static char tm[32]; - - (void)gettimeofday(&tv, (struct timezone *)0); - (void)cftime(tm, "%D %T", &tv.tv_sec); - return (tm); -#else - struct timeval tv; - - (void)gettimeofday(&tv, (struct timezone *)0); - return (ctime(&tv.tv_sec)); -#endif /* sgi */ -} - -void -addnetname(name) - char *name; -{ - register struct nets **netlist = &nets; - - while (*netlist) - netlist = &((*netlist)->next); - *netlist = (struct nets *)malloc(sizeof **netlist); - if (*netlist == 0) { - fprintf(stderr,"malloc failed\n"); - exit(1); - } - bzero((char *)*netlist, sizeof(**netlist)); - (*netlist)->name = name; -} - -/* note a host as trustworthy */ -static void -add_good_host(name, perm) - char *name; - int perm; /* 1=not part of the netgroup */ -{ - register struct goodhost *ghp; - register struct hostent *hentp; - - ghp = (struct goodhost*)malloc(sizeof(*ghp)); - if (!ghp) { - syslog(LOG_ERR, "malloc failed"); - exit(1); - } - - bzero((char*)ghp, sizeof(*ghp)); - (void)strncpy(&ghp->name[0], name, sizeof(ghp->name)); - ghp->next = goodhosts; - ghp->perm = perm; - goodhosts = ghp; - - hentp = gethostbyname(name); - if (0 == hentp && perm) - (void)fprintf(stderr, "unknown host %s\n", name); -} - - -/* update our image of the net-group of trustworthy hosts - */ -void -get_goodgroup(force) - int force; -{ -# define NG_DELAY (30*60*CLK_TCK) /* 30 minutes */ - static unsigned long last_update = -NG_DELAY; - unsigned long new_update; - struct hosttbl *htp; - struct goodhost *ghp, **ghpp; - char *mach, *usr, *dom; - struct tms tm; - - - /* if no netgroup, then we are finished */ - if (goodgroup == 0 || !Mflag) - return; - - /* Do not chatter with the netgroup master too often. - */ - new_update = times(&tm); - if (new_update < last_update + NG_DELAY - && !force) - return; - last_update = new_update; - - /* forget the old temporary entries */ - ghpp = &goodhosts; - while (0 != (ghp = *ghpp)) { - if (!ghp->perm) { - *ghpp = ghp->next; - free((char*)ghp); - } else { - ghpp = &ghp->next; - } - } - -#ifdef HAVENIS - /* quit now if we are not one of the trusted masters - */ - if (!innetgr(goodgroup, &hostname[0], 0,0)) { - if (trace) - (void)fprintf(fd, "get_goodgroup: %s not in %s\n", - &hostname[0], goodgroup); - return; - } - if (trace) - (void)fprintf(fd, "get_goodgroup: %s in %s\n", - &hostname[0], goodgroup); - - /* mark the entire netgroup as trusted */ - (void)setnetgrent(goodgroup); - while (getnetgrent(&mach,&usr,&dom)) { - if (0 != mach) - add_good_host(mach,0); - } - (void)endnetgrent(); - - /* update list of slaves */ - for (htp = self.l_fwd; htp != &self; htp = htp->l_fwd) { - htp->good = good_host_name(&htp->name[0]); - } -#endif /* HAVENIS */ -} - - -/* see if a machine is trustworthy - */ -int /* 1=trust hp to change our date */ -good_host_name(name) - char *name; -{ - register struct goodhost *ghp = goodhosts; - register char c; - - if (!ghp || !Mflag) /* trust everyone if no one named */ - return 1; - - c = *name; - do { - if (c == ghp->name[0] - && !strcasecmp(name, ghp->name)) - return 1; /* found him, so say so */ - } while (0 != (ghp = ghp->next)); - - if (!strcasecmp(name,hostname)) /* trust ourself */ - return 1; - - return 0; /* did not find him */ -} diff --git a/timed.tproj/timedc.tproj/Makefile b/timed.tproj/timedc.tproj/Makefile deleted file mode 100644 index f553155..0000000 --- a/timed.tproj/timedc.tproj/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = timedc - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = extern.h timedc.h - -CFILES = cmds.c cmdtab.c timedc.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble m.template\ - h.template timedc.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD/$(NAME) - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/timed.tproj/timedc.tproj/Makefile.postamble b/timed.tproj/timedc.tproj/Makefile.postamble deleted file mode 100644 index ee578ca..0000000 --- a/timed.tproj/timedc.tproj/Makefile.postamble +++ /dev/null @@ -1,126 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder project (NS3.X = 1.1, NS4.0 = 2.0) -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES - # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A - # This should be incremented as your API changes. -#COMPATIBILITY_PROJECT_VERSION = 1 - # This should be incremented as your API grows. -#CURRENT_PROJECT_VERSION = 1 - # Defaults to using the "vers_string" hack. - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wmost -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S - # for .a archives -#DYNAMIC_STRIP_OPTS = -S - # for bundles and shared libraries - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -# Note: on MS Windows, executables, have an extension, so rules and dependencies -# for generated tools should use $(EXECUTABLE_EXT) on the end. -VPATH += :../timed.tproj -after_install:: - $(MKDIR) -p $(DSTROOT)/usr/share/man/man8 - $(CP) timedc.8 $(DSTROOT)/usr/share/man/man8/ diff --git a/timed.tproj/timedc.tproj/Makefile.preamble b/timed.tproj/timedc.tproj/Makefile.preamble deleted file mode 100644 index b5b8eac..0000000 --- a/timed.tproj/timedc.tproj/Makefile.preamble +++ /dev/null @@ -1,130 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# If you do not want any headers exported before compilations begin, -# uncomment the following line. This can be a big time saver. -#SKIP_EXPORTING_HEADERS = YES - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set these two macros if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the public header directory -# on the specified public header files with the specified additional flags. -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -# Set this for library projects if you want to publish header files. If your -# app or tool project exports headers Don't -# include $(DSTROOT); this is added for you automatically. -PUBLIC_HEADER_DIR = -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Set this for dynamic library projects on platforms where code which references -# a dynamic library must link against an import library (i.e., Windows NT) -# Don't include $(DSTROOT); this is added for you automatically. -IMPORT_LIBRARY_DIR = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Uncomment this to produce a static archive-style (.a) library -#LIBRARY_STYLE = STATIC - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = byteorder.o measure.o cksum.o -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = -# .x files that should have rpcgen run on them -RPCFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - diff --git a/timed.tproj/timedc.tproj/PB.project b/timed.tproj/timedc.tproj/PB.project deleted file mode 100644 index a4a35bf..0000000 --- a/timed.tproj/timedc.tproj/PB.project +++ /dev/null @@ -1,27 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (extern.h, timedc.h); - OTHER_LINKED = (cmds.c, cmdtab.c, timedc.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, m.template, h.template); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD/$(NAME)"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = timedc; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/timed.tproj/timedc.tproj/cmds.c b/timed.tproj/timedc.tproj/cmds.c deleted file mode 100644 index 80995ec..0000000 --- a/timed.tproj/timedc.tproj/cmds.c +++ /dev/null @@ -1,549 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)cmds.c 8.2 (Berkeley) 3/26/95"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include "timedc.h" -#include - -#include -#include -#include - -#include -#include -#include - -#define TSPTYPES -#include - -#ifdef sgi -#include -#include -#else -#define SECHR (60*60) -#define SECDAY (24*SECHR) -#endif /* sgi */ - -# define DATE_PROTO "udp" -# define DATE_PORT "time" - - -int sock; -int sock_raw; -char myname[MAXHOSTNAMELEN]; -struct hostent *hp; -struct sockaddr_in server; -struct sockaddr_in dayaddr; -extern int measure_delta; - -void bytenetorder(struct tsp *); -void bytehostorder(struct tsp *); - - -#define BU ((unsigned long)2208988800) /* seconds before UNIX epoch */ - - -/* compute the difference between our date and another machine - */ -static int /* difference in days from our time */ -daydiff(hostname) - char *hostname; -{ - int i; - int trials; - struct timeval tout, now; - fd_set ready; - struct sockaddr from; - int fromlen; - unsigned long sec; - - - /* wait 2 seconds between 10 tries */ - tout.tv_sec = 2; - tout.tv_usec = 0; - for (trials = 0; trials < 10; trials++) { - /* ask for the time */ - sec = 0; - if (sendto(sock, &sec, sizeof(sec), 0, - (struct sockaddr*)&dayaddr, sizeof(dayaddr)) < 0) { - perror("sendto(sock)"); - return 0; - } - - for (;;) { - FD_ZERO(&ready); - FD_SET(sock, &ready); - i = select(sock+1, &ready, (fd_set *)0, - (fd_set *)0, &tout); - if (i < 0) { - if (errno == EINTR) - continue; - perror("select(date read)"); - return 0; - } - if (0 == i) - break; - - fromlen = sizeof(from); - if (recvfrom(sock,&sec,sizeof(sec),0, - &from,&fromlen) < 0) { - perror("recvfrom(date read)"); - return 0; - } - - sec = ntohl(sec); - if (sec < BU) { - fprintf(stderr, - "%s says it is before 1970: %lu", - hostname, sec); - return 0; - } - sec -= BU; - - (void)gettimeofday(&now, (struct timezone*)0); - return (sec - now.tv_sec); - } - } - - /* if we get here, we tried too many times */ - fprintf(stderr,"%s will not tell us the date\n", hostname); - return 0; -} - - -/* - * Clockdiff computes the difference between the time of the machine on - * which it is called and the time of the machines given as argument. - * The time differences measured by clockdiff are obtained using a sequence - * of ICMP TSTAMP messages which are returned to the sender by the IP module - * in the remote machine. - * In order to compare clocks of machines in different time zones, the time - * is transmitted (as a 32-bit value) in milliseconds since midnight UT. - * If a hosts uses a different time format, it should set the high order - * bit of the 32-bit quantity it transmits. - * However, VMS apparently transmits the time in milliseconds since midnight - * local time (rather than GMT) without setting the high order bit. - * Furthermore, it does not understand daylight-saving time. This makes - * clockdiff behaving inconsistently with hosts running VMS. - * - * In order to reduce the sensitivity to the variance of message transmission - * time, clockdiff sends a sequence of messages. Yet, measures between - * two `distant' hosts can be affected by a small error. The error can, - * however, be reduced by increasing the number of messages sent in each - * measurement. - */ -void -clockdiff(argc, argv) - int argc; - char *argv[]; -{ - int measure_status; - extern int measure(u_long, u_long, char *, struct sockaddr_in*, int); - register int avg_cnt; - register long avg; - struct servent *sp; - - if (argc < 2) { - printf("Usage: clockdiff host ... \n"); - return; - } - - (void)gethostname(myname,sizeof(myname)); - - /* get the address for the date ready */ - sp = getservbyname(DATE_PORT, DATE_PROTO); - if (!sp) { - (void)fprintf(stderr, "%s/%s is an unknown service\n", - DATE_PORT, DATE_PROTO); - dayaddr.sin_port = 0; - } else { - dayaddr.sin_port = sp->s_port; - } - - while (argc > 1) { - argc--; argv++; - hp = gethostbyname(*argv); - if (hp == NULL) { - fprintf(stderr, "timedc: %s: ", *argv); - herror(0); - continue; - } - - server.sin_family = hp->h_addrtype; - bcopy(hp->h_addr, &server.sin_addr.s_addr, hp->h_length); - for (avg_cnt = 0, avg = 0; avg_cnt < 16; avg_cnt++) { - measure_status = measure(10000,100, *argv, &server, 1); - if (measure_status != GOOD) - break; - avg += measure_delta; - } - if (measure_status == GOOD) - measure_delta = avg/avg_cnt; - - switch (measure_status) { - case HOSTDOWN: - printf("%s is down\n", hp->h_name); - continue; - case NONSTDTIME: - printf("%s transmitts a non-standard time format\n", - hp->h_name); - continue; - case UNREACHABLE: - printf("%s is unreachable\n", hp->h_name); - continue; - } - - /* - * Try to get the date only after using ICMP timestamps to - * get the time. This is because the date protocol - * is optional. - */ - if (dayaddr.sin_port != 0) { - dayaddr.sin_family = hp->h_addrtype; - bcopy(hp->h_addr, &dayaddr.sin_addr.s_addr, - hp->h_length); - avg = daydiff(*argv); - if (avg > SECDAY) { - printf("time on %s is %ld days ahead %s\n", - hp->h_name, avg/SECDAY, myname); - continue; - } else if (avg < -SECDAY) { - printf("time on %s is %ld days behind %s\n", - hp->h_name, -avg/SECDAY, myname); - continue; - } - } - - if (measure_delta > 0) { - printf("time on %s is %d ms. ahead of time on %s\n", - hp->h_name, measure_delta, myname); - } else if (measure_delta == 0) { - printf("%s and %s have the same time\n", - hp->h_name, myname); - } else { - printf("time on %s is %d ms. behind time on %s\n", - hp->h_name, -measure_delta, myname); - } - } - return; -} - - -/* - * finds location of master timedaemon - */ -void -msite(argc, argv) - int argc; - char *argv[]; -{ - int cc; - fd_set ready; - struct sockaddr_in dest; - int i, length; - struct sockaddr from; - struct timeval tout; - struct tsp msg; - struct servent *srvp; - char *tgtname; - - if (argc < 1) { - printf("Usage: msite [hostname]\n"); - return; - } - - srvp = getservbyname("timed", "udp"); - if (srvp == 0) { - fprintf(stderr, "udp/timed: unknown service\n"); - return; - } - dest.sin_port = srvp->s_port; - dest.sin_family = AF_INET; - - (void)gethostname(myname, sizeof(myname)); - i = 1; - do { - tgtname = (i >= argc) ? myname : argv[i]; - hp = gethostbyname(tgtname); - if (hp == 0) { - fprintf(stderr, "timedc: %s: ", tgtname); - herror(0); - continue; - } - bcopy(hp->h_addr, &dest.sin_addr.s_addr, hp->h_length); - - (void)strcpy(msg.tsp_name, myname); - msg.tsp_type = TSP_MSITE; - msg.tsp_vers = TSPVERSION; - bytenetorder(&msg); - if (sendto(sock, &msg, sizeof(struct tsp), 0, - (struct sockaddr*)&dest, - sizeof(struct sockaddr)) < 0) { - perror("sendto"); - continue; - } - - tout.tv_sec = 15; - tout.tv_usec = 0; - FD_ZERO(&ready); - FD_SET(sock, &ready); - if (select(FD_SETSIZE, &ready, (fd_set *)0, (fd_set *)0, - &tout)) { - length = sizeof(struct sockaddr); - cc = recvfrom(sock, &msg, sizeof(struct tsp), 0, - &from, &length); - if (cc < 0) { - perror("recvfrom"); - continue; - } - bytehostorder(&msg); - if (msg.tsp_type == TSP_ACK) { - printf("master timedaemon at %s is %s\n", - tgtname, msg.tsp_name); - } else { - printf("received wrong ack: %s\n", - tsptype[msg.tsp_type]); - } - } else { - printf("communication error with %s\n", tgtname); - } - } while (++i < argc); -} - -/* - * quits timedc - */ -void -quit() -{ - exit(0); -} - - -/* - * Causes the election timer to expire on the selected hosts - * It sends just one udp message per machine, relying on - * reliability of communication channel. - */ -void -testing(argc, argv) - int argc; - char *argv[]; -{ - struct servent *srvp; - struct sockaddr_in sin; - struct tsp msg; - - if (argc < 2) { - printf("Usage: election host1 [host2 ...]\n"); - return; - } - - srvp = getservbyname("timed", "udp"); - if (srvp == 0) { - fprintf(stderr, "udp/timed: unknown service\n"); - return; - } - - while (argc > 1) { - argc--; argv++; - hp = gethostbyname(*argv); - if (hp == NULL) { - fprintf(stderr, "timedc: %s: ", *argv); - herror(0); - argc--; argv++; - continue; - } - sin.sin_port = srvp->s_port; - sin.sin_family = hp->h_addrtype; - bcopy(hp->h_addr, &sin.sin_addr.s_addr, hp->h_length); - - msg.tsp_type = TSP_TEST; - msg.tsp_vers = TSPVERSION; - (void)gethostname(myname, sizeof(myname)); - (void)strncpy(msg.tsp_name, myname, sizeof(msg.tsp_name)); - bytenetorder(&msg); - if (sendto(sock, &msg, sizeof(struct tsp), 0, - (struct sockaddr*)&sin, - sizeof(struct sockaddr)) < 0) { - perror("sendto"); - } - } -} - - -/* - * Enables or disables tracing on local timedaemon - */ -void -tracing(argc, argv) - int argc; - char *argv[]; -{ - int onflag; - int length; - int cc; - fd_set ready; - struct sockaddr_in dest; - struct sockaddr from; - struct timeval tout; - struct tsp msg; - struct servent *srvp; - - if (argc != 2) { - printf("Usage: tracing { on | off }\n"); - return; - } - - srvp = getservbyname("timed", "udp"); - if (srvp == 0) { - fprintf(stderr, "udp/timed: unknown service\n"); - return; - } - dest.sin_port = srvp->s_port; - dest.sin_family = AF_INET; - - (void)gethostname(myname,sizeof(myname)); - hp = gethostbyname(myname); - bcopy(hp->h_addr, &dest.sin_addr.s_addr, hp->h_length); - - if (strcmp(argv[1], "on") == 0) { - msg.tsp_type = TSP_TRACEON; - onflag = ON; - } else { - msg.tsp_type = TSP_TRACEOFF; - onflag = OFF; - } - - (void)strcpy(msg.tsp_name, myname); - msg.tsp_vers = TSPVERSION; - bytenetorder(&msg); - if (sendto(sock, &msg, sizeof(struct tsp), 0, - (struct sockaddr*)&dest, sizeof(struct sockaddr)) < 0) { - perror("sendto"); - return; - } - - tout.tv_sec = 5; - tout.tv_usec = 0; - FD_ZERO(&ready); - FD_SET(sock, &ready); - if (select(FD_SETSIZE, &ready, (fd_set *)0, (fd_set *)0, &tout)) { - length = sizeof(struct sockaddr); - cc = recvfrom(sock, &msg, sizeof(struct tsp), 0, - &from, &length); - if (cc < 0) { - perror("recvfrom"); - return; - } - bytehostorder(&msg); - if (msg.tsp_type == TSP_ACK) - if (onflag) - printf("timed tracing enabled\n"); - else - printf("timed tracing disabled\n"); - else - printf("wrong ack received: %s\n", - tsptype[msg.tsp_type]); - } else - printf("communication error\n"); -} - -int -priv_resources() -{ - int port; - struct sockaddr_in sin; - - sock = socket(AF_INET, SOCK_DGRAM, 0); - if (sock < 0) { - perror("opening socket"); - return(-1); - } - - sin.sin_family = AF_INET; - sin.sin_addr.s_addr = 0; - for (port = IPPORT_RESERVED - 1; port > IPPORT_RESERVED / 2; port--) { - sin.sin_port = htons((u_short)port); - if (bind(sock, (struct sockaddr*)&sin, sizeof (sin)) >= 0) - break; - if (errno != EADDRINUSE && errno != EADDRNOTAVAIL) { - perror("bind"); - (void) close(sock); - return(-1); - } - } - if (port == IPPORT_RESERVED / 2) { - fprintf(stderr, "all reserved ports in use\n"); - (void) close(sock); - return(-1); - } - - sock_raw = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); - if (sock_raw < 0) { - perror("opening raw socket"); - (void) close(sock); - return(-1); - } - return(1); -} diff --git a/timed.tproj/timedc.tproj/cmdtab.c b/timed.tproj/timedc.tproj/cmdtab.c deleted file mode 100644 index 546a206..0000000 --- a/timed.tproj/timedc.tproj/cmdtab.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char sccsid[] = "@(#)cmdtab.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#include "timedc.h" - -char clockdiffhelp[] = "measures clock differences between machines"; -char helphelp[] = "gets help on commands"; -char msitehelp[] = "finds location of master"; -char quithelp[] = "exits timedc"; -char testinghelp[] = "causes election timers to expire"; -char tracinghelp[] = "turns tracing on or off"; - -struct cmd cmdtab[] = { - { "clockdiff", clockdiffhelp, clockdiff, 0 }, - { "election", testinghelp, testing, 1 }, - { "help", helphelp, help, 0 }, - { "msite", msitehelp, msite, 0 }, - { "quit", quithelp, quit, 0 }, - { "trace", tracinghelp, tracing, 1 }, - { "?", helphelp, help, 0 }, -}; - -int NCMDS = sizeof (cmdtab) / sizeof (cmdtab[0]); diff --git a/timed.tproj/timedc.tproj/extern.h b/timed.tproj/timedc.tproj/extern.h deleted file mode 100644 index 22e2e29..0000000 --- a/timed.tproj/timedc.tproj/extern.h +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)extern.h 8.1 (Berkeley) 6/6/93 - */ - -#if __STDC__ -struct tsp; -#endif - -extern struct cmd cmdtab[]; - -void bytehostorder __P((struct tsp *)); -void bytenetorder __P((struct tsp *)); -void clockdiff __P((int, char *[])); -void help __P((int, char *[])); -void intr __P((int)); -void makeargv __P((void)); -void msite __P((int, char *[])); -int priv_resources __P((void)); -void quit __P((void)); -void testing __P((int, char *[])); -void tracing __P((int, char *[])); diff --git a/timed.tproj/timedc.tproj/h.template b/timed.tproj/timedc.tproj/h.template deleted file mode 100644 index f3c1b04..0000000 --- a/timed.tproj/timedc.tproj/h.template +++ /dev/null @@ -1,11 +0,0 @@ -$$ -/* $FILENAME$ created by $USERNAME$ on $DATE$ */ - -#import - -@interface $FILENAMESANSEXTENSION$ : NSObject -{ - -} - -@end diff --git a/timed.tproj/timedc.tproj/m.template b/timed.tproj/timedc.tproj/m.template deleted file mode 100644 index 1216fe5..0000000 --- a/timed.tproj/timedc.tproj/m.template +++ /dev/null @@ -1,18 +0,0 @@ -$$ Lines starting with $$ are not inserted into newly created files -$$ The following substitutions are made: -$$ -$$ $FILENAME$ e.g. foo.m -$$ $FILENAMESANSEXTENSION$ e.g. foo -$$ $DIRECTORY$ e.g. /tmp/MyNewApp -$$ $PROJECTNAME$ e.g. MyNewApp -$$ $SUBPROJECTNAME$ e.g. TheGoodPart.subproj -$$ $USERNAME$ e.g. mwagner -$$ $DATE$ e.g. Jan-1-1994 -$$ -/* $FILENAME$ created by $USERNAME$ on $DATE$ */ - -#import "$FILENAMESANSEXTENSION$.h" - -@implementation $FILENAMESANSEXTENSION$ - -@end diff --git a/timed.tproj/timedc.tproj/timedc.8 b/timed.tproj/timedc.tproj/timedc.8 deleted file mode 100644 index 3070e9d..0000000 --- a/timed.tproj/timedc.tproj/timedc.8 +++ /dev/null @@ -1,144 +0,0 @@ -.\" Copyright (c) 1980, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)timedc.8 8.1 (Berkeley) 6/6/93 -.\" $FreeBSD: src/usr.sbin/timed/timedc/timedc.8,v 1.13 2002/07/14 14:46:35 charnier Exp $ -.\" -.Dd June 6, 1993 -.Dt TIMEDC 8 -.Os -.Sh NAME -.Nm timedc -.Nd timed control program -.Sh SYNOPSIS -.Nm -.Op Ar command Op Ar argument ... -.Sh DESCRIPTION -The -.Nm -utility is used to control the operation of the -.Xr timed 8 -program. -It may be used to: -.Bl -bullet -.It -Measure the differences between machines' clocks, -.It -Find the location where the master time server is running, -.It -Enable or disable tracing of messages received by -.Xr timed 8 , -and -.It -Perform various debugging actions. -.El -.Pp -Without any arguments, -.Nm -will prompt for commands from the standard input. -If arguments are supplied, -.Nm -interprets the first argument as a command and the remaining -arguments as parameters to the command. The standard input -may be redirected causing -.Nm -to read commands from a file. -Commands may be abbreviated; -recognized commands are: -.Pp -.Bl -tag -width Ds -compact -.It Ic \&? Op Ar command ... -.Pp -.It Ic help Op Ar command ... -Print a short description of each command specified in the argument list, -or, if no arguments are given, a list of the recognized commands. -.Pp -.It Ic clockdiff Ar host ... -Compute the differences between the clock of the host machine -and the clocks of the machines given as arguments. -.Pp -.It Ic msite Op Ar host ... -Show the master time server for specified host(s). -.Pp -.It Xo -.Ic trace -.Li \&{ Ar on Li \&| -.Ar off \&} -.Xc -Enable or disable the tracing of incoming messages to -.Xr timed -in the file -.Pa /var/log/timed.log . -.Pp -.It Ic election Ar host1 Op Ar host2 ... -Asks the daemon -on the target host to reset its "election" timers and to ensure that -a time master has been elected. -.Pp -.It Ic quit -Exit from timedc. -.El -.Pp -Other commands may be included for use in testing and debugging -.Xr timed 8 ; -the help command and -the program source may be consulted for details. -.Sh FILES -.Bl -tag -width /var/log/timed.masterlog -compact -.It Pa /var/log/timed.log -tracing file for timed -.It Pa /var/log/timed.masterlog -log file for master timed -.El -.Sh SEE ALSO -.Xr date 1 , -.Xr adjtime 2 , -.Xr icmp 4 , -.Xr timed 8 -.Rs -.%T "TSP: The Time Synchronization Protocol for UNIX 4.3BSD" -.%A R. Gusella -.%A S. Zatti -.Re -.Sh DIAGNOSTICS -.Bl -diag -.It ?Ambiguous command -abbreviation matches more than one command -.It ?Invalid command -no match found -.It ?Privileged command -command can be executed by root only -.El -.Sh HISTORY -The -.Nm -utility appeared in -.Bx 4.3 . diff --git a/timed.tproj/timedc.tproj/timedc.c b/timed.tproj/timedc.tproj/timedc.c deleted file mode 100644 index 49742a4..0000000 --- a/timed.tproj/timedc.tproj/timedc.c +++ /dev/null @@ -1,284 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1985, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -static char sccsid[] = "@(#)timedc.c 8.1 (Berkeley) 6/6/93"; -#endif /* not lint */ - -#ifdef sgi -#ident "$Revision: 1.1 $" -#endif - -#include "timedc.h" -#include -#include -#include -#include -#include -#include -#include - -int trace = 0; -FILE *fd = 0; -int margc; -int fromatty; -char *margv[20]; -char cmdline[200]; -jmp_buf toplevel; -static struct cmd *getcmd __P((char *)); - -int -main(argc, argv) - int argc; - char *argv[]; -{ - register struct cmd *c; - - openlog("timedc", LOG_ODELAY, LOG_AUTH); - - /* - * security dictates! - */ - if (priv_resources() < 0) { - fprintf(stderr, "Could not get privileged resources\n"); - exit(1); - } - (void) setuid(getuid()); - - if (--argc > 0) { - c = getcmd(*++argv); - if (c == (struct cmd *)-1) { - printf("?Ambiguous command\n"); - exit(1); - } - if (c == 0) { - printf("?Invalid command\n"); - exit(1); - } - if (c->c_priv && getuid()) { - printf("?Privileged command\n"); - exit(1); - } - (*c->c_handler)(argc, argv); - exit(0); - } - - fromatty = isatty(fileno(stdin)); - if (setjmp(toplevel)) - putchar('\n'); - (void) signal(SIGINT, intr); - for (;;) { - if (fromatty) { - printf("timedc> "); - (void) fflush(stdout); - } - if (fgets(cmdline, sizeof(cmdline), stdin) == 0) - quit(); - if (cmdline[0] == 0) - break; - makeargv(); - if (margv[0] == 0) - continue; - c = getcmd(margv[0]); - if (c == (struct cmd *)-1) { - printf("?Ambiguous command\n"); - continue; - } - if (c == 0) { - printf("?Invalid command\n"); - continue; - } - if (c->c_priv && getuid()) { - printf("?Privileged command\n"); - continue; - } - (*c->c_handler)(margc, margv); - } - return 0; -} - -void -intr(signo) - int signo; -{ - if (!fromatty) - exit(0); - longjmp(toplevel, 1); -} - - -static struct cmd * -getcmd(name) - char *name; -{ - register char *p, *q; - register struct cmd *c, *found; - register int nmatches, longest; - extern int NCMDS; - - longest = 0; - nmatches = 0; - found = 0; - for (c = cmdtab; c < &cmdtab[NCMDS]; c++) { - p = c->c_name; - for (q = name; *q == *p++; q++) - if (*q == 0) /* exact match? */ - return(c); - if (!*q) { /* the name was a prefix */ - if (q - name > longest) { - longest = q - name; - nmatches = 1; - found = c; - } else if (q - name == longest) - nmatches++; - } - } - if (nmatches > 1) - return((struct cmd *)-1); - return(found); -} - -/* - * Slice a string up into argc/argv. - */ -void -makeargv() -{ - register char *cp; - register char **argp = margv; - - margc = 0; - for (cp = cmdline; *cp;) { - while (isspace(*cp)) - cp++; - if (*cp == '\0') - break; - *argp++ = cp; - margc += 1; - while (*cp != '\0' && !isspace(*cp)) - cp++; - if (*cp == '\0') - break; - *cp++ = '\0'; - } - *argp++ = 0; -} - -#define HELPINDENT (sizeof ("directory")) - -/* - * Help command. - */ -void -help(argc, argv) - int argc; - char *argv[]; -{ - register struct cmd *c; - - if (argc == 1) { - register int i, j, w; - int columns, width = 0, lines; - extern int NCMDS; - - printf("Commands may be abbreviated. Commands are:\n\n"); - for (c = cmdtab; c < &cmdtab[NCMDS]; c++) { - int len = strlen(c->c_name); - - if (len > width) - width = len; - } - width = (width + 8) &~ 7; - columns = 80 / width; - if (columns == 0) - columns = 1; - lines = (NCMDS + columns - 1) / columns; - for (i = 0; i < lines; i++) { - for (j = 0; j < columns; j++) { - c = cmdtab + j * lines + i; - printf("%s", c->c_name); - if (c + lines >= &cmdtab[NCMDS]) { - printf("\n"); - break; - } - w = strlen(c->c_name); - while (w < width) { - w = (w + 8) &~ 7; - putchar('\t'); - } - } - } - return; - } - while (--argc > 0) { - register char *arg; - arg = *++argv; - c = getcmd(arg); - if (c == (struct cmd *)-1) - printf("?Ambiguous help command %s\n", arg); - else if (c == (struct cmd *)0) - printf("?Invalid help command %s\n", arg); - else - printf("%-*s\t%s\n", (int)HELPINDENT, - c->c_name, c->c_help); - } -} diff --git a/timed.tproj/timedc.tproj/timedc.h b/timed.tproj/timedc.tproj/timedc.h deleted file mode 100644 index 43ca72c..0000000 --- a/timed.tproj/timedc.tproj/timedc.h +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/*- - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)timedc.h 8.1 (Berkeley) 6/6/93 - */ - -#include -#include -#ifdef sgi -#include -#endif -#include -#include -#include - -#include -#include -#include - -extern int errno; - -#define ON 1 -#define OFF 0 - -#define GOOD 1 -#define UNREACHABLE 2 -#define NONSTDTIME 3 -#define HOSTDOWN 0x7fffffff - -struct cmd { - char *c_name; /* command name */ - char *c_help; /* help message */ - void (*c_handler)(); /* routine to do the work */ - int c_priv; /* privileged command */ -}; - -#include "extern.h" diff --git a/traceroute.tproj/Makefile.preamble b/traceroute.tproj/Makefile.preamble index f4192ae..274c786 100644 --- a/traceroute.tproj/Makefile.preamble +++ b/traceroute.tproj/Makefile.preamble @@ -16,7 +16,7 @@ ## (e.g. change -O to -O2), see Makefile.postamble. # Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -DHAVE_SOCKADDR_SA_LEN +OTHER_CFLAGS = -DHAVE_SOCKADDR_SA_LEN -mdynamic-no-pic # Flags passed to ld (in addition to -ObjC, etc.) OTHER_LDFLAGS = diff --git a/traceroute.tproj/ifaddrlist.c b/traceroute.tproj/ifaddrlist.c index 99fe7d8..283491c 100644 --- a/traceroute.tproj/ifaddrlist.c +++ b/traceroute.tproj/ifaddrlist.c @@ -33,7 +33,7 @@ #ifndef lint static const char rcsid[] = - "@(#) $Id: ifaddrlist.c,v 1.2 2004/08/08 00:27:54 lindak Exp $ (LBL)"; + "@(#) $Id: ifaddrlist.c,v 1.3 2006/02/07 06:22:57 lindak Exp $ (LBL)"; #endif #include @@ -100,7 +100,7 @@ ifaddrlist(register struct ifaddrlist **ipaddrp, register char *errbuf) if (errno == EINVAL) (void)sprintf(errbuf, "SIOCGIFCONF: ifreq struct too small (%d bytes)", - sizeof(ibuf)); + (int)sizeof(ibuf)); else (void)sprintf(errbuf, "SIOCGIFCONF: %s", strerror(errno)); @@ -163,7 +163,7 @@ ifaddrlist(register struct ifaddrlist **ipaddrp, register char *errbuf) if (nipaddr >= MAX_IPADDR) { (void)sprintf(errbuf, "Too many interfaces (%d)", - MAX_IPADDR); + (int)MAX_IPADDR); (void)close(fd); return (-1); } diff --git a/traceroute.tproj/traceroute.8 b/traceroute.tproj/traceroute.8 index dc8722d..a02f899 100644 --- a/traceroute.tproj/traceroute.8 +++ b/traceroute.tproj/traceroute.8 @@ -21,7 +21,7 @@ .Nd print the route packets take to network host .Sh SYNOPSIS .Nm traceroute -.Op Fl dFISdnrvx +.Op Fl dFISdNnrvx .Op Fl f Ar first_ttl .Op Fl g Ar gateway .Op Fl i Ar iface @@ -85,6 +85,8 @@ packets. The default is hops (the same default used for .Tn TCP connections). +.It Fl N +Disables the increment of the destination port (see -p). Useful for using tcpdump through firewalls. .It Fl n Print hop addresses numerically rather than symbolically and numerically (saves a nameserver address-to-name lookup for each gateway found on the @@ -395,4 +397,3 @@ In the TCP case, .Nm should listen for a RST from the destination host (or an intermediate router that's filtering packets), but this is not implemented yet. - diff --git a/traceroute.tproj/traceroute.c b/traceroute.tproj/traceroute.c index 3fa8108..7471b8f 100644 --- a/traceroute.tproj/traceroute.c +++ b/traceroute.tproj/traceroute.c @@ -25,7 +25,7 @@ static const char copyright[] = The Regents of the University of California. All rights reserved.\n"; #if 0 static const char rcsid[] = - "@(#)$Id: traceroute.c,v 1.2 2004/08/08 00:27:54 lindak Exp $ (LBL)"; + "@(#)$Id: traceroute.c,v 1.4 2006/02/07 06:22:57 lindak Exp $ (LBL)"; #endif static const char rcsid[] = "$FreeBSD: src/contrib/traceroute/traceroute.c,v 1.26 2004/04/17 18:44:23 pb Exp $"; @@ -347,6 +347,7 @@ int options; /* socket options */ int verbose; int waittime = 5; /* time to wait for response (in seconds) */ int nflag; /* print addresses numerically */ +int disable_seq = 0; #ifdef CANT_HACK_IPCKSUM int doipcksum = 0; /* don't calculate ip checksums by default */ #else @@ -473,7 +474,7 @@ main(int argc, char **argv) char errbuf[132]; int requestPort = -1; int sump = 0; - int sockerrno; + int sockerrno = 0; /* Insure the socket fds won't be 0, 1 or 2 */ if (open(devnull, O_RDONLY) < 0 || @@ -560,6 +561,10 @@ main(int argc, char **argv) max_ttl = str2val(optarg, "max ttl", 1, 255); break; + case 'N': + ++disable_seq; + break; + case 'n': ++nflag; break; @@ -922,7 +927,11 @@ main(int argc, char **argv) if (sentfirst && pausemsecs > 0) usleep(pausemsecs * 1000); /* Prepare outgoing data */ - outdata.seq = ++seq; + if (disable_seq) { + outdata.seq = seq; + } else { + outdata.seq = ++seq; + } outdata.ttl = ttl; /* Avoid alignment problems by copying bytewise: */ @@ -1060,7 +1069,7 @@ wait_for_reply(register int sock, register struct sockaddr_in *fromp, struct timezone tz; register int cc = 0; register int error; - int fromlen = sizeof(*fromp); + socklen_t fromlen = sizeof(*fromp); nfds = howmany(sock + 1, NFDBITS); if ((fdsp = malloc(nfds * sizeof(fd_mask))) == NULL) @@ -1671,7 +1680,7 @@ usage(void) Fprintf(stderr, "Version %s\n", version); Fprintf(stderr, - "Usage: %s [-dFInrSvx] [-g gateway] [-i iface] [-f first_ttl]\n" + "Usage: %s [-dFINnrSvx] [-g gateway] [-i iface] [-f first_ttl]\n" "\t[-m max_ttl] [-p port] [-P proto] [-q nqueries] [-s src_addr]\n" "\t[-t tos] [-w waittime] [-z pausemsecs] host [packetlen]\n", prog); exit(1); diff --git a/traceroute6.tproj/Makefile.preamble b/traceroute6.tproj/Makefile.preamble index 6a78d85..1a56478 100644 --- a/traceroute6.tproj/Makefile.preamble +++ b/traceroute6.tproj/Makefile.preamble @@ -16,7 +16,7 @@ ## (e.g. change -O to -O2), see Makefile.postamble. # Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = +OTHER_CFLAGS += -mdynamic-no-pic # Flags passed to ld (in addition to -ObjC, etc.) OTHER_LDFLAGS = diff --git a/traceroute6.tproj/traceroute6.c b/traceroute6.tproj/traceroute6.c index 63aee65..803deaf 100644 --- a/traceroute6.tproj/traceroute6.c +++ b/traceroute6.tproj/traceroute6.c @@ -65,8 +65,9 @@ * SUCH DAMAGE. */ +#include #ifndef lint -static char copyright[] = +__unused static char copyright[] = "@(#) Copyright (c) 1990, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ @@ -75,7 +76,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)traceroute.c 8.1 (Berkeley) 6/6/93"; #endif -static const char rcsid[] = +__unused static const char rcsid[] = "$FreeBSD: src/usr.sbin/traceroute6/traceroute6.c,v 1.4.2.4 2001/07/03 11:02:18 ume Exp $"; #endif /* not lint */ @@ -772,7 +773,8 @@ main(argc, argv) freeaddrinfo(res); } else { struct sockaddr_in6 Nxt; - int dummy, len; + int dummy; + socklen_t len; Nxt = Dst; Nxt.sin6_port = htons(DUMMY_PORT); @@ -814,10 +816,10 @@ main(argc, argv) } if (ident == 0) { - int len; + socklen_t len; len = sizeof(Src); - if (getsockname(sndsock, (struct sockaddr *)&Src, &i) < 0) { + if (getsockname(sndsock, (struct sockaddr *)&Src, &len) < 0) { perror("getsockname"); exit(1); } diff --git a/trpt.tproj/Makefile.preamble b/trpt.tproj/Makefile.preamble index 2c9003c..629a262 100644 --- a/trpt.tproj/Makefile.preamble +++ b/trpt.tproj/Makefile.preamble @@ -16,7 +16,7 @@ ## (e.g. change -O to -O2), see Makefile.postamble. # Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = +OTHER_CFLAGS += -mdynamic-no-pic # Flags passed to ld (in addition to -ObjC, etc.) OTHER_LDFLAGS = diff --git a/trpt.tproj/trpt.c b/trpt.tproj/trpt.c index 0f1f66a..b9f4a75 100644 --- a/trpt.tproj/trpt.c +++ b/trpt.tproj/trpt.c @@ -54,14 +54,15 @@ * SUCH DAMAGE. */ +#include #ifndef lint -static char copyright[] = +__unused static char copyright[] = "@(#) Copyright (c) 1983, 1988, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -static char sccsid[] = "@(#)trpt.c 8.1 (Berkeley) 6/6/93"; +__unused static char sccsid[] = "@(#)trpt.c 8.1 (Berkeley) 6/6/93"; #endif /* not lint */ #include @@ -100,6 +101,8 @@ static char sccsid[] = "@(#)trpt.c 8.1 (Berkeley) 6/6/93"; #include #include +#include +#include #include #include #include @@ -128,6 +131,11 @@ static caddr_t tcp_pcbs[TCP_NDEBUG]; static n_time ntime; static int aflag, kflag, memf, follow, sflag, tflag; +void klseek(int, off_t, int); +void dotrace(caddr_t); +void tcp_trace(short, short, struct tcpcb *, struct tcpcb *, struct tcpiphdr *, int); + +int main(argc, argv) int argc; char **argv; @@ -135,7 +143,7 @@ main(argc, argv) extern char *optarg; extern int optind; int ch, i, jflag, npcbs, numeric(); - char *system, *core, *malloc(); + char *system, *core; off_t lseek(); jflag = npcbs = 0; @@ -270,6 +278,7 @@ main(argc, argv) exit(0); } +void dotrace(tcpcb) register caddr_t tcpcb; { @@ -284,8 +293,8 @@ again: if (--tcp_debx < 0) if (tcpcb && td->td_tcb != tcpcb) continue; ntime = ntohl(td->td_time); - tcp_trace(td->td_act, td->td_ostate, td->td_tcb, &td->td_cb, - &td->td_ti.ti_t, td->td_req); + tcp_trace(td->td_act, td->td_ostate, (struct tcpcb *)td->td_tcb, &td->td_cb, + (struct tcpiphdr *)&td->td_ti.ti_t, td->td_req); if (i == tcp_debx) goto done; } @@ -294,8 +303,8 @@ again: if (--tcp_debx < 0) if (tcpcb && td->td_tcb != tcpcb) continue; ntime = ntohl(td->td_time); - tcp_trace(td->td_act, td->td_ostate, td->td_tcb, &td->td_cb, - &td->td_ti.ti_t, td->td_req); + tcp_trace(td->td_act, td->td_ostate, (struct tcpcb *)td->td_tcb, &td->td_cb, + (struct tcpiphdr *)&td->td_ti.ti_t, td->td_req); } done: if (follow) { prev_debx = tcp_debx + 1; @@ -324,6 +333,7 @@ done: if (follow) { * Tcp debug routines */ /*ARGSUSED*/ +void tcp_trace(act, ostate, atp, tp, ti, req) short act, ostate; struct tcpcb *atp, *tp; @@ -333,7 +343,7 @@ tcp_trace(act, ostate, atp, tp, ti, req) tcp_seq seq, ack; int flags, len, win, timer; - printf("%03ld %s:%s ",(ntime/10) % 1000, tcpstates[ostate], + printf("%03u %s:%s ",(ntime/10) % 1000, tcpstates[ostate], tanames[act]); switch (act) { case TA_INPUT: @@ -358,10 +368,10 @@ tcp_trace(act, ostate, atp, tp, ti, req) if (act == TA_OUTPUT) len -= sizeof(struct tcphdr); if (len) - printf("[%lx..%lx)", seq, seq + len); + printf("[%x..%x)", seq, seq + len); else - printf("%lx", seq); - printf("@%lx", ack); + printf("%x", seq); + printf("@%x", ack); if (win) printf("(win=%x)", win); flags = ti->ti_flags; @@ -394,10 +404,10 @@ tcp_trace(act, ostate, atp, tp, ti, req) /* print out internal state of tp !?! */ printf("\n"); if (sflag) { - printf("\trcv_nxt %lx rcv_wnd %x snd_una %lx snd_nxt %lx snd_max %lx\n", + printf("\trcv_nxt %x rcv_wnd %x snd_una %x snd_nxt %x snd_max %x\n", tp->rcv_nxt, tp->rcv_wnd, tp->snd_una, tp->snd_nxt, tp->snd_max); - printf("\tsnd_wl1 %lx snd_wl2 %lx snd_wnd %x\n", tp->snd_wl1, + printf("\tsnd_wl1 %x snd_wl2 %x snd_wnd %x\n", tp->snd_wl1, tp->snd_wl2, tp->snd_wnd); } /* print out timers? */ @@ -418,12 +428,14 @@ tcp_trace(act, ostate, atp, tp, ti, req) } } +int numeric(c1, c2) caddr_t *c1, *c2; { return(*c1 - *c2); } +void klseek(fd, base, off) int fd, off; off_t base; diff --git a/wall.tproj/Makefile b/wall.tproj/Makefile deleted file mode 100644 index ea2abe9..0000000 --- a/wall.tproj/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = wall - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = ttymsg.h - -CFILES = ttymsg.c wall.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble Makefile.dist\ - wall.1 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_BUILD_OUTPUT_DIR = /$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/wall.tproj/Makefile.dist b/wall.tproj/Makefile.dist deleted file mode 100644 index 65abb61..0000000 --- a/wall.tproj/Makefile.dist +++ /dev/null @@ -1,8 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 6/6/93 - -PROG= wall -SRCS= ttymsg.c wall.c -BINGRP= tty -BINMODE=2555 - -.include diff --git a/wall.tproj/Makefile.postamble b/wall.tproj/Makefile.postamble deleted file mode 100644 index 43234e7..0000000 --- a/wall.tproj/Makefile.postamble +++ /dev/null @@ -1,127 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder project (NS3.X = 1.1, NS4.0 = 2.0) -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES - # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A - # This should be incremented as your API changes. -#COMPATIBILITY_PROJECT_VERSION = 1 - # This should be incremented as your API grows. -#CURRENT_PROJECT_VERSION = 1 - # Defaults to using the "vers_string" hack. - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wmost -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root - # User/group ownership -INSTALL_AS_GROUP = tty - # (probably want to set both of these) -INSTALL_PERMISSIONS = 2555 - # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S - # for .a archives -#DYNAMIC_STRIP_OPTS = -S - # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -# Note: on MS Windows, executables, have an extension, so rules and dependencies -# for generated tools should use $(EXECUTABLE_EXT) on the end. - -after_install: - install -d $(DSTROOT)/usr/share/man/man1 - install -c -m 444 wall.1 $(DSTROOT)/usr/share/man/man1/wall.1 diff --git a/wall.tproj/Makefile.preamble b/wall.tproj/Makefile.preamble deleted file mode 100644 index 74ce95a..0000000 --- a/wall.tproj/Makefile.preamble +++ /dev/null @@ -1,130 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# If you do not want any headers exported before compilations begin, -# uncomment the following line. This can be a big time saver. -#SKIP_EXPORTING_HEADERS = YES - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set these two macros if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the public header directory -# on the specified public header files with the specified additional flags. -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -# Set this for library projects if you want to publish header files. If your -# app or tool project exports headers Don't -# include $(DSTROOT); this is added for you automatically. -PUBLIC_HEADER_DIR = -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Set this for dynamic library projects on platforms where code which references -# a dynamic library must link against an import library (i.e., Windows NT) -# Don't include $(DSTROOT); this is added for you automatically. -IMPORT_LIBRARY_DIR = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Uncomment this to produce a static archive-style (.a) library -#LIBRARY_STYLE = STATIC - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = -# .x files that should have rpcgen run on them -RPCFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - diff --git a/wall.tproj/PB.project b/wall.tproj/PB.project deleted file mode 100644 index d0b5d25..0000000 --- a/wall.tproj/PB.project +++ /dev/null @@ -1,27 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (); - OTHER_LINKED = (ttymsg.c, wall.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, Makefile.dist, wall.1); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDDIR = "/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = wall; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/wall.tproj/ttymsg.c b/wall.tproj/ttymsg.c deleted file mode 100644 index 3aa6696..0000000 --- a/wall.tproj/ttymsg.c +++ /dev/null @@ -1,166 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - - -#ifndef lint -static const char sccsid[] = "@(#)ttymsg.c 8.2 (Berkeley) 11/16/93"; -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "ttymsg.h" - -/* - * Display the contents of a uio structure on a terminal. Used by wall(1), - * syslogd(8), and talkd(8). Forks and finishes in child if write would block, - * waiting up to tmout seconds. Returns pointer to error string on unexpected - * error; string is not newline-terminated. Various "normal" errors are - * ignored (exclusive-use, lack of permission, etc.). - */ -const char * -ttymsg(struct iovec *iov, int iovcnt, const char *line, int tmout) -{ - struct iovec localiov[7]; - ssize_t left, wret; - int cnt, fd; - static char device[MAXNAMLEN] = _PATH_DEV; - static char errbuf[1024]; - int forked; - - forked = 0; - if (iovcnt > (int)(sizeof(localiov) / sizeof(localiov[0]))) - return ("too many iov's (change code in wall/ttymsg.c)"); - - strlcpy(device + sizeof(_PATH_DEV) - 1, line, sizeof(device)); - if (strchr(device + sizeof(_PATH_DEV) - 1, '/')) { - /* A slash is an attempt to break security... */ - (void) snprintf(errbuf, sizeof(errbuf), - "Too many '/' in \"%s\"", device); - return (errbuf); - } - - /* - * open will fail on slip lines or exclusive-use lines - * if not running as root; not an error. - */ - if ((fd = open(device, O_WRONLY|O_NONBLOCK, 0)) < 0) { - if (errno == EBUSY || errno == EACCES) - return (NULL); - (void) snprintf(errbuf, sizeof(errbuf), "%s: %s", device, - strerror(errno)); - return (errbuf); - } - - for (cnt = 0, left = 0; cnt < iovcnt; ++cnt) - left += iov[cnt].iov_len; - - for (;;) { - wret = writev(fd, iov, iovcnt); - if (wret >= left) - break; - if (wret >= 0) { - left -= wret; - if (iov != localiov) { - bcopy(iov, localiov, - iovcnt * sizeof(struct iovec)); - iov = localiov; - } - for (cnt = 0; (size_t)wret >= iov->iov_len; ++cnt) { - wret -= iov->iov_len; - ++iov; - --iovcnt; - } - if (wret) { - iov->iov_base = (char *)iov->iov_base + wret; - iov->iov_len -= wret; - } - continue; - } - if (errno == EWOULDBLOCK) { - int cpid; - - if (forked) { - (void) close(fd); - _exit(1); - } - cpid = fork(); - if (cpid < 0) { - (void) snprintf(errbuf, sizeof(errbuf), - "fork: %s", strerror(errno)); - (void) close(fd); - return (errbuf); - } - if (cpid) { /* parent */ - (void) close(fd); - return (NULL); - } - forked++; - /* wait at most tmout seconds */ - (void) signal(SIGALRM, SIG_DFL); - (void) signal(SIGTERM, SIG_DFL); /* XXX */ - (void) sigsetmask(0); - (void) alarm((u_int)tmout); - (void) fcntl(fd, F_SETFL, 0); /* clear O_NONBLOCK */ - continue; - } - /* - * We get ENODEV on a slip line if we're running as root, - * and EIO if the line just went away. - */ - if (errno == ENODEV || errno == EIO) - break; - (void) close(fd); - if (forked) - _exit(1); - (void) snprintf(errbuf, sizeof(errbuf), - "%s: %s", device, strerror(errno)); - return (errbuf); - } - - (void) close(fd); - if (forked) - _exit(0); - return (NULL); -} diff --git a/wall.tproj/ttymsg.h b/wall.tproj/ttymsg.h deleted file mode 100644 index 625c22d..0000000 --- a/wall.tproj/ttymsg.h +++ /dev/null @@ -1,3 +0,0 @@ -/* $FreeBSD: src/usr.bin/wall/ttymsg.h,v 1.1 2001/09/09 14:23:31 dd Exp $ */ - -const char *ttymsg(struct iovec *, int, const char *, int); diff --git a/wall.tproj/wall.1 b/wall.tproj/wall.1 deleted file mode 100644 index 20436ea..0000000 --- a/wall.tproj/wall.1 +++ /dev/null @@ -1,71 +0,0 @@ -.\" Copyright (c) 1989, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)wall.1 8.1 (Berkeley) 6/6/93 -.\" $FreeBSD: src/usr.bin/wall/wall.1,v 1.8 2002/06/10 22:59:59 jmallett Exp $ -.\" -.Dd June 6, 1993 -.Dt WALL 1 -.Os -.Sh NAME -.Nm wall -.Nd write a message to users -.Sh SYNOPSIS -.Nm -.Op Fl g Ar group -.Op Ar file -.Sh DESCRIPTION -The -.Nm -utility displays the contents of -.Ar file -or, by default, its standard input, on the terminals of all -currently logged in users. -.Pp -Only the super-user can write on the -terminals of users who have chosen -to deny messages or are using a program which -automatically denies messages. -.Bl -tag -width indent -.It Fl g -Send messages to users in this group. This option may be specified -multiple times, and any user in any of the specified groups will -receive the message. -.El -.Sh SEE ALSO -.Xr mesg 1 , -.Xr talk 1 , -.Xr write 1 , -.Xr shutdown 8 -.Sh HISTORY -A -.Nm -command appeared in PWB UNIX. diff --git a/wall.tproj/wall.c b/wall.tproj/wall.c deleted file mode 100644 index 42e35f0..0000000 --- a/wall.tproj/wall.c +++ /dev/null @@ -1,294 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - - -#ifndef lint -static const char copyright[] = -"@(#) Copyright (c) 1988, 1990, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif - -#ifndef lint -static const char sccsid[] = "@(#)wall.c 8.2 (Berkeley) 11/16/93"; -#endif - -/* - * This program is not related to David Wall, whose Stanford Ph.D. thesis - * is entitled "Mechanisms for Broadcast and Selective Broadcast". - */ - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "ttymsg.h" - -static void makemsg(char *); -static void usage(void); - -struct wallgroup { - struct wallgroup *next; - char *name; - gid_t gid; -} *grouplist; -int nobanner; -int mbufsize; -char *mbuf; - -int -main(int argc, char *argv[]) -{ - struct iovec iov; - struct utmp utmp; - int ch; - int ingroup; - FILE *fp; - struct wallgroup *g; - struct group *grp; - char **np; - const char *p; - struct passwd *pw; - char line[sizeof(utmp.ut_line) + 1]; - char username[sizeof(utmp.ut_name) + 1]; - - (void)setlocale(LC_CTYPE, ""); - - while ((ch = getopt(argc, argv, "g:n")) != -1) - switch (ch) { - case 'n': - /* undoc option for shutdown: suppress banner */ - if (geteuid() == 0) - nobanner = 1; - break; - case 'g': - g = (struct wallgroup *)malloc(sizeof *g); - g->next = grouplist; - g->name = optarg; - g->gid = -1; - grouplist = g; - break; - case '?': - default: - usage(); - } - argc -= optind; - argv += optind; - if (argc > 1) - usage(); - - for (g = grouplist; g; g = g->next) { - grp = getgrnam(g->name); - if (grp != NULL) - g->gid = grp->gr_gid; - else - warnx("%s: no such group", g->name); - } - - makemsg(*argv); - - if (!(fp = fopen(_PATH_UTMP, "r"))) - err(1, "cannot read %s", _PATH_UTMP); - iov.iov_base = mbuf; - iov.iov_len = mbufsize; - /* NOSTRICT */ - while (fread((char *)&utmp, sizeof(utmp), 1, fp) == 1) { - if (!utmp.ut_name[0]) - continue; - if (grouplist) { - ingroup = 0; - strlcpy(username, utmp.ut_name, sizeof(utmp.ut_name)); - pw = getpwnam(username); - if (!pw) - continue; - for (g = grouplist; g && ingroup == 0; g = g->next) { - if (g->gid == (gid_t)-1) - continue; - if (g->gid == pw->pw_gid) - ingroup = 1; - else if ((grp = getgrgid(g->gid)) != NULL) { - for (np = grp->gr_mem; *np; np++) { - if (strcmp(*np, username) == 0) { - ingroup = 1; - break; - } - } - } - } - if (ingroup == 0) - continue; - } - strncpy(line, utmp.ut_line, sizeof(utmp.ut_line)); - line[sizeof(utmp.ut_line)] = '\0'; - if ((p = ttymsg(&iov, 1, line, 60*5)) != NULL) - warnx("%s", p); - } - exit(0); -} - -static void -usage() -{ - (void)fprintf(stderr, "usage: wall [-g group] [file]\n"); - exit(1); -} - -void -makemsg(char *fname) -{ - int cnt; - unsigned char ch; - struct tm *lt; - struct passwd *pw; - struct stat sbuf; - time_t now; - FILE *fp; - int fd; - char *p, hostname[MAXHOSTNAMELEN], lbuf[256], tmpname[64]; - const char *tty; - const char *whom; - gid_t egid; - - (void)snprintf(tmpname, sizeof(tmpname), "%s/wall.XXXXXX", _PATH_TMP); - if ((fd = mkstemp(tmpname)) == -1 || !(fp = fdopen(fd, "r+"))) - err(1, "can't open temporary file"); - (void)unlink(tmpname); - - if (!nobanner) { - tty = ttyname(STDERR_FILENO); - if (tty == NULL) - tty = "no tty"; - - if (!(whom = getlogin())) - whom = (pw = getpwuid(getuid())) ? pw->pw_name : "???"; - (void)gethostname(hostname, sizeof(hostname)); - (void)time(&now); - lt = localtime(&now); - - /* - * all this stuff is to blank out a square for the message; - * we wrap message lines at column 79, not 80, because some - * terminals wrap after 79, some do not, and we can't tell. - * Which means that we may leave a non-blank character - * in column 80, but that can't be helped. - */ - (void)fprintf(fp, "\r%79s\r\n", " "); - (void)snprintf(lbuf, sizeof(lbuf), - "Broadcast Message from %s@%s", - whom, hostname); - (void)fprintf(fp, "%-79.79s\007\007\r\n", lbuf); - (void)snprintf(lbuf, sizeof(lbuf), - " (%s) at %d:%02d %s...", tty, - lt->tm_hour, lt->tm_min, lt->tm_zone); - (void)fprintf(fp, "%-79.79s\r\n", lbuf); - } - (void)fprintf(fp, "%79s\r\n", " "); - - if (fname) { - egid = getegid(); - setegid(getgid()); - if (freopen(fname, "r", stdin) == NULL) - err(1, "can't read %s", fname); - setegid(egid); - } - while (fgets(lbuf, sizeof(lbuf), stdin)) - for (cnt = 0, p = lbuf; (ch = *p) != '\0'; ++p, ++cnt) { - if (ch == '\r') { - cnt = 0; - } else if (cnt == 79 || ch == '\n') { - for (; cnt < 79; ++cnt) - putc(' ', fp); - putc('\r', fp); - putc('\n', fp); - cnt = 0; - } - if (((ch & 0x80) && ch < 0xA0) || - /* disable upper controls */ - (!isprint(ch) && !isspace(ch) && - ch != '\a' && ch != '\b') - ) { - if (ch & 0x80) { - ch &= 0x7F; - putc('M', fp); - if (++cnt == 79) { - putc('\r', fp); - putc('\n', fp); - cnt = 0; - } - putc('-', fp); - if (++cnt == 79) { - putc('\r', fp); - putc('\n', fp); - cnt = 0; - } - } - if (iscntrl(ch)) { - ch ^= 040; - putc('^', fp); - if (++cnt == 79) { - putc('\r', fp); - putc('\n', fp); - cnt = 0; - } - } - putc(ch, fp); - } else { - putc(ch, fp); - } - } - (void)fprintf(fp, "%79s\r\n", " "); - rewind(fp); - - if (fstat(fd, &sbuf)) - err(1, "can't stat temporary file"); - mbufsize = sbuf.st_size; - if (!(mbuf = malloc((u_int)mbufsize))) - err(1, "out of memory"); - if ((int)fread(mbuf, sizeof(*mbuf), mbufsize, fp) != mbufsize) - err(1, "can't read temporary file"); - (void)close(fd); -} diff --git a/ypbind.tproj/Makefile b/ypbind.tproj/Makefile deleted file mode 100644 index 77b3fee..0000000 --- a/ypbind.tproj/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = ypbind - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = ypbind.c - -OTHERSRCS = Makefile Makefile.dist Makefile.postamble Makefile.preamble\ - yp.x ypbind.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -WINDOWS_INSTALLDIR = /usr/sbin -PDO_UNIX_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/ypbind.tproj/Makefile.dist b/ypbind.tproj/Makefile.dist deleted file mode 100644 index 0fad040..0000000 --- a/ypbind.tproj/Makefile.dist +++ /dev/null @@ -1,8 +0,0 @@ -# from: @(#)Makefile 5.8 (Berkeley) 7/28/90 -# $Id: Makefile.dist,v 1.1 1999/05/02 03:59:00 wsanchez Exp $ - -PROG= ypbind -NOMAN= -CFLAGS+=-DDAEMON -DHEURISTIC - -.include diff --git a/ypbind.tproj/Makefile.postamble b/ypbind.tproj/Makefile.postamble deleted file mode 100644 index 7762d72..0000000 --- a/ypbind.tproj/Makefile.postamble +++ /dev/null @@ -1,111 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of the directory to which resources are copied. -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder project (NS3.X = 1.1, NS4.0 = 2.0) -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target -# -############################################################################### - - -# Change defaults assumed by the standard makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Versioning of frameworks, libraries, bundles, and palettes: -#CURRENTLY_ACTIVE_VERSION = YES # Set to "NO" to produce a compatibility binary -#DEPLOY_WITH_VERSION_NAME = A # This should be incremented as your API changes. -#COMPATIBILITY_PROJECT_VERSION = 1 # This should be incremented as your API grows. -#CURRENT_PROJECT_VERSION = 1 # Defaults to using the "vers_string" hack. - -# Some compiler flags can be easily overridden here, but onlytake effect at -# the top-level: -#OPTIMIZATION_CFLAG = -O -#DEBUG_SYMBOLS_CFLAG = -g -#WARNING_CFLAGS = -Wall -#DEBUG_BUILD_CFLAGS = -DDEBUG -#PROFILE_BUILD_CFLAGS = -pg -DPROFILE - -# Flags passed to yacc -#YFLAGS = -d - -# Library and Framework projects only: -# 1. If you want something other than the default .dylib name, override it here -#DYLIB_INSTALL_NAME = lib$(NAME).dylib - -# 2. If you want to change the -install_name flag from the absolute path to the development area, change it here. One good choice is the installation directory. Another one might be none at all. -#DYLIB_INSTALL_DIR = $(INSTALLDIR) - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root # User/group ownership -#INSTALL_AS_GROUP = wheel # (probably want to set both of these) -#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this - -# Options to strip for various project types. Note: -S strips debugging symbols -# (executables can be stripped down further with -x or, if they load no bundles, with no -# options at all). -#APP_STRIP_OPTS = -S -#TOOL_STRIP_OPTS = -S -#LIBRARY_STRIP_OPTS = -S # for .a archives -#DYNAMIC_STRIP_OPTS = -S # for bundles and shared libraries -STRIPFLAGS = - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. "Official" -# user-defined rules are: -# * before_install -# * after_install -# * after_installhdrs -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. - -after_install: - mkdir -p "$(DSTROOT)/usr/share/man/man8" - install -c -m 644 ypbind.8 "$(DSTROOT)/usr/share/man/man8/ypbind.8" diff --git a/ypbind.tproj/Makefile.preamble b/ypbind.tproj/Makefile.preamble deleted file mode 100644 index d2a3a58..0000000 --- a/ypbind.tproj/Makefile.preamble +++ /dev/null @@ -1,130 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble -# Copyright 1996, NeXT Software, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project. Each node in a project -# tree of sub-projects, tools, etc. should have its own Makefile.preamble and -# Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags in ProjectBuilder's Build Options inspector if at all possible. -## To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = -Wl,-bind_at_load -# Flags passed to libtool when building libraries -OTHER_LIBTOOL_FLAGS = -# For ordering named sections on NEXTSTEP (see ld(1)) -SECTORDER_FLAGS = - -# If you do not want any headers exported before compilations begin, -# uncomment the following line. This can be a big time saver. -#SKIP_EXPORTING_HEADERS = YES - -# Stuff related to exporting headers from this project that isn't already -# handled by PB. -OTHER_PUBLIC_HEADERS = -OTHER_PROJECT_HEADERS = -OTHER_PRIVATE_HEADERS = - -# Set these two macros if you want a precomp to be built as part of -# installation. The cc -precomp will be run in the public header directory -# on the specified public header files with the specified additional flags. -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -# Set this for library projects if you want to publish header files. If your -# app or tool project exports headers Don't -# include $(DSTROOT); this is added for you automatically. -PUBLIC_HEADER_DIR = -PRIVATE_HEADER_DIR = - -# If, in a subproject, you want to append to the parent's PUBLIC_HEADER_DIR# -# (say, to add a subdirectory like "/sys"), you can use: -PUBLIC_HEADER_DIR_SUFFIX = -PRIVATE_HEADER_DIR_SUFFIX = - -# Set this for dynamic library projects on platforms where code which references -# a dynamic library must link against an import library (i.e., Windows NT) -# Don't include $(DSTROOT); this is added for you automatically. -IMPORT_LIBRARY_DIR = - -# Additional (non-localized) resources for this project, which can be generated -OTHER_RESOURCES = - -# Uncomment this to produce a static archive-style (.a) library -#LIBRARY_STYLE = STATIC - -# Set this to YES if you don't want a final libtool call for a library/framework. -BUILD_OFILES_LIST_ONLY = - -# Additional relocatables to be linked into this project -OTHER_OFILES = -# Additional libraries to link against -OTHER_LIBS = -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -OTHER_GENERATED_OFILES = $(VERS_OFILE) - -## Configure how things get built here. Additional dependencies, source files, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = - -# Targets to build before installation -OTHER_INSTALL_DEPENDS = - -# More obscure flags you might want to set for pswrap, yacc, lex, etc. -PSWFLAGS = -YFLAGS = -LFLAGS = - -## Delete this line if you want fast and loose cleans that will not remove -## things like precomps and user-defined OTHER_GARBAGE in subprojects. -CLEAN_ALL_SUBPROJECTS = YES - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = -# .x files that should have rpcgen run on them -RPCFILES = yp.x - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# After you have saved your project using the 4.0 PB, you will automatically -# start using the makefiles in $(SYSTEM_DEVELOPER_DIR)/Makefiles/project. If you should -# need to revert back to the old 3.3 Makefile behavior, override MAKEFILEDIR to -# be $(SYSTEM_DEVELOPER_DIR)/Makefiles/app. - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. -AFTER_INSTALL = after_install diff --git a/ypbind.tproj/PB.project b/ypbind.tproj/PB.project deleted file mode 100644 index 5fa6c73..0000000 --- a/ypbind.tproj/PB.project +++ /dev/null @@ -1,36 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (); - M_FILES = (); - OTHER_LINKED = (ypbind.c); - OTHER_SOURCES = (Makefile, Makefile.dist, Makefile.postamble, Makefile.preamble, yp.x, ypbind.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/sbin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = ypbind; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/sbin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/ypbind.tproj/yp.x b/ypbind.tproj/yp.x deleted file mode 100644 index cf2be0c..0000000 --- a/ypbind.tproj/yp.x +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -#include diff --git a/ypbind.tproj/ypbind.8 b/ypbind.tproj/ypbind.8 deleted file mode 100644 index 9794293..0000000 --- a/ypbind.tproj/ypbind.8 +++ /dev/null @@ -1,134 +0,0 @@ -.\" $OpenBSD: ypbind.8,v 1.8 1997/06/18 23:50:12 deraadt Exp $ -.\" $NetBSD: ypbind.8,v 1.2 1996/02/28 01:21:00 thorpej Exp $ -.\" -.\" Copyright (c) 1996 The NetBSD Foundation, Inc. -.\" All rights reserved. -.\" -.\" This code is derived from software contributed to The NetBSD Foundation -.\" by Jason R. Thorpe. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the NetBSD -.\" Foundation, Inc. and its contributors. -.\" 4. Neither the name of The NetBSD Foundation nor the names of its -.\" contributors may be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS -.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE -.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -.\" POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd October 25, 1994 -.Dt YPBIND 8 -.Os -.Sh NAME -.Nm ypbind -.Nd create and maintain a binding to a YP server -.Sh SYNOPSIS -.Nm -.Op Fl ypset -.Op Fl ypsetme -.Op Fl insecure -.Sh DESCRIPTION -.Nm -finds the server for a particular YP domain and stores information about it -in a -.Pa binding file. -This binding information includes the IP address of the server associated with -that particular domain and which port the server is using. This information -is stored in the directory -.Pa /var/yp/binding -in a file named with the convention -.Pa DOMAINNAME.version. -(The YP system only supplies information on version 2.) -.Pp -When -.Nm -starts the primary domain (or gets the first request for a new domain), -it checks if a file for the domain in question exists in the directory -.Pa /etc/yp/ -(ie. /etc/yp/DOMAINNAME). -If such a file exists, it will list the hosts which -.Nm -should restrict it's server search to. -Otherwise, -.Nm -assumes it will need to use broadcasts to find a valid server. -Using either of these techniques, -.Nm -will search for a server willing to serve maps for the -client's domain. Once a binding is established, -.Nm -maintains this binding by periodically communicating with the server to which -it is bound. If the binding is somehow lost, e.g by server reboot, -.Nm -marks the domain as unbound and attempts to re-establish the binding. -When the binding is once again successful, -.Nm -marks the domain as bound and resumes its periodic check. -.Pp -The options are as follows: -.Bl -tag -width indentxx -.It Fl ypset -.Xr ypset 8 -may be used to change the server to which a domain is bound. -.It Fl ypsetme -.Xr ypset 8 -may be used only from this machine to change the server -to which a domain is bound. -.It Fl insecure -permit binding to a -.Xr ypserv 8 -on a non-reserved port. This is needed if receiving maps from -SunOS 3.x or Ultrix. -.El -.Pp -The -.Fl ypset -and -.Fl ypsetme -options are dangerous and should be avoided. -For greatest security, the use of a server list in -.Pa /etc/yp/DOMAINNAME -is recommended. -The file should contain a list of valid YP server hostnames, -with one hostname per line. -The comment character is #. -.Pp -If the directory -.Pa /var/yp/binding -exists, YP is started automatically at boot time by -.Pa /etc/rc . -.Sh FILES -.Pa /var/yp/binding/DOMAINNAME.version -- binding file for domainname -.Pa /etc/yp/DOMAINNNAME -- server list for this particular domain -.Sh SEE ALSO -.Xr domainname 1 , -.Xr ypcat 1 , -.Xr ypmatch 1 , -.Xr yppoll 8 , -.Xr ypset 8 , -.Xr ypwhich 1 , -.Xr ypserv 8 , -.Xr yp 8 -.Sh AUTHOR -Theo de Raadt diff --git a/ypbind.tproj/ypbind.c b/ypbind.tproj/ypbind.c deleted file mode 100644 index ca722d2..0000000 --- a/ypbind.tproj/ypbind.c +++ /dev/null @@ -1,1289 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1992, 1993 Theo de Raadt - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Theo de Raadt. - * 4. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$Id: ypbind.c,v 1.1 1999/05/02 03:59:00 wsanchez Exp $"; -#endif -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -// #include -// #include - -#define _PATH_YPBIND_LOCK "/var/run/ypbind.lock" -#define YPSERVERSSUFF ".ypservers" -#define BINDINGDIR "/var/yp/binding" - -#ifndef O_SHLOCK -#define O_SHLOCK 0 -#endif - -#define BUFSIZE 1400 - -struct _dom_binding -{ - struct _dom_binding *dom_pnext; - char dom_domain[YPMAXDOMAIN + 1]; - struct sockaddr_in dom_server_addr; - unsigned short int dom_server_port; - int dom_socket; - CLIENT *dom_client; - long dom_vers; - time_t dom_check_t; - time_t dom_ask_t; - int dom_lockfd; - int dom_alive; - u_int32_t dom_xid; -}; - -static char *dname; - -static struct _dom_binding *ypbindlist; -static int check; - -typedef enum -{ - YPBIND_DIRECT, - YPBIND_BROADCAST, - YPBIND_SETLOCAL, - YPBIND_SETALL -} ypbind_mode_t; - -ypbind_mode_t ypbindmode; - -/* - * If ypbindmode is YPBIND_SETLOCAL or YPBIND_SETALL, this indicates - * whether or not we've been "ypset". If we haven't, we behave like - * YPBIND_BROADCAST. If we have, we behave like YPBIND_DIRECT. - */ -int been_ypset; - -static int insecure; -static int rpcsock, pingsock; -static struct rmtcallargs rmtca; -static struct rmtcallres rmtcr; -static bool_t rmtcr_outval; -static u_long rmtcr_port; -static SVCXPRT *udptransp, *tcptransp; - -int main __P((int, char *[])); - -static void usage __P((void)); -static struct _dom_binding *makebinding __P((const char *)); -static int makelock __P((struct _dom_binding *)); -static void removelock __P((struct _dom_binding *)); -static void checkwork __P((void)); -static int ping __P((struct _dom_binding *)); -static int nag_servers __P((struct _dom_binding *)); -static enum clnt_stat handle_replies __P((void)); -static enum clnt_stat handle_ping __P((void)); -static void rpc_received __P((char *, struct sockaddr_in *, int)); -static struct _dom_binding *xid2ypdb __P((u_int32_t)); -static u_int32_t unique_xid __P((struct _dom_binding *)); -static int broadcast __P((char *, int)); -static int direct __P((char *, int)); -static int direct_set __P((char *, int, struct _dom_binding *)); - -#define DEBUG_NONE 0 -#define DEBUG_STDERR 1 -#define DEBUG_SYSLOG 2 - -static int debug; -static char *msg_str = NULL; - -void -sys_openlog(int debug, char *str, int flags, int facility) -{ - if (msg_str != NULL) free(msg_str); - msg_str = NULL; - if (str != NULL) - { - msg_str = malloc(strlen(str) + 1); - strcpy(msg_str, str); - } - - if (debug & DEBUG_SYSLOG) openlog(msg_str, flags, facility); -} - -void -sys_msg(int debug, int priority, char *message, ...) -{ - va_list ap; - - va_start(ap, message); - - if (debug & DEBUG_SYSLOG) vsyslog(priority, message, ap); - - if (debug & DEBUG_STDERR) - { - if (msg_str != NULL) fprintf(stderr, "%s: ", msg_str); - vfprintf(stderr, message, ap); - fprintf(stderr, "\n"); - fflush(stderr); - } - - va_end(ap); -} - -static void -usage() -{ - fprintf(stderr, - "Usage: ypbind [-broadcast] [-insecure] [-ypset] [-ypsetme] [-d]\n"); - exit(1); -} - -static struct _dom_binding * -makebinding(const char *dm) -{ - struct _dom_binding *ypdb; - - ypdb = (struct _dom_binding *)malloc(sizeof *ypdb); - memset(ypdb, 0, sizeof *ypdb); - strncpy(ypdb->dom_domain, dm, sizeof ypdb->dom_domain); - ypdb->dom_domain[sizeof(ypdb->dom_domain) - 1] = '\0'; - - return ypdb; -} - -static int -makelock(struct _dom_binding *ypdb) -{ - int fd; - char path[MAXPATHLEN]; - - snprintf(path, sizeof(path), "%s/%s.%ld", BINDINGDIR, - ypdb->dom_domain, ypdb->dom_vers); - - fd = open(path, O_CREAT|O_SHLOCK|O_RDWR|O_TRUNC, 0644); - if (fd == -1) - { - mkdir(BINDINGDIR, 0755); - fd = open(path, O_CREAT|O_SHLOCK|O_RDWR|O_TRUNC, 0644); - if (fd == -1) return -1; - } - -#if O_SHLOCK == 0 - flock(fd, LOCK_SH); -#endif - return fd; -} - -static void -removelock(struct _dom_binding *ypdb) -{ - char path[MAXPATHLEN]; - - snprintf(path, sizeof(path), "%s/%s.%ld", - BINDINGDIR, ypdb->dom_domain, ypdb->dom_vers); - unlink(path); -} - -static void * -svc_ypbindproc_null_2(void *argp, SVCXPRT *transp) -{ - static char res; - - sys_msg(debug, LOG_DEBUG, "ypbindproc_null_2"); - - memset(&res, 0, sizeof(res)); - return (void *)&res; -} - -static void * -svc_ypbindproc_domain_2(void *argp, SVCXPRT *transp) -{ - static struct ypbind_resp res; - struct _dom_binding *ypdb; - char *arg = *(char **) argp; - int count; - - sys_msg(debug, LOG_DEBUG, "ypbindproc_domain_2 %s", arg); - - memset(&res, 0, sizeof res); - res.ypbind_status = YPBIND_FAIL_VAL; - - for (count = 0, ypdb = ypbindlist; - ypdb != NULL; - ypdb = ypdb->dom_pnext, count++) - { - /* prevent denial of service */ - if (count > 100) return NULL; - if (!strcmp(ypdb->dom_domain, arg)) break; - } - - if (ypdb == NULL) - { - ypdb = makebinding(arg); - ypdb->dom_vers = YPVERS; - ypdb->dom_alive = 0; - ypdb->dom_lockfd = -1; - removelock(ypdb); - ypdb->dom_xid = unique_xid(ypdb); - ypdb->dom_pnext = ypbindlist; - ypbindlist = ypdb; - check++; - sys_msg(debug, LOG_ERR, "unknown domain %s", arg); - return NULL; - } - - if (ypdb->dom_alive == 0) - { - sys_msg(debug, LOG_ERR, "dead domain %s", arg); - return NULL; - } - -#ifdef HEURISTIC - time(&now); - if (now < ypdb->dom_ask_t + 5) - { - /* - * Hmm. More than 2 requests in 5 seconds have indicated - * that my binding is possibly incorrect. - * Ok, do an immediate poll of the server. - */ - if (ypdb->dom_check_t >= now) - { - /* don't flood it */ - ypdb->dom_check_t = 0; - check++; - } - } - ypdb->dom_ask_t = now; -#endif - - res.ypbind_status = YPBIND_SUCC_VAL; - bcopy(&ypdb->dom_server_addr.sin_addr.s_addr, - res.ypbind_resp_u.ypbind_bindinfo.ypbind_binding_addr, 4); - bcopy(&ypdb->dom_server_port, - res.ypbind_resp_u.ypbind_bindinfo.ypbind_binding_port, 2); - - sys_msg(debug, LOG_DEBUG, "domain %s at %s/%d", ypdb->dom_domain, - inet_ntoa(ypdb->dom_server_addr.sin_addr), - ntohs(ypdb->dom_server_addr.sin_port)); - return &res; -} - -static void * -svc_ypbindproc_setdom_2(void *argp, SVCXPRT *transp) -{ - struct ypbind_setdom *sd = argp; - struct sockaddr_in *fromsin, bindsin; - static bool_t res; - - memset(&bindsin, 0, sizeof bindsin); - bindsin.sin_family = AF_INET; - bindsin.sin_len = sizeof(bindsin); - bcopy(&sd->ypsetdom_binding.ypbind_binding_addr, - &bindsin.sin_addr.s_addr, 4); - bcopy(&sd->ypsetdom_binding.ypbind_binding_port, - &bindsin.sin_port, 2); - fromsin = svc_getcaller(transp); - - memset(&res, 0, sizeof(res)); - - switch (ypbindmode) - { - case YPBIND_SETLOCAL: - if (fromsin->sin_addr.s_addr != htonl(INADDR_LOOPBACK)) - { - sys_msg(debug, LOG_ERR, "ypset from %s denied", - inet_ntoa(fromsin->sin_addr)); - return NULL; - } - - /* FALLTHROUGH */ - - case YPBIND_SETALL: - been_ypset = 1; - break; - - case YPBIND_DIRECT: - case YPBIND_BROADCAST: - default: - sys_msg(debug, LOG_ERR, "ypset denied"); - return NULL; - } - - if (ntohs(fromsin->sin_port) >= IPPORT_RESERVED) - { - sys_msg(debug, LOG_ERR, "ypset from unpriviledged port denied"); - return &res; - } - - if (sd->ypsetdom_vers != YPVERS) - { - sys_msg(debug, LOG_ERR, "ypset with wrong version denied"); - sys_msg(debug, LOG_DEBUG, "ypsetdom_vers = %lu YPVERS = %lu", - sd->ypsetdom_vers, YPVERS); - return &res; - } - - rpc_received(sd->ypsetdom_domain, &bindsin, 1); - - sys_msg(debug, LOG_DEBUG, "ypset to %s succeeded", - inet_ntoa(bindsin.sin_addr)); - res = 1; - return &res; -} - -static void -ypbindprog_2(struct svc_req *rqstp, register SVCXPRT *transp) -{ - union - { - char ypbindproc_domain_2_arg[YPMAXDOMAIN + 1]; - struct ypbind_setdom ypbindproc_setdom_2_arg; - } argument; - struct authunix_parms *creds; - char *result; - xdrproc_t xdr_argument, xdr_result; - void *(*local) __P((void *, SVCXPRT *)); - - switch (rqstp->rq_proc) - { - case YPBINDPROC_NULL: - xdr_argument = xdr_void; - xdr_result = xdr_void; - local = svc_ypbindproc_null_2; - break; - - case YPBINDPROC_DOMAIN: - xdr_argument = xdr_domainname; - xdr_result = xdr_ypbind_resp; - local = svc_ypbindproc_domain_2; - break; - - case YPBINDPROC_SETDOM: - switch (rqstp->rq_cred.oa_flavor) - { - case AUTH_UNIX: - creds = (struct authunix_parms *)rqstp->rq_clntcred; - if (creds->aup_uid != 0) - { - svcerr_auth(transp, AUTH_BADCRED); - return; - } - break; - - default: - svcerr_auth(transp, AUTH_TOOWEAK); - return; - } - - xdr_argument = xdr_ypbind_setdom; - xdr_result = xdr_void; - local = svc_ypbindproc_setdom_2; - break; - - default: - svcerr_noproc(transp); - return; - } - - memset(&argument, 0, sizeof(argument)); - if (!svc_getargs(transp, xdr_argument, (caddr_t)&argument)) - { - svcerr_decode(transp); - return; - } - - result = (*local)(&argument, transp); - if (result != NULL && !svc_sendreply(transp, xdr_result, result)) - { - svcerr_systemerr(transp); - } - - return; -} - -int -main(int argc, char *argv[]) -{ - struct timeval tv; - fd_set fdsr; - int width, lockfd; - int evil = 0, one, i; - char pathname[MAXPATHLEN]; - struct stat st; - - yp_get_default_domain(&dname); - if (dname[0] == '\0') - { - fprintf(stderr, "Domainname not set. Aborting.\n"); - exit(1); - } - - debug = DEBUG_SYSLOG; - ypbindmode = YPBIND_DIRECT; - for (i = 1; i < argc; i++) - { - if (!strcmp(argv[i], "-insecure")) - insecure = 1; - - else if (!strcmp(argv[i], "-ypset")) - ypbindmode = YPBIND_SETALL; - - else if (!strcmp(argv[i], "-ypsetme")) - ypbindmode = YPBIND_SETLOCAL; - - else if (!strcmp(argv[i], "-broadcast")) - ypbindmode = YPBIND_BROADCAST; - - else if (!strcmp(argv[i], "-d")) - debug = DEBUG_STDERR; - - else - usage(); - } - - sys_openlog(debug, "ypbind", LOG_NDELAY | LOG_PID, LOG_DAEMON); - - /* - * Per traditional ypbind(8) semantics, if a ypservers - * file does not exist, we default to broadcast mode. - * If the file does exist, we default to direct mode. - * Note that we can still override direct mode by passing - * the -broadcast flag. - */ - snprintf(pathname, sizeof(pathname), "%s/%s%s", - BINDINGDIR, dname, YPSERVERSSUFF); - - if ((ypbindmode == YPBIND_DIRECT) && (stat(pathname, &st) < 0)) - { - sys_msg(debug, LOG_DEBUG, "%s does not exist, defaulting to broadcast.", - pathname); - ypbindmode = YPBIND_BROADCAST; - } - - /* blow away everything in BINDINGDIR */ - - lockfd = open(_PATH_YPBIND_LOCK, O_CREAT|O_SHLOCK|O_RDWR|O_TRUNC, 0644); - if (lockfd == -1) - { - sys_msg(debug, LOG_ERR, "Cannot create %s", _PATH_YPBIND_LOCK); - exit(1); - } - -#if O_SHLOCK == 0 - flock(lockfd, LOCK_SH); -#endif - - pmap_unset(YPBINDPROG, YPBINDVERS); - - udptransp = svcudp_create(RPC_ANYSOCK); - if (udptransp == NULL) - { - sys_msg(debug, LOG_ERR, "Cannot create udp service."); - exit(1); - } - - if (!svc_register(udptransp, YPBINDPROG, YPBINDVERS, ypbindprog_2, - IPPROTO_UDP)) - { - sys_msg(debug, LOG_ERR, - "Unable to register (YPBINDPROG, YPBINDVERS, udp)."); - exit(1); - } - - tcptransp = svctcp_create(RPC_ANYSOCK, 0, 0); - if (tcptransp == NULL) - { - sys_msg(debug, LOG_ERR, "Cannot create tcp service."); - exit(1); - } - - if (!svc_register(tcptransp, YPBINDPROG, YPBINDVERS, ypbindprog_2, - IPPROTO_TCP)) - { - sys_msg(debug, LOG_ERR, - "Unable to register (YPBINDPROG, YPBINDVERS, tcp)."); - exit(1); - } - - /* XXX use SOCK_STREAM for direct queries? */ - rpcsock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); - if (rpcsock == -1) - { - sys_msg(debug, LOG_ERR, "rpc socket() failed."); - exit(1); - } - - pingsock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); - if (pingsock == -1) - { - sys_msg(debug, LOG_ERR, "ping socket() failed."); - exit(1); - } - - fcntl(rpcsock, F_SETFL, fcntl(rpcsock, F_GETFL, 0) | FNDELAY); - fcntl(pingsock, F_SETFL, fcntl(pingsock, F_GETFL, 0) | FNDELAY); - - one = 1; - setsockopt(rpcsock, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)); - rmtca.prog = YPPROG; - rmtca.vers = YPVERS; - rmtca.proc = YPPROC_DOMAIN_NONACK; - rmtca.xdr_args = NULL; /* set at call time */ - rmtca.args_ptr = NULL; /* set at call time */ - rmtcr.port_ptr = &rmtcr_port; - rmtcr.xdr_results = xdr_bool; - rmtcr.results_ptr = (caddr_t)&rmtcr_outval; - - /* build initial domain binding, make it "unsuccessful" */ - ypbindlist = makebinding(dname); - ypbindlist->dom_vers = YPVERS; - ypbindlist->dom_alive = 0; - ypbindlist->dom_lockfd = -1; - removelock(ypbindlist); - - checkwork(); - -// width = svc_maxfd; - width = FD_SETSIZE; - width = 32; - if (rpcsock > width) - width = rpcsock; - if (pingsock > width) - width = pingsock; - width++; - - for (;;) - { - fdsr = svc_fdset; - FD_SET(rpcsock, &fdsr); - FD_SET(pingsock, &fdsr); - tv.tv_sec = 1; - tv.tv_usec = 0; - - switch (select(width, &fdsr, NULL, NULL, &tv)) - { - case 0: - checkwork(); - break; - - case -1: - sys_msg(debug, LOG_WARNING, "select: %s", strerror(errno)); - break; - - default: - if (FD_ISSET(rpcsock, &fdsr)) handle_replies(); - if (FD_ISSET(pingsock, &fdsr)) handle_ping(); - svc_getreqset(&fdsr); - if (check) checkwork(); - break; - } - - if ((evil == 0) && (ypbindlist->dom_alive != 0)) - { - evil = 1; - if (debug == DEBUG_SYSLOG) daemon(0, 0); - } - } -} - -/* - * State transition is done like this: - * - * STATE EVENT ACTION NEWSTATE TIMEOUT - * no binding timeout broadcast no binding 5 sec - * no binding answer -- binding 60 sec - * binding timeout ping server checking 5 sec - * checking timeout ping server + broadcast checking 5 sec - * checking answer -- binding 60 sec - */ -void -checkwork() -{ - struct _dom_binding *ypdb; - time_t t; - - check = 0; - - time(&t); - for (ypdb = ypbindlist; ypdb; ypdb = ypdb->dom_pnext) - { - if (ypdb->dom_check_t < t) - { - if (ypdb->dom_alive == 1) ping(ypdb); - else nag_servers(ypdb); - time(&t); - ypdb->dom_check_t = t + 5; - } - } -} - -int -ping(struct _dom_binding *ypdb) -{ - char *dom = ypdb->dom_domain; - struct rpc_msg msg; - char buf[BUFSIZE]; - enum clnt_stat st; - int outlen; - AUTH *rpcua; - XDR xdr; - - memset(&xdr, 0, sizeof xdr); - memset(&msg, 0, sizeof msg); - - rpcua = authunix_create_default(); - if (rpcua == NULL) - { - sys_msg(debug, LOG_ERR, "ping: cannot get unix auth"); - return RPC_SYSTEMERROR; - } - - msg.rm_direction = CALL; - msg.rm_call.cb_rpcvers = RPC_MSG_VERSION; - msg.rm_call.cb_prog = YPPROG; - msg.rm_call.cb_vers = YPVERS; - msg.rm_call.cb_proc = YPPROC_DOMAIN_NONACK; - msg.rm_call.cb_cred = rpcua->ah_cred; - msg.rm_call.cb_verf = rpcua->ah_verf; - - msg.rm_xid = ypdb->dom_xid; - xdrmem_create(&xdr, buf, sizeof buf, XDR_ENCODE); - if (!xdr_callmsg(&xdr, &msg)) - { - st = RPC_CANTENCODEARGS; - AUTH_DESTROY(rpcua); - return st; - } - - if (!xdr_domainname(&xdr, (void *)&dom)) - { - st = RPC_CANTENCODEARGS; - AUTH_DESTROY(rpcua); - return st; - } - - outlen = (int)xdr_getpos(&xdr); - xdr_destroy(&xdr); - if (outlen < 1) - { - st = RPC_CANTENCODEARGS; - AUTH_DESTROY(rpcua); - return st; - } - - AUTH_DESTROY(rpcua); - - ypdb->dom_alive = 2; - if (sendto(pingsock, buf, outlen, 0, - (struct sockaddr *)&ypdb->dom_server_addr, - sizeof ypdb->dom_server_addr) == -1) - sys_msg(debug, LOG_WARNING, "ping: sendto"); - return 0; - -} - -static int -nag_servers(struct _dom_binding *ypdb) -{ - char *dom = ypdb->dom_domain; - struct rpc_msg msg; - char buf[BUFSIZE]; - enum clnt_stat st; - int outlen; - AUTH *rpcua; - XDR xdr; - - rmtca.xdr_args = xdr_domainname; - rmtca.args_ptr = (char *)&dom; - - memset(&xdr, 0, sizeof xdr); - memset(&msg, 0, sizeof msg); - - rpcua = authunix_create_default(); - if (rpcua == NULL) - { - sys_msg(debug, LOG_ERR, "ping: cannot get unix auth"); - return RPC_SYSTEMERROR; - } - - msg.rm_direction = CALL; - msg.rm_call.cb_rpcvers = RPC_MSG_VERSION; - msg.rm_call.cb_prog = PMAPPROG; - msg.rm_call.cb_vers = PMAPVERS; - msg.rm_call.cb_proc = PMAPPROC_CALLIT; - msg.rm_call.cb_cred = rpcua->ah_cred; - msg.rm_call.cb_verf = rpcua->ah_verf; - - msg.rm_xid = ypdb->dom_xid; - xdrmem_create(&xdr, buf, sizeof buf, XDR_ENCODE); - if (!xdr_callmsg(&xdr, &msg)) - { - st = RPC_CANTENCODEARGS; - AUTH_DESTROY(rpcua); - return st; - } - - if (!xdr_rmtcall_args(&xdr, &rmtca)) - { - st = RPC_CANTENCODEARGS; - AUTH_DESTROY(rpcua); - return st; - } - - outlen = (int)xdr_getpos(&xdr); - xdr_destroy(&xdr); - if (outlen < 1) - { - st = RPC_CANTENCODEARGS; - AUTH_DESTROY(rpcua); - return st; - } - - AUTH_DESTROY(rpcua); - - if (ypdb->dom_lockfd != -1) - { - close(ypdb->dom_lockfd); - ypdb->dom_lockfd = -1; - removelock(ypdb); - } - - if (ypdb->dom_alive == 2) - { - /* - * This resolves the following situation: - * ypserver on other subnet was once bound, - * but rebooted and is now using a different port - */ - struct sockaddr_in bindsin; - - memset(&bindsin, 0, sizeof bindsin); - bindsin.sin_family = AF_INET; - bindsin.sin_len = sizeof(bindsin); - bindsin.sin_port = htons(PMAPPORT); - bindsin.sin_addr = ypdb->dom_server_addr.sin_addr; - - if (sendto(rpcsock, buf, outlen, 0, (struct sockaddr *)&bindsin, - sizeof bindsin) == -1) - sys_msg(debug, LOG_WARNING, "broadcast: sendto"); - } - - switch (ypbindmode) - { - case YPBIND_SETALL: - case YPBIND_SETLOCAL: - if (been_ypset) return direct_set(buf, outlen, ypdb); - /* FALLTHROUGH */ - - case YPBIND_BROADCAST: - return broadcast(buf, outlen); - - case YPBIND_DIRECT: - return direct(buf, outlen); - } - - return -1; -} - -static int -broadcast(char *buf, int outlen) -{ - struct ifconf ifc; - struct ifreq *ifr; - int offset, addrlen; - struct in_addr in; - int sock; - char inbuf[8192]; - struct sockaddr_in bindsin; - - /* find all networks and send the RPC packet out them all */ - sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); - if (sock == -1) - { - sys_msg(debug, LOG_WARNING, "broadcast: socket: %s", strerror(errno)); - return -1; - } - - memset(&bindsin, 0, sizeof bindsin); - bindsin.sin_family = AF_INET; - bindsin.sin_len = sizeof(bindsin); - bindsin.sin_port = htons(PMAPPORT); - - ifc.ifc_len = sizeof inbuf; - ifc.ifc_buf = inbuf; - if (ioctl(sock, SIOCGIFCONF, &ifc) < 0) - { - close(sock); - sys_msg(debug, LOG_WARNING, "broadcast: ioctl(SIOCGIFCONF): %s", - strerror(errno)); - return -1; - } - - addrlen = sizeof(struct ifreq) - IFNAMSIZ; - offset = 0; - - while (offset <= ifc.ifc_len) - { - ifr = (struct ifreq *)(ifc.ifc_buf + offset); - offset += IFNAMSIZ; - if (ifr->ifr_addr.sa_len > addrlen) offset += ifr->ifr_addr.sa_len; - else offset += addrlen; - - if (ifr->ifr_addr.sa_family != AF_INET) continue; - if (ioctl(sock, SIOCGIFFLAGS, ifr) < 0) continue; - if ((ifr->ifr_flags & IFF_UP) == 0) continue; - - if (ifr->ifr_flags & IFF_BROADCAST) - { - if (ioctl(sock, SIOCGIFBRDADDR, ifr) < 0) - { - sys_msg(debug, LOG_WARNING, - "broadcast: ioctl(SIOCGIFBRDADDR): %s", strerror(errno)); - continue; - } - } - else if (ifr->ifr_flags & IFF_LOOPBACK) - { - if (ioctl(sock, SIOCGIFADDR, ifr) < 0) - { - sys_msg(debug, LOG_WARNING, - "broadcast: ioctl(SIOCGIFADDR): %s", strerror(errno)); - continue; - } - } - else continue; - - in = ((struct sockaddr_in *)&(ifr->ifr_addr))->sin_addr; - bindsin.sin_addr = in; - if (sendto(rpcsock, buf, outlen, 0, (struct sockaddr *)&bindsin, - sizeof bindsin) == -1) - sys_msg(debug, LOG_WARNING, "broadcast: sendto: %s", - strerror(errno)); - } - - close(sock); - return 0; -} - -static int -direct(char *buf, int outlen) -{ - static FILE *df; - static char ypservers_path[MAXPATHLEN]; - char line[_POSIX2_LINE_MAX]; - char *p; - struct hostent *hp; - struct sockaddr_in bindsin; - int i, count = 0; - - if (df) rewind(df); - else { - snprintf(ypservers_path, sizeof(ypservers_path), - "%s/%s%s", BINDINGDIR, dname, YPSERVERSSUFF); - df = fopen(ypservers_path, "r"); - if (df == NULL) - { - sys_msg(debug, LOG_ALERT, "Missing file %s, aborting.", - ypservers_path); - exit(1); - } - } - - memset(&bindsin, 0, sizeof bindsin); - bindsin.sin_family = AF_INET; - bindsin.sin_len = sizeof(bindsin); - bindsin.sin_port = htons(PMAPPORT); - - while(fgets(line, sizeof(line), df) != NULL) - { - /* skip lines that are too big */ - p = strchr(line, '\n'); - if (p == NULL) - { - int c; - - while ((c = getc(df)) != '\n' && c != EOF); - continue; - } - - *p = '\0'; - p = line; - while (isspace(*p)) p++; - if (*p == '#') continue; - hp = gethostbyname(p); - if (hp == NULL) - { - sys_msg(debug, LOG_ERR, "Can't find host: %s", p); - continue; - } - - /* step through all addresses in case first is unavailable */ - for (i = 0; hp->h_addr_list[i]; i++) - { - memmove(&bindsin.sin_addr, hp->h_addr_list[0], - hp->h_length); - if (sendto(rpcsock, buf, outlen, 0, - (struct sockaddr *)&bindsin, sizeof bindsin) < 0) - { - sys_msg(debug, LOG_WARNING, "direct: sendto: %s", - strerror(errno)); - continue; - } - else count++; - } - } - - if (count == 0) - { - sys_msg(debug, LOG_ALERT, - "Can't contact any servers listed in %s. Aborting", ypservers_path); - exit(1); - } - - return 0; -} - -static int -direct_set(char *buf, int outlen, struct _dom_binding *ypdb) -{ - struct sockaddr_in bindsin; - char path[MAXPATHLEN]; - struct iovec iov[2]; - struct ypbind_resp ybr; - SVCXPRT dummy_svc; - int fd, bytes; - - /* - * Gack, we lose if binding file went away. We reset - * "been_set" if this happens, otherwise we'll never - * bind again. - */ - snprintf(path, sizeof(path), "%s/%s.%ld", BINDINGDIR, - ypdb->dom_domain, ypdb->dom_vers); - - if ((fd = open(path, O_SHLOCK|O_RDONLY, 0644)) == -1) - { - sys_msg(debug, LOG_WARNING, "Can't open file %s", path); - been_ypset = 0; - return -1; - } - -#if O_SHLOCK == 0 - flock(fd, LOCK_SH); -#endif - - /* Read the binding file... */ - iov[0].iov_base = (caddr_t)&(dummy_svc.xp_port); - iov[0].iov_len = sizeof(dummy_svc.xp_port); - iov[1].iov_base = (caddr_t)&ybr; - iov[1].iov_len = sizeof(ybr); - bytes = readv(fd, iov, 2); - close(fd); - - if (bytes != (iov[0].iov_len + iov[1].iov_len)) - { - /* Binding file corrupt? */ - sys_msg(debug, LOG_WARNING, "Can't parse file %s", path); - been_ypset = 0; - return -1; - } - - bcopy(&ybr.ypbind_resp_u.ypbind_bindinfo.ypbind_binding_addr, - &bindsin.sin_addr, 4); - - if (sendto(rpcsock, buf, outlen, 0, (struct sockaddr *)&bindsin, - sizeof(bindsin)) < 0) - { - sys_msg(debug, LOG_WARNING, "direct_set: sendto: %s", strerror(errno)); - return -1; - } - - return 0; -} - -static enum clnt_stat -handle_replies() -{ - char buf[BUFSIZE]; - int fromlen, inlen; - struct _dom_binding *ypdb; - struct sockaddr_in raddr; - struct rpc_msg msg; - XDR xdr; - -recv_again: - memset(&xdr, 0, sizeof(xdr)); - memset(&msg, 0, sizeof(msg)); - msg.acpted_rply.ar_verf = _null_auth; - msg.acpted_rply.ar_results.where = (caddr_t)&rmtcr; - msg.acpted_rply.ar_results.proc = xdr_rmtcallres; - -try_again: - fromlen = sizeof (struct sockaddr); - inlen = recvfrom(rpcsock, buf, sizeof buf, 0, - (struct sockaddr *)&raddr, &fromlen); - if (inlen < 0) - { - if (errno == EINTR) goto try_again; - return RPC_CANTRECV; - } - - if (inlen < sizeof(u_int32_t)) goto recv_again; - - /* - * see if reply transaction id matches sent id. - * If so, decode the results. - */ - xdrmem_create(&xdr, buf, (u_int)inlen, XDR_DECODE); - if (xdr_replymsg(&xdr, &msg)) - { - if ((msg.rm_reply.rp_stat == MSG_ACCEPTED) && - (msg.acpted_rply.ar_stat == SUCCESS)) { - raddr.sin_port = htons((u_short)rmtcr_port); - ypdb = xid2ypdb(msg.rm_xid); - if (ypdb != NULL) rpc_received(ypdb->dom_domain, &raddr, 0); - } - } - - xdr.x_op = XDR_FREE; - msg.acpted_rply.ar_results.proc = xdr_void; - xdr_destroy(&xdr); - - return RPC_SUCCESS; -} - -static enum clnt_stat -handle_ping() -{ - char buf[BUFSIZE]; - int fromlen, inlen; - struct _dom_binding *ypdb; - struct sockaddr_in raddr; - struct rpc_msg msg; - XDR xdr; - bool_t res; - -recv_again: - memset(&xdr, 0, sizeof(xdr)); - memset(&msg, 0, sizeof(msg)); - msg.acpted_rply.ar_verf = _null_auth; - msg.acpted_rply.ar_results.where = (caddr_t)&res; - msg.acpted_rply.ar_results.proc = xdr_bool; - -try_again: - fromlen = sizeof (struct sockaddr); - inlen = recvfrom(pingsock, buf, sizeof buf, 0, - (struct sockaddr *)&raddr, &fromlen); - if (inlen < 0) - { - if (errno == EINTR) goto try_again; - return RPC_CANTRECV; - } - - if (inlen < sizeof(u_int32_t)) goto recv_again; - - /* - * see if reply transaction id matches sent id. - * If so, decode the results. - */ - xdrmem_create(&xdr, buf, (u_int)inlen, XDR_DECODE); - if (xdr_replymsg(&xdr, &msg)) - { - if ((msg.rm_reply.rp_stat == MSG_ACCEPTED) && - (msg.acpted_rply.ar_stat == SUCCESS)) - { - ypdb = xid2ypdb(msg.rm_xid); - if (ypdb != NULL) rpc_received(ypdb->dom_domain, &raddr, 0); - } - } - - xdr.x_op = XDR_FREE; - msg.acpted_rply.ar_results.proc = xdr_void; - xdr_destroy(&xdr); - - return RPC_SUCCESS; -} - -/* - * LOOPBACK IS MORE IMPORTANT: PUT IN HACK - */ -void -rpc_received(char *dom, struct sockaddr_in *raddrp, int force) -{ - struct _dom_binding *ypdb; - struct iovec iov[2]; - struct ypbind_resp ybr; - int fd; - - sys_msg(debug, LOG_DEBUG, "returned from %s about %s", - inet_ntoa(raddrp->sin_addr), dom); - - if (dom == NULL) return; - - /* don't support insecure servers by default */ - if (!insecure && ntohs(raddrp->sin_port) >= IPPORT_RESERVED) return; - - for (ypdb = ypbindlist; ypdb; ypdb = ypdb->dom_pnext) - { - if (!strcmp(ypdb->dom_domain, dom)) break; - } - - if (ypdb == NULL) - { - if (force == 0) return; - ypdb = makebinding(dom); - ypdb->dom_lockfd = -1; - ypdb->dom_pnext = ypbindlist; - ypbindlist = ypdb; - } - - /* soft update, alive */ - if (ypdb->dom_alive == 1 && force == 0) - { - if (!memcmp(&ypdb->dom_server_addr, raddrp, - sizeof ypdb->dom_server_addr)) - { - ypdb->dom_alive = 1; - /* recheck binding in 60 sec */ - ypdb->dom_check_t = time(NULL) + 60; - } - return; - } - - memcpy(&ypdb->dom_server_addr, raddrp, sizeof ypdb->dom_server_addr); - /* recheck binding in 60 seconds */ - ypdb->dom_check_t = time(NULL) + 60; - ypdb->dom_vers = YPVERS; - ypdb->dom_alive = 1; - - if (ypdb->dom_lockfd != -1) close(ypdb->dom_lockfd); - - if ((fd = makelock(ypdb)) == -1) return; - - /* - * ok, if BINDINGDIR exists, and we can create the binding file, - * then write to it.. - */ - ypdb->dom_lockfd = fd; - - iov[0].iov_base = (caddr_t)&(udptransp->xp_port); - iov[0].iov_len = sizeof udptransp->xp_port; - iov[1].iov_base = (caddr_t)&ybr; - iov[1].iov_len = sizeof ybr; - - memset(&ybr, 0, sizeof ybr); - ybr.ypbind_status = YPBIND_SUCC_VAL; - bcopy(&raddrp->sin_addr.s_addr, - ybr.ypbind_resp_u.ypbind_bindinfo.ypbind_binding_addr, 4); - bcopy(&raddrp->sin_port, - ybr.ypbind_resp_u.ypbind_bindinfo.ypbind_binding_port, 2); - - if (writev(ypdb->dom_lockfd, iov, 2) != - iov[0].iov_len + iov[1].iov_len) - { - sys_msg(debug, LOG_WARNING, "writev: %s", strerror(errno)); - close(ypdb->dom_lockfd); - removelock(ypdb); - ypdb->dom_lockfd = -1; - } -} - -static struct _dom_binding * -xid2ypdb(u_int32_t xid) -{ - struct _dom_binding *ypdb; - - for (ypdb = ypbindlist; ypdb; ypdb = ypdb->dom_pnext) - { - if (ypdb->dom_xid == xid) break; - } - - return (ypdb); -} - -static u_int32_t -unique_xid(struct _dom_binding *ypdb) -{ - u_int32_t tmp_xid; - - tmp_xid = (u_int32_t)(((u_long)ypdb) & 0xffffffff); - while (xid2ypdb(tmp_xid) != NULL) tmp_xid++; - - return tmp_xid; -} diff --git a/ypcat.tproj/Makefile b/ypcat.tproj/Makefile deleted file mode 100644 index 5d9dd30..0000000 --- a/ypcat.tproj/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = ypcat - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = ypcat.c - -OTHERSRCS = Makefile.dist Makefile.preamble ypcat.1 Makefile.postamble - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /usr/bin -PDO_UNIX_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/ypcat.tproj/Makefile.dist b/ypcat.tproj/Makefile.dist deleted file mode 100644 index 47a9a18..0000000 --- a/ypcat.tproj/Makefile.dist +++ /dev/null @@ -1,6 +0,0 @@ -# from: @(#)Makefile 5.8 (Berkeley) 7/28/90 -# $Id: Makefile.dist,v 1.1 1999/05/02 03:59:01 wsanchez Exp $ - -PROG= ypcat - -.include diff --git a/ypcat.tproj/Makefile.postamble b/ypcat.tproj/Makefile.postamble deleted file mode 100644 index 989c8ce..0000000 --- a/ypcat.tproj/Makefile.postamble +++ /dev/null @@ -1,103 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -after_install: - mkdir -p "$(DSTROOT)/usr/share/man/man1" - install -c -m 644 ypcat.1 "$(DSTROOT)/usr/share/man/man1/ypcat.1" diff --git a/ypcat.tproj/Makefile.preamble b/ypcat.tproj/Makefile.preamble deleted file mode 100644 index cdcdf89..0000000 --- a/ypcat.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include -AFTER_INSTALL = after_install diff --git a/ypcat.tproj/PB.project b/ypcat.tproj/PB.project deleted file mode 100644 index dce9a43..0000000 --- a/ypcat.tproj/PB.project +++ /dev/null @@ -1,36 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (); - M_FILES = (); - OTHER_LINKED = (ypcat.c); - OTHER_SOURCES = (Makefile.dist, Makefile.preamble, ypcat.1, Makefile.postamble); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = ypcat; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/ypcat.tproj/ypcat.1 b/ypcat.tproj/ypcat.1 deleted file mode 100644 index 1ed0a55..0000000 --- a/ypcat.tproj/ypcat.1 +++ /dev/null @@ -1,70 +0,0 @@ -.\" Copyright (c) 1993 Winning Strategies, Inc. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Winning Strategies, Inc. -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $Id: ypcat.1,v 1.1 1999/05/02 03:59:01 wsanchez Exp $ -.\" -.Dd December 3, 1993 -.Dt YPCAT 1 -.Os -.Sh NAME -.Nm ypcat -.Nd "print the values of all keys in a YP database" -.Sh SYNOPSIS -.Nm ypcat -.Op Fl kt -.Op Fl d Ar domainname -.Ar mapname -.Nm ypcat -.Fl x -.Sh DESCRIPTION -.Nm Ypcat -prints out the values of all keys from the -.Tn YP -database specified by -.Ar mapname, -which may be a map name or a map nickname. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl d Ar domainname -Specify a domain other than the default domain. -.It Fl k -Display map keys. -This option is useful with maps in which the values are null or the key -is not part of the value. -.It Fl t -Inhibit translation of map nicknames -to their corresponding map names. -.It Fl x -Display the map nickname table. -.El -.Sh SEE ALSO -.Xr ypmatch 1 , -.Xr yp 8 -.Sh AUTHOR -Theo De Raadt diff --git a/ypcat.tproj/ypcat.c b/ypcat.tproj/ypcat.c deleted file mode 100644 index 6ab38ab..0000000 --- a/ypcat.tproj/ypcat.c +++ /dev/null @@ -1,169 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1992, 1993 Theo de Raadt - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Theo de Raadt. - * 4. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$Id: ypcat.c,v 1.1 1999/05/02 03:59:01 wsanchez Exp $"; -#endif - -#include -#include -#include -#include -#include - -#include -#include -#include -#include - -struct ypalias { - char *alias, *name; -} ypaliases[] = { - { "passwd", "passwd.byname" }, - { "group", "group.byname" }, - { "networks", "networks.byaddr" }, - { "hosts", "hosts.byaddr" }, - { "protocols", "protocols.bynumber" }, - { "services", "services.byname" }, - { "aliases", "mail.aliases" }, - { "ethers", "ethers.byname" }, -}; - -int key; - -usage() -{ - fprintf(stderr, "Usage:\n"); - fprintf(stderr, "\typcat [-k] [-d domainname] [-t] mapname\n"); - fprintf(stderr, "\typcat -x\n"); - exit(1); -} - -printit(instatus, inkey, inkeylen, inval, invallen, indata) -int instatus; -char *inkey; -int inkeylen; -char *inval; -int invallen; -char *indata; -{ - if(instatus != YP_TRUE) - return instatus; - if(key) - printf("%*.*s ", inkeylen, inkeylen, inkey); - printf("%*.*s\n", invallen, invallen, inval); - return 0; -} - -int -main(argc, argv) -char **argv; -{ - char *domainname; - struct ypall_callback ypcb; - char *inmap; - extern char *optarg; - extern int optind; - int notrans; - int c, r, i; - - notrans = key = 0; - yp_get_default_domain(&domainname); - - while( (c=getopt(argc, argv, "xd:kt")) != -1) - switch(c) { - case 'x': - for(i=0; i) ]; then \ - if [ ! $(UNSECURE) ]; then \ - $(CAT) $(>) | $(CUT) -d: -f1-4,8-10 | \ - $(AWK) 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ - { print $$1, $$1":*:"$$3":"$$4":"$$5":"$$6":"$$7 }' -|\ - $(MAKEDBM) - passwd.byname; \ - $(CAT) $(>) | $(CUT) -d: -f1-4,8-10 |\ - $(AWK) 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ - { print $$3, $$1":*:"$$3":"$$4":"$$5":"$$6":"$$7 }' -|\ - $(MAKEDBM) - passwd.byuid; \ - else \ - $(CAT) $(>) | $(CUT) -d: -f1-4,8-10 | \ - $(AWK) 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ - { print $$1, $$0 }' - | $(MAKEDBM) - passwd.byname; \ - $(CAT) $(>) | $(CUT) -d: -f1-4,8-10 |\ - $(AWK) 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ - { print $$3, $$0 }' - | $(MAKEDBM) - passwd.byuid; \ - fi; \ - $(CAT) $(>) | \ - $(AWK) 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ - { print $$1, $$0 }' - | $(MAKEDBM-S) - master.passwd.byname; \ - $(CAT) $(>) | \ - $(AWK) 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ - { print $$3, $$0 }' - | $(MAKEDBM-S) - master.passwd.byuid; \ - $(TOUCH) $(@); \ - $(ECHO) "updated passwd"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) passwd.byname; \ - $(YPPUSH) -d $(DOMAIN) passwd.byuid; \ - $(YPPUSH) -d $(DOMAIN) master.passwd.byname; \ - $(YPPUSH) -d $(DOMAIN) master.passwd.byuid; \ - $(ECHO) "pushed passwd"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - - -group.time: $(DIR)/group - -@if [ -f $(>) ]; then \ - $(AWK) 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ - { print $$1, $$0 }' $(>) | \ - $(MAKEDBM) - group.byname; \ - $(AWK) 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ - { print $$3, $$0 }' $(>) | \ - $(MAKEDBM) - group.bygid; \ - $(TOUCH) $(@); \ - $(ECHO) "updated group"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) group.byname; \ - $(YPPUSH) -d $(DOMAIN) group.bygid; \ - $(ECHO) "pushed group"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - -hosts.time: $(DIR)/hosts - -@if [ -f $(DIR)/hosts ]; then \ - $(STDHOSTS) $(>) | $(SED) -e s/#.*$$// | \ - $(AWK) '{for (i = 2; i <= NF; i++) print $$i, $$0 }' | \ - $(MAKEDBM) - hosts.byname; \ - $(STDHOSTS) $(>) | \ - $(AWK) 'BEGIN { OFS="\t"; } { print $$1, $$0 }' | \ - $(MAKEDBM) - hosts.byaddr; \ - $(TOUCH) $(@); \ - $(ECHO) "updated hosts"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) hosts.byname; \ - $(YPPUSH) -d $(DOMAIN) hosts.byaddr; \ - $(ECHO) "pushed hosts"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - -ethers.time: $(DIR)/ethers - -@if [ -f $(DIR)/ethers ]; then \ - $(STDETHERS) $(>) | $(SED) -e s/#.*$$// | \ - $(AWK) 'BEGIN { FS="\t"; OFS="\t"; } { print $$1, $$0 }' | \ - $(MAKEDBM) - ethers.byaddr; \ - $(STDETHERS) $(>) | \ - $(AWK) 'BEGIN { FS="\t"; OFS="\t"; } { print $$2, $$0 }' | \ - $(MAKEDBM) - ethers.byname; \ - $(TOUCH) $(@); \ - $(ECHO) "updated ethers"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) ethers.byaddr; \ - $(YPPUSH) -d $(DOMAIN) ethers.byname; \ - $(ECHO) "pushed ethers"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - -networks.time: $(DIR)/networks - -@if [ -f $(>) ]; then \ - $(SED) -e "/^#/d" -e s/#.*$$// $(>) | \ - $(AWK) '{print $$1, $$0; for (i = 3;i <= NF;i++) print $$i,$$0}' | \ - $(MAKEDBM) - networks.byname; \ - $(AWK) 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' $(>) | \ - $(MAKEDBM) - networks.byaddr; \ - $(TOUCH) $(@); \ - $(ECHO) "updated networks"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) networks.byname; \ - $(YPPUSH) -d $(DOMAIN) networks.byaddr; \ - $(ECHO) "pushed networks"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - -rpc.time: $(DIR)/rpc - -@if [ -f $(>) ]; then \ - $(AWK) 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' $(>) | \ - $(MAKEDBM) - rpc.bynumber; \ - $(SED) -e "/^#/d" -e s/#.*$$// $(>) | \ - $(AWK) '{print $$1, $$0; for (i = 3;i <= NF;i++) print $$i,$$0}' | \ - $(MAKEDBM) - rpc.byname; \ - $(TOUCH) $(@); \ - $(ECHO) "updated rpc"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) rpc.bynumber; \ - $(YPPUSH) -d $(DOMAIN) rpc.byname; \ - $(ECHO) "pushed rpc"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - - -services.time: $(DIR)/services - -@if [ -f $(>) ]; then \ - $(AWK) 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' $(>) | \ - $(MAKEDBM) - services.byname; \ - $(TOUCH) $(@); \ - $(ECHO) "updated services"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) services.byname; \ - $(ECHO) "pushed services"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - - -protocols.time: $(DIR)/protocols - -@if [ -f $(>) ]; then \ - $(AWK) 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' $(>) | \ - $(MAKEDBM) - protocols.bynumber; \ - $(SED) -e "/^#/d" -e s/#.*$$// $(>) | \ - $(AWK) '{print $$1, $$0; for (i = 3;i <= NF;i++) print $$i,$$0}' | \ - $(MAKEDBM) - protocols.byname; \ - $(TOUCH) $(@); \ - $(ECHO) "updated protocols"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) protocols.bynumber; \ - $(YPPUSH) -d $(DOMAIN) protocols.byname; \ - $(ECHO) "pushed protocols"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - - -netid.time: $(DIR)/passwd $(DIR)/group $(DIR)/hosts $(DIR)/netid - -@$(MKNETID) -q -d $(DOMAIN) -p $(DIR)/passwd -g $(DIR)/group -h $(DIR)/hosts -m $(DIR)/netid | \ - $(MAKEDBM) - netid.byname; \ - $(TOUCH) $(@); \ - $(ECHO) "updated netid"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) netid.byname; \ - $(ECHO) "pushed netid"; \ - else \ - : ; \ - fi - - -netgroup.time: $(DIR)/netgroup - -@if [ -f $(>) ]; then \ - $(CAT) $(>) | $(MAKEDBM) - netgroup; \ - $(CAT) $(>) | $(REVNETGROUP) -u -f - | \ - $(MAKEDBM) - netgroup.byuser; \ - $(CAT) $(>) | $(REVNETGROUP) -h -f - | \ - $(MAKEDBM) - netgroup.byhost; \ - $(TOUCH) $(@); \ - $(ECHO) "updated netgroup"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) netgroup; \ - $(YPPUSH) -d $(DOMAIN) netgroup.byuser; \ - $(YPPUSH) -d $(DOMAIN) netgroup.byhost; \ - $(ECHO) "pushed netgroup"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - - -amd.home.time: $(AMDDIR)/amd.home - -@if [ -f $(>) ]; then \ - $(SED) -e "s/#.*$$//" -e "/^$$/d" $(>) | \ - $(AWK) '{ \ - for (i = 1; i <= NF; i++) \ - if (i == NF) { \ - if (substr($$i, length($$i), 1) == "\\") { \ - printf("%s", substr($$i, 1, length($$i) - 1)); \ - } \ - else \ - printf("%s\n", $$i); \ - } \ - else \ - printf("%s ", $$i); \ - }' | \ - $(MAKEDBM) - amd.home; \ - $(TOUCH) $(@); \ - $(ECHO) "updated amd.home"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) amd.home; \ - $(ECHO) "pushed amd.home"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - - -aliases.time: $(DIR)/aliases - -@if [ -f $(>) ]; then \ - $(CP) -p $(>) $(DOMAIN)-aliases; \ - $(SENDMAIL) -bi -oA$(PWD)/$(DOMAIN)-aliases; \ - $(MAKEDBM) -U $(DOMAIN)-aliases | $(MAKEDBM) - mail.aliases; \ - $(MKALIAS) mail.aliases mail.byaddr; \ - $(TOUCH) $(@); \ - $(RM) $(DOMAIN)-aliases.db $(DOMAIN)-aliases; \ - $(ECHO) "updated aliases"; \ - if [ ! $(NOPUSH) ]; then \ - $(YPPUSH) -d $(DOMAIN) mail.aliases; \ - $(YPPUSH) -d $(DOMAIN) mail.byaddr; \ - $(ECHO) "pushed aliases"; \ - else \ - : ; \ - fi \ - else \ - $(ECHO) "couldn't find $(>)"; \ - fi - - - -passwd: passwd.time -group: group.time -hosts: hosts.time -ethers: ethers.time -networks: networks.time -rpc: rpc.time -services: services.time -protocols: protocols.time -netid: netid.time -netgroup: netgroup.time -amd.home: amd.home.time -aliases: aliases.time -$(DIR)/passwd: -$(DIR)/group: -$(DIR)/hosts: -$(DIR)/ethers: -$(DIR)/networks: -$(DIR)/rpc: -$(DIR)/services: -$(DIR)/protocols: -$(DIR)/netid: -$(DIR)/master.passwd: -$(DIR)/netgroup: -$(DIR)/aliases: -$(AMDDIR)/amd.home: diff --git a/ypinit.tproj/ypinit.8 b/ypinit.tproj/ypinit.8 deleted file mode 100644 index b369db3..0000000 --- a/ypinit.tproj/ypinit.8 +++ /dev/null @@ -1,69 +0,0 @@ -.\" $OpenBSD: ypinit.8,v 1.1 1997/04/20 10:00:25 maja Exp $ -.\" Copyright (c) 1997 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Mats O Jansson -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd April 19, 1997 -.Dt YPINIT 8 -.Os -.Sh NAME -.Nm ypinit -.Nd create an YP server (master or slave) -.Sh SYNOPSIS -.Nm ypinit -.Fl m Op Ar domainname -.Nm ypinit -.Fl s Ar master_server Op Ar domainname -.Nm ypinit -.Fl u Op Ar domainname -.Sh DESCRIPTION -.Nm Ypinit -is the utiliy to setup an YP server, or changing the ypserver map. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl m -Setup a master YP server. If -.Ar domainname -is not given the default domainname will be used. -.It Fl s -Setup a slave YP server. -.Ar domainname -is not given the default domainname will be used. -.Ar master_server -must be a running YP master server. -.It Fl u -Update the ypserver map on a YP master server. If -.Ar domainname -is not given the default domainname will be used. -.El -.Sh SEE ALSO -.Xr yp 8 , -.Xr ypserv 8 -.Sh AUTHOR -Mats O Jansson diff --git a/ypinit.tproj/ypinit.sh b/ypinit.tproj/ypinit.sh deleted file mode 100644 index 854895e..0000000 --- a/ypinit.tproj/ypinit.sh +++ /dev/null @@ -1,402 +0,0 @@ -#!/bin/sh -# $Id: ypinit.sh,v 1.2 2002/03/26 14:38:48 epeyton Exp $ -# -# ypinit.sh - setup an master or slave server. -# -DOMAINNAME=/bin/domainname -HOSTNAME=/bin/hostname -YPWHICH=/usr/bin/ypwhich -YPXFR=/usr/sbin/ypxfr -YP_DIR=/var/yp -MAKEDBM=/usr/sbin/makedbm -ERROR_EXISTS="NO" -MAKE=bsdmake -umask 077 - -#set -xv - -ERROR=USAGE # assume usage error - -if [ $# -eq 1 ] -then - if [ $1 = "-m" ] # ypinit -m - then - DOMAIN=`${DOMAINNAME}` - SERVERTYPE=MASTER - ERROR= - fi - - if [ $1 = "-u" ] # ypinit -u - then - DOMAIN=`${DOMAINNAME}` - SERVERTYPE=UPDATE - ERROR= - fi -fi - -if [ $# -eq 2 ] -then - if [ $1 = "-m" ] # ypinit -m domainname - then - DOMAIN=${2} - SERVERTYPE=MASTER - ERROR= - fi - - if [ $1 = "-s" ] # ypinit -s master_server - then - DOMAIN=`${DOMAINNAME}` - SERVERTYPE=SLAVE - MASTER=${2} - ERROR= - fi - - if [ $1 = "-u" ] # ypinit -u domainname - then - DOMAIN=${2} - SERVERTYPE=UPDATE - ERROR= - fi -fi - -if [ $# -eq 3 ] -then - if [ $1 = "-s" ] # ypinit -s master_server domainname - then - DOMAIN=${3} - SERVERTYPE=SLAVE - MASTER=${2} - ERROR= - fi -fi - -if [ "${ERROR}" = "USAGE" ]; then - cat << \__usage 1>&2 -usage: ypinit -m [domainname] - ypinit -s master_server [domainname] - ypinit -u [domainname] - -The `-m' flag builds a master YP server, and the `-s' flag builds -a slave YP server. When building a slave YP server, `master_server' -must be an existing, reachable YP server. -The `-u' is for updating the ypservers map on a master server. -__usage - - exit 1 -fi - -# Check if domainname is set, don't accept an empty domainname -if [ -z "${DOMAIN}" ]; then - cat << \__no_domain 1>&2 -The local host's YP domain name has not been set. Please set it with -the domainname(8) command or pass the domain as an argument to ypinit(8). -__no_domain - - exit 1 -fi - -# Check if hostname is set, don't accept an empty hostname -HOST=`${HOSTNAME}` -if [ -z "${HOST}" ]; then - cat << \__no_hostname 1>&2 -The local host's hostname has not been set. Please set it with the -hostname(8) command. -__no_hostname - - exit 1 -fi - -# Check if we have contact with master. -if [ "${SERVERTYPE}" = "SLAVE" ]; -then - COUNT=`${YPWHICH} -d ${DOMAIN} -m 2>/dev/null | grep -i ${MASTER} | wc -l | tr -d " "` - if [ "$COUNT" = "0" ] - then - echo "Can't enumerate maps from ${MASTER}. Please check that it is running." 1>&2 - exit 1 - fi -fi - -# Check if user is root -ID=`id -u` -if [ "${ID}" != "0" ]; then - echo "You have to be the superuser to run this. Please login as root." 1>&2 - exit 1 -fi - -# Check if the YP directory exists. - -if [ ! -d ${YP_DIR} -o -f ${YP_DIR} ] -then - echo "The directory ${YP_DIR} doesn't exist. Restore it from the distribution." 1>&2 - exit 1 - -fi - -echo -n "Server Type: ${SERVERTYPE} Domain: ${DOMAIN}" -if [ "${SERVERTYPE}" = "SLAVE" ]; then - echo -n " Master: ${MASTER}" -fi -echo "" - -if [ "${SERVERTYPE}" != "UPDATE" ]; -then - cat << \__notice1 - -Creating an YP server will require that you answer a few questions. -Questions will all be asked at the beginning of the procedure. - -__notice1 - - echo -n "Do you want this procedure to quit on non-fatal errors? [y/n: n] " - read DOEXIT - - case ${DOEXIT} in - y*|Y*) - ERROR_EXIT="YES" - ;; - - *) ERROR_EXIT="NO" - echo "" - echo "Ok, please remember to go back and redo manually whatever fails." - echo "If you don't, something might not work. " - ;; - esac - - if [ -d "${YP_DIR}/${DOMAIN}" ]; then - echo "" - echo -n "Can we destroy the existing ${YP_DIR}/${DOMAIN} and its contents? [y/n: n] " - read KILL - - ERROR= - case ${KILL} in - y*|Y*) - ERROR="DELETE" - ;; - - *) ERROR= - ;; - esac - - if [ "${ERROR}" = "DELETE" ]; then - if ! rm -rf ${YP_DIR}/${DOMAIN}; then - echo "Can't clean up old directory ${YP_DIR}/${DOMAIN}." 1>&2 - exit 1 - fi - else - echo "OK, please clean it up by hand and start again. Bye" - exit 0 - fi - - fi - - if ! mkdir "${YP_DIR}/${DOMAIN}"; then - echo "Can't make new directory ${YP_DIR}/${DOMAIN}." 1>&2 - exit 1 - fi -fi - -if [ "${SERVERTYPE}" = "MASTER" ]; -then - - if [ ! -f ${YP_DIR}/Makefile ] - then - if [ ! -f ${YP_DIR}/Makefile.main ] - then - echo "Can't find ${YP_DIR}/Makefile.main. " 1>&2 - exit 1 - fi - cp ${YP_DIR}/Makefile.main ${YP_DIR}/Makefile - fi - - SUBDIR=`grep "^SUBDIR=" ${YP_DIR}/Makefile` - - if [ -z "${SUBDIR}" ] - then - echo "Can't find line starting with 'SUBDIR=' in ${YP_DIR}/Makefile. " 1>&2 - exit 1 - fi - - NEWSUBDIR="SUBDIR=" - for DIR in `echo ${SUBDIR} | cut -c8-255`; do - if [ ${DIR} != ${DOMAIN} ]; then - NEWSUBDIR="${NEWSUBDIR} ${DIR}" - fi - done - NEWSUBDIR="${NEWSUBDIR} ${DOMAIN}" - - if [ -f ${YP_DIR}/Makefile.tmp ]; then - rm ${YP_DIR}/Makefile.tmp - fi - - mv ${YP_DIR}/Makefile ${YP_DIR}/Makefile.tmp - sed -e "s/^${SUBDIR}/${NEWSUBDIR}/" ${YP_DIR}/Makefile.tmp > \ - ${YP_DIR}/Makefile - rm ${YP_DIR}/Makefile.tmp - - if [ ! -f ${YP_DIR}/Makefile.yp ]; then - echo "Can't find ${YP_DIR}/Makefile.yp. " 1>&2 - exit 1 - fi - - cp ${YP_DIR}/Makefile.yp ${YP_DIR}/${DOMAIN}/Makefile - -fi - -if [ "${SERVERTYPE}" = "SLAVE" ]; -then - - echo "There will be no further questions. The remainder of the procedure" - echo "should take a few minutes, to copy the databases from ${MASTER}." - - for MAP in `${YPWHICH} -d ${DOMAIN} -m | cut -d\ -f1` - do - echo "Transfering ${MAP}..." - if ! ${YPXFR} -h ${MASTER} -c -d ${DOMAIN} ${MAP}; then - echo "Can't transfer map ${MAP}." 1>&2 - ERROR_EXISTS="YES" - if [ "${ERROR_EXIT}" = "YES" ]; then - exit 1 - fi - fi - done - - echo "" - if [ "${ERROR_EXISTS}" = "YES" ]; then - echo "${HOST} has been setup as an YP slave server with errors. " 1>&2 - echo "Please remember fix any problem that occurred." 1>&2 - else - echo "${HOST} has been setup as an YP slave server without any errors. " - fi - - echo "Don't forget to update map ypservers on ${MASTER}." - exit 0 -fi - -LIST_OK="NO" - -while [ "${LIST_OK}" = "NO" ]; -do - - if [ "${SERVERTYPE}" = "MASTER" ]; - then - HOST_LIST="${HOST}" - echo "" - echo "At this point, we have to construct a list of this domains YP servers." - echo "${HOST} is already known as master server." - echo "Please continue to add any slave servers, one per line. When you are" - echo "done with the list, type a ." - echo " master server : ${HOST}" - fi - - if [ "${SERVERTYPE}" = "UPDATE" ]; - then - HOST_LIST="${HOST}" - NEW_LIST="" - MASTER_NAME="" - SHORT_HOST=`echo ${HOST} | cut -d. -f1` - if [ -f ${YP_DIR}/${DOMAIN}/ypservers.db ]; - then - for srv in `${MAKEDBM} -u ${YP_DIR}/${DOMAIN}/ypservers | grep -v "^YP" | tr "\t" " " | cut -d\ -f1`; - do - short_srv=`echo ${srv} | cut -d. -f1` - if [ "${SHORT_HOST}" != "${short_srv}" ] - then - if [ "${NEW_LIST}" = "" ]; - then - NEW_LIST="${srv}" - else - NEW_LIST="${NEW_LIST} ${srv}" - fi - fi - done; - MASTER_NAME=`${MAKEDBM} -u ${YP_DIR}/${DOMAIN}/ypservers | grep "^YP_MASTER_NAME" | tr "\t" " " | cut -d\ -f2` - fi - echo "" - echo "Update the list of hosts running YP servers in domain ${DOMAIN}." - echo "Master for this domain is ${MASTER_NAME}." - echo "" - echo "First verify old servers, type \\ to remove a server." - echo "Then add new servers, one per line. When done type a ." - echo "" - echo " master server : ${HOST}" - if [ "${NEW_LIST}" != "" ]; then - for node in $NEW_LIST; do - echo -n " verify host : [${node}] " - read verify - if [ "${verify}" != "\\" ]; then - HOST_LIST="${HOST_LIST} ${node}" - fi - done; - fi - fi - - echo -n " next host to add: " - - while read h - do - echo -n " next host to add: " - HOST_LIST="${HOST_LIST} ${h}" - done - - echo "" - echo "The current list of NIS servers looks like this:" - echo "" - - for h in `echo ${HOST_LIST}`; - do - echo ${h} - done - - echo "" - echo -n "Is this correct? [y/n: y] " - read hlist_ok - - case $hlist_ok in - n*) echo "Let's try the whole thing again...";; - N*) echo "Let's try the whole thing again...";; - *) LIST_OK="YES";; - esac - -done - -echo "Building ${YP_DIR}/${DOMAIN}/ypservers..." -for host in ${HOST_LIST}; -do - echo "${host} ${host}" -done | ${MAKEDBM} - ${YP_DIR}/${DOMAIN}/ypservers - -if [ $? -ne 0 ]; then - echo "" 1>&2 - echo "Couldn't build yp data base ${YP_DIR}/${DOMAIN}/ypservers." 1>&2 - ERROR_EXISTS="YES" - if [ "${ERROR_EXIT}" = "YES" ]; then - exit 1 - fi -fi - -if [ "${SERVERTYPE}" = "MASTER" ]; then - - CUR_PWD=`pwd` - cd ${YP_DIR}/${DOMAIN} - echo "Running ${YP_DIR}/${DOMAIN}/Makefile..." - if ! ${MAKE} NOPUSH=1; then - echo "" 1>&2 - echo "Error running Makefile." 1>&2 - ERROR_EXISTS="YES" - if [ "${ERROR_EXIT}" = "YES" ]; then - exit 1 - fi - fi - - cd ${CUR_PWD} - - echo "" - if [ "${ERROR_EXISTS}" = "YES" ]; then - echo "${HOST} has been setup as an YP master server with errors. " 1>&2 - echo "Please remember fix any problem that occurred." 1>&2 - else - echo "${HOST} has been setup as an YP master server without any errors. " - fi - -fi diff --git a/ypmatch.tproj/Makefile b/ypmatch.tproj/Makefile deleted file mode 100644 index 7057431..0000000 --- a/ypmatch.tproj/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = ypmatch - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = ypmatch.c - -OTHERSRCS = Makefile.dist Makefile.preamble Makefile.postamble ypmatch.1 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /usr/bin -PDO_UNIX_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/ypmatch.tproj/Makefile.dist b/ypmatch.tproj/Makefile.dist deleted file mode 100644 index 20c7617..0000000 --- a/ypmatch.tproj/Makefile.dist +++ /dev/null @@ -1,6 +0,0 @@ -# from: @(#)Makefile 5.8 (Berkeley) 7/28/90 -# $Id: Makefile.dist,v 1.1 1999/05/02 03:59:02 wsanchez Exp $ - -PROG= ypmatch - -.include diff --git a/ypmatch.tproj/Makefile.postamble b/ypmatch.tproj/Makefile.postamble deleted file mode 100644 index 0743916..0000000 --- a/ypmatch.tproj/Makefile.postamble +++ /dev/null @@ -1,103 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -after_install: - $(MKDIR) -p $(DSTROOT)/usr/share/man/man1 - $(CP) ypmatch.1 $(DSTROOT)/usr/share/man/man1/ diff --git a/ypmatch.tproj/Makefile.preamble b/ypmatch.tproj/Makefile.preamble deleted file mode 100644 index a59ea45..0000000 --- a/ypmatch.tproj/Makefile.preamble +++ /dev/null @@ -1,4 +0,0 @@ -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include - -AFTER_INSTALL = after_install diff --git a/ypmatch.tproj/PB.project b/ypmatch.tproj/PB.project deleted file mode 100644 index 2b3516c..0000000 --- a/ypmatch.tproj/PB.project +++ /dev/null @@ -1,36 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (); - M_FILES = (); - OTHER_LINKED = (ypmatch.c); - OTHER_SOURCES = (Makefile.dist, Makefile.preamble, ypmatch.1); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = ypmatch; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/ypmatch.tproj/ypmatch.1 b/ypmatch.tproj/ypmatch.1 deleted file mode 100644 index 43d8721..0000000 --- a/ypmatch.tproj/ypmatch.1 +++ /dev/null @@ -1,71 +0,0 @@ -.\" Copyright (c) 1993 Winning Strategies, Inc. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Winning Strategies, Inc. -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $Id: ypmatch.1,v 1.1 1999/05/02 03:59:02 wsanchez Exp $ -.\" -.Dd December 3, 1993 -.Dt YPMATCH 1 -.Os -.Sh NAME -.Nm ypmatch -.Nd "print the values of one or more keys in a YP database" -.Sh SYNOPSIS -.Nm ypmatch -.Op Fl kt -.Op Fl d Ar domainname -.Ar key ... -.Ar mapname -.Nm ypmatch -.Fl x -.Sh DESCRIPTION -.Nm Ypmatch -prints out the values of one or more keys from the -.Tn YP -database specified by -.Ar mapname, -which may be a map name or a map nickname. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl d Ar domainname -Specify a domain other than the default domain. -.It Fl k -Display map keys. -This option is useful with maps in which the values are null or the key -is not part of the value. -.It Fl t -Inhibit translation of map nicknames -to their corresponding map names. -.It Fl x -Display the map nickname table. -.El -.Sh SEE ALSO -.Xr ypcat 1 , -.Xr yp 8 -.Sh AUTHOR -Theo De Raadt diff --git a/ypmatch.tproj/ypmatch.c b/ypmatch.tproj/ypmatch.c deleted file mode 100644 index b981157..0000000 --- a/ypmatch.tproj/ypmatch.c +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1992, 1993 Theo de Raadt - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Theo de Raadt. - * 4. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$Id: ypmatch.c,v 1.1 1999/05/02 03:59:02 wsanchez Exp $"; -#endif - -#include -#include -#include -#include -#include - -#include -#include -#include -#include - -struct ypalias { - char *alias, *name; -} ypaliases[] = { - { "passwd", "passwd.byname" }, - { "group", "group.byname" }, - { "networks", "networks.byaddr" }, - { "hosts", "hosts.byname" }, - { "protocols", "protocols.bynumber" }, - { "services", "services.byname" }, - { "aliases", "mail.aliases" }, - { "ethers", "ethers.byname" }, -}; - -usage() -{ - fprintf(stderr, "Usage:\n"); - fprintf(stderr, "\typmatch [-d domain] [-t] [-k] key [key ...] mname\n"); - fprintf(stderr, "\typmatch -x\n"); - fprintf(stderr, "where\n"); - fprintf(stderr, "\tmname may be either a mapname or a nickname for a map\n"); - fprintf(stderr, "\t-t inhibits map nickname translation\n"); - fprintf(stderr, "\t-k prints keys as well as values.\n"); - fprintf(stderr, "\t-x dumps the map nickname translation table.\n"); - exit(1); -} - -int -main(argc, argv) -char **argv; -{ - char *domainname; - char *inkey, *inmap, *outbuf; - extern char *optarg; - extern int optind; - int outbuflen, key, notrans; - int c, r, i; - - notrans = key = 0; - yp_get_default_domain(&domainname); - - while( (c=getopt(argc, argv, "xd:kt")) != -1) - switch(c) { - case 'x': - for(i=0; i diff --git a/yppoll.tproj/Makefile.postamble b/yppoll.tproj/Makefile.postamble deleted file mode 100644 index 4ab14c9..0000000 --- a/yppoll.tproj/Makefile.postamble +++ /dev/null @@ -1,103 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -after_install: - mkdir -p "$(DSTROOT)/usr/share/man/man8" - install -c -m 644 yppoll.8 "$(DSTROOT)/usr/share/man/man8/yppoll.8" diff --git a/yppoll.tproj/Makefile.preamble b/yppoll.tproj/Makefile.preamble deleted file mode 100644 index cdcdf89..0000000 --- a/yppoll.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include -AFTER_INSTALL = after_install diff --git a/yppoll.tproj/PB.project b/yppoll.tproj/PB.project deleted file mode 100644 index 3605f58..0000000 --- a/yppoll.tproj/PB.project +++ /dev/null @@ -1,36 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (); - M_FILES = (); - OTHER_LINKED = (yppoll.c); - OTHER_SOURCES = (Makefile.dist, Makefile.preamble, yppoll.8, Makefile.postamble); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/sbin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = yppoll; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/sbin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/yppoll.tproj/yppoll.8 b/yppoll.tproj/yppoll.8 deleted file mode 100644 index 16472f1..0000000 --- a/yppoll.tproj/yppoll.8 +++ /dev/null @@ -1,63 +0,0 @@ -.\" Copyright (c) 1994 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. The name of the author may not be used to endorse or promote -.\" products derived from this software without specific prior written -.\" permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: yppoll.8,v 1.1 1999/05/02 03:59:03 wsanchez Exp $ -.\" -.Dd August 18, 1994 -.Dt YPPOLL 8 -.Os NetBSD -.Sh NAME -.Nm yppoll -.Nd get version of a YP map from YP server -.Sh SYNOPSIS -.Nm yppoll -.Op Fl h Ar host -.Op Fl d Ar domainname -.Ar mapname -.Sh DESCRIPTION -.Nm yppoll -is used to get information of a maps order number and master server. -This utility is useful when determining if different servers have the -same version of a map. -.Nm yppoll -normally talks with the default -.Xr ypserv 8 -process, but by using the -.Fl h -option it is possible to talk with a specific server. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl d Ar domain -Don't use default domain, use the specified domain. -.It Fl h Ar host -Get map information from host instead of the default YP server. -.El -.Sh SEE ALSO -.Xr ypserv 8 -.Sh AUTHOR -Theo de Raadt, John Brezak and Mats O Jansson diff --git a/yppoll.tproj/yppoll.c b/yppoll.tproj/yppoll.c deleted file mode 100644 index f107840..0000000 --- a/yppoll.tproj/yppoll.c +++ /dev/null @@ -1,210 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1992, 1993 Theo de Raadt - * Copyright (c) 1992, 1993 John Brezak - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Theo de Raadt and - * John Brezak. - * 4. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char rcsid[] = "$Id: yppoll.c,v 1.1 1999/05/02 03:59:03 wsanchez Exp $"; -#endif /* not lint */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include - -void -usage() -{ - fprintf(stderr, "Usage:\n"); - fprintf(stderr, "\typpoll [-h host] [-d domainname] mapname\n"); - exit(1); -} - -int -get_remote_info(indomain, inmap, server, outorder, outname) - char *indomain; - char *inmap; - char *server; - int *outorder; - char **outname; -{ - struct ypresp_order ypro; - struct ypresp_master yprm; - struct ypreq_nokey yprnk; - struct timeval tv; - int r; - struct sockaddr_in rsrv_sin; - int rsrv_sock; - CLIENT *client; - struct hostent *h; - - bzero((char *)&rsrv_sin, sizeof rsrv_sin); - rsrv_sin.sin_len = sizeof rsrv_sin; - rsrv_sin.sin_family = AF_INET; - rsrv_sock = RPC_ANYSOCK; - - h = gethostbyname(server); - if (h == NULL) { - if (inet_aton(server, &rsrv_sin.sin_addr) == 0) { - fprintf(stderr, "unknown host %s\n", server); - exit(1); - } - } else { - rsrv_sin.sin_addr.s_addr = *(u_long *)h->h_addr; - } - - tv.tv_sec = 10; - tv.tv_usec = 0; - - client = clntudp_create(&rsrv_sin, YPPROG, YPVERS, tv, &rsrv_sock); - if (client == NULL) { - fprintf(stderr, "clntudp_create: no contact with host %s.\n", - server); - exit(1); - } - - yprnk.domain = indomain; - yprnk.map = inmap; - - bzero((char *)(char *)&ypro, sizeof ypro); - - r = clnt_call(client, YPPROC_ORDER, xdr_ypreq_nokey, &yprnk, - xdr_ypresp_order, &ypro, tv); - if (r != RPC_SUCCESS) - clnt_perror(client, "yp_order: clnt_call"); - - *outorder = ypro.ordernum; - xdr_free(xdr_ypresp_order, (char *)&ypro); - - r = ypprot_err(ypro.status); - if (r == RPC_SUCCESS) { - bzero((char *)&yprm, sizeof yprm); - - r = clnt_call(client, YPPROC_MASTER, xdr_ypreq_nokey, - &yprnk, xdr_ypresp_master, &yprm, tv); - if (r != RPC_SUCCESS) - clnt_perror(client, "yp_master: clnt_call"); - r = ypprot_err(yprm.status); - if (r==0) - *outname = (char *)strdup(yprm.master); - xdr_free(xdr_ypresp_master, (char *)&yprm); - } - clnt_destroy(client); - return r; -} - -int -main(argc, argv) - int argc; - char **argv; -{ - char *domainname; - char *hostname = NULL; - char *inmap, *master; - int order; - extern char *optarg; - extern int optind; - int c, r; - - yp_get_default_domain(&domainname); - - while ((c=getopt(argc, argv, "h:d:?")) != -1) - switch (c) { - case 'd': - domainname = optarg; - break; - case 'h': - hostname = optarg; - break; - default: - usage(); - /*NOTREACHED*/ - } - - if (optind + 1 != argc ) - usage(); - inmap = argv[optind]; - - if (hostname != NULL) { - r = get_remote_info(domainname, inmap, hostname, - &order, &master); - } else { - r = yp_order(domainname, inmap, &order); - if (r == 0) - r = yp_master(domainname, inmap, &master); - } - - if (r != 0) { - fprintf(stderr, "No such map %s. Reason: %s\n", - inmap, yperr_string(r)); - exit(1); - } - - printf("Map %s has order number %d. %s", inmap, order, - ctime((time_t *)&order)); - printf("The master server is %s.\n", master); - exit(0); -} diff --git a/yppush.tproj/Makefile b/yppush.tproj/Makefile deleted file mode 100644 index ed8971f..0000000 --- a/yppush.tproj/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = yppush - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = yppush.h ypdb.h yplib_host.h ypdef.h - -CFILES = ypdb.c yplib_host.c yppush.c yppush_err.c yppush_proc.c\ - yppush_svc.c yppush_xdr.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble yppush.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/yppush.tproj/Makefile.postamble b/yppush.tproj/Makefile.postamble deleted file mode 100644 index 9cff531..0000000 --- a/yppush.tproj/Makefile.postamble +++ /dev/null @@ -1,104 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S -STRIPFLAGS = - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -after_install: - mkdir -p "$(DSTROOT)/usr/share/man/man8" - install -c -m 644 yppush.8 "$(DSTROOT)/usr/share/man/man8/yppush.8" diff --git a/yppush.tproj/Makefile.preamble b/yppush.tproj/Makefile.preamble deleted file mode 100644 index 3d12277..0000000 --- a/yppush.tproj/Makefile.preamble +++ /dev/null @@ -1,124 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. <> -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSION: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO -AFTER_INSTALL = after_install diff --git a/yppush.tproj/PB.project b/yppush.tproj/PB.project deleted file mode 100644 index f91db95..0000000 --- a/yppush.tproj/PB.project +++ /dev/null @@ -1,35 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (yppush.h, ypdb.h, yplib_host.h, ypdef.h); - OTHER_LIBS = (); - OTHER_LINKED = ( - ypdb.c, - yplib_host.c, - yppush.c, - yppush_err.c, - yppush_proc.c, - yppush_svc.c, - yppush_xdr.c - ); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, yppush.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = yppush; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/yppush.tproj/ypdb.c b/yppush.tproj/ypdb.c deleted file mode 100644 index c9bd178..0000000 --- a/yppush.tproj/ypdb.c +++ /dev/null @@ -1,297 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdb.c,v 1.5 1997/02/09 09:49:36 maja Exp $ */ - -/* - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * This code is derived from ndbm module of BSD4.4 db (hash) by - * Mats O Jansson - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include "ypdb.h" - -#ifdef YPDB_PATCH -extern DBM *__hash_open(); -#else -extern DBM *__bt_open(); -#endif - -/* - * Returns: - * *DBM on success - * NULL on failure - */ - -extern DBM * -ypdb_open(file, flags, mode) - const char *file; - int flags, mode; -{ -#ifdef YPDB_PATCH - HASHINFO info; - char path[MAXPATHLEN]; - - info.bsize = 4096; - info.ffactor = 40; - info.nelem = 1; - info.cachesize = NULL; - info.hash = NULL; - info.lorder = 0; - snprintf(path, sizeof(path), "%s%s", file, YPDB_SUFFIX); - return ((DBM *)__hash_open(path, flags, mode, &info, 0)); -#else - BTREEINFO info; - char path[MAXPATHLEN]; - DBM *db; - - info.flags = 0; - info.cachesize = 0; - info.maxkeypage = 0; - info.minkeypage = 0; - info.psize = 0; - info.compare = NULL; - info.prefix = NULL; - info.lorder = 0; - snprintf(path, sizeof(path), "%s%s", file, YPDB_SUFFIX); - db = (DBM *)__bt_open(path, flags, mode, &info, 0); - return (db); -#endif -} - -/* - * Returns: - * *DBM on success - * NULL on failure - */ - -extern DBM * -ypdb_open_suf(file, flags, mode) - const char *file; - int flags, mode; -{ -#ifdef YPDB_PATCH - HASHINFO info; - - info.bsize = 4096; - info.ffactor = 40; - info.nelem = 1; - info.cachesize = NULL; - info.hash = NULL; - info.lorder = 0; - return ((DBM *)__hash_open(file, flags, mode, &info, 0)); -#else - BTREEINFO info; - DBM *db; - - info.flags = 0; - info.cachesize = 0; - info.maxkeypage = 0; - info.minkeypage = 0; - info.psize = 0; - info.compare = NULL; - info.prefix = NULL; - info.lorder = 0; - db = (DBM *)__bt_open(file, flags, mode, &info, 0); - return (db); -#endif -} - -extern void -ypdb_close(db) - DBM *db; -{ - (void)(db->close)(db); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_fetch(db, key) - DBM *db; - datum key; -{ - datum retval; - int status; - - status = (db->get)(db, (DBT *)&key, (DBT *)&retval, 0); - if (status) { - retval.dptr = NULL; - retval.dsize = 0; - } - return (retval); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_firstkey(db) - DBM *db; -{ - int status; - datum retdata, retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST); - if (status) - retkey.dptr = NULL; - return (retkey); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_nextkey(db) - DBM *db; -{ - int status; - datum retdata, retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT); - if (status) - retkey.dptr = NULL; - return (retkey); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_setkey(db, key) - DBM *db; - datum key; -{ - int status; - datum retdata; -#ifdef YPDB_PATCH - datum retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST); - if (status) - retkey.dptr = NULL; - while ((retkey.dptr != NULL) && - ((retkey.dsize != key.dsize) || - (strncmp(key.dptr,retkey.dptr,retkey.dsize) != 0))) { - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT); - if (status) - retkey.dptr = NULL; - }; - return (retkey); -#else - status = (db->seq)(db, (DBT *)&key, (DBT *)&retdata, R_CURSOR); - if (status) - key.dptr = NULL; - return (key); -#endif -} - -/* - * Returns: - * 0 on success - * <0 failure - */ - -int -ypdb_delete(db, key) - DBM *db; - datum key; -{ - int status; - - status = (db->del)(db, (DBT *)&key, 0); - if (status) - return (-1); - else - return (0); -} - -/* - * Returns: - * 0 on success - * <0 failure - * 1 if YPDB_INSERT and entry exists - */ - -int -ypdb_store(db, key, content, flags) - DBM *db; - datum key, content; - int flags; -{ - return ((db->put)(db, (DBT *)&key, (DBT *)&content, - (flags == YPDB_INSERT) ? R_NOOVERWRITE : 0)); -} - diff --git a/yppush.tproj/ypdb.h b/yppush.tproj/ypdb.h deleted file mode 100644 index 45b0a7f..0000000 --- a/yppush.tproj/ypdb.h +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdb.h,v 1.5 1997/02/09 09:49:37 maja Exp $ */ - -/* - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * This code is derived from ndbm module of BSD4.4 db (hash) by - * Mats O Jansson - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPDB_H_ -#define _YPDB_H_ - -#ifndef _DB_H_ -#include -#endif - -#define YPDB_SUFFIX ".db" - -/* Flags to ypdb_store(). */ -#define YPDB_INSERT 0 -#define YPDB_REPLACE 1 - -#ifndef DATUM -typedef struct { - char *dptr; - int dsize; -} datum; -#define DATUM -#endif - -typedef DB DBM; - -__BEGIN_DECLS -void ypdb_close __P((DBM *)); -datum ypdb_fetch __P((DBM *, datum)); -datum ypdb_firstkey __P((DBM *)); -datum ypdb_nextkey __P((DBM *)); -datum ypdb_setkey __P((DBM *, datum)); -DBM *ypdb_open __P((const char *, int, int)); -DBM *ypdb_open_suf __P((const char *, int, int)); -int ypdb_store __P((DBM *, datum, datum, int)); -__END_DECLS - -#endif /* !_YPDB_H_ */ diff --git a/yppush.tproj/ypdef.h b/yppush.tproj/ypdef.h deleted file mode 100644 index 89970d7..0000000 --- a/yppush.tproj/ypdef.h +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdef.h,v 1.6 1997/03/30 20:51:14 maja Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPDEF_H_ -#define _YPDEF_H_ - -#define YP_DB_PATH "/var/yp" -#define YP_LAST_KEY "YP_LAST_MODIFIED" -#define YP_LAST_LEN (sizeof(YP_LAST_KEY)-1) -#define YP_INPUT_KEY "YP_INPUT_FILE" -#define YP_INPUT_LEN (sizeof(YP_INPUT_KEY)-1) -#define YP_OUTPUT_KEY "YP_OUTPUT_FILE" -#define YP_OUTPUT_LEN (sizeof(YP_OUTPUT_KEY)-1) -#define YP_MASTER_KEY "YP_MASTER_NAME" -#define YP_MASTER_LEN (sizeof(YP_MASTER_KEY)-1) -#define YP_DOMAIN_KEY "YP_DOMAIN_NAME" -#define YP_DOMAIN_LEN (sizeof(YP_DOMAIN_KEY)-1) -#define YP_INTERDOMAIN_KEY "YP_INTERDOMAIN" -#define YP_INTERDOMAIN_LEN (sizeof(YP_INTERDOMAIN_KEY)-1) -#define YP_SECURE_KEY "YP_SECURE" -#define YP_SECURE_LEN (sizeof(YP_SECURE_KEY)-1) - -#define MAX_LAST_LEN 10 -#define MAX_MASTER_LEN 255 -#define YP_HOSTNAME "hosts.byname" -#define YP_HOSTADDR "hosts.byaddr" - -#ifndef TRUE -#define TRUE 1 -#endif - -#ifndef FALSE -#define FALSE 0 -#endif - -#define YPXFR_PROC "/usr/sbin/ypxfr" -#define YPPUSH_PROC "/usr/sbin/yppush" -#define YPSERV_PID_PATH "/var/run/ypserv.pid" -#define YP_SECURENET_FILE "/var/yp/securenet" - -#endif /* !_YPDEF_H_ */ diff --git a/yppush.tproj/yplib_host.c b/yppush.tproj/yplib_host.c deleted file mode 100644 index 70b914b..0000000 --- a/yppush.tproj/yplib_host.c +++ /dev/null @@ -1,427 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yplib_host.c,v 1.7 1997/06/23 01:11:12 deraadt Exp $ */ - -/* - * Copyright (c) 1992, 1993 Theo de Raadt - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Theo de Raadt. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char *rcsid = "$OpenBSD: yplib_host.c,v 1.7 1997/06/23 01:11:12 deraadt Exp $"; -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -extern bool_t xdr_domainname(), xdr_ypbind_resp(); -extern bool_t xdr_ypreq_key(), xdr_ypresp_val(); -extern bool_t xdr_ypreq_nokey(), xdr_ypresp_key_val(); -extern bool_t xdr_ypresp_all(), xdr_ypresp_all_seq(); -extern bool_t xdr_ypresp_master(); - -extern int (*ypresp_allfn)(); -extern void *ypresp_data; - -int _yplib_host_timeout = 10; - -CLIENT * -yp_bind_host(server,program,version,port,usetcp) -char *server; -u_long program,version; -u_short port; -int usetcp; -{ - struct sockaddr_in rsrv_sin; - int rsrv_sock; - struct hostent *h; - struct timeval tv; - static CLIENT *client; - - memset(&rsrv_sin, 0, sizeof rsrv_sin); - rsrv_sin.sin_len = sizeof rsrv_sin; - rsrv_sin.sin_family = AF_INET; - rsrv_sock = RPC_ANYSOCK; - if (port != 0) { - rsrv_sin.sin_port = htons(port); - } - - if ((*server >= '0') && (*server <= '9')) { - if(inet_aton(server,&rsrv_sin.sin_addr) == 0) { - fprintf(stderr, "inet_aton: invalid address %s.\n", - server); - exit(1); - } - } else { - h = gethostbyname(server); - if(h == NULL) { - fprintf(stderr, "gethostbyname: unknown host %s.\n", - server); - exit(1); - } - rsrv_sin.sin_addr.s_addr = *(u_int32_t *)h->h_addr; - } - - tv.tv_sec = 10; - tv.tv_usec = 0; - - if (usetcp) { - client = clnttcp_create(&rsrv_sin, program, version, - &rsrv_sock, 0, 0); - } else { - client = clntudp_create(&rsrv_sin, program, version, tv, - &rsrv_sock); - } - - if (client == NULL) { - fprintf(stderr, "clntudp_create: no contact with host %s.\n", - server); - exit(1); - } - - return(client); - -} - -CLIENT * -yp_bind_local(program,version) -u_long program,version; -{ - struct sockaddr_in rsrv_sin; - int rsrv_sock; - struct timeval tv; - static CLIENT *client; - - memset(&rsrv_sin, 0, sizeof rsrv_sin); - rsrv_sin.sin_len = sizeof rsrv_sin; - rsrv_sin.sin_family = AF_INET; - rsrv_sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - rsrv_sock = RPC_ANYSOCK; - - tv.tv_sec = 10; - tv.tv_usec = 0; - - client = clntudp_create(&rsrv_sin, program, version, tv, &rsrv_sock); - if (client == NULL) { - fprintf(stderr,"clntudp_create: no contact with localhost.\n"); - exit(1); - } - - return(client); - -} - -int -yp_match_host(client, indomain, inmap, inkey, inkeylen, outval, outvallen) -CLIENT *client; -char *indomain; -char *inmap; -const char *inkey; -int inkeylen; -char **outval; -int *outvallen; -{ - struct ypresp_val yprv; - struct timeval tv; - struct ypreq_key yprk; - int r; - - *outval = NULL; - *outvallen = 0; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprk.domain = indomain; - yprk.map = inmap; - yprk.key.keydat_val = (char *)inkey; - yprk.key.keydat_len = inkeylen; - - memset(&yprv, 0, sizeof yprv); - - r = clnt_call(client, YPPROC_MATCH, - xdr_ypreq_key, &yprk, xdr_ypresp_val, &yprv, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_match_host: clnt_call"); - } - if( !(r=ypprot_err(yprv.stat)) ) { - *outvallen = yprv.val.valdat_len; - *outval = (char *)malloc(*outvallen+1); - memcpy(*outval, yprv.val.valdat_val, *outvallen); - (*outval)[*outvallen] = '\0'; - } - xdr_free(xdr_ypresp_val, (char *)&yprv); - return r; -} - -int -yp_first_host(client, indomain, inmap, outkey, outkeylen, outval, outvallen) -CLIENT *client; -char *indomain; -char *inmap; -char **outkey; -int *outkeylen; -char **outval; -int *outvallen; -{ - struct ypresp_key_val yprkv; - struct ypreq_nokey yprnk; - struct timeval tv; - int r; - - *outkey = *outval = NULL; - *outkeylen = *outvallen = 0; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprnk.domain = indomain; - yprnk.map = inmap; - memset(&yprkv, 0, sizeof yprkv); - - r = clnt_call(client, YPPROC_FIRST, - xdr_ypreq_nokey, &yprnk, xdr_ypresp_key_val, &yprkv, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_first_host: clnt_call"); - } - if( !(r=ypprot_err(yprkv.stat)) ) { - *outkeylen = yprkv.key.keydat_len; - *outkey = (char *)malloc(*outkeylen+1); - memcpy(*outkey, yprkv.key.keydat_val, *outkeylen); - (*outkey)[*outkeylen] = '\0'; - *outvallen = yprkv.val.valdat_len; - *outval = (char *)malloc(*outvallen+1); - memcpy(*outval, yprkv.val.valdat_val, *outvallen); - (*outval)[*outvallen] = '\0'; - } - xdr_free(xdr_ypresp_key_val, (char *)&yprkv); - return r; -} - -int -yp_next_host(client, indomain, inmap, inkey, inkeylen, outkey, outkeylen, outval, outvallen) -CLIENT *client; -char *indomain; -char *inmap; -char *inkey; -int inkeylen; -char **outkey; -int *outkeylen; -char **outval; -int *outvallen; -{ - struct ypresp_key_val yprkv; - struct ypreq_key yprk; - struct timeval tv; - int r; - - *outkey = *outval = NULL; - *outkeylen = *outvallen = 0; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprk.domain = indomain; - yprk.map = inmap; - yprk.key.keydat_val = inkey; - yprk.key.keydat_len = inkeylen; - memset(&yprkv, 0, sizeof yprkv); - - r = clnt_call(client, YPPROC_NEXT, - xdr_ypreq_key, &yprk, xdr_ypresp_key_val, &yprkv, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_next_host: clnt_call"); - } - if( !(r=ypprot_err(yprkv.stat)) ) { - *outkeylen = yprkv.key.keydat_len; - *outkey = (char *)malloc(*outkeylen+1); - memcpy(*outkey, yprkv.key.keydat_val, *outkeylen); - (*outkey)[*outkeylen] = '\0'; - *outvallen = yprkv.val.valdat_len; - *outval = (char *)malloc(*outvallen+1); - memcpy(*outval, yprkv.val.valdat_val, *outvallen); - (*outval)[*outvallen] = '\0'; - } - xdr_free(xdr_ypresp_key_val, (char *)&yprkv); - return r; -} - -int -yp_all_host(client, indomain, inmap, incallback) -CLIENT *client; -char *indomain; -char *inmap; -struct ypall_callback *incallback; -{ - struct ypreq_nokey yprnk; - struct timeval tv; - u_long status; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprnk.domain = indomain; - yprnk.map = inmap; - ypresp_allfn = incallback->foreach; - ypresp_data = (void *)incallback->data; - - (void) clnt_call(client, YPPROC_ALL, - xdr_ypreq_nokey, &yprnk, xdr_ypresp_all_seq, &status, tv); - xdr_free(xdr_ypresp_all_seq, (char *)&status); /* not really needed... */ - - if(status != YP_FALSE) - return ypprot_err(status); - return 0; -} - -int -yp_order_host(client, indomain, inmap, outorder) -CLIENT *client; -char *indomain; -char *inmap; -u_int32_t *outorder; -{ - struct ypresp_order ypro; - struct ypreq_nokey yprnk; - struct timeval tv; - int r; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprnk.domain = indomain; - yprnk.map = inmap; - - memset(&ypro, 0, sizeof ypro); - - r = clnt_call(client, YPPROC_ORDER, - xdr_ypreq_nokey, &yprnk, xdr_ypresp_order, &ypro, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_order_host: clnt_call"); - } - - *outorder = ypro.ordernum; - xdr_free(xdr_ypresp_order, (char *)&ypro); - return ypprot_err(ypro.stat); -} - -int -yp_master_host(client, indomain, inmap, outname) -CLIENT *client; -char *indomain; -char *inmap; -char **outname; -{ - struct ypresp_master yprm; - struct ypreq_nokey yprnk; - struct timeval tv; - int r; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprnk.domain = indomain; - yprnk.map = inmap; - - memset(&yprm, 0, sizeof yprm); - - r = clnt_call(client, YPPROC_MASTER, - xdr_ypreq_nokey, &yprnk, xdr_ypresp_master, &yprm, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_master: clnt_call"); - } - if( !(r=ypprot_err(yprm.stat)) ) { - *outname = (char *)strdup(yprm.peer); - } - xdr_free(xdr_ypresp_master, (char *)&yprm); - return r; -} - -int -yp_maplist_host(client, indomain, outmaplist) -CLIENT *client; -char *indomain; -struct ypmaplist **outmaplist; -{ - struct ypresp_maplist ypml; - struct timeval tv; - int r; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - memset(&ypml, 0, sizeof ypml); - - r = clnt_call(client, YPPROC_MAPLIST, - xdr_domainname, &indomain, xdr_ypresp_maplist, &ypml, tv); - if (r != RPC_SUCCESS) { - clnt_perror(client, "yp_maplist: clnt_call"); - } - *outmaplist = ypml.maps; - /* NO: xdr_free(xdr_ypresp_maplist, &ypml);*/ - return ypprot_err(ypml.stat); -} - diff --git a/yppush.tproj/yplib_host.h b/yppush.tproj/yplib_host.h deleted file mode 100644 index 038fb68..0000000 --- a/yppush.tproj/yplib_host.h +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yplib_host.h,v 1.4 1997/05/01 22:14:45 niklas Exp $ */ - -/* - * Copyright (c) 1992, 1993 Theo de Raadt - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Theo de Raadt. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPLIB_HOST_H_ -#define _YPLIB_HOST_H_ - -int yp_match_host __P((CLIENT *client, char *indomain, char *inmap, - const char *inkey, int inkeylen, char **outval, - int *outvallen)); -int yp_first_host __P((CLIENT *client, char *indomain, char *inmap, - char **outkey, int *outkeylen, char **outval, - int *outvallen)); -int yp_next_host __P((CLIENT *client, char *indomain, char *inmap, - char *inkey, int inkeylen, char **outkey, - int *outkeylen, char **outval, int *outvallen)); -int yp_master_host __P((CLIENT *client, - char *indomain, char *inmap, char **outname)); -int yp_order_host __P((CLIENT *client, - char *indomain, char *inmap, u_int32_t *outorder)); -int yp_all_host __P((CLIENT *client, char *indomain, char *inmap, - struct ypall_callback *incallback)); -int yp_maplist_host __P((CLIENT *client, char *indomain, - struct ypmaplist **outmaplist)); -CLIENT *yp_bind_local __P((u_long program, u_long version)); -CLIENT *yp_bind_host __P((char *server, u_long program, u_long version, - u_short port, int usetcp)); - -#endif /* _YPLIB_HOST_H_ */ - diff --git a/yppush.tproj/yppush.8 b/yppush.tproj/yppush.8 deleted file mode 100644 index 2777199..0000000 --- a/yppush.tproj/yppush.8 +++ /dev/null @@ -1,68 +0,0 @@ -.\" $OpenBSD: yppush.8,v 1.4 1997/05/01 21:08:49 niklas Exp $ -.\" Copyright (c) 1995 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Mats O Jansson -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd January 29, 1995 -.Dt YPPUSH 8 -.Os -.Sh NAME -.Nm yppush -.Nd force distribution of YP map -.Sh SYNOPSIS -.Nm yppush -.Op Fl d Ar domainname -.Op Fl h Ar hostname -.\" .Op Fl p Ar paralleljobs -.\" .Op Fl t Ar timeout -.Op Fl v -.Ar mapname -.Sh DESCRIPTION -.Nm yppush -is used to distribute an YP map from a master server to any -slave server in the domain. All servers of the domain is fetched from the YP -map ypservers. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl d Ar domainname -Don't use default domain, use the specified domain. -.It Fl h Ar hostname -Distribute map only to one host and not to the hosts in the ypserver map. -.\" .It Fl p Ar paralleljobs -.\"Set the number of parallel transfers. -.\".It Fl t Ar timeout -.\"Set the amount of time to elapse before a timeout is registered. -.It Fl v -Verbose. Announce what the program is doing. -.El -.Sh SEE ALSO -.Xr yp 8 , -.Xr ypserv 8 -.Sh AUTHOR -Mats O Jansson diff --git a/yppush.tproj/yppush.c b/yppush.tproj/yppush.c deleted file mode 100644 index 56aa157..0000000 --- a/yppush.tproj/yppush.c +++ /dev/null @@ -1,383 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yppush.c,v 1.10 1997/11/10 05:49:17 deraadt Exp $ */ - -/* - * Copyright (c) 1995 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char rcsid[] = "$OpenBSD: yppush.c,v 1.10 1997/11/10 05:49:17 deraadt Exp $"; -#endif /* not lint */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "yplib_host.h" -#include "ypdef.h" -#include "ypdb.h" - -int Verbose = 0; -char Domain[MAXHOSTNAMELEN], Map[255]; -u_int32_t OrderNum; -char *master; - -extern void yppush_xfrrespprog_1(struct svc_req *request, SVCXPRT *xprt); -extern bool_t xdr_ypreq_xfr(XDR *, struct ypreq_xfr *); - -void -usage() -{ - fprintf(stderr, "Usage:\n"); -/* - fprintf(stderr, "\typpush [-d domainname] [-t seconds] [-p #paralleljobs] [-h host] [-v] mapname\n"); -*/ - fprintf(stderr, "\typpush [-d domainname] [-h host] [-v] mapname\n"); - exit(1); -} - -void -_svc_run() -{ - fd_set readfds; - struct timeval timeout; - - timeout.tv_sec=60; timeout.tv_usec=0; - - for(;;) { - readfds = svc_fdset; - switch (select(_rpc_dtablesize(), &readfds, (void *) 0, - (void *) 0, &timeout)) { - case -1: - if (errno == EINTR) { - continue; - } - perror("yppush: _svc_run: select failed"); - return; - case 0: - fprintf(stderr, "yppush: Callback timed out.\n"); - exit(0); - default: - svc_getreqset(&readfds); - } - } - -} - -void -req_xfr(pid, prog, transp, host, client) -pid_t pid; -u_int prog; -SVCXPRT *transp; -char *host; -CLIENT *client; -{ - struct ypreq_xfr request; - struct timeval tv; - - tv.tv_sec=0; tv.tv_usec=0; - - request.map_parms.domain=(char *)&Domain; - request.map_parms.map=(char *)⤅ - request.map_parms.peer=master; - request.map_parms.ordernum=OrderNum; - request.transid=(u_int)pid; - request.prog=prog; - request.port=transp->xp_port; - - if (Verbose) - printf("%d: %s(%u@%s) -> %s@%s\n", - request.transid, - request.map_parms.map, - request.map_parms.ordernum, - host, - request.map_parms.peer, - request.map_parms.domain); - switch (clnt_call(client, YPPROC_XFR, xdr_ypreq_xfr, &request, - xdr_void, NULL, tv)) { - case RPC_SUCCESS: - case RPC_TIMEDOUT: - break; - default: - clnt_perror(client, "yppush: Cannot call YPPROC_XFR"); - kill(pid, SIGTERM); - } -} - -void -push(inlen, indata) -int inlen; -char *indata; -{ - char host[MAXHOSTNAMELEN]; - CLIENT *client; - SVCXPRT *transp; - int sock = RPC_ANYSOCK; - u_int prog; - bool_t sts; - pid_t pid; - int status; - struct rusage res; - - snprintf(host,sizeof host,"%*.*s" ,inlen ,inlen, indata); - - client = clnt_create(host, YPPROG, YPVERS, "tcp"); - if (client == NULL) { - if (Verbose) - fprintf(stderr,"Target Host: %s\n",host); - clnt_pcreateerror("yppush: Cannot create client"); - return; - } - - transp = svcudp_create(sock); - if (transp == NULL) { - fprintf(stderr, "yppush: Cannot create callback transport.\n"); - return; - } - if (transp->xp_port >= IPPORT_RESERVED) { - SVC_DESTROY(transp); - fprintf(stderr, "yppush: Cannot allocate reserved port.\n"); - return; - } - - for (prog=0x40000000; prog<0x5fffffff; prog++) { - if (sts = svc_register(transp, prog, 1, - yppush_xfrrespprog_1, IPPROTO_UDP)) - break; - } - - if (!sts) { - fprintf(stderr, "yppush: Cannot register callback.\n"); - return; - } - - switch(pid=fork()) { - case -1: - fprintf(stderr, "yppush: Cannot fork.\n"); - exit(1); - case 0: - _svc_run(); - exit(0); - default: - close(transp->xp_sock); - transp->xp_sock = -1; - req_xfr(pid, prog, transp, host, client); - wait4(pid, &status, 0, &res); - svc_unregister(prog, 1); - if (client != NULL) - clnt_destroy(client); - /* XXX transp leak? */ - } - -} - -int -pushit(instatus, inkey, inkeylen, inval, invallen, indata) -int instatus; -char *inkey; -int inkeylen; -char *inval; -int invallen; -char *indata; -{ - if(instatus != YP_TRUE) - return instatus; - push(invallen, inval); - return 0; -} - -int -main(argc, argv) -int argc; -char **argv; -{ - struct ypall_callback ypcb; - extern char *optarg; - extern int optind; - char *domain,*map,*hostname,*parallel,*timeout; - int c, r, i; - char *ypmap = "ypservers"; - CLIENT *client; - static char map_path[MAXPATHLEN]; - struct stat finfo; - DBM *yp_databas; - char order_key[YP_LAST_LEN] = YP_LAST_KEY; - datum o; - - yp_get_default_domain(&domain); - hostname = NULL; -/* - while( (c=getopt(argc, argv, "d:h:p:t:v?")) != -1) -*/ - while( (c=getopt(argc, argv, "d:h:v?")) != -1) - switch(c) { - case 'd': - domain = optarg; - break; - case 'h': - hostname = optarg; - break; - case 'p': - parallel = optarg; - break; - case 't': - timeout = optarg; - break; - case 'v': - Verbose = 1; - break; - case '?': - usage(); - /*NOTREACHED*/ - } - - if(optind + 1 != argc ) - usage(); - - map = argv[optind]; - - strncpy(Domain,domain,sizeof(Domain)-1); - Domain[sizeof(Domain)-1] = '\0'; - strncpy(Map,map,sizeof(Map)-1); - Map[sizeof(Map)-1] = '\0'; - - /* Check domain */ - snprintf(map_path,sizeof map_path,"%s/%s",YP_DB_PATH,domain); - if (!((stat(map_path, &finfo) == 0) && - ((finfo.st_mode & S_IFMT) == S_IFDIR))) { - fprintf(stderr,"yppush: Map does not exist.\n"); - exit(1); - } - - - /* Check map */ - snprintf(map_path,sizeof map_path,"%s/%s/%s%s", - YP_DB_PATH,domain,Map,YPDB_SUFFIX); - if (!(stat(map_path, &finfo) == 0)) { - fprintf(stderr,"yppush: Map does not exist.\n"); - exit(1); - } - - snprintf(map_path,sizeof map_path,"%s/%s/%s",YP_DB_PATH,domain,Map); - yp_databas = ypdb_open(map_path,0,O_RDONLY); - OrderNum=0xffffffff; - if (yp_databas == 0) { - fprintf(stderr, "yppush: %s%s: Cannot open database\n", - map_path, YPDB_SUFFIX); - } else { - o.dptr = (char *) &order_key; - o.dsize = YP_LAST_LEN; - o=ypdb_fetch(yp_databas,o); - if (o.dptr == NULL) { - fprintf(stderr, - "yppush: %s: Cannot determine order number\n", - Map); - } else { - OrderNum=0; - for(i=0; i - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPPUSH_H_RPCGEN -#define _YPPUSH_H_RPCGEN - -#include - - -enum yppush_status { - YPPUSH_SUCC = 1, - YPPUSH_AGE = 2, - YPPUSH_NOMAP = -1, - YPPUSH_NODOM = -2, - YPPUSH_RSRC = -3, - YPPUSH_RPC = -4, - YPPUSH_MADDR = -5, - YPPUSH_YPERR = -6, - YPPUSH_BADARGS = -7, - YPPUSH_DBM = -8, - YPPUSH_FILE = -9, - YPPUSH_SKEW = -10, - YPPUSH_CLEAR = -11, - YPPUSH_FORCE = -12, - YPPUSH_XFRERR = -13, - YPPUSH_REFUSED = -14, -}; -typedef enum yppush_status yppush_status; -#ifdef __cplusplus -extern "C" bool_t xdr_yppush_status(XDR *, yppush_status*); -#elif defined(__STDC__) -extern bool_t xdr_yppush_status(XDR *, yppush_status*); -#else /* Old Style C */ -bool_t xdr_yppush_status(); -#endif /* Old Style C */ - - -struct yppushresp_xfr { - u_int transid; - yppush_status status; -}; -typedef struct yppushresp_xfr yppushresp_xfr; -#ifdef __cplusplus -extern "C" bool_t xdr_yppushresp_xfr(XDR *, yppushresp_xfr*); -#elif defined(__STDC__) -extern bool_t xdr_yppushresp_xfr(XDR *, yppushresp_xfr*); -#else /* Old Style C */ -bool_t xdr_yppushresp_xfr(); -#endif /* Old Style C */ - - -#define YPPUSH_XFRRESPPROG ((u_long)0x40000000) -#define YPPUSH_XFRRESPVERS ((u_long)1) - -#ifdef __cplusplus -#define YPPUSHPROC_NULL ((u_long)0) -extern "C" void * yppushproc_null_1(void *, CLIENT *); -extern "C" void * yppushproc_null_1_svc(void *, struct svc_req *); -#define YPPUSHPROC_XFRRESP ((u_long)1) -extern "C" void * yppushproc_xfrresp_1(yppushresp_xfr *, CLIENT *); -extern "C" void * yppushproc_xfrresp_1_svc(yppushresp_xfr *, struct svc_req *); - -#elif defined(__STDC__) -#define YPPUSHPROC_NULL ((u_long)0) -extern void * yppushproc_null_1(void *, CLIENT *); -extern void * yppushproc_null_1_svc(void *, struct svc_req *); -#define YPPUSHPROC_XFRRESP ((u_long)1) -extern void * yppushproc_xfrresp_1(yppushresp_xfr *, CLIENT *); -extern void * yppushproc_xfrresp_1_svc(yppushresp_xfr *, struct svc_req *); - -#else /* Old Style C */ -#define YPPUSHPROC_NULL ((u_long)0) -extern void * yppushproc_null_1(); -extern void * yppushproc_null_1_svc(); -#define YPPUSHPROC_XFRRESP ((u_long)1) -extern void * yppushproc_xfrresp_1(); -extern void * yppushproc_xfrresp_1_svc(); -#endif /* Old Style C */ - -#endif /* !_YPPUSH_H_RPCGEN */ diff --git a/yppush.tproj/yppush_err.c b/yppush.tproj/yppush_err.c deleted file mode 100644 index 31f74e8..0000000 --- a/yppush.tproj/yppush_err.c +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yppush_err.c,v 1.2 1996/05/30 09:53:20 deraadt Exp $ */ - -/* - * Copyright (c) 1996 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char rcsid[] = "$OpenBSD: yppush_err.c,v 1.2 1996/05/30 09:53:20 deraadt Exp $"; -#endif /* not lint */ - -#include -#include - -char * -yppush_err_string(enum yppush_status y) { - switch(y) { - case YPPUSH_SUCC: - return "Success"; - case YPPUSH_AGE: - return "Master's version not newer"; - case YPPUSH_NOMAP: - return "Can't find server for map"; - case YPPUSH_NODOM: - return "Domain not supported"; - case YPPUSH_RSRC: - return "Local resource alloc failure"; - case YPPUSH_RPC: - return "RPC failure talking to server"; - case YPPUSH_MADDR: - return "Can't get master address"; - case YPPUSH_YPERR: - return "YP server/map db error"; - case YPPUSH_BADARGS: - return "Request arguments bad"; - case YPPUSH_DBM: - return "Local dbm operation failed"; - case YPPUSH_FILE: - return "Local file I/O operation failed"; - case YPPUSH_SKEW: - return "Map version skew during transfer"; - case YPPUSH_CLEAR: - return "Can't send \"Clear\" req to local ypserv"; - case YPPUSH_FORCE: - return "No local order number in map use -f flag."; - case YPPUSH_XFRERR: - return "ypxfr error"; - case YPPUSH_REFUSED: - return "Transfer request refused by ypserv"; - } -}; diff --git a/yppush.tproj/yppush_proc.c b/yppush.tproj/yppush_proc.c deleted file mode 100644 index 601a7cb..0000000 --- a/yppush.tproj/yppush_proc.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yppush_proc.c,v 1.3 1997/08/21 12:52:08 maja Exp $ */ - -/* - * Copyright (c) 1996 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char rcsid[] = "$OpenBSD: yppush_proc.c,v 1.3 1997/08/21 12:52:08 maja Exp $"; -#endif /* not lint */ - -#include -#include "yppush.h" - -extern int Verbose; - -void * -yppushproc_null_1_svc(argp, rqstp) - void *argp; - struct svc_req *rqstp; -{ - - static char* result; - - /* - * insert server code here - */ - return((void*) &result); -} - -void * -yppushproc_xfrresp_1_svc(argp, rqstp) - yppushresp_xfr *argp; - struct svc_req *rqstp; -{ - - static char* result; - - /* - * insert server code here - */ - if ((argp->statusstatus)); - - return((void*) &result); -} diff --git a/yppush.tproj/yppush_svc.c b/yppush.tproj/yppush_svc.c deleted file mode 100644 index f3c19dc..0000000 --- a/yppush.tproj/yppush_svc.c +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yppush_svc.c,v 1.2 1996/05/30 09:53:22 deraadt Exp $ */ - -/* - * Copyright (c) 1996 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char rcsid[] = "$OpenBSD: yppush_svc.c,v 1.2 1996/05/30 09:53:22 deraadt Exp $"; -#endif /* not lint */ - -#include "yppush.h" -#include -#include /* getenv, exit */ -#include -#include -#include /* TIOCNOTTY */ -#include -#include -#include -#ifdef SYSLOG -#include -#else -#define LOG_ERR 1 -#define openlog(a, b, c) -#endif - -#ifdef __STDC__ -#define SIG_PF void(*)(int) -#endif - -#ifdef DEBUG -#define RPC_SVC_FG -#endif - -#define _RPCSVC_CLOSEDOWN 120 -int _rpcpmstart; /* Started by a port monitor ? */ -int _rpcfdtype; /* Whether Stream or Datagram ? */ -int _rpcsvcdirty; /* Still serving ? */ - -static -void _msgout(msg) - char *msg; -{ -#ifdef RPC_SVC_FG - if (_rpcpmstart) - syslog(LOG_ERR, msg); - else - (void) fprintf(stderr, "%s\n", msg); -#else - syslog(LOG_ERR, msg); -#endif -} - -void -yppush_xfrrespprog_1(rqstp, transp) - struct svc_req *rqstp; - register SVCXPRT *transp; -{ - union { - int fill; - } argument; - char *result; - bool_t (*xdr_argument)(), (*xdr_result)(); - char *(*local)(); - - _rpcsvcdirty = 1; - switch (rqstp->rq_proc) { - case YPPUSHPROC_NULL: - xdr_argument = xdr_void; - xdr_result = xdr_void; - local = (char *(*)()) yppushproc_null_1_svc; - break; - - case YPPUSHPROC_XFRRESP: - xdr_argument = xdr_yppushresp_xfr; - xdr_result = xdr_void; - local = (char *(*)()) yppushproc_xfrresp_1_svc; - break; - - default: - svcerr_noproc(transp); - _rpcsvcdirty = 0; - exit(1); - return; - } - (void) memset((char *)&argument, 0, sizeof (argument)); - if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { - svcerr_decode(transp); - _rpcsvcdirty = 0; - exit(1); - return; - } - result = (*local)(&argument, rqstp); - if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { - svcerr_systemerr(transp); - } - if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { - _msgout("unable to free arguments"); - exit(1); - } - _rpcsvcdirty = 0; - if (rqstp->rq_proc!=YPPUSHPROC_NULL) - exit(0); - return; -} diff --git a/yppush.tproj/yppush_xdr.c b/yppush.tproj/yppush_xdr.c deleted file mode 100644 index d8ad787..0000000 --- a/yppush.tproj/yppush_xdr.c +++ /dev/null @@ -1,171 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yppush_xdr.c,v 1.2 1996/05/30 09:53:22 deraadt Exp $ */ - -/* - * Copyright (c) 1996 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: yppush_xdr.c,v 1.2 1996/05/30 09:53:22 deraadt Exp $"; -#endif - -#include -#include - -__private_extern__ -bool_t -xdr_domainname(xdrs, objp) - XDR *xdrs; - domainname *objp; -{ - if (!xdr_string(xdrs, objp, YPMAXDOMAIN)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_mapname(xdrs, objp) - XDR *xdrs; - mapname *objp; -{ - if (!xdr_string(xdrs, objp, YPMAXMAP)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_peername(xdrs, objp) - XDR *xdrs; - peername *objp; -{ - if (!xdr_string(xdrs, objp, YPMAXPEER)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_ypmap_parms(xdrs, objp) - XDR *xdrs; - ypmap_parms *objp; -{ - if (!xdr_domainname(xdrs, &objp->domain)) { - return (FALSE); - } - if (!xdr_mapname(xdrs, &objp->map)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->ordernum)) { - return (FALSE); - } - if (!xdr_peername(xdrs, &objp->peer)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_ypreq_xfr(xdrs, objp) - XDR *xdrs; - ypreq_xfr *objp; -{ - if (!xdr_ypmap_parms(xdrs, &objp->map_parms)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->transid)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->prog)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->port)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_yppush_status(xdrs, objp) - XDR *xdrs; - yppush_status *objp; -{ - register long *buf; - - if (!xdr_enum(xdrs, (enum_t *)objp)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_yppushresp_xfr(xdrs, objp) - XDR *xdrs; - yppushresp_xfr *objp; -{ - - register long *buf; - - if (!xdr_u_int(xdrs, &objp->transid)) { - return (FALSE); - } - if (!xdr_yppush_status(xdrs, &objp->status)) { - return (FALSE); - } - return (TRUE); -} - - - diff --git a/ypserv.tproj/Makefile b/ypserv.tproj/Makefile deleted file mode 100644 index 3da1f94..0000000 --- a/ypserv.tproj/Makefile +++ /dev/null @@ -1,52 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = ypserv - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = acl.h yp.h ypv1.h ypdb.h yplog.h ypdef.h - -CFILES = acl.c ypdb.c yplog.c ypserv.c ypserv_db.c ypserv_proc.c\ - ypserv_xdr.c ypserv_xdr_v1.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble securenet\ - securenet.5 ypserv.acl ypserv.acl.5 ypserv.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/libexec -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_BUILD_OUTPUT_DIR = /tmp/$(USER)/BUILD - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/ypserv.tproj/Makefile.postamble b/ypserv.tproj/Makefile.postamble deleted file mode 100644 index e2ee9e9..0000000 --- a/ypserv.tproj/Makefile.postamble +++ /dev/null @@ -1,107 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S -STRIPFLAGS = - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -after_install: - mkdir -p "$(DSTROOT)/usr/share/man/man8" - mkdir -p "$(DSTROOT)/usr/share/man/man5" - install -c -m 644 ypserv.8 "$(DSTROOT)/usr/share/man/man8/ypserv.8" - install -c -m 644 securenet.5 "$(DSTROOT)/usr/share/man/man5/securenet.5" - install -c -m 644 ypserv.acl.5 "$(DSTROOT)/usr/share/man/man5/ypserv.acl.5" diff --git a/ypserv.tproj/Makefile.preamble b/ypserv.tproj/Makefile.preamble deleted file mode 100644 index 3d12277..0000000 --- a/ypserv.tproj/Makefile.preamble +++ /dev/null @@ -1,124 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. <> -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSION: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO -AFTER_INSTALL = after_install diff --git a/ypserv.tproj/PB.project b/ypserv.tproj/PB.project deleted file mode 100644 index c7cbbbb..0000000 --- a/ypserv.tproj/PB.project +++ /dev/null @@ -1,45 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (acl.h, yp.h, ypv1.h, ypdb.h, yplog.h, ypdef.h); - OTHER_LIBS = (); - OTHER_LINKED = ( - acl.c, - ypdb.c, - yplog.c, - ypserv.c, - ypserv_db.c, - ypserv_proc.c, - ypserv_xdr.c, - ypserv_xdr_v1.c - ); - OTHER_SOURCES = ( - Makefile.preamble, - Makefile, - Makefile.postamble, - securenet, - securenet.5, - ypserv.acl, - ypserv.acl.5 - ); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDDIR = "/tmp/$(USER)/BUILD"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/libexec; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = ypserv; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/ypserv.tproj/acl.c b/ypserv.tproj/acl.c deleted file mode 100644 index 4ac671d..0000000 --- a/ypserv.tproj/acl.c +++ /dev/null @@ -1,641 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: acl.c,v 1.5 1997/08/05 09:26:55 maja Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: acl.c,v 1.5 1997/08/05 09:26:55 maja Exp $"; -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include "acl.h" - -#define TRUE 1 -#define FALSE 0 - -static struct aclent *acl_root = NULL; - -static int acl_read_line(fp, buf, size) -FILE *fp; -char *buf; -int size; -{ - int len = 0; - char *c,*p,l; - - /* Read a line, and remove any comment, trim space */ - - do { - while (fgets(buf, size, fp)) { - c = buf; - while(*c != '\0') { - if ((*c == '#') || (*c == '\n')) { - *c = '\0'; - } else { - c++; - } - } - - c = p = buf; l = ' '; - while(*c != '\0') { - if ((isspace(l) != 0) && (isspace(*c) != 0)) { - c++; - } else { - l = *c++; *p = l; p++; - } - } - *p = '\0'; - - if (p != buf) { - --p; - if (isspace(*p) != 0) { - *p = '\0'; - } - } - - len = strlen(buf); - return len + 1; - } - } while (size > 0 && !feof(fp)); - - return len; -} - -int -yp_acl_check_host(addr) -struct in_addr *addr; -{ - struct aclent *p; - - p = acl_root; - while (p != NULL) { - if ((addr->s_addr & p->s_mask) == p->s_addr) { - return(p->allow); - } - p = p->next; - } - return(TRUE); -} - -void -acl_add_net(allow,addr,mask) -int allow; -struct in_addr *addr,*mask; -{ - - struct aclent *acl,*p; - - acl = (struct aclent *) malloc((unsigned) sizeof(struct aclent)); - - acl->next = NULL; - acl->allow = allow; - acl->s_addr = addr->s_addr; - acl->s_mask = mask->s_addr; - - if (acl_root == NULL) { - acl_root = acl; - } else { - p = acl_root; - while (p->next != NULL) - p = p->next; - p->next = acl; - } - -} - -void -acl_add_host(allow,addr) -int allow; -struct in_addr *addr; -{ - struct in_addr mask; - - mask.s_addr = htonl(0xffffffff); - - acl_add_net(allow,addr,&mask); -} - -int -yp_acl_init(file) -char *file; -{ - char data_line[1024]; - int line_no = 0; - int len,i; - int allow = TRUE; - int error_cnt = 0; - char *p,*k; - int state; - struct in_addr addr,mask,*host_addr; - struct hostent *host; - struct netent *net; - FILE *data_file = NULL; - - if (file != NULL) { - data_file = fopen(file,"r"); - }; - - while ((data_file != NULL) && - (acl_read_line(data_file,data_line,sizeof(data_line)))) { - - line_no++; - - len = strlen(data_line); - if (len == 0) { - continue; - } - - p = (char *) &data_line; - - /* State 1: Initial State */ - - state = ACLS_INIT; - addr.s_addr = mask.s_addr = 0; - - k = p; i = 0; /* save start of verb */ - while ((*p != '\0') && - (!isspace(*p = tolower(*p)))) { - p++; i++; - }; - - if (*p != '\0') { - *p++ = '\0'; - } - - if (strcmp(k,"allow") == 0) { - allow = TRUE; - state = ACLS_ALLOW; - } - - if (strcmp(k,"deny") == 0) { - allow = FALSE; - state = ACLS_DENY; - } - - if (state == ACLS_INIT) { - state = ACLE_UVERB; - } - - /* State 2: allow row */ - /* State 3: deny row */ - - if ((*p != '\0') && - ((state == ACLS_ALLOW) || (state == ACLS_DENY))) { - - k = p; i = 0; /* save start of verb */ - while ((*p != '\0') && - (!isspace(*p = tolower(*p)))) { - p++; i++; - }; - - if (*p != '\0') { - *p++ = '\0'; - } - - if (strcmp(k,"all") == 0) { - state = state + ACLD_ALL; - } - - if (strcmp(k,"host") == 0) { - state = state + ACLD_HOST; - } - - if (strcmp(k,"net") == 0) { - state = state + ACLD_NET; - } - - if ((state == ACLS_ALLOW) || (state == ACLS_DENY)) { - state = ACLE_U2VERB; - } - - } - - if ((state == ACLS_ALLOW) || (state == ACLS_DENY)) { - state = ACLE_UEOL; - } - - /* State 4 & 5: all state, remove any comment */ - - if ((*p == '\0') && - ((state == ACLS_ALLOW_ALL) || (state == ACLS_DENY_ALL))) { - acl_add_net(allow,&addr,&mask); - state = ACLE_OK; - } - - /* State 6 & 7: host line */ - /* State 8 & 9: net line */ - - if ((*p != '\0') && - (state >= ACLS_ALLOW_HOST) && (state <= ACLS_DENY_NET)) { - - k = p; i = 0; /* save start of verb */ - while ((*p != '\0') && - (!isspace(*p = tolower(*p)))) { - p++; i++; - }; - - if (*p != '\0') { - *p++ = '\0'; - } - - if ((state == ACLS_ALLOW_HOST) || (state == ACLS_DENY_HOST)) { - if ((*k >= '0') && (*k <= '9')) { - (void)inet_aton(k,&addr); - acl_add_host(allow,&addr); - state = state + ACLD_HOST_DONE; - } else { - host = gethostbyname(k); - if (host == NULL) { - state = ACLE_NOHOST; - } else { - if (host->h_addrtype == AF_INET) { - while ((host_addr = (struct in_addr *) *host->h_addr_list++) - != NULL) - acl_add_host(allow,host_addr); - } - state = state + ACLD_HOST_DONE; - } - } - } - - if ((state == ACLS_ALLOW_NET) || (state == ACLS_DENY_NET)) { - if ((*k >= '0') && (*k <= '9')) { - (void)inet_aton(k,&addr); - state = state + ACLD_NET_DONE; - } else { - net = getnetbyname(k); - if (net == NULL) { - state = ACLE_NONET; - } else { - addr.s_addr = ntohl(net->n_net); - state = state + ACLD_NET_DONE; - } - } - } - - } - - if ((state >= ACLS_ALLOW_HOST) && (state <= ACLS_DENY_NET)) { - state = ACLE_UEOL; - } - - /* State 10 & 11: allow/deny host line */ - - if ((*p == '\0') && - ((state == ACLS_ALLOW_HOST_DONE) || (state == ACLS_DENY_HOST_DONE))) { - state = ACLE_OK; - } - - /* State 12 & 13: allow/deny net line */ - - if ((*p == '\0') && - ((state == ACLS_ALLOW_NET_DONE) || (state == ACLS_DENY_NET_DONE))) { - mask.s_addr = htonl(0xffffff00); - if (ntohl(addr.s_addr) < 0xc0000000) { - mask.s_addr = htonl(0xffff0000); - } - if (ntohl(addr.s_addr) < 0x80000000) { - mask.s_addr = htonl(0xff000000); - } - acl_add_net(allow,&addr,&mask); - state = ACLE_OK; - } - - if ((*p != '\0') && - ((state == ACLS_ALLOW_NET_DONE) || (state == ACLS_DENY_NET_DONE))) { - - k = p; i = 0; /* save start of verb */ - while ((*p != '\0') && - (!isspace(*p = tolower(*p)))) { - p++; i++; - }; - - if (*p != '\0') { - *p++ = '\0'; - } - - if (strcmp(k,"netmask") == 0) { - state = state + ACLD_NET_MASK; - } - - if ((state == ACLS_ALLOW_NET_DONE) || (state == ACLS_DENY_NET_DONE)) { - state = ACLE_NONETMASK; - } - - } - - /* State 14 & 15: allow/deny net netmask line */ - - if ((*p != '\0') && - ((state == ACLS_ALLOW_NET_MASK) || (state == ACLS_DENY_NET_MASK))) { - - k = p; i = 0; /* save start of verb */ - while ((*p != '\0') && - (!isspace(*p = tolower(*p)))) { - p++; i++; - }; - - if (*p != '\0') { - *p++ = '\0'; - } - - if ((state == ACLS_ALLOW_NET_MASK) || (state == ACLS_DENY_NET_MASK)) { - if ((*k >= '0') && (*k <= '9')) { - (void)inet_aton(k,&mask); - state = state + ACLD_NET_EOL; - } else { - net = getnetbyname(k); - if (net == NULL) { - state = ACLE_NONET; - } else { - mask.s_addr = ntohl(net->n_net); - state = state + ACLD_NET_EOL; - } - } - } - - } - - if ((state == ACLS_ALLOW_NET_MASK) || (state == ACLS_DENY_NET_MASK)) { - state = ACLE_UEOL; - } - - /* State 16 & 17: allow/deny host line */ - - if ((*p == '\0') && - ((state == ACLS_ALLOW_NET_EOL) || (state == ACLS_DENY_NET_EOL))) { - acl_add_net(allow,&addr,&mask); - state = ACLE_OK; - } - - switch (state) { - case ACLE_NONETMASK: - fprintf(stderr,"acl: excpected \"netmask\" missing at line %d\n",line_no); - break; - case ACLE_NONET: - error_cnt++; - fprintf(stderr,"acl: unknown network at line %d\n",line_no); - break; - case ACLE_NOHOST: - error_cnt++; - fprintf(stderr,"acl: unknown host at line %d\n",line_no); - break; - case ACLE_UVERB: - error_cnt++; - fprintf(stderr,"acl: unknown verb at line %d\n",line_no); - break; - case ACLE_U2VERB: - error_cnt++; - fprintf(stderr,"acl: unknown secondary verb at line %d\n",line_no); - break; - case ACLE_UEOL: - error_cnt++; - fprintf(stderr,"acl: unexpected end of line at line %d\n",line_no); - break; - case ACLE_OK: - break; - default: - error_cnt++; - fprintf(stderr,"acl: unexpected state %d %s\n",state,k); - } - - } - - if (data_file != NULL) { - (void)fflush(stderr); - (void)fclose(data_file); - } - - /* Always add a last allow all if file don't exists or */ - /* the file doesn't cover all cases. */ - - addr.s_addr = mask.s_addr = 0; - allow = TRUE; - acl_add_net(allow,&addr,&mask); - - return(error_cnt); - -} - -int -yp_acl_securenet(file) -char *file; -{ - char data_line[1024]; - int line_no = 0; - int len,i; - int allow = TRUE; - int error_cnt = 0; - char *p,*k; - int state; - struct in_addr addr,mask; - struct netent *net; - FILE *data_file = NULL; - - if (file != NULL) { - data_file = fopen(file,"r"); - }; - - /* Always add a localhost allow first, to be compatable with sun */ - - addr.s_addr = htonl(0x7f000001); - mask.s_addr = htonl(0xffffffff); - allow = TRUE; - acl_add_net(allow,&addr,&mask); - - while ((data_file != NULL) && - (acl_read_line(data_file,data_line,sizeof(data_line)))) { - - line_no++; - - len = strlen(data_line); - if (len == 0) { - continue; - } - - p = (char *) &data_line; - - /* State 1: Initial State */ - - state = ACLS_INIT; - addr.s_addr = mask.s_addr = 0; - - k = p; i = 0; /* save start of verb */ - while ((*p != '\0') && - (!isspace(*p = tolower(*p)))) { - p++; i++; - }; - - if (*p != '\0') { - *p++ = '\0'; - state = ACLS_ALLOW_NET_MASK; - } - - if (state == ACLS_INIT) { - state = ACLE_UEOL; - } - - if (state == ACLS_ALLOW_NET_MASK) { - - if ((*k >= '0') && (*k <= '9')) { - (void)inet_aton(k,&mask); - state = ACLS_ALLOW_NET; - } else { - net = getnetbyname(k); - if (net == NULL) { - state = ACLE_NONET; - } else { - mask.s_addr = ntohl(net->n_net); - state = ACLS_ALLOW_NET; - } - } - - k = p; i = 0; /* save start of verb */ - while ((*p != '\0') && - (!isspace(*p = tolower(*p)))) { - p++; i++; - }; - - if (*p != '\0') { - *p++ = '\0'; - } - } - - if ((state == ACLS_ALLOW_NET_MASK)) { - state = ACLE_UEOL; - } - - if (state == ACLS_ALLOW_NET) { - - if ((*k >= '0') && (*k <= '9')) { - (void)inet_aton(k,&addr); - state = ACLS_ALLOW_NET_EOL; - } else { - net = getnetbyname(k); - if (net == NULL) { - state = ACLE_NONET; - } else { - addr.s_addr = ntohl(net->n_net); - state = ACLS_ALLOW_NET_EOL; - } - } - } - - if ((state == ACLS_ALLOW_NET)) { - state = ACLE_UEOL; - } - - if ((*p == '\0') && (state == ACLS_ALLOW_NET_EOL)) { - acl_add_net(allow,&addr,&mask); - state = ACLE_OK; - } - - switch (state) { - case ACLE_NONET: - error_cnt++; - fprintf(stderr,"securenet: unknown network at line %d\n",line_no); - break; - case ACLE_UEOL: - error_cnt++; - fprintf(stderr,"securenet: unexpected end of line at line %d\n",line_no); - break; - case ACLE_OK: - break; - default: - error_cnt++; - fprintf(stderr,"securenet: unexpected state %d %s\n",state,k); - } - - } - - if (data_file != NULL) { - (void)fflush(stderr); - (void)fclose(data_file); - - /* Always add a last deny all if file exists */ - - addr.s_addr = mask.s_addr = 0; - allow = FALSE; - acl_add_net(allow,&addr,&mask); - - } - - /* Always add a last allow all if file don't exists */ - - addr.s_addr = mask.s_addr = 0; - allow = TRUE; - acl_add_net(allow,&addr,&mask); - - return(error_cnt); - -} - -void -yp_acl_reset() -{ - struct aclent *p; - - while (acl_root != NULL) { - p = acl_root->next; - free(acl_root); - acl_root = p; - } -} diff --git a/ypserv.tproj/acl.h b/ypserv.tproj/acl.h deleted file mode 100644 index fc5afa5..0000000 --- a/ypserv.tproj/acl.h +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: acl.h,v 1.4 1996/06/30 19:46:05 maja Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _ACL_H_ -#define _ACL_H_ - -#define ACLD_ALL 2 -#define ACLD_HOST 4 -#define ACLD_NET 6 -#define ACLD_HOST_DONE 4 -#define ACLD_NET_DONE 4 -#define ACLD_NET_MASK 2 -#define ACLD_NET_EOL 2 - -#define ACLS_INIT 1 -#define ACLS_ALLOW 2 -#define ACLS_DENY 3 -#define ACLS_ALLOW_ALL ACLS_ALLOW+ACLD_ALL /* 4 */ -#define ACLS_DENY_ALL ACLS_DENY+ACLD_ALL /* 5 */ -#define ACLS_ALLOW_HOST ACLS_ALLOW+ACLD_HOST /* 6 */ -#define ACLS_DENY_HOST ACLS_DENY+ACLD_HOST /* 7 */ -#define ACLS_ALLOW_NET ACLS_ALLOW+ACLD_NET /* 8 */ -#define ACLS_DENY_NET ACLS_DENY+ACLD_NET /* 9 */ -#define ACLS_ALLOW_HOST_DONE ACLS_ALLOW_HOST+ACLD_HOST_DONE /* 10 */ -#define ACLS_DENY_HOST_DONE ACLS_DENY_HOST+ACLD_HOST_DONE /* 11 */ -#define ACLS_ALLOW_NET_DONE ACLS_ALLOW_NET+ACLD_NET_DONE /* 12 */ -#define ACLS_DENY_NET_DONE ACLS_DENY_NET+ACLD_NET_DONE /* 13 */ -#define ACLS_ALLOW_NET_MASK ACLS_ALLOW_NET_DONE+ACLD_NET_MASK /* 14 */ -#define ACLS_DENY_NET_MASK ACLS_DENY_NET_DONE+ACLD_NET_MASK /* 15 */ -#define ACLS_ALLOW_NET_EOL ACLS_ALLOW_NET_MASK+ACLD_NET_EOL /* 16 */ -#define ACLS_DENY_NET_EOL ACLS_DENY_NET_MASK+ACLD_NET_EOL /* 17 */ - -#define ACLE_NONETMASK 18 -#define ACLE_NONET 19 -#define ACLE_NOHOST 20 -#define ACLE_UVERB 21 -#define ACLE_U2VERB 22 -#define ACLE_UEOL 23 -#define ACLE_OK 24 - -struct aclent { -struct aclent *next; - int allow; - u_long s_addr; - u_long s_mask; -}; - -__BEGIN_DECLS -int yp_acl_check_host __P((struct in_addr *)); -int yp_acl_init __P((char *)); -int yp_acl_securenet __P((char *)); -void yp_acl_reset __P((void)); -__END_DECLS - -#endif /* !_ACL_H_ */ - - diff --git a/ypserv.tproj/securenet b/ypserv.tproj/securenet deleted file mode 100644 index a136cfb..0000000 --- a/ypserv.tproj/securenet +++ /dev/null @@ -1,4 +0,0 @@ -# -# Only my local net is secure. -# -255.255.255.0 139.58.253.0 diff --git a/ypserv.tproj/securenet.5 b/ypserv.tproj/securenet.5 deleted file mode 100644 index bb14ae7..0000000 --- a/ypserv.tproj/securenet.5 +++ /dev/null @@ -1,74 +0,0 @@ -.\" $OpenBSD: securenet.5,v 1.4 1996/06/26 21:26:37 maja Exp $ -.\" Copyright (c) 1994 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Mats O Jansson -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd June 27, 1994 -.Dt SECURENET 5 -.Os -.Sh NAME -.Nm securenet -.Nd -.Xr ypserv 8 -configuration file for secure networks -.Sh DESCRIPTION -The -.Nm securenet -file controls which hosts can connect to the -.Nm YP -server. -.Pp -The format is rather simple. Each row consists of two items. The first item -is the network mask. The second item is the network. -.Sh EXAMPLES -.Pp -A configuration file might appear as follows: -.Bd -literal -# -# Only my local net is secure. -# -255.255.255.0 139.58.253.0 -.Ed -.Sh FILES -.Bl -tag -width /var/yp/securenet -compact -.It Pa /var/yp/securenet -A -.Xr ypserv 8 -configuration file. -.El -.Sh SEE ALSO -.Xr yp 8 , -.Xr ypserv 8 , -.Xr ypserv.acl 5 -.Sh HISTORY -The -.Nm securenet -was added to -.Nm NIS -by Sun Microsystems, Inc. as a bugfix for weak security. - diff --git a/ypserv.tproj/yp.h b/ypserv.tproj/yp.h deleted file mode 100644 index cfe590b..0000000 --- a/ypserv.tproj/yp.h +++ /dev/null @@ -1,612 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yp.h,v 1.5 1997/07/25 20:12:31 mickey Exp $ */ - -/* - * Please do not edit this file. - * It was generated using rpcgen. - */ - -#ifndef _YP_H_RPCGEN -#define _YP_H_RPCGEN - -#include - -#define YPMAXRECORD 1024 -#define YPMAXDOMAIN 64 -#define YPMAXMAP 64 -#define YPMAXPEER 64 - -enum ypstat { - YP_TRUE = 1, - YP_NOMORE = 2, - YP_FALSE = 0, - YP_NOMAP = -1, - YP_NODOM = -2, - YP_NOKEY = -3, - YP_BADOP = -4, - YP_BADDB = -5, - YP_YPERR = -6, - YP_BADARGS = -7, - YP_VERS = -8, -}; -typedef enum ypstat ypstat; -#ifdef __cplusplus -extern "C" bool_t xdr_ypstat(XDR *, ypstat*); -#elif defined(__STDC__) -extern bool_t xdr_ypstat(XDR *, ypstat*); -#else /* Old Style C */ -bool_t xdr_ypstat(); -#endif /* Old Style C */ - - -enum ypxfrstat { - YPXFR_SUCC = 1, - YPXFR_AGE = 2, - YPXFR_NOMAP = -1, - YPXFR_NODOM = -2, - YPXFR_RSRC = -3, - YPXFR_RPC = -4, - YPXFR_MADDR = -5, - YPXFR_YPERR = -6, - YPXFR_BADARGS = -7, - YPXFR_DBM = -8, - YPXFR_FILE = -9, - YPXFR_SKEW = -10, - YPXFR_CLEAR = -11, - YPXFR_FORCE = -12, - YPXFR_XFRERR = -13, - YPXFR_REFUSED = -14, -}; -typedef enum ypxfrstat ypxfrstat; -#ifdef __cplusplus -extern "C" bool_t xdr_ypxfrstat(XDR *, ypxfrstat*); -#elif defined(__STDC__) -extern bool_t xdr_ypxfrstat(XDR *, ypxfrstat*); -#else /* Old Style C */ -bool_t xdr_ypxfrstat(); -#endif /* Old Style C */ - - -typedef char *domainname; -#ifdef __cplusplus -extern "C" bool_t xdr_domainname(XDR *, domainname*); -#elif defined(__STDC__) -extern bool_t xdr_domainname(XDR *, domainname*); -#else /* Old Style C */ -bool_t xdr_domainname(); -#endif /* Old Style C */ - - -typedef char *mapname; -#ifdef __cplusplus -extern "C" bool_t xdr_mapname(XDR *, mapname*); -#elif defined(__STDC__) -extern bool_t xdr_mapname(XDR *, mapname*); -#else /* Old Style C */ -bool_t xdr_mapname(); -#endif /* Old Style C */ - - -typedef char *peername; -#ifdef __cplusplus -extern "C" bool_t xdr_peername(XDR *, peername*); -#elif defined(__STDC__) -extern bool_t xdr_peername(XDR *, peername*); -#else /* Old Style C */ -bool_t xdr_peername(); -#endif /* Old Style C */ - - -typedef struct { - u_int keydat_len; - char *keydat_val; -} keydat; -#ifdef __cplusplus -extern "C" bool_t xdr_keydat(XDR *, keydat*); -#elif defined(__STDC__) -extern bool_t xdr_keydat(XDR *, keydat*); -#else /* Old Style C */ -bool_t xdr_keydat(); -#endif /* Old Style C */ - - -typedef struct { - u_int valdat_len; - char *valdat_val; -} valdat; -#ifdef __cplusplus -extern "C" bool_t xdr_valdat(XDR *, valdat*); -#elif defined(__STDC__) -extern bool_t xdr_valdat(XDR *, valdat*); -#else /* Old Style C */ -bool_t xdr_valdat(); -#endif /* Old Style C */ - - -struct ypmap_parms { - domainname domain; - mapname map; - u_int32_t ordernum; - peername peer; -}; -typedef struct ypmap_parms ypmap_parms; -#ifdef __cplusplus -extern "C" bool_t xdr_ypmap_parms(XDR *, ypmap_parms*); -#elif defined(__STDC__) -extern bool_t xdr_ypmap_parms(XDR *, ypmap_parms*); -#else /* Old Style C */ -bool_t xdr_ypmap_parms(); -#endif /* Old Style C */ - - -struct ypreq_key { - domainname domain; - mapname map; - keydat key; -}; -typedef struct ypreq_key ypreq_key; -#ifdef __cplusplus -extern "C" bool_t xdr_ypreq_key(XDR *, ypreq_key*); -#elif defined(__STDC__) -extern bool_t xdr_ypreq_key(XDR *, ypreq_key*); -#else /* Old Style C */ -bool_t xdr_ypreq_key(); -#endif /* Old Style C */ - - -struct ypreq_nokey { - domainname domain; - mapname map; -}; -typedef struct ypreq_nokey ypreq_nokey; -#ifdef __cplusplus -extern "C" bool_t xdr_ypreq_nokey(XDR *, ypreq_nokey*); -#elif defined(__STDC__) -extern bool_t xdr_ypreq_nokey(XDR *, ypreq_nokey*); -#else /* Old Style C */ -bool_t xdr_ypreq_nokey(); -#endif /* Old Style C */ - - -struct ypreq_xfr { - ypmap_parms map_parms; - u_int transid; - u_int prog; - u_int port; -}; -typedef struct ypreq_xfr ypreq_xfr; -#ifdef __cplusplus -extern "C" bool_t xdr_ypreq_xfr(XDR *, ypreq_xfr*); -#elif defined(__STDC__) -extern bool_t xdr_ypreq_xfr(XDR *, ypreq_xfr*); -#else /* Old Style C */ -bool_t xdr_ypreq_xfr(); -#endif /* Old Style C */ - - -struct ypresp_val { - ypstat stat; - valdat val; -}; -typedef struct ypresp_val ypresp_val; -#ifdef __cplusplus -extern "C" bool_t xdr_ypresp_val(XDR *, ypresp_val*); -#elif defined(__STDC__) -extern bool_t xdr_ypresp_val(XDR *, ypresp_val*); -#else /* Old Style C */ -bool_t xdr_ypresp_val(); -#endif /* Old Style C */ - - -struct ypresp_key_val { - ypstat stat; - keydat key; - valdat val; -}; -typedef struct ypresp_key_val ypresp_key_val; -#ifdef __cplusplus -extern "C" bool_t xdr_ypresp_key_val(XDR *, ypresp_key_val*); -#elif defined(__STDC__) -extern bool_t xdr_ypresp_key_val(XDR *, ypresp_key_val*); -#else /* Old Style C */ -bool_t xdr_ypresp_key_val(); -#endif /* Old Style C */ - - -struct ypresp_master { - ypstat stat; - peername peer; -}; -typedef struct ypresp_master ypresp_master; -#ifdef __cplusplus -extern "C" bool_t xdr_ypresp_master(XDR *, ypresp_master*); -#elif defined(__STDC__) -extern bool_t xdr_ypresp_master(XDR *, ypresp_master*); -#else /* Old Style C */ -bool_t xdr_ypresp_master(); -#endif /* Old Style C */ - - -struct ypresp_order { - ypstat stat; - u_int32_t ordernum; -}; -typedef struct ypresp_order ypresp_order; -#ifdef __cplusplus -extern "C" bool_t xdr_ypresp_order(XDR *, ypresp_order*); -#elif defined(__STDC__) -extern bool_t xdr_ypresp_order(XDR *, ypresp_order*); -#else /* Old Style C */ -bool_t xdr_ypresp_order(); -#endif /* Old Style C */ - - -struct ypresp_all { - bool_t more; - union { - ypresp_key_val val; - } ypresp_all_u; -}; -typedef struct ypresp_all ypresp_all; -#ifdef __cplusplus -extern "C" bool_t xdr_ypresp_all(XDR *, ypresp_all*); -#elif defined(__STDC__) -extern bool_t xdr_ypresp_all(XDR *, ypresp_all*); -#else /* Old Style C */ -bool_t xdr_ypresp_all(); -#endif /* Old Style C */ - - -struct ypresp_xfr { - u_int transid; - ypxfrstat xfrstat; -}; -typedef struct ypresp_xfr ypresp_xfr; -#ifdef __cplusplus -extern "C" bool_t xdr_ypresp_xfr(XDR *, ypresp_xfr*); -#elif defined(__STDC__) -extern bool_t xdr_ypresp_xfr(XDR *, ypresp_xfr*); -#else /* Old Style C */ -bool_t xdr_ypresp_xfr(); -#endif /* Old Style C */ - - -struct ypmaplist { - mapname map; - struct ypmaplist *next; -}; -typedef struct ypmaplist ypmaplist; -#ifdef __cplusplus -extern "C" bool_t xdr_ypmaplist(XDR *, ypmaplist*); -#elif defined(__STDC__) -extern bool_t xdr_ypmaplist(XDR *, ypmaplist*); -#else /* Old Style C */ -bool_t xdr_ypmaplist(); -#endif /* Old Style C */ - - -struct ypresp_maplist { - ypstat stat; - ypmaplist *maps; -}; -typedef struct ypresp_maplist ypresp_maplist; -#ifdef __cplusplus -extern "C" bool_t xdr_ypresp_maplist(XDR *, ypresp_maplist*); -#elif defined(__STDC__) -extern bool_t xdr_ypresp_maplist(XDR *, ypresp_maplist*); -#else /* Old Style C */ -bool_t xdr_ypresp_maplist(); -#endif /* Old Style C */ - - -enum yppush_status { - YPPUSH_SUCC = 1, - YPPUSH_AGE = 2, - YPPUSH_NOMAP = -1, - YPPUSH_NODOM = -2, - YPPUSH_RSRC = -3, - YPPUSH_RPC = -4, - YPPUSH_MADDR = -5, - YPPUSH_YPERR = -6, - YPPUSH_BADARGS = -7, - YPPUSH_DBM = -8, - YPPUSH_FILE = -9, - YPPUSH_SKEW = -10, - YPPUSH_CLEAR = -11, - YPPUSH_FORCE = -12, - YPPUSH_XFRERR = -13, - YPPUSH_REFUSED = -14, -}; -typedef enum yppush_status yppush_status; -#ifdef __cplusplus -extern "C" bool_t xdr_yppush_status(XDR *, yppush_status*); -#elif defined(__STDC__) -extern bool_t xdr_yppush_status(XDR *, yppush_status*); -#else /* Old Style C */ -bool_t xdr_yppush_status(); -#endif /* Old Style C */ - - -struct yppushresp_xfr { - u_int transid; - yppush_status status; -}; -typedef struct yppushresp_xfr yppushresp_xfr; -#ifdef __cplusplus -extern "C" bool_t xdr_yppushresp_xfr(XDR *, yppushresp_xfr*); -#elif defined(__STDC__) -extern bool_t xdr_yppushresp_xfr(XDR *, yppushresp_xfr*); -#else /* Old Style C */ -bool_t xdr_yppushresp_xfr(); -#endif /* Old Style C */ - - -enum ypbind_resptype { - YPBIND_SUCC_VAL = 1, - YPBIND_FAIL_VAL = 2, -}; -typedef enum ypbind_resptype ypbind_resptype; -#ifdef __cplusplus -extern "C" bool_t xdr_ypbind_resptype(XDR *, ypbind_resptype*); -#elif defined(__STDC__) -extern bool_t xdr_ypbind_resptype(XDR *, ypbind_resptype*); -#else /* Old Style C */ -bool_t xdr_ypbind_resptype(); -#endif /* Old Style C */ - - -struct ypbind_binding { - char ypbind_binding_addr[4]; - char ypbind_binding_port[2]; -}; -typedef struct ypbind_binding ypbind_binding; -#ifdef __cplusplus -extern "C" bool_t xdr_ypbind_binding(XDR *, ypbind_binding*); -#elif defined(__STDC__) -extern bool_t xdr_ypbind_binding(XDR *, ypbind_binding*); -#else /* Old Style C */ -bool_t xdr_ypbind_binding(); -#endif /* Old Style C */ - - -struct ypbind_resp { - ypbind_resptype ypbind_status; - union { - u_int ypbind_error; - ypbind_binding ypbind_bindinfo; - } ypbind_resp_u; -}; -typedef struct ypbind_resp ypbind_resp; -#ifdef __cplusplus -extern "C" bool_t xdr_ypbind_resp(XDR *, ypbind_resp*); -#elif defined(__STDC__) -extern bool_t xdr_ypbind_resp(XDR *, ypbind_resp*); -#else /* Old Style C */ -bool_t xdr_ypbind_resp(); -#endif /* Old Style C */ - -#define YPBIND_ERR_ERR 1 -#define YPBIND_ERR_NOSERV 2 -#define YPBIND_ERR_RESC 3 - -struct ypbind_setdom { - domainname ypsetdom_domain; - ypbind_binding ypsetdom_binding; - u_int ypsetdom_vers; -}; -typedef struct ypbind_setdom ypbind_setdom; -#ifdef __cplusplus -extern "C" bool_t xdr_ypbind_setdom(XDR *, ypbind_setdom*); -#elif defined(__STDC__) -extern bool_t xdr_ypbind_setdom(XDR *, ypbind_setdom*); -#else /* Old Style C */ -bool_t xdr_ypbind_setdom(); -#endif /* Old Style C */ - - -#define YPPROG ((u_long)100004) -#define YPVERS ((u_long)2) - -#ifdef __cplusplus -#define YPPROC_NULL ((u_long)0) -extern "C" void * ypproc_null_2(void *, CLIENT *); -extern "C" void * ypproc_null_2_svc(void *, struct svc_req *); -#define YPPROC_DOMAIN ((u_long)1) -extern "C" bool_t * ypproc_domain_2(domainname *, CLIENT *); -extern "C" bool_t * ypproc_domain_2_svc(domainname *, struct svc_req *); -#define YPPROC_DOMAIN_NONACK ((u_long)2) -extern "C" bool_t * ypproc_domain_nonack_2(domainname *, CLIENT *); -extern "C" bool_t * ypproc_domain_nonack_2_svc(domainname *, struct svc_req *); -#define YPPROC_MATCH ((u_long)3) -extern "C" ypresp_val * ypproc_match_2(ypreq_key *, CLIENT *); -extern "C" ypresp_val * ypproc_match_2_svc(ypreq_key *, struct svc_req *); -#define YPPROC_FIRST ((u_long)4) -extern "C" ypresp_key_val * ypproc_first_2(ypreq_nokey *, CLIENT *); -extern "C" ypresp_key_val * ypproc_first_2_svc(ypreq_nokey *, struct svc_req *); -#define YPPROC_NEXT ((u_long)5) -extern "C" ypresp_key_val * ypproc_next_2(ypreq_key *, CLIENT *); -extern "C" ypresp_key_val * ypproc_next_2_svc(ypreq_key *, struct svc_req *); -#define YPPROC_XFR ((u_long)6) -extern "C" ypresp_xfr * ypproc_xfr_2(ypreq_xfr *, CLIENT *); -extern "C" ypresp_xfr * ypproc_xfr_2_svc(ypreq_xfr *, struct svc_req *); -#define YPPROC_CLEAR ((u_long)7) -extern "C" void * ypproc_clear_2(void *, CLIENT *); -extern "C" void * ypproc_clear_2_svc(void *, struct svc_req *); -#define YPPROC_ALL ((u_long)8) -extern "C" ypresp_all * ypproc_all_2(ypreq_nokey *, CLIENT *); -extern "C" ypresp_all * ypproc_all_2_svc(ypreq_nokey *, struct svc_req *); -#define YPPROC_MASTER ((u_long)9) -extern "C" ypresp_master * ypproc_master_2(ypreq_nokey *, CLIENT *); -extern "C" ypresp_master * ypproc_master_2_svc(ypreq_nokey *, struct svc_req *); -#define YPPROC_ORDER ((u_long)10) -extern "C" ypresp_order * ypproc_order_2(ypreq_nokey *, CLIENT *); -extern "C" ypresp_order * ypproc_order_2_svc(ypreq_nokey *, struct svc_req *); -#define YPPROC_MAPLIST ((u_long)11) -extern "C" ypresp_maplist * ypproc_maplist_2(domainname *, CLIENT *); -extern "C" ypresp_maplist * ypproc_maplist_2_svc(domainname *, struct svc_req *); - -#elif defined(__STDC__) -#define YPPROC_NULL ((u_long)0) -extern void * ypproc_null_2(void *, CLIENT *); -extern void * ypproc_null_2_svc(void *, struct svc_req *); -#define YPPROC_DOMAIN ((u_long)1) -extern bool_t * ypproc_domain_2(domainname *, CLIENT *); -extern bool_t * ypproc_domain_2_svc(domainname *, struct svc_req *); -#define YPPROC_DOMAIN_NONACK ((u_long)2) -extern bool_t * ypproc_domain_nonack_2(domainname *, CLIENT *); -extern bool_t * ypproc_domain_nonack_2_svc(domainname *, struct svc_req *); -#define YPPROC_MATCH ((u_long)3) -extern ypresp_val * ypproc_match_2(ypreq_key *, CLIENT *); -extern ypresp_val * ypproc_match_2_svc(ypreq_key *, struct svc_req *); -#define YPPROC_FIRST ((u_long)4) -extern ypresp_key_val * ypproc_first_2(ypreq_nokey *, CLIENT *); -extern ypresp_key_val * ypproc_first_2_svc(ypreq_nokey *, struct svc_req *); -#define YPPROC_NEXT ((u_long)5) -extern ypresp_key_val * ypproc_next_2(ypreq_key *, CLIENT *); -extern ypresp_key_val * ypproc_next_2_svc(ypreq_key *, struct svc_req *); -#define YPPROC_XFR ((u_long)6) -extern ypresp_xfr * ypproc_xfr_2(ypreq_xfr *, CLIENT *); -extern ypresp_xfr * ypproc_xfr_2_svc(ypreq_xfr *, struct svc_req *); -#define YPPROC_CLEAR ((u_long)7) -extern void * ypproc_clear_2(void *, CLIENT *); -extern void * ypproc_clear_2_svc(void *, struct svc_req *); -#define YPPROC_ALL ((u_long)8) -extern ypresp_all * ypproc_all_2(ypreq_nokey *, CLIENT *); -extern ypresp_all * ypproc_all_2_svc(ypreq_nokey *, struct svc_req *); -#define YPPROC_MASTER ((u_long)9) -extern ypresp_master * ypproc_master_2(ypreq_nokey *, CLIENT *); -extern ypresp_master * ypproc_master_2_svc(ypreq_nokey *, struct svc_req *); -#define YPPROC_ORDER ((u_long)10) -extern ypresp_order * ypproc_order_2(ypreq_nokey *, CLIENT *); -extern ypresp_order * ypproc_order_2_svc(ypreq_nokey *, struct svc_req *); -#define YPPROC_MAPLIST ((u_long)11) -extern ypresp_maplist * ypproc_maplist_2(domainname *, CLIENT *); -extern ypresp_maplist * ypproc_maplist_2_svc(domainname *, struct svc_req *); - -#else /* Old Style C */ -#define YPPROC_NULL ((u_long)0) -extern void * ypproc_null_2(); -extern void * ypproc_null_2_svc(); -#define YPPROC_DOMAIN ((u_long)1) -extern bool_t * ypproc_domain_2(); -extern bool_t * ypproc_domain_2_svc(); -#define YPPROC_DOMAIN_NONACK ((u_long)2) -extern bool_t * ypproc_domain_nonack_2(); -extern bool_t * ypproc_domain_nonack_2_svc(); -#define YPPROC_MATCH ((u_long)3) -extern ypresp_val * ypproc_match_2(); -extern ypresp_val * ypproc_match_2_svc(); -#define YPPROC_FIRST ((u_long)4) -extern ypresp_key_val * ypproc_first_2(); -extern ypresp_key_val * ypproc_first_2_svc(); -#define YPPROC_NEXT ((u_long)5) -extern ypresp_key_val * ypproc_next_2(); -extern ypresp_key_val * ypproc_next_2_svc(); -#define YPPROC_XFR ((u_long)6) -extern ypresp_xfr * ypproc_xfr_2(); -extern ypresp_xfr * ypproc_xfr_2_svc(); -#define YPPROC_CLEAR ((u_long)7) -extern void * ypproc_clear_2(); -extern void * ypproc_clear_2_svc(); -#define YPPROC_ALL ((u_long)8) -extern ypresp_all * ypproc_all_2(); -extern ypresp_all * ypproc_all_2_svc(); -#define YPPROC_MASTER ((u_long)9) -extern ypresp_master * ypproc_master_2(); -extern ypresp_master * ypproc_master_2_svc(); -#define YPPROC_ORDER ((u_long)10) -extern ypresp_order * ypproc_order_2(); -extern ypresp_order * ypproc_order_2_svc(); -#define YPPROC_MAPLIST ((u_long)11) -extern ypresp_maplist * ypproc_maplist_2(); -extern ypresp_maplist * ypproc_maplist_2_svc(); -#endif /* Old Style C */ - -#define YPPUSH_XFRRESPPROG ((u_long)0x40000000) -#define YPPUSH_XFRRESPVERS ((u_long)1) - -#ifdef __cplusplus -#define YPPUSHPROC_NULL ((u_long)0) -extern "C" void * yppushproc_null_1(void *, CLIENT *); -extern "C" void * yppushproc_null_1_svc(void *, struct svc_req *); -#define YPPUSHPROC_XFRRESP ((u_long)1) -extern "C" yppushresp_xfr * yppushproc_xfrresp_1(void *, CLIENT *); -extern "C" yppushresp_xfr * yppushproc_xfrresp_1_svc(void *, struct svc_req *); - -#elif defined(__STDC__) -#define YPPUSHPROC_NULL ((u_long)0) -extern void * yppushproc_null_1(void *, CLIENT *); -extern void * yppushproc_null_1_svc(void *, struct svc_req *); -#define YPPUSHPROC_XFRRESP ((u_long)1) -extern yppushresp_xfr * yppushproc_xfrresp_1(void *, CLIENT *); -extern yppushresp_xfr * yppushproc_xfrresp_1_svc(void *, struct svc_req *); - -#else /* Old Style C */ -#define YPPUSHPROC_NULL ((u_long)0) -extern void * yppushproc_null_1(); -extern void * yppushproc_null_1_svc(); -#define YPPUSHPROC_XFRRESP ((u_long)1) -extern yppushresp_xfr * yppushproc_xfrresp_1(); -extern yppushresp_xfr * yppushproc_xfrresp_1_svc(); -#endif /* Old Style C */ - -#define YPBINDPROG ((u_long)100007) -#define YPBINDVERS ((u_long)2) - -#ifdef __cplusplus -#define YPBINDPROC_NULL ((u_long)0) -extern "C" void * ypbindproc_null_2(void *, CLIENT *); -extern "C" void * ypbindproc_null_2_svc(void *, struct svc_req *); -#define YPBINDPROC_DOMAIN ((u_long)1) -extern "C" ypbind_resp * ypbindproc_domain_2(domainname *, CLIENT *); -extern "C" ypbind_resp * ypbindproc_domain_2_svc(domainname *, struct svc_req *); -#define YPBINDPROC_SETDOM ((u_long)2) -extern "C" void * ypbindproc_setdom_2(ypbind_setdom *, CLIENT *); -extern "C" void * ypbindproc_setdom_2_svc(ypbind_setdom *, struct svc_req *); - -#elif defined(__STDC__) -#define YPBINDPROC_NULL ((u_long)0) -extern void * ypbindproc_null_2(void *, CLIENT *); -extern void * ypbindproc_null_2_svc(void *, struct svc_req *); -#define YPBINDPROC_DOMAIN ((u_long)1) -extern ypbind_resp * ypbindproc_domain_2(domainname *, CLIENT *); -extern ypbind_resp * ypbindproc_domain_2_svc(domainname *, struct svc_req *); -#define YPBINDPROC_SETDOM ((u_long)2) -extern void * ypbindproc_setdom_2(ypbind_setdom *, CLIENT *); -extern void * ypbindproc_setdom_2_svc(ypbind_setdom *, struct svc_req *); - -#else /* Old Style C */ -#define YPBINDPROC_NULL ((u_long)0) -extern void * ypbindproc_null_2(); -extern void * ypbindproc_null_2_svc(); -#define YPBINDPROC_DOMAIN ((u_long)1) -extern ypbind_resp * ypbindproc_domain_2(); -extern ypbind_resp * ypbindproc_domain_2_svc(); -#define YPBINDPROC_SETDOM ((u_long)2) -extern void * ypbindproc_setdom_2(); -extern void * ypbindproc_setdom_2_svc(); -#endif /* Old Style C */ - -#endif /* !_YP_H_RPCGEN */ diff --git a/ypserv.tproj/ypdb.c b/ypserv.tproj/ypdb.c deleted file mode 100644 index c9bd178..0000000 --- a/ypserv.tproj/ypdb.c +++ /dev/null @@ -1,297 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdb.c,v 1.5 1997/02/09 09:49:36 maja Exp $ */ - -/* - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * This code is derived from ndbm module of BSD4.4 db (hash) by - * Mats O Jansson - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include "ypdb.h" - -#ifdef YPDB_PATCH -extern DBM *__hash_open(); -#else -extern DBM *__bt_open(); -#endif - -/* - * Returns: - * *DBM on success - * NULL on failure - */ - -extern DBM * -ypdb_open(file, flags, mode) - const char *file; - int flags, mode; -{ -#ifdef YPDB_PATCH - HASHINFO info; - char path[MAXPATHLEN]; - - info.bsize = 4096; - info.ffactor = 40; - info.nelem = 1; - info.cachesize = NULL; - info.hash = NULL; - info.lorder = 0; - snprintf(path, sizeof(path), "%s%s", file, YPDB_SUFFIX); - return ((DBM *)__hash_open(path, flags, mode, &info, 0)); -#else - BTREEINFO info; - char path[MAXPATHLEN]; - DBM *db; - - info.flags = 0; - info.cachesize = 0; - info.maxkeypage = 0; - info.minkeypage = 0; - info.psize = 0; - info.compare = NULL; - info.prefix = NULL; - info.lorder = 0; - snprintf(path, sizeof(path), "%s%s", file, YPDB_SUFFIX); - db = (DBM *)__bt_open(path, flags, mode, &info, 0); - return (db); -#endif -} - -/* - * Returns: - * *DBM on success - * NULL on failure - */ - -extern DBM * -ypdb_open_suf(file, flags, mode) - const char *file; - int flags, mode; -{ -#ifdef YPDB_PATCH - HASHINFO info; - - info.bsize = 4096; - info.ffactor = 40; - info.nelem = 1; - info.cachesize = NULL; - info.hash = NULL; - info.lorder = 0; - return ((DBM *)__hash_open(file, flags, mode, &info, 0)); -#else - BTREEINFO info; - DBM *db; - - info.flags = 0; - info.cachesize = 0; - info.maxkeypage = 0; - info.minkeypage = 0; - info.psize = 0; - info.compare = NULL; - info.prefix = NULL; - info.lorder = 0; - db = (DBM *)__bt_open(file, flags, mode, &info, 0); - return (db); -#endif -} - -extern void -ypdb_close(db) - DBM *db; -{ - (void)(db->close)(db); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_fetch(db, key) - DBM *db; - datum key; -{ - datum retval; - int status; - - status = (db->get)(db, (DBT *)&key, (DBT *)&retval, 0); - if (status) { - retval.dptr = NULL; - retval.dsize = 0; - } - return (retval); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_firstkey(db) - DBM *db; -{ - int status; - datum retdata, retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST); - if (status) - retkey.dptr = NULL; - return (retkey); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_nextkey(db) - DBM *db; -{ - int status; - datum retdata, retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT); - if (status) - retkey.dptr = NULL; - return (retkey); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_setkey(db, key) - DBM *db; - datum key; -{ - int status; - datum retdata; -#ifdef YPDB_PATCH - datum retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST); - if (status) - retkey.dptr = NULL; - while ((retkey.dptr != NULL) && - ((retkey.dsize != key.dsize) || - (strncmp(key.dptr,retkey.dptr,retkey.dsize) != 0))) { - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT); - if (status) - retkey.dptr = NULL; - }; - return (retkey); -#else - status = (db->seq)(db, (DBT *)&key, (DBT *)&retdata, R_CURSOR); - if (status) - key.dptr = NULL; - return (key); -#endif -} - -/* - * Returns: - * 0 on success - * <0 failure - */ - -int -ypdb_delete(db, key) - DBM *db; - datum key; -{ - int status; - - status = (db->del)(db, (DBT *)&key, 0); - if (status) - return (-1); - else - return (0); -} - -/* - * Returns: - * 0 on success - * <0 failure - * 1 if YPDB_INSERT and entry exists - */ - -int -ypdb_store(db, key, content, flags) - DBM *db; - datum key, content; - int flags; -{ - return ((db->put)(db, (DBT *)&key, (DBT *)&content, - (flags == YPDB_INSERT) ? R_NOOVERWRITE : 0)); -} - diff --git a/ypserv.tproj/ypdb.h b/ypserv.tproj/ypdb.h deleted file mode 100644 index 45b0a7f..0000000 --- a/ypserv.tproj/ypdb.h +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdb.h,v 1.5 1997/02/09 09:49:37 maja Exp $ */ - -/* - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * This code is derived from ndbm module of BSD4.4 db (hash) by - * Mats O Jansson - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPDB_H_ -#define _YPDB_H_ - -#ifndef _DB_H_ -#include -#endif - -#define YPDB_SUFFIX ".db" - -/* Flags to ypdb_store(). */ -#define YPDB_INSERT 0 -#define YPDB_REPLACE 1 - -#ifndef DATUM -typedef struct { - char *dptr; - int dsize; -} datum; -#define DATUM -#endif - -typedef DB DBM; - -__BEGIN_DECLS -void ypdb_close __P((DBM *)); -datum ypdb_fetch __P((DBM *, datum)); -datum ypdb_firstkey __P((DBM *)); -datum ypdb_nextkey __P((DBM *)); -datum ypdb_setkey __P((DBM *, datum)); -DBM *ypdb_open __P((const char *, int, int)); -DBM *ypdb_open_suf __P((const char *, int, int)); -int ypdb_store __P((DBM *, datum, datum, int)); -__END_DECLS - -#endif /* !_YPDB_H_ */ diff --git a/ypserv.tproj/ypdef.h b/ypserv.tproj/ypdef.h deleted file mode 100644 index 89970d7..0000000 --- a/ypserv.tproj/ypdef.h +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdef.h,v 1.6 1997/03/30 20:51:14 maja Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPDEF_H_ -#define _YPDEF_H_ - -#define YP_DB_PATH "/var/yp" -#define YP_LAST_KEY "YP_LAST_MODIFIED" -#define YP_LAST_LEN (sizeof(YP_LAST_KEY)-1) -#define YP_INPUT_KEY "YP_INPUT_FILE" -#define YP_INPUT_LEN (sizeof(YP_INPUT_KEY)-1) -#define YP_OUTPUT_KEY "YP_OUTPUT_FILE" -#define YP_OUTPUT_LEN (sizeof(YP_OUTPUT_KEY)-1) -#define YP_MASTER_KEY "YP_MASTER_NAME" -#define YP_MASTER_LEN (sizeof(YP_MASTER_KEY)-1) -#define YP_DOMAIN_KEY "YP_DOMAIN_NAME" -#define YP_DOMAIN_LEN (sizeof(YP_DOMAIN_KEY)-1) -#define YP_INTERDOMAIN_KEY "YP_INTERDOMAIN" -#define YP_INTERDOMAIN_LEN (sizeof(YP_INTERDOMAIN_KEY)-1) -#define YP_SECURE_KEY "YP_SECURE" -#define YP_SECURE_LEN (sizeof(YP_SECURE_KEY)-1) - -#define MAX_LAST_LEN 10 -#define MAX_MASTER_LEN 255 -#define YP_HOSTNAME "hosts.byname" -#define YP_HOSTADDR "hosts.byaddr" - -#ifndef TRUE -#define TRUE 1 -#endif - -#ifndef FALSE -#define FALSE 0 -#endif - -#define YPXFR_PROC "/usr/sbin/ypxfr" -#define YPPUSH_PROC "/usr/sbin/yppush" -#define YPSERV_PID_PATH "/var/run/ypserv.pid" -#define YP_SECURENET_FILE "/var/yp/securenet" - -#endif /* !_YPDEF_H_ */ diff --git a/ypserv.tproj/yplog.c b/ypserv.tproj/yplog.c deleted file mode 100644 index 3460c9a..0000000 --- a/ypserv.tproj/yplog.c +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yplog.c,v 1.5 1997/08/09 22:44:04 maja Exp $ */ - -/* - * Copyright (c) 1996 Charles D. Cranor - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Charles D. Cranor. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* - * yplog.c: replacement yplog routines for - * Mats O Jansson's ypserv program, as added by - * Chuck Cranor. - */ - -#include -#include -#include -#include -#ifdef __STDC__ -#include -#else -#include -#endif -#include "yplog.h" - -static FILE *logfp = NULL; /* the log file */ - -/* - * yplog(): like a printf, but to the log file. does the flush - * and data for you. - */ - -void -#ifdef __STDC__ -yplog(const char *fmt, ...) -#else -yplog(fmt, va_alist) - char *fmt; - va_dcl -#endif -{ - va_list ap; - -#ifdef __STDC__ - va_start(ap, fmt); -#else - va_start(ap); -#endif - vyplog(fmt, ap); - va_end(ap); -} - -/* - * vyplog() support routine for yplog() - */ - -void -vyplog(fmt, ap) - register const char *fmt; - va_list ap; -{ - time_t t; - - if (logfp == NULL) - return; - (void)time(&t); - fprintf(logfp,"%.15s ", ctime(&t) + 4); - vfprintf(logfp, fmt, ap); - fprintf(logfp,"\n"); - fflush(logfp); -} - -/* - * open log - */ - -void -ypopenlog() -{ - static char logfn[] = "/var/yp/ypserv.log"; - - if (access(logfn, W_OK) == -1) - return; - logfp = fopen("/var/yp/ypserv.log", "a"); - if (logfp == NULL) - return; - yplog("yplog opened"); -} - -/* - * close log - */ - -void -ypcloselog() -{ - if (logfp) { - yplog("yplog closed"); - fclose(logfp); - logfp = NULL; - } -} diff --git a/ypserv.tproj/yplog.h b/ypserv.tproj/yplog.h deleted file mode 100644 index c517042..0000000 --- a/ypserv.tproj/yplog.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yplog.h,v 1.3 1996/05/30 09:53:04 deraadt Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPLOG_H_ -#define _YPLOG_H_ - -#include - -__BEGIN_DECLS -void yplog __P((const char *, ...)); -void vyplog __P((const char *, va_list)); -void ypopenlog __P((void)); -void ypcloselog __P((void)); -__END_DECLS - -#endif /* !_YPLOG_H_ */ diff --git a/ypserv.tproj/ypserv.8 b/ypserv.tproj/ypserv.8 deleted file mode 100644 index 9cb9a0d..0000000 --- a/ypserv.tproj/ypserv.8 +++ /dev/null @@ -1,134 +0,0 @@ -.\" $OpenBSD: ypserv.8,v 1.9 1997/09/04 00:43:19 deraadt Exp $ -.\" Copyright (c) 1994 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Mats O Jansson -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd June 27, 1994 -.Dt YPSERV 8 -.Os -.Sh NAME -.Nm ypserv -.Nd YP server daemon -.Sh SYNOPSIS -.Nm ypserv -.Op Fl 1 -.Op Fl a Ar aclfile -.Op Fl d -.Op Fl x -.Sh DESCRIPTION -.Nm Ypserv -is a fundamental part of the network information system called YP. -This server provides information from YP maps to the YP clients -on the network. -.Pp -A YP map is stored on the server as a -.Xr db 3 -database. A number of YP maps is grouped together in a domain. -.Ar Ypserv -determines the domains it serves by looking for a directory with -the domain name in -.Ar /var/yp . -.Pp -YP hasn't been known for high security through the years. In recent years -security has improved by restricting access to the server. In SunOS 4.1 -has a new file occured named -.Ar /var/yp/securenet . -It contains networks the server can assume is secure. For information about -file format see -.Xr securenet 5 . -.Pp -Before the author of this server had seen -.Xr securenet 5 -another format was implemented -.Xr ypserv.acl 5 . -This file format makes it possible to allow and deny hosts and networks -access to the server. This file can have any name since it's given by -the argument to -.Fl a -(use full path). -.Pp -The file used can be reread by sending a SIGHUP to ypserv. The process pid -can be found in the file -.Nm /var/run/ypserv.pid -. -.Pp -If a host isn't secure all queries to the server will result in a YP_NODOM -result. -.Pp -If the file -.Nm /var/yp/ypserv.log -exists then messages will be written to the file. -.Pp -If a directory named the same as the system domainname exists in -.Nm /var/yp/ -(ie. the domainname is -.Nm foo -and directory -.Nm /var/yp/foo -exists), then ypserv will be automatically started at boot time. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl 1 -Allow ypserv to answer old YP version 1 requests. -.It Fl a Ar aclfile -Don't use -.Ar /var/yp/securenet . -Use another file with another file format. For futher information see -man page for -.Ar ypserv.acl . -.It Fl d -Use Internet Domain Name System. If a query to map -.Ar hosts.byname -or -.Ar hosts.byaddr -fails, make a DNS query and return the result if successful. -Alternately, if these maps were built on the YP master using -.Nm makedbm -.Fl b -then DNS queries will be done without needing to specify -.Fl d . -.It Fl x -Terminate the server after processing -.Ar aclfile -or -.Ar /var/yp/securenet . -.El -.Sh FILES -.Bl -tag -width /var/yp/ypserv.log -compact -.It Pa /var/yp/ypserv.log -.It Pa /var/yp/securenet -.It Pa /var/run/ypserv.pid -.El -.Sh SEE ALSO -.Xr yp 8 , -.Xr ypserv.acl 5 , -.Xr securenet 5 , -.Xr ypbind 1 -.Sh AUTHOR -Mats O Jansson diff --git a/ypserv.tproj/ypserv.acl b/ypserv.tproj/ypserv.acl deleted file mode 100644 index afeb86f..0000000 --- a/ypserv.tproj/ypserv.acl +++ /dev/null @@ -1,44 +0,0 @@ -# This is an example of an access control file to be used by ypserv. -# -# This file is parsed line by line. First match will terminate the check -# of the caller. -# - -############################################################################# -# This is the commands that will match a single host -# -# allow host -# deny host -# -# To process hostname gethostbyname is called. If the hostname has multiple -# ip-addresses all will be added (I hope). ip-address is processed by -# inet_aton. -allow host localhost -deny host jodie - -############################################################################# -# This is the commands that will match a network -# -# allow net [netmask ] -# deny net [netmask ] -# -# To process netname getnetbyname is called, and inet_aton is used for -# netnumber. inet_aton both access numbers as 255.255.255.0 and 0xffffff00. -# -# If netmask isn't given the parser will assume netmask from the first bits -# of the network number. So if the network is subneted the you have to add -# the netmask. In my case I've got the network 139.58.253.0 at home so too -# allow any of my computers to talk with the server I need the following line -# -allow net mojathome netmask 255.255.255.0 - -############################################################################# -# At last we have a command that will match any caller: -# -# allow all -# deny all -# - -# reject all connections -deny all - diff --git a/ypserv.tproj/ypserv.acl.5 b/ypserv.tproj/ypserv.acl.5 deleted file mode 100644 index 4e00b7b..0000000 --- a/ypserv.tproj/ypserv.acl.5 +++ /dev/null @@ -1,182 +0,0 @@ -.\" $OpenBSD: ypserv.acl.5,v 1.6 1997/08/05 09:26:56 maja Exp $ -.\" Copyright (c) 1994 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Mats O Jansson -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd July 2, 1994 -.Dt YPSERV.ACL 5 -.Os -.Sh NAME -.Nm ypserv.acl -.Nd -.Xr ypserv 8 -configuration file -.Sh DESCRIPTION -The -.Nm ypserv.acl -file controls which hosts can connect to the -.Nm YP -server. -.Pp -The format is more complex than the format for -.Xr securenet 5 . -The first two verbs on each line controls if the line will -.Nm allow -or -.Nm deny -access for a -.Nm host , -network -.Nm (net) -or -.Nm all -hosts. -.Pp -The -.Nm YP -server reads the configuration file and build a list in memory. This list -is processed from the beginning for every incomming request. As soon a -match is found in the list the search terminates and it returns success -or failure depending on -.Nm allow -or -.Nm deny . -If no match was found in the list success is returned. -.Pp -If access is denied every call will cause a -.Nm no such domain -error for the caller. -.Pp -Don't forget to allow localhost access if you want the machine running -.Nm ypserv -access it too. -.Pp -There is no default name for this file. Start -.Nm ypserv -with a -.Ar -a filename -to read a file with this format. -.Pp -The following different syntax can be used: -.Pp -< -.Nm allow|deny -> -.Nm host -< -.Nm hostname|ip-address -> -.Pp -If -.Nm hostname -has more than one ip address then all will be added to the list. -.Pp -< -.Nm allow|deny -> -.Nm net -< -.Nm netname|netnumber -> -.Op Nm netmask -.Pp -If -.Nm netmask -part of the command isn't given then the netmask will be assumed to be a -class A, B or C net depending on the net number. -.Pp -< -.Nm allow|deny -> -.Nm all -.Pp -A line containing one of these commands will always match any host. -.Sh EXAMPLES -.Pp -A configuration file might appear as follows: -.Bd -literal -# This is an example of an access control file to be used by ypserv. -# -# This file is parsed line by line. First match will terminate the check -# of the caller. -# - -########################################################################### -# This is the commands that will match a single host -# -# allow host -# deny host -# -# To process hostname gethostbyname is called. If the hostname has -# multiple ip-addresses all will be added (I hope). ip-address -# processed by inet_aton. -allow host localhost -deny host jodie - -########################################################################### -# This is the commands that will match a network -# -# allow net [netmask ] -# deny net [netmask ] -# -# To process netname getnetbyname is called, and inet_aton is used for -# netnumber. inet_aton both access numbers as 255.255.255.0 and 0xffffff00. -# -# If netmask isn't given the parser will assume netmask from the first bits -# of the network number. So if the network is subneted the you have to add -# the netmask. In my case I've got the network 139.58.253.0 at home so too -# allow any of my computers to talk with the server I need the following -# line -# -allow net mojathome netmask 255.255.255.0 - -########################################################################### -# At last we have a command that will match any caller: -# -# allow all -# deny all -# - -# reject all connections -deny all - -.Ed -.Sh FILES -.Bl -tag -width /var/yp/ypserv.acl -compact -.It Pa /var/yp/ypserv.acl -A -.Xr ypserv 8 -configuration file. -.El -.Sh SEE ALSO -.Xr yp 8 , -.Xr ypserv 8 , -.Xr securenet 5 -.Sh AUTHOR -Mats O Jansson - diff --git a/ypserv.tproj/ypserv.c b/ypserv.tproj/ypserv.c deleted file mode 100644 index f9c0e2b..0000000 --- a/ypserv.tproj/ypserv.c +++ /dev/null @@ -1,559 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypserv.c,v 1.12 1997/11/04 07:40:52 deraadt Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: ypserv.c,v 1.12 1997/11/04 07:40:52 deraadt Exp $"; -#endif - -#include "yp.h" -#include "ypv1.h" -#include -#include /* getenv, exit */ -#include /* for pmap_unset */ -#include /* strcmp */ -#include -#include -#include -#include -#include /* TIOCNOTTY */ -#ifdef __cplusplus -#include /* getdtablesize, open */ -#endif /* __cplusplus */ -#include -#include -#include -#include -#include "acl.h" -#include "yplog.h" -#include "ypdef.h" -#include -#include /* for ioctl */ -#include /* for open */ - -#ifdef __STDC__ -#define SIG_PF void(*)(int) -#endif - -#ifdef DEBUG -#define RPC_SVC_FG -#endif - -#define _RPCSVC_CLOSEDOWN 120 -static int _rpcpmstart; /* Started by a port monitor ? */ -static int _rpcfdtype; /* Whether Stream or Datagram ? */ -static int _rpcsvcdirty; /* Still serving ? */ - -int usedns = FALSE; -char *progname = "ypserv"; -char *aclfile = NULL; - -void sig_child(); -void sig_hup(); - -/* in the RPC library */ -SVCXPRT *svcfd_create(int, u_int, u_int); - -static -void _msgout(char* msg) -{ -#ifdef RPC_SVC_FG - if (_rpcpmstart) - syslog(LOG_ERR, msg); - else - (void) fprintf(stderr, "%s\n", msg); -#else - syslog(LOG_ERR, msg); -#endif -} - -static void -closedown() -{ - if (_rpcsvcdirty == 0) { - extern fd_set svc_fdset; - static int size; - int i, openfd; - - if (_rpcfdtype == SOCK_DGRAM) - exit(0); - if (size == 0) { - size = getdtablesize(); - } - for (i = 0, openfd = 0; i < size && openfd < 2; i++) - if (FD_ISSET(i, &svc_fdset)) - openfd++; - if (openfd <= (_rpcpmstart?0:1)) - exit(0); - } - (void) alarm(_RPCSVC_CLOSEDOWN); -} - -static void -ypprog_1(struct svc_req *rqstp, register SVCXPRT *transp) -{ - union { - domainname ypproc_domain_1_arg; - domainname ypproc_domain_nonack_1_arg; - yprequest ypproc_match_1_arg; - yprequest ypproc_first_1_arg; - yprequest ypproc_next_1_arg; - yprequest ypproc_poll_1_arg; - yprequest ypproc_push_1_arg; - yprequest ypproc_pull_1_arg; - yprequest ypproc_get_1_arg; - } argument; - char *result; - xdrproc_t xdr_argument, xdr_result; - char *(*local)(char *, struct svc_req *); - - _rpcsvcdirty = 1; - switch (rqstp->rq_proc) { - case YPOLDPROC_NULL: - xdr_argument = (xdrproc_t) xdr_void; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) ypproc_null_1_svc; - break; - - case YPOLDPROC_DOMAIN: - xdr_argument = (xdrproc_t) xdr_domainname; - xdr_result = (xdrproc_t) xdr_bool; - local = (char *(*)(char *, struct svc_req *)) ypproc_domain_1_svc; - break; - - case YPOLDPROC_DOMAIN_NONACK: - xdr_argument = (xdrproc_t) xdr_domainname; - xdr_result = (xdrproc_t) xdr_bool; - local = (char *(*)(char *, struct svc_req *)) ypproc_domain_nonack_1_svc; - break; - - case YPOLDPROC_MATCH: - xdr_argument = (xdrproc_t) xdr_yprequest; - xdr_result = (xdrproc_t) xdr_ypresponse; - local = (char *(*)(char *, struct svc_req *)) ypproc_match_1_svc; - break; - - case YPOLDPROC_FIRST: - xdr_argument = (xdrproc_t) xdr_yprequest; - xdr_result = (xdrproc_t) xdr_ypresponse; - local = (char *(*)(char *, struct svc_req *)) ypproc_first_1_svc; - break; - - case YPOLDPROC_NEXT: - xdr_argument = (xdrproc_t) xdr_yprequest; - xdr_result = (xdrproc_t) xdr_ypresponse; - local = (char *(*)(char *, struct svc_req *)) ypproc_next_1_svc; - break; - - case YPOLDPROC_POLL: - xdr_argument = (xdrproc_t) xdr_yprequest; - xdr_result = (xdrproc_t) xdr_ypresponse; - local = (char *(*)(char *, struct svc_req *)) ypproc_poll_1_svc; - break; - - case YPOLDPROC_PUSH: - xdr_argument = (xdrproc_t) xdr_yprequest; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) ypproc_push_1_svc; - break; - - case YPOLDPROC_PULL: - xdr_argument = (xdrproc_t) xdr_yprequest; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) ypproc_pull_1_svc; - break; - - case YPOLDPROC_GET: - xdr_argument = (xdrproc_t) xdr_yprequest; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) ypproc_get_1_svc; - break; - - default: - svcerr_noproc(transp); - _rpcsvcdirty = 0; - return; - } - (void) memset((char *)&argument, 0, sizeof (argument)); - if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { - svcerr_decode(transp); - _rpcsvcdirty = 0; - return; - } - result = (*local)((char *)&argument, rqstp); - if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { - svcerr_systemerr(transp); - } - if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { - _msgout("unable to free arguments"); - exit(1); - } - _rpcsvcdirty = 0; - return; -} - -static void -ypprog_2(struct svc_req *rqstp, register SVCXPRT *transp) -{ - union { - domainname ypproc_domain_2_arg; - domainname ypproc_domain_nonack_2_arg; - ypreq_key ypproc_match_2_arg; - ypreq_nokey ypproc_first_2_arg; - ypreq_key ypproc_next_2_arg; - ypreq_xfr ypproc_xfr_2_arg; - ypreq_nokey ypproc_all_2_arg; - ypreq_nokey ypproc_master_2_arg; - ypreq_nokey ypproc_order_2_arg; - domainname ypproc_maplist_2_arg; - } argument; - char *result; - xdrproc_t xdr_argument, xdr_result; - char *(*local)(char *, struct svc_req *); - - _rpcsvcdirty = 1; - switch (rqstp->rq_proc) { - case YPPROC_NULL: - xdr_argument = (xdrproc_t) xdr_void; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) ypproc_null_2_svc; - break; - - case YPPROC_DOMAIN: - xdr_argument = (xdrproc_t) xdr_domainname; - xdr_result = (xdrproc_t) xdr_bool; - local = (char *(*)(char *, struct svc_req *)) ypproc_domain_2_svc; - break; - - case YPPROC_DOMAIN_NONACK: - xdr_argument = (xdrproc_t) xdr_domainname; - xdr_result = (xdrproc_t) xdr_bool; - local = (char *(*)(char *, struct svc_req *)) ypproc_domain_nonack_2_svc; - break; - - case YPPROC_MATCH: - xdr_argument = (xdrproc_t) xdr_ypreq_key; - xdr_result = (xdrproc_t) xdr_ypresp_val; - local = (char *(*)(char *, struct svc_req *)) ypproc_match_2_svc; - break; - - case YPPROC_FIRST: - xdr_argument = (xdrproc_t) xdr_ypreq_nokey; - xdr_result = (xdrproc_t) xdr_ypresp_key_val; - local = (char *(*)(char *, struct svc_req *)) ypproc_first_2_svc; - break; - - case YPPROC_NEXT: - xdr_argument = (xdrproc_t) xdr_ypreq_key; - xdr_result = (xdrproc_t) xdr_ypresp_key_val; - local = (char *(*)(char *, struct svc_req *)) ypproc_next_2_svc; - break; - - case YPPROC_XFR: - xdr_argument = (xdrproc_t) xdr_ypreq_xfr; - xdr_result = (xdrproc_t) xdr_ypresp_xfr; - local = (char *(*)(char *, struct svc_req *)) ypproc_xfr_2_svc; - break; - - case YPPROC_CLEAR: - xdr_argument = (xdrproc_t) xdr_void; - xdr_result = (xdrproc_t) xdr_void; - local = (char *(*)(char *, struct svc_req *)) ypproc_clear_2_svc; - break; - - case YPPROC_ALL: - xdr_argument = (xdrproc_t) xdr_ypreq_nokey; - xdr_result = (xdrproc_t) xdr_ypresp_all; - local = (char *(*)(char *, struct svc_req *)) ypproc_all_2_svc; - break; - - case YPPROC_MASTER: - xdr_argument = (xdrproc_t) xdr_ypreq_nokey; - xdr_result = (xdrproc_t) xdr_ypresp_master; - local = (char *(*)(char *, struct svc_req *)) ypproc_master_2_svc; - break; - - case YPPROC_ORDER: - xdr_argument = (xdrproc_t) xdr_ypreq_nokey; - xdr_result = (xdrproc_t) xdr_ypresp_order; - local = (char *(*)(char *, struct svc_req *)) ypproc_order_2_svc; - break; - - case YPPROC_MAPLIST: - xdr_argument = (xdrproc_t) xdr_domainname; - xdr_result = (xdrproc_t) xdr_ypresp_maplist; - local = (char *(*)(char *, struct svc_req *)) ypproc_maplist_2_svc; - break; - - default: - svcerr_noproc(transp); - _rpcsvcdirty = 0; - return; - } - (void) memset((char *)&argument, 0, sizeof (argument)); - if (!svc_getargs(transp, xdr_argument, (caddr_t) &argument)) { - svcerr_decode(transp); - _rpcsvcdirty = 0; - return; - } - result = (*local)((char *)&argument, rqstp); - if (result != NULL && !svc_sendreply(transp, xdr_result, result)) { - svcerr_systemerr(transp); - } - if (!svc_freeargs(transp, xdr_argument, (caddr_t) &argument)) { - _msgout("unable to free arguments"); - exit(1); - } - _rpcsvcdirty = 0; - return; -} - -int -main (argc,argv) -int argc; -char *argv[]; -{ - register SVCXPRT *transp = NULL; - int sock; - int proto = 0; - struct sockaddr_in saddr; - int asize = sizeof (saddr); - int usage = 0; - int xflag = 0; - int allowv1 = 0; - int ch; - extern char *optarg; - - while ((ch = getopt(argc, argv, "1a:dx")) != -1) - switch (ch) { - case '1': - allowv1 = TRUE; - break; - case 'a': - aclfile = optarg; - break; - case 'd': - usedns = TRUE; - break; - case 'x': - xflag = TRUE; - break; - default: - usage++; - break; - } - - if (usage) { - (void)fprintf(stderr,"usage: %s [-a aclfile] [-d] [-x]\n",progname); - exit(1); - } - - if (geteuid() != 0) { - (void)fprintf(stderr,"%s: must be root to run.\n",progname); - exit(1); - } - - if (aclfile != NULL) { - (void)yp_acl_init(aclfile); - } else { - (void)yp_acl_securenet(YP_SECURENET_FILE); - } - if (xflag) { - exit(1); - }; - - if (getsockname(0, (struct sockaddr *)&saddr, &asize) == 0) { - int ssize = sizeof (int); - - if (saddr.sin_family != AF_INET) - exit(1); - if (getsockopt(0, SOL_SOCKET, SO_TYPE, - (char *)&_rpcfdtype, &ssize) == -1) - exit(1); - sock = 0; - _rpcpmstart = 1; - proto = 0; - openlog("ypserv", LOG_PID, LOG_DAEMON); - } else { -#ifndef RPC_SVC_FG - int size; - int pid, i; - - pid = fork(); - if (pid < 0) { - perror("cannot fork"); - exit(1); - } - if (pid) - exit(0); - size = getdtablesize(); - for (i = 0; i < size; i++) - (void) close(i); - i = open("/dev/console", 2); - (void) dup2(i, 1); - (void) dup2(i, 2); - i = open("/dev/tty", 2); - if (i >= 0) { - (void) ioctl(i, TIOCNOTTY, (char *)NULL); - (void) close(i); - } - openlog("ypserv", LOG_PID, LOG_DAEMON); -#endif - sock = RPC_ANYSOCK; - (void) pmap_unset(YPPROG, YPVERS); - (void) pmap_unset(YPPROG, YPOLDVERS); - } - - ypopenlog(); /* open log file */ - ypdb_init(); /* init db stuff */ - - chdir("/"); - - (void)signal(SIGCHLD, sig_child); - (void)signal(SIGHUP, sig_hup); - { FILE *pidfile = fopen(YPSERV_PID_PATH, "w"); - if (pidfile != NULL) { - fprintf(pidfile, "%d\n", getpid()); - fclose(pidfile); - } - } - - if ((_rpcfdtype == 0) || (_rpcfdtype == SOCK_DGRAM)) { - transp = svcudp_create(sock); - if (transp == NULL) { - _msgout("cannot create udp service."); - exit(1); - } - if (transp->xp_port >= IPPORT_RESERVED) { - _msgout("cannot allocate udp privileged port."); - exit(1); - } - if (!_rpcpmstart) - proto = IPPROTO_UDP; - if (allowv1) { - if (!svc_register(transp, YPPROG, YPOLDVERS, ypprog_1, proto)) { - _msgout("unable to register (YPPROG, YPOLDVERS, udp)."); - exit(1); - } - } - if (!svc_register(transp, YPPROG, YPVERS, ypprog_2, proto)) { - _msgout("unable to register (YPPROG, YPVERS, udp)."); - exit(1); - } - } - - if ((_rpcfdtype == 0) || (_rpcfdtype == SOCK_STREAM)) { - if (_rpcpmstart) - transp = svcfd_create(sock, 0, 0); - else - transp = svctcp_create(sock, 0, 0); - if (transp == NULL) { - _msgout("cannot create tcp service."); - exit(1); - } - if (transp->xp_port >= IPPORT_RESERVED) { - _msgout("cannot allocate tcp privileged port."); - exit(1); - } - if (!_rpcpmstart) - proto = IPPROTO_TCP; - if (allowv1) { - if (!svc_register(transp, YPPROG, YPOLDVERS, ypprog_1, proto)) { - _msgout("unable to register (YPPROG, YPOLDVERS, tcp)."); - exit(1); - } - } - if (!svc_register(transp, YPPROG, YPVERS, ypprog_2, proto)) { - _msgout("unable to register (YPPROG, YPVERS, tcp)."); - exit(1); - } - } - - if (transp == (SVCXPRT *)NULL) { - _msgout("could not create a handle"); - exit(1); - } - if (_rpcpmstart) { - (void) signal(SIGALRM, (SIG_PF) closedown); - (void) alarm(_RPCSVC_CLOSEDOWN); - } - svc_run(); - _msgout("svc_run returned"); - exit(1); - /* NOTREACHED */ -} - -void -sig_child() -{ - int save_errno = errno; - - while (wait3((int *)NULL, WNOHANG, (struct rusage *)NULL) > 0) - ; - errno = save_errno; -} - -void -sig_hup() -{ - yp_acl_reset(); - if (aclfile != NULL) { - yplog("sig_hup: reread %s",aclfile); - (void)yp_acl_init(aclfile); - } else { - yplog("sig_hup: reread %s",YP_SECURENET_FILE); - (void)yp_acl_securenet(YP_SECURENET_FILE); - } -} diff --git a/ypserv.tproj/ypserv_db.c b/ypserv.tproj/ypserv_db.c deleted file mode 100644 index b7b6469..0000000 --- a/ypserv.tproj/ypserv_db.c +++ /dev/null @@ -1,811 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypserv_db.c,v 1.13 1997/08/09 23:10:12 maja Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * Copyright (c) 1996 Charles D. Cranor - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * and Charles D. Cranor. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: ypserv_db.c,v 1.13 1997/08/09 23:10:12 maja Exp $"; -#endif - -/* - * major revision/cleanup of Mats' version - * done by Chuck Cranor - * Jan 1996. - */ - - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "yplog.h" -#include "ypdb.h" -#include "ypdef.h" - -LIST_HEAD(domainlist, opt_domain); /* LIST of domains */ -LIST_HEAD(maplist, opt_map); /* LIST of maps (in a domain) */ -CIRCLEQ_HEAD(mapq, opt_map); /* CIRCLEQ of maps (LRU) */ - -struct opt_map { - mapname map; /* map name (malloc'd) */ - DBM *db; /* database */ - struct opt_domain *dom; /* back ptr to our domain */ - int host_lookup; /* host lookup */ - int secure; /* secure map? */ - CIRCLEQ_ENTRY(opt_map) mapsq; /* map queue pointers */ - LIST_ENTRY(opt_map) mapsl; /* map list pointers */ -}; - -struct opt_domain { - domainname domain; /* domain name (malloc'd) */ - struct maplist dmaps; /* the domain's active maps */ - LIST_ENTRY(opt_domain) domsl; /* global linked list of domains */ -}; - - -struct domainlist doms; /* global list of domains */ -struct mapq maps; /* global queue of maps (LRU) */ - -extern int usedns; - -/* - * ypdb_init: init the queues and lists - */ - -void -ypdb_init() - -{ - LIST_INIT(&doms); - CIRCLEQ_INIT(&maps); -} - - -/* - * yp_private: - * Check if key is a YP private key. Return TRUE if it is and - * ypprivate is FALSE. - */ - -int -yp_private(key,ypprivate) - datum key; - int ypprivate; -{ -/* int result; */ - - if (ypprivate) - return (FALSE); - - if (key.dsize == 0 || key.dptr == NULL) - return (FALSE); - - if (key.dsize == YP_LAST_LEN && - strncmp(key.dptr,YP_LAST_KEY,YP_LAST_LEN) == 0) - return(TRUE); - if (key.dsize == YP_INPUT_LEN && - strncmp(key.dptr,YP_INPUT_KEY,YP_INPUT_LEN) == 0) - return(TRUE); - if (key.dsize == YP_OUTPUT_LEN && - strncmp(key.dptr,YP_OUTPUT_KEY,YP_OUTPUT_LEN) == 0) - return(TRUE); - if (key.dsize == YP_MASTER_LEN && - strncmp(key.dptr,YP_MASTER_KEY,YP_MASTER_LEN) == 0) - return(TRUE); - if (key.dsize == YP_DOMAIN_LEN && - strncmp(key.dptr,YP_DOMAIN_KEY,YP_DOMAIN_LEN) == 0) - return(TRUE); - if (key.dsize == YP_INTERDOMAIN_LEN && - strncmp(key.dptr,YP_INTERDOMAIN_KEY,YP_INTERDOMAIN_LEN) == 0) - return(TRUE); - if (key.dsize == YP_SECURE_LEN && - strncmp(key.dptr,YP_SECURE_KEY,YP_SECURE_LEN) == 0) - return(TRUE); - - return(FALSE); -} - -/* - * Close least recent used map. This routine is called when we have - * no more file descripotors free, or we want to close all maps. - */ - -void -ypdb_close_last() -{ - struct opt_map *last = maps.cqh_last; - - if (last == (void*)&maps) { - yplog(" ypdb_close_last: LRU list is empty!"); - return; - } - - CIRCLEQ_REMOVE(&maps, last, mapsq); /* remove from LRU circleq */ - LIST_REMOVE(last, mapsl); /* remove from domain list */ - -#ifdef DEBUG - yplog(" ypdb_close_last: closing map %s in domain %s [db=0x%x]", - last->map, last->dom->domain, last->db); -#endif - - ypdb_close(last->db); /* close DB */ - free(last->map); /* free map name */ - free(last); /* free map */ - - -} - -/* - * Close all open maps. - */ - -void -ypdb_close_all() -{ - -#ifdef DEBUG - yplog(" ypdb_close_all(): start"); -#endif - while (maps.cqh_first != (void *)&maps) { - ypdb_close_last(); - } -#ifdef DEBUG - yplog(" ypdb_close_all(): done"); -#endif -} - -/* - * Close Database if Open/Close Optimization isn't turned on. - */ - -void -ypdb_close_db(db) - DBM *db; -{ -#ifdef DEBUG - yplog(" ypdb_close_db(0x%x)", db); -#endif -#ifndef OPTDB - ypdb_close_all(); -#endif -} - -/* - * ypdb_open_db - */ - -DBM * -ypdb_open_db(domain, map, status, map_info) - domainname domain; - mapname map; - ypstat *status; - struct opt_map **map_info; -{ - char map_path[MAXPATHLEN]; - static char *domain_key = YP_INTERDOMAIN_KEY; - static char *secure_key = YP_SECURE_KEY; -/* struct stat finfo; */ - DBM *db; -/* int fd; */ - struct opt_domain *d = NULL; - struct opt_map *m = NULL; - datum k,v; -#ifdef OPTDB - int i; -#endif - /* - * check for preloaded domain, map - */ - - for (d = doms.lh_first ; d != NULL ; d = d->domsl.le_next) { - if (strcmp(domain, d->domain) == 0) break; - } - - if (d) { - for (m = d->dmaps.lh_first ; m != NULL ; m = m->mapsl.le_next) - if (strcmp(map, m->map) == 0) break; - } - - /* - * map found open? - */ - - if (m) { -#ifdef DEBUG - yplog(" ypdb_open_db: cached open: domain=%s, map=%s, db=0x%x", - domain, map, m->db); -#endif - CIRCLEQ_REMOVE(&maps, m, mapsq); /* adjust LRU queue */ - CIRCLEQ_INSERT_HEAD(&maps, m, mapsq); - *status = YP_TRUE; - return(m->db); - } - - /* Check for illegal charcaters */ - - if (strchr(domain, '/')) { - *status = YP_NODOM; - return (NULL); - } - if (strchr(map, '/')) { - *status = YP_NOMAP; - return (NULL); - } - - - /* - * open map - */ -#ifdef OPTDB - i = 0; - while (i == 0) { -#endif - snprintf(map_path, sizeof(map_path), "%s/%s/%s", YP_DB_PATH, - domain, map); - db = ypdb_open(map_path, O_RDONLY, 0444); -#ifdef OPTDB - if (db == NULL) { -#ifdef DEBUG - yplog(" ypdb_open_db: errno %d (%s)", - errno,sys_errlist[errno]); -#endif - if ((errno == ENFILE) || (errno == EMFILE)) { - ypdb_close_last(); - } else { - i = errno; - } - } else { - i = 4711; - } - }; -#endif - *status = YP_NOMAP; /* see note below */ - if (db == NULL) { - if (errno == ENOENT) { -#ifdef DEBUG - yplog(" ypdb_open_db: no map %s (domain=%s)", - map, domain); -#endif - return(NULL); - } -#ifdef DEBUG - yplog(" ypdb_open_db: ypdb_open FAILED: map %s (domain=%s)", - map, domain); -#endif - return(NULL); - } - - /* - * note: status now YP_NOMAP - */ - - if (d == NULL) { /* allocate new domain? */ - d = (struct opt_domain *) malloc(sizeof(*d)); - if (d) d->domain = strdup(domain); - if (d == NULL || d->domain == NULL) { - yplog(" ypdb_open_db: MALLOC failed"); - ypdb_close(db); - if (d) free(d); - return(NULL); - } - LIST_INIT(&d->dmaps); - LIST_INSERT_HEAD(&doms, d, domsl); -#ifdef DEBUG - yplog(" ypdb_open_db: NEW DOMAIN %s", domain); -#endif - } - - /* - * m must be NULL since we couldn't find a map. allocate new one - */ - - m = (struct opt_map *) malloc(sizeof(*m)); - if (m) { - m->map = strdup(map); - } - if (m == NULL || m->map == NULL) { - if (m) free(m); - yplog(" ypdb_open_db: MALLOC failed"); - ypdb_close(db); - return(NULL); - } - m->db = db; - m->dom = d; - m->host_lookup = FALSE; - CIRCLEQ_INSERT_HEAD(&maps, m, mapsq); - LIST_INSERT_HEAD(&d->dmaps, m, mapsl); - if (strcmp(map, YP_HOSTNAME) == 0 || strcmp(map, YP_HOSTADDR) == 0) { - if (!usedns) { - k.dptr = domain_key; - k.dsize = YP_INTERDOMAIN_LEN; - v = ypdb_fetch(db,k); - if (v.dptr) m->host_lookup = TRUE; - } else { - m->host_lookup = TRUE; - } - } - m->secure = FALSE; - k.dptr = secure_key; - k.dsize = YP_SECURE_LEN; - v = ypdb_fetch(db,k); - if (v.dptr) m->secure = TRUE; - *status = YP_TRUE; - if (map_info) *map_info = m; -#ifdef DEBUG - yplog(" ypdb_open_db: NEW MAP domain=%s, map=%s, hl=%d, s=%d, db=0x%x", - domain, map, m->host_lookup, m->secure, m->db); -#endif - return(m->db); -} - -#if 0 -/* - * lookup host. Not needed for Rhapsody, lookupd does this stuff. - */ - -ypstat -lookup_host(nametable, host_lookup, db, keystr, result) - int nametable; - int host_lookup; - DBM *db; - char *keystr; - ypresp_val *result; -{ - struct hostent *host; - struct in_addr *addr_name; - struct in_addr addr_addr; - static char val[BUFSIZ+1]; /* match libc */ - static hostname[MAXHOSTNAMELEN]; - char tmpbuf[MAXHOSTNAMELEN + 20]; - char *v; - int l; - char *ptr; - - if (!host_lookup) return(YP_NOKEY); - - if ((_res.options & RES_INIT) == 0) - res_init(); - bcopy("b", _res.lookups, sizeof("b")); - - if (nametable) { - host = gethostbyname(keystr); - if (host == NULL || host->h_addrtype != AF_INET) - return(YP_NOKEY); - addr_name = (struct in_addr *) *host->h_addr_list; - v = val; - for (; host->h_addr_list[0] != NULL; host->h_addr_list++) { - addr_name = (struct in_addr *)host->h_addr_list[0]; - snprintf(tmpbuf,sizeof(tmpbuf), "%s %s\n", - inet_ntoa(*addr_name), host->h_name); - if (v - val + strlen(tmpbuf) + 1 > sizeof(val)) - break; - strcpy(v, tmpbuf); - v = v + strlen(tmpbuf); - } - result->val.valdat_val = val; - result->val.valdat_len = v - val; - return(YP_TRUE); - } - - inet_aton(keystr, &addr_addr); - host = gethostbyaddr((char *) &addr_addr, sizeof(addr_addr), AF_INET); - if (host == NULL) return(YP_NOKEY); - - strncpy((char *)hostname, host->h_name, sizeof(hostname) - 1); - hostname[sizeof(hostname) - 1] = '\0'; - host = gethostbyname((char *)hostname); - if (host == NULL) return(YP_NOKEY); - - l = 0; - for(; host->h_addr_list[0] != NULL; host->h_addr_list++) - if (!bcmp(host->h_addr_list[0], &addr_addr, sizeof(addr_addr))) - l++; - if (l == 0) { - yplog("lookup_host: address %s not listed for host %s\n", - inet_ntoa(addr_addr), hostname); - syslog(LOG_NOTICE, - "ypserv: address %s not listed for host %s\n", - inet_ntoa(addr_addr), hostname); - return(YP_NOKEY); - } - - snprintf(val,sizeof(val),"%s %s",keystr,host->h_name); - l = strlen(val); - v = val + l; - while ((ptr = *(host->h_aliases)) != NULL) { - l = strlen(ptr); - if ((v - val) + l + 1 > BUFSIZ) - break; - strcpy(v, " "); - v += 1; - strcpy(v, ptr); - v += l; - host->h_aliases++; - } - result->val.valdat_val = val; - result->val.valdat_len = v - val; - - return(YP_TRUE); -} -#endif - -ypresp_val -ypdb_get_record(domain, map, key, ypprivate) - domainname domain; - mapname map; - keydat key; - int ypprivate; -{ - static ypresp_val res; -/* static char keystr[YPMAXRECORD+1]; */ - DBM *db; - datum k,v; - int host_lookup; - struct opt_map *map_info = NULL; - - bzero((char *)&res, sizeof(res)); - - db = ypdb_open_db(domain, map, &res.stat, &map_info); - if (!db || res.stat < 0) - return(res); - if (map_info) - host_lookup = map_info->host_lookup; - - k.dptr = key.keydat_val; - k.dsize = key.keydat_len; - - if (yp_private(k,ypprivate)) { - res.stat = YP_NOKEY; - goto done; - } - - v = ypdb_fetch(db, k); - - /* lookupd does DNS resolution, not ypserv. */ - if (v.dptr == NULL) { - res.stat = YP_NOKEY; - res.val.valdat_val = NULL; - res.val.valdat_len = 0; - } else { - res.val.valdat_val = v.dptr; - res.val.valdat_len = v.dsize; - } - -done: - ypdb_close_db(db); - return(res); - -} - -ypresp_key_val -ypdb_get_first(domain, map, ypprivate) - domainname domain; - mapname map; - int ypprivate; -{ - static ypresp_key_val res; - DBM *db; - datum k,v; - - bzero((char *)&res, sizeof(res)); - - db = ypdb_open_db(domain, map, &res.stat, NULL); - - if (res.stat >= 0) { - - k = ypdb_firstkey(db); - - while (yp_private(k,ypprivate)) { - k = ypdb_nextkey(db); - }; - - if (k.dptr == NULL) { - res.stat = YP_NOKEY; - } else { - res.key.keydat_val = k.dptr; - res.key.keydat_len = k.dsize; - v = ypdb_fetch(db,k); - if (v.dptr == NULL) { - res.stat = YP_NOKEY; - } else { - res.val.valdat_val = v.dptr; - res.val.valdat_len = v.dsize; - } - } - } - - ypdb_close_db(db); - - return (res); -} - -ypresp_key_val -ypdb_get_next(domain, map, key, ypprivate) - domainname domain; - mapname map; - keydat key; - int ypprivate; -{ - static ypresp_key_val res; - DBM *db; - datum k,v,n; - - bzero((char *)&res, sizeof(res)); - - db = ypdb_open_db(domain, map, &res.stat, NULL); - - if (res.stat >= 0) { - - n.dptr = key.keydat_val; - n.dsize = key.keydat_len; - v.dptr = NULL; - v.dsize = 0; - k.dptr = NULL; - k.dsize = 0; - - n = ypdb_setkey(db,n); - - if (n.dptr != NULL) { - k = ypdb_nextkey(db); - } else { - k.dptr = NULL; - }; - - if (k.dptr != NULL) { - while (yp_private(k,ypprivate)) { - k = ypdb_nextkey(db); - }; - }; - - if (k.dptr == NULL) { - res.stat = YP_NOMORE; - } else { - res.key.keydat_val = k.dptr; - res.key.keydat_len = k.dsize; - v = ypdb_fetch(db,k); - if (v.dptr == NULL) { - res.stat = YP_NOMORE; - } else { - res.val.valdat_val = v.dptr; - res.val.valdat_len = v.dsize; - } - } - } - - ypdb_close_db(db); - - return (res); -} - -ypresp_order -ypdb_get_order(domain, map) - domainname domain; - mapname map; -{ - static ypresp_order res; - static char *order_key = YP_LAST_KEY; - char order[MAX_LAST_LEN+1]; - DBM *db; - datum k,v; - - bzero((char *)&res, sizeof(res)); - - db = ypdb_open_db(domain, map, &res.stat, NULL); - - if (res.stat >= 0) { - - k.dptr = order_key; - k.dsize = YP_LAST_LEN; - - v = ypdb_fetch(db,k); - if (v.dptr == NULL) { - res.stat = YP_NOKEY; - } else { - strncpy(order, v.dptr, v.dsize); - order[v.dsize] = '\0'; - res.ordernum = (u_int32_t)atol(order); - } - } - - ypdb_close_db(db); - - return (res); -} - -ypresp_master -ypdb_get_master(domain, map) - domainname domain; - mapname map; -{ - static ypresp_master res; - static char *master_key = YP_MASTER_KEY; - static char master[MAX_MASTER_LEN+1]; - DBM *db; - datum k,v; - - bzero((char *)&res, sizeof(res)); - - db = ypdb_open_db(domain, map, &res.stat, NULL); - - if (res.stat >= 0) { - - k.dptr = master_key; - k.dsize = YP_MASTER_LEN; - - v = ypdb_fetch(db,k); - if (v.dptr == NULL) { - res.stat = YP_NOKEY; - } else { - strncpy(master, v.dptr, v.dsize); - master[v.dsize] = '\0'; - res.peer = (peername) &master; - } - } - - ypdb_close_db(db); - - return (res); -} - -bool_t -ypdb_xdr_get_all(xdrs, req) - XDR *xdrs; - ypreq_nokey *req; -{ - static ypresp_all resp; - DBM *db; - datum k,v; - - bzero((char *)&resp, sizeof(resp)); - - /* - * open db, and advance past any private keys we may see - */ - - db = ypdb_open_db(req->domain, req->map, - &resp.ypresp_all_u.val.stat, NULL); - if (!db || resp.ypresp_all_u.val.stat < 0) - return(FALSE); - k = ypdb_firstkey(db); - while (yp_private(k,FALSE)) { - k = ypdb_nextkey(db); - }; - - while(1) { - - if (k.dptr == NULL) - break; - - v = ypdb_fetch(db,k); - - if (v.dptr == NULL) - break; - - resp.more = TRUE; - resp.ypresp_all_u.val.stat = YP_TRUE; - resp.ypresp_all_u.val.key.keydat_val = k.dptr; - resp.ypresp_all_u.val.key.keydat_len = k.dsize; - resp.ypresp_all_u.val.val.valdat_val = v.dptr; - resp.ypresp_all_u.val.val.valdat_len = v.dsize; - - if (!xdr_ypresp_all(xdrs, &resp)) { -#ifdef DEBUG - yplog(" ypdb_xdr_get_all: xdr_ypresp_all failed"); -#endif - return(FALSE); - } - - /* advance past private keys */ - k = ypdb_nextkey(db); - while (yp_private(k,FALSE)) { - k = ypdb_nextkey(db); - } - } - - bzero((char *)&resp, sizeof(resp)); - resp.ypresp_all_u.val.stat = YP_NOKEY; - resp.more = FALSE; - - if (!xdr_ypresp_all(xdrs, &resp)) { -#ifdef DEBUG - yplog(" ypdb_xdr_get_all: final xdr_ypresp_all failed"); -#endif - return(FALSE); - } - - ypdb_close_db(db); - - return (TRUE); -} - -int -ypdb_secure(domain, map) - domainname domain; - mapname map; -{ - static ypresp_val res; - DBM *db; - int secure; - struct opt_map *map_info = NULL; - - bzero((char *)&res, sizeof(res)); - secure = FALSE; - - db = ypdb_open_db(domain, map, &res.stat, &map_info); - if (!db || res.stat < 0) - return(secure); /* ? */ - if (map_info) - secure = map_info->secure; - - ypdb_close_db(db); - return(secure); -} - diff --git a/ypserv.tproj/ypserv_proc.c b/ypserv.tproj/ypserv_proc.c deleted file mode 100644 index e9b389e..0000000 --- a/ypserv.tproj/ypserv_proc.c +++ /dev/null @@ -1,1061 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypserv_proc.c,v 1.14 1997/09/12 01:44:57 deraadt Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: ypserv_proc.c,v 1.14 1997/09/12 01:44:57 deraadt Exp $"; -#endif - -#include -#include "yp.h" -#include "ypv1.h" -#include -#include -#include -#include -#include -#include -#include "ypdb.h" -#include -#include -#include -#include -#include -#include -#include "yplog.h" -#include "ypdef.h" - -#ifdef DEBUG -#define YPLOG yplog -#else /* DEBUG */ -#define YPLOG if (!ok) yplog -#endif /* DEBUG */ - -extern ypresp_val ypdb_get_record(); -extern ypresp_key_val ypdb_get_first(); -extern ypresp_key_val ypdb_get_next(); -extern ypresp_order ypdb_get_order(); -extern ypresp_master ypdb_get_master(); -extern bool_t ypdb_xdr_get_all(); -extern void ypdb_close_all(); -extern int ypdb_secure(); - -static char *True = "true"; -static char *False = "FALSE"; -#define TORF(N) ((N) ? True : False) -void * -ypproc_null_2_svc(argp, rqstp) - void *argp; - struct svc_req *rqstp; -{ - static char *result; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - - YPLOG("null_2: caller=[%s].%d, auth_ok=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok)); - - if (!ok) { - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - result = NULL; - - return ((void *)&result); -} - -bool_t * -ypproc_domain_2_svc(argp, rqstp) - domainname *argp; - struct svc_req *rqstp; -{ - static bool_t result; /* is domain_served? */ - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - static char domain_path[MAXPATHLEN]; - struct stat finfo; - - if (strchr(*argp, '/')) - goto bail; - snprintf(domain_path, sizeof(domain_path), "%s/%s", YP_DB_PATH, *argp); - result = (bool_t) ((stat(domain_path, &finfo) == 0) && - (finfo.st_mode & S_IFDIR)); - - YPLOG("domain_2: caller=[%s].%d, auth_ok=%s, domain=%s, served=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), *argp, TORF(result)); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - return (&result); -} - -bool_t * -ypproc_domain_nonack_2_svc(argp, rqstp) - domainname *argp; - struct svc_req *rqstp; -{ - static bool_t result; /* is domain served? */ - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - static char domain_path[MAXPATHLEN]; - struct stat finfo; - - if (strchr(*argp, '/')) - goto bail; - snprintf(domain_path, sizeof(domain_path), "%s/%s", YP_DB_PATH, *argp); - result = (bool_t) ((stat(domain_path, &finfo) == 0) && - (finfo.st_mode & S_IFDIR)); - - YPLOG( - "domain_nonack_2: caller=[%s].%d, auth_ok=%s, domain=%s, served=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok), - *argp, TORF(result)); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (!result) { - return(NULL); /* don't send nack */ - } - - return (&result); -} - -ypresp_val * -ypproc_match_2_svc(argp, rqstp) - ypreq_key *argp; - struct svc_req *rqstp; -{ - static ypresp_val res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure = ypdb_secure(argp->domain,argp->map); - - if (strchr(argp->domain, '/') || strchr(argp->map, '/')) - goto bail; - YPLOG( - "match_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s, key=%.*s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), - argp->domain, argp->map, argp->key.keydat_len, argp->key.keydat_val); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) { - res.stat = YP_YPERR; - } else { - res = ypdb_get_record(argp->domain,argp->map,argp->key, FALSE); - } - -#ifdef DEBUG - yplog(" match2_status: %s", yperr_string(ypprot_err(res.stat))); -#endif - - return (&res); -} - -ypresp_key_val * -ypproc_first_2_svc(argp, rqstp) - ypreq_nokey *argp; - struct svc_req *rqstp; -{ - static ypresp_key_val res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure = ypdb_secure(argp->domain,argp->map); - - if (strchr(argp->domain, '/') || strchr(argp->map, '/')) - goto bail; - YPLOG( "first_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), - argp->domain, argp->map); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) { - res.stat = YP_YPERR; - } else { - res = ypdb_get_first(argp->domain,argp->map,FALSE); - } - -#ifdef DEBUG - yplog(" first2_status: %s", yperr_string(ypprot_err(res.stat))); -#endif - - return (&res); -} - -ypresp_key_val * -ypproc_next_2_svc(argp, rqstp) - ypreq_key *argp; - struct svc_req *rqstp; -{ - static ypresp_key_val res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure = ypdb_secure(argp->domain,argp->map); - - if (strchr(argp->domain, '/') || strchr(argp->map, '/')) - goto bail; - YPLOG( - "next_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s, key=%.*s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), - argp->domain, argp->map, argp->key.keydat_len, argp->key.keydat_val); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) { - res.stat = YP_YPERR; - } else { - res = ypdb_get_next(argp->domain,argp->map,argp->key,FALSE); - } - -#ifdef DEBUG - yplog(" next2_status: %s", yperr_string(ypprot_err(res.stat))); -#endif - - return (&res); -} - -ypresp_xfr * -ypproc_xfr_2_svc(argp, rqstp) - ypreq_xfr *argp; - struct svc_req *rqstp; -{ - static ypresp_xfr res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - pid_t pid; - char tid[11]; - char prog[11]; - char port[11]; - char ypxfr_proc[] = YPXFR_PROC; - char *ipadd; - - bzero((char *)&res, sizeof(res)); - - YPLOG("xfr_2: caller=[%s].%d, auth_ok=%s, domain=%s, tid=%d, prog=%d", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok), - argp->map_parms.domain, argp->transid, argp->prog); - YPLOG(" ipadd=%s, port=%d, map=%s", inet_ntoa(caller->sin_addr), - argp->port, argp->map_parms.map); - - if (strchr(argp->map_parms.domain, '/') || - strchr(argp->map_parms.map, '/') || - ntohs(caller->sin_port) >= IPPORT_RESERVED) { - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - snprintf(tid, sizeof(tid), "%d",argp->transid); - snprintf(prog, sizeof(prog), "%d", argp->prog); - snprintf(port, sizeof(port), "%d", argp->port); - ipadd = inet_ntoa(caller->sin_addr); - - pid = vfork(); - if (pid == -1) { - svcerr_systemerr(rqstp->rq_xprt); - return(NULL); - } - if (pid == 0) { - execl(ypxfr_proc, "ypxfr", "-d", argp->map_parms.domain, - "-C",tid, prog, ipadd, port, argp->map_parms.map, NULL); - _exit(1); - } - - /* - * XXX: fill in res - */ - return (&res); -} - -void * -ypproc_clear_2_svc(argp, rqstp) - void *argp; - struct svc_req *rqstp; -{ - static char *res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - - YPLOG( "clear_2: caller=[%s].%d, auth_ok=%s, opt=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok), -#ifdef OPTDB - True -#else - False -#endif - ); - - if (ntohs(caller->sin_port) >= IPPORT_RESERVED) - ok = FALSE; - - if (!ok) { - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - res = NULL; - -#ifdef OPTDB - ypdb_close_all(); -#endif - - return ((void *)&res); -} - -ypresp_all * -ypproc_all_2_svc(argp, rqstp) - ypreq_nokey *argp; - struct svc_req *rqstp; -{ - static ypresp_all res; - pid_t pid; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure = ypdb_secure(argp->domain,argp->map); - - if (strchr(argp->domain, '/') || strchr(argp->map, '/')) - goto bail; - YPLOG( "all_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), argp->domain, argp->map); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - bzero((char *)&res, sizeof(res)); - - if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) { - res.ypresp_all_u.val.stat = YP_YPERR; - return(&res); - } - - pid = fork(); - - if (pid) { - - if (pid == -1) { - /* XXXCDC An error has occurred */ - } - - return(NULL); /* PARENT: continue */ - - } - /* CHILD: send result, then exit */ - - if (!svc_sendreply(rqstp->rq_xprt, ypdb_xdr_get_all, (char *) argp)) { - svcerr_systemerr(rqstp->rq_xprt); - } - - /* note: no need to free args, we are exiting */ - - exit(0); -} - -ypresp_master * -ypproc_master_2_svc(argp, rqstp) - ypreq_nokey *argp; - struct svc_req *rqstp; -{ - static ypresp_master res; - static peername nopeer = ""; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure = ypdb_secure(argp->domain,argp->map); - - if (strchr(argp->domain, '/') || strchr(argp->map, '/')) - goto bail; - YPLOG( "master_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), argp->domain, argp->map); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) { - res.stat = YP_YPERR; - } else { - res = ypdb_get_master(argp->domain,argp->map); - } - -#ifdef DEBUG - yplog(" master2_status: %s", yperr_string(ypprot_err(res.stat))); -#endif - - /* This code was added because a yppoll */ - /* from a sun crashed the server in xdr_string, trying */ - /* to access the peer through a NULL-pointer. yppoll in */ - /* this server start asking for order. If order is ok */ - /* then it will ask for master. SunOS 4 asks for both */ - /* always. I'm not sure this is the best place for the */ - /* fix, but for now it will do. xdr_peername or */ - /* xdr_string in ypserv_xdr.c may be a better place? */ - - if (res.peer == NULL) { - res.peer = nopeer; - } - - /* End of fix */ - - return (&res); -} - - -ypresp_order * -ypproc_order_2_svc(argp, rqstp) - ypreq_nokey *argp; - struct svc_req *rqstp; -{ - static ypresp_order res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure = ypdb_secure(argp->domain,argp->map); - - if (strchr(argp->domain, '/')) - goto bail; - YPLOG( "order_2: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), argp->domain, argp->map); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) { - res.stat = YP_YPERR; - } else if (strchr(argp->map, '/')) { - res.stat = YP_NOMAP; - } else { - res = ypdb_get_order(argp->domain,argp->map); - } - -#ifdef DEBUG - yplog(" order2_status: %s", yperr_string(ypprot_err(res.stat))); -#endif - - return (&res); -} - - -ypresp_maplist * -ypproc_maplist_2_svc(argp, rqstp) - domainname *argp; - struct svc_req *rqstp; -{ - static ypresp_maplist res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - static char domain_path[MAXPATHLEN]; - struct stat finfo; - DIR *dirp = NULL; - struct dirent *dp; - char *suffix; - ypstat status; - struct ypmaplist *m; - char *map_name; - - if (strchr(*argp, '/')) - goto bail; - YPLOG("maplist_2: caller=[%s].%d, auth_ok=%s, domain=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok), - *argp); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - bzero((char *)&res, sizeof(res)); - - snprintf(domain_path,MAXPATHLEN, "%s/%s",YP_DB_PATH,*argp); - - status = YP_TRUE; - - res.maps = NULL; - - if (!((stat(domain_path, &finfo) == 0) && - ((finfo.st_mode & S_IFMT) == S_IFDIR))) - status = YP_NODOM; - - if (status >= 0) { - if ((dirp = opendir(domain_path)) == NULL) { - status = YP_NODOM; - } - } - - if (status >= 0) { - for(dp = readdir(dirp); dp != NULL; dp = readdir(dirp)) { - if ((!strcmp(dp->d_name, ".")) || - ((!strcmp(dp->d_name, ".."))) || - (dp->d_namlen < 4)) - continue; - suffix = (char *) &dp->d_name[dp->d_namlen-3]; - if (strcmp(suffix,".db") == 0) { - - if ((m = (struct ypmaplist *) - malloc((unsigned) sizeof(struct ypmaplist))) == NULL) { - status = YP_YPERR; - break; - } - - if ((map_name = (char *) - malloc((unsigned) dp->d_namlen - 2)) == NULL) { - status = YP_YPERR; - break; - } - - m->next = res.maps; - m->map = map_name; - res.maps = m; - strncpy(map_name, dp->d_name, dp->d_namlen - 3); - m->map[dp->d_namlen - 3] = '\0'; - - } - } - } - - if (dirp != NULL) { - closedir(dirp); - } - - res.stat = status; - -#ifdef DEBUG - yplog(" maplist_status: %s", yperr_string(ypprot_err(res.stat))); -#endif - - return (&res); -} - -void * -ypproc_null_1_svc(argp, rqstp) - void *argp; - struct svc_req *rqstp; -{ - static char *result; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - - YPLOG("null_1: caller=[%s].%d, auth_ok=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok)); - - if (!ok) { - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - result = NULL; - - return ((void *)&result); -} - -bool_t * -ypproc_domain_1_svc(argp, rqstp) - domainname *argp; - struct svc_req *rqstp; -{ - static bool_t result; /* is domain_served? */ - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - static char domain_path[MAXPATHLEN]; - struct stat finfo; - - if (strchr(*argp, '/')) - goto bail; - snprintf(domain_path, sizeof(domain_path), "%s/%s", YP_DB_PATH, *argp); - result = (bool_t) ((stat(domain_path, &finfo) == 0) && - (finfo.st_mode & S_IFDIR)); - - YPLOG("domain_1: caller=[%s].%d, auth_ok=%s, domain=%s, served=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), *argp, TORF(result)); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - return (&result); -} - -bool_t * -ypproc_domain_nonack_1_svc(argp, rqstp) - domainname *argp; - struct svc_req *rqstp; -{ - static bool_t result; /* is domain served? */ - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - static char domain_path[MAXPATHLEN]; - struct stat finfo; - - if (strchr(*argp, '/')) - goto bail; - snprintf(domain_path, sizeof(domain_path), "%s/%s", YP_DB_PATH, *argp); - result = (bool_t) ((stat(domain_path, &finfo) == 0) && - (finfo.st_mode & S_IFDIR)); - - YPLOG( - "domain_nonack_1: caller=[%s].%d, auth_ok=%s, domain=%s, served=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), TORF(ok), - *argp, TORF(result)); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (!result) { - return(NULL); /* don't send nack */ - } - - return (&result); -} - -ypresponse * -ypproc_match_1_svc(argp, rqstp) - yprequest *argp; - struct svc_req *rqstp; -{ - static ypresponse res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure; - - if (strchr(argp->ypmatch_req_domain, '/') || - strchr(argp->ypmatch_req_map, '/')) - goto bail; - res.yp_resptype = YPMATCH_RESPTYPE; - res.ypmatch_resp_valptr = ""; - res.ypmatch_resp_valsize = 0; - - if (argp->yp_reqtype != YPMATCH_REQTYPE) { - res.ypmatch_resp_status = YP_BADARGS; - return(&res); - } - - secure = ypdb_secure(argp->ypmatch_req_domain, argp->ypmatch_req_map); - - YPLOG( - "match_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s, key=%.*s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), - argp->ypmatch_req_domain, argp->ypmatch_req_map, - argp->ypmatch_req_keysize, argp->ypmatch_req_keyptr); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) { - res.ypmatch_resp_status = YP_YPERR; - } else { - res.ypmatch_resp_val = - ypdb_get_record(argp->ypmatch_req_domain, - argp->ypmatch_req_map, - argp->ypmatch_req_keydat, - FALSE); - } - -#ifdef DEBUG - yplog(" match1_status: %s", - yperr_string(ypprot_err(res.ypmatch_resp_status))); -#endif - - return (&res); -} - -ypresponse * -ypproc_first_1_svc(argp, rqstp) - yprequest *argp; - struct svc_req *rqstp; -{ - static ypresponse res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure; - - if (strchr(argp->ypfirst_req_domain, '/') || - strchr(argp->ypfirst_req_map, '/')) - goto bail; - res.yp_resptype = YPFIRST_RESPTYPE; - res.ypfirst_resp_valptr = res.ypfirst_resp_keyptr = ""; - res.ypfirst_resp_valsize = res.ypfirst_resp_keysize = 0; - - if (argp->yp_reqtype != YPREQ_NOKEY) { - res.ypfirst_resp_status = YP_BADARGS; - return(&res); - } - - secure = ypdb_secure(argp->ypfirst_req_domain, argp->ypfirst_req_map); - - YPLOG( "first_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), - argp->ypfirst_req_domain, argp->ypfirst_req_map); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) { - res.ypfirst_resp_status = YP_YPERR; - } else { - res.ypfirst_resp_val = - ypdb_get_first(argp->ypfirst_req_domain, - argp->ypfirst_req_map, - FALSE); - } - -#ifdef DEBUG - yplog(" first1_status: %s", - yperr_string(ypprot_err(res.ypfirst_resp_status))); -#endif - - return (&res); -} - -ypresponse * -ypproc_next_1_svc(argp, rqstp) - yprequest *argp; - struct svc_req *rqstp; -{ - static ypresponse res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure; - - if (strchr(argp->ypnext_req_domain, '/') || - strchr(argp->ypnext_req_map, '/')) - goto bail; - res.yp_resptype = YPNEXT_RESPTYPE; - res.ypnext_resp_valptr = res.ypnext_resp_keyptr = ""; - res.ypnext_resp_valsize = res.ypnext_resp_keysize = 0; - - if (argp->yp_reqtype != YPNEXT_REQTYPE) { - res.ypnext_resp_status = YP_BADARGS; - return(&res); - } - - secure = ypdb_secure(argp->ypnext_req_domain, argp->ypnext_req_map); - - YPLOG( - "next_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s, key=%.*s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), - argp->ypnext_req_domain, argp->ypnext_req_map, - argp->ypnext_req_keysize, argp->ypnext_req_keyptr); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED)) { - res.ypnext_resp_status = YP_YPERR; - } else { - res.ypnext_resp_val = - ypdb_get_next(argp->ypnext_req_domain, - argp->ypnext_req_map, - argp->ypnext_req_keydat, - FALSE); - } - -#ifdef DEBUG - yplog(" next1_status: %s", - yperr_string(ypprot_err(res.ypnext_resp_status))); -#endif - - return (&res); -} - -ypresponse * -ypproc_poll_1_svc(argp, rqstp) - yprequest *argp; - struct svc_req *rqstp; -{ - static ypresponse res; - ypresp_order order; - ypresp_master master; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure; - - if (strchr(argp->yppoll_req_domain, '/') || - strchr(argp->yppoll_req_map, '/')) - goto bail; - res.yp_resptype = YPPOLL_RESPTYPE; - res.yppoll_resp_domain = argp->yppoll_req_domain; - res.yppoll_resp_map = argp->yppoll_req_map; - res.yppoll_resp_ordernum = 0; - res.yppoll_resp_owner = ""; - - if (argp->yp_reqtype != YPPOLL_REQTYPE) { - return(&res); - } - - secure = ypdb_secure(argp->yppoll_req_domain, argp->yppoll_req_map); - - YPLOG( "poll_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), - argp->yppoll_req_domain, argp->yppoll_req_map); - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - if (!(secure && (ntohs(caller->sin_port) >= IPPORT_RESERVED))) { - order = ypdb_get_order(argp->yppoll_req_domain, - argp->yppoll_req_map); - master = ypdb_get_master(argp->yppoll_req_domain, - argp->yppoll_req_map); - res.yppoll_resp_ordernum = order.ordernum; - res.yppoll_resp_owner = master.peer; - } - -#ifdef DEBUG - yplog(" poll1_status: %s", "none"); -#endif - return (&res); -} - -void * -ypproc_push_1_svc(argp, rqstp) - yprequest *argp; - struct svc_req *rqstp; -{ - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure; - pid_t pid; - char yppush_proc[] = YPPUSH_PROC; - - if (strchr(argp->yppush_req_domain, '/') || - strchr(argp->yppush_req_map, '/')) - goto bail; - if (argp->yp_reqtype != YPPUSH_REQTYPE) { - return(NULL); - } - - secure = ypdb_secure(argp->yppush_req_domain, argp->yppush_req_map); - - YPLOG( "push_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), - argp->yppush_req_domain, argp->yppush_req_map); - - if (ntohs(caller->sin_port) >= IPPORT_RESERVED) - ok = FALSE; - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - pid = vfork(); - if (pid == -1) { - svcerr_systemerr(rqstp->rq_xprt); - return(NULL); - } - if (pid == 0) { - execl(yppush_proc, "yppush", "-d", argp->yppush_req_domain, - argp->yppush_req_map, NULL); - _exit(1); - } - - return (NULL); -} - -void * -ypproc_pull_1_svc(argp, rqstp) - yprequest *argp; - struct svc_req *rqstp; -{ - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure; - pid_t pid; - char ypxfr_proc[] = YPXFR_PROC; - - if (strchr(argp->yppull_req_domain, '/') || - strchr(argp->yppull_req_map, '/')) - goto bail; - if (argp->yp_reqtype != YPPULL_REQTYPE) { - return(NULL); - } - - secure = ypdb_secure(argp->yppull_req_domain, argp->yppull_req_map); - - YPLOG( "pull_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), - argp->yppull_req_domain, argp->yppull_req_map); - - if (ntohs(caller->sin_port) >= IPPORT_RESERVED) - ok = FALSE; - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - pid = vfork(); - if (pid == -1) { - svcerr_systemerr(rqstp->rq_xprt); - return(NULL); - } - if (pid == 0) { - execl(ypxfr_proc, "ypxfr", "-d", argp->yppull_req_domain, - argp->yppull_req_map, NULL); - _exit(1); - } - - return (NULL); -} - -void * -ypproc_get_1_svc(argp, rqstp) - yprequest *argp; - struct svc_req *rqstp; -{ - char *res; - struct sockaddr_in *caller = svc_getcaller(rqstp->rq_xprt); - int ok = yp_acl_check_host(&caller->sin_addr); - int secure; - pid_t pid; - char ypxfr_proc[] = YPXFR_PROC; - - if (strchr(argp->ypget_req_domain, '/') || - strchr(argp->ypget_req_map, '/')) - goto bail; - if (argp->yp_reqtype != YPGET_REQTYPE) { - return(NULL); - } - - secure = ypdb_secure(argp->ypget_req_domain, argp->ypget_req_map); - - YPLOG( "get_1: caller=[%s].%d, auth_ok=%s, secure=%s, domain=%s, map=%s, owner=%s", - inet_ntoa(caller->sin_addr), ntohs(caller->sin_port), - TORF(ok), TORF(secure), - argp->ypget_req_domain, argp->ypget_req_map, - argp->ypget_req_owner); - - if (ntohs(caller->sin_port) >= IPPORT_RESERVED) - ok = FALSE; - - if (!ok) { -bail: - svcerr_auth(rqstp->rq_xprt, AUTH_FAILED); - return(NULL); - } - - pid = vfork(); - if (pid == -1) { - svcerr_systemerr(rqstp->rq_xprt); - return(NULL); - } - if (pid == 0) { - execl(ypxfr_proc, "ypxfr", "-d", argp->ypget_req_domain, "-h", - argp->ypget_req_owner, argp->yppush_req_map, NULL); - _exit(1); - } - - return (NULL); -} diff --git a/ypserv.tproj/ypserv_xdr.c b/ypserv.tproj/ypserv_xdr.c deleted file mode 100644 index 2e1fb2a..0000000 --- a/ypserv.tproj/ypserv_xdr.c +++ /dev/null @@ -1,489 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Please do not edit this file. - * It was generated using rpcgen. - */ - -#include "yp.h" -#ifndef lint -static char rcsid[] = "$OpenBSD: ypserv_xdr.c,v 1.3 1996/05/30 09:53:31 deraadt Exp $"; -#endif /* not lint */ - -__private_extern__ -bool_t -xdr_ypstat(xdrs, objp) - XDR *xdrs; - ypstat *objp; -{ - - register long *buf; - - if (!xdr_enum(xdrs, (enum_t *)objp)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_ypxfrstat(xdrs, objp) - XDR *xdrs; - ypxfrstat *objp; -{ - - register long *buf; - - if (!xdr_enum(xdrs, (enum_t *)objp)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_domainname(xdrs, objp) - XDR *xdrs; - domainname *objp; -{ - - register long *buf; - - if (!xdr_string(xdrs, objp, YPMAXDOMAIN)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_mapname(xdrs, objp) - XDR *xdrs; - mapname *objp; -{ - - register long *buf; - - if (!xdr_string(xdrs, objp, YPMAXMAP)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_peername(xdrs, objp) - XDR *xdrs; - peername *objp; -{ - - register long *buf; - - if (!xdr_string(xdrs, objp, YPMAXPEER)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_keydat(xdrs, objp) - XDR *xdrs; - keydat *objp; -{ - - register long *buf; - - if (!xdr_bytes(xdrs, (char **)&objp->keydat_val, (u_int *)&objp->keydat_len, YPMAXRECORD)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_valdat(xdrs, objp) - XDR *xdrs; - valdat *objp; -{ - - register long *buf; - - if (!xdr_bytes(xdrs, (char **)&objp->valdat_val, (u_int *)&objp->valdat_len, YPMAXRECORD)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_ypmap_parms(xdrs, objp) - XDR *xdrs; - ypmap_parms *objp; -{ - - register long *buf; - - if (!xdr_domainname(xdrs, &objp->domain)) { - return (FALSE); - } - if (!xdr_mapname(xdrs, &objp->map)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->ordernum)) { - return (FALSE); - } - if (!xdr_peername(xdrs, &objp->peer)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypreq_key(xdrs, objp) - XDR *xdrs; - ypreq_key *objp; -{ - - register long *buf; - - if (!xdr_domainname(xdrs, &objp->domain)) { - return (FALSE); - } - if (!xdr_mapname(xdrs, &objp->map)) { - return (FALSE); - } - if (!xdr_keydat(xdrs, &objp->key)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypreq_nokey(xdrs, objp) - XDR *xdrs; - ypreq_nokey *objp; -{ - - register long *buf; - - if (!xdr_domainname(xdrs, &objp->domain)) { - return (FALSE); - } - if (!xdr_mapname(xdrs, &objp->map)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_ypreq_xfr(xdrs, objp) - XDR *xdrs; - ypreq_xfr *objp; -{ - - register long *buf; - - if (!xdr_ypmap_parms(xdrs, &objp->map_parms)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->transid)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->prog)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->port)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypresp_val(xdrs, objp) - XDR *xdrs; - ypresp_val *objp; -{ - - register long *buf; - - if (!xdr_ypstat(xdrs, &objp->stat)) { - return (FALSE); - } - if (!xdr_valdat(xdrs, &objp->val)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypresp_key_val(xdrs, objp) - XDR *xdrs; - ypresp_key_val *objp; -{ - - register long *buf; - - if (!xdr_ypstat(xdrs, &objp->stat)) { - return (FALSE); - } - if (!xdr_valdat(xdrs, &objp->val)) { - return (FALSE); - } - if (!xdr_keydat(xdrs, &objp->key)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypresp_master(xdrs, objp) - XDR *xdrs; - ypresp_master *objp; -{ - - register long *buf; - - if (!xdr_ypstat(xdrs, &objp->stat)) { - return (FALSE); - } - if (!xdr_peername(xdrs, &objp->peer)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypresp_order(xdrs, objp) - XDR *xdrs; - ypresp_order *objp; -{ - - register long *buf; - - if (!xdr_ypstat(xdrs, &objp->stat)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->ordernum)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypresp_all(xdrs, objp) - XDR *xdrs; - ypresp_all *objp; -{ - - register long *buf; - - if (!xdr_bool(xdrs, &objp->more)) { - return (FALSE); - } - switch (objp->more) { - case TRUE: - if (!xdr_ypresp_key_val(xdrs, &objp->ypresp_all_u.val)) { - return (FALSE); - } - break; - case FALSE: - break; - default: - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_ypresp_xfr(xdrs, objp) - XDR *xdrs; - ypresp_xfr *objp; -{ - - register long *buf; - - if (!xdr_u_int(xdrs, &objp->transid)) { - return (FALSE); - } - if (!xdr_ypxfrstat(xdrs, &objp->xfrstat)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypmaplist(xdrs, objp) - XDR *xdrs; - ypmaplist *objp; -{ - - register long *buf; - - if (!xdr_mapname(xdrs, &objp->map)) { - return (FALSE); - } - if (!xdr_pointer(xdrs, (char **)&objp->next, sizeof(ypmaplist), (xdrproc_t)xdr_ypmaplist)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypresp_maplist(xdrs, objp) - XDR *xdrs; - ypresp_maplist *objp; -{ - - register long *buf; - - if (!xdr_ypstat(xdrs, &objp->stat)) { - return (FALSE); - } - if (!xdr_pointer(xdrs, (char **)&objp->maps, sizeof(ypmaplist), (xdrproc_t)xdr_ypmaplist)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_yppush_status(xdrs, objp) - XDR *xdrs; - yppush_status *objp; -{ - - register long *buf; - - if (!xdr_enum(xdrs, (enum_t *)objp)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_yppushresp_xfr(xdrs, objp) - XDR *xdrs; - yppushresp_xfr *objp; -{ - - register long *buf; - - if (!xdr_u_int(xdrs, &objp->transid)) { - return (FALSE); - } - if (!xdr_yppush_status(xdrs, &objp->status)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypbind_resptype(xdrs, objp) - XDR *xdrs; - ypbind_resptype *objp; -{ - - register long *buf; - - if (!xdr_enum(xdrs, (enum_t *)objp)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypbind_binding(xdrs, objp) - XDR *xdrs; - ypbind_binding *objp; -{ - - register long *buf; - - int i; - if (!xdr_opaque(xdrs, objp->ypbind_binding_addr, 4)) { - return (FALSE); - } - if (!xdr_opaque(xdrs, objp->ypbind_binding_port, 2)) { - return (FALSE); - } - return (TRUE); -} - -__private_extern__ -bool_t -xdr_ypbind_resp(xdrs, objp) - XDR *xdrs; - ypbind_resp *objp; -{ - - register long *buf; - - if (!xdr_ypbind_resptype(xdrs, &objp->ypbind_status)) { - return (FALSE); - } - switch (objp->ypbind_status) { - case YPBIND_FAIL_VAL: - if (!xdr_u_int(xdrs, &objp->ypbind_resp_u.ypbind_error)) { - return (FALSE); - } - break; - case YPBIND_SUCC_VAL: - if (!xdr_ypbind_binding(xdrs, &objp->ypbind_resp_u.ypbind_bindinfo)) { - return (FALSE); - } - break; - default: - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_ypbind_setdom(xdrs, objp) - XDR *xdrs; - ypbind_setdom *objp; -{ - - register long *buf; - - if (!xdr_domainname(xdrs, &objp->ypsetdom_domain)) { - return (FALSE); - } - if (!xdr_ypbind_binding(xdrs, &objp->ypsetdom_binding)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->ypsetdom_vers)) { - return (FALSE); - } - return (TRUE); -} diff --git a/ypserv.tproj/ypserv_xdr_v1.c b/ypserv.tproj/ypserv_xdr_v1.c deleted file mode 100644 index 3870f58..0000000 --- a/ypserv.tproj/ypserv_xdr_v1.c +++ /dev/null @@ -1,130 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Please do not edit this file. - * It was generated using rpcgen. - */ - -#include "yp.h" -#include "ypv1.h" -#ifndef lint -static char rcsid[] = "$OpenBSD: ypserv_xdr_v1.c,v 1.1 1997/03/30 20:51:22 maja Exp $"; -#endif /* not lint */ - -bool_t -xdr_ypreqtype(xdrs, objp) - XDR *xdrs; - ypreqtype *objp; -{ - - register long *buf; - - if (!xdr_enum(xdrs, (enum_t *)objp)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_ypresptype(xdrs, objp) - XDR *xdrs; - ypresptype *objp; -{ - - register long *buf; - - if (!xdr_enum(xdrs, (enum_t *)objp)) { - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_yprequest(xdrs, objp) - XDR *xdrs; - yprequest *objp; -{ - if (!xdr_ypreqtype(xdrs, &objp->yp_reqtype)) { - printf("error 1\n"); - return (FALSE); - } - switch (objp->yp_reqtype) { - case YPREQ_KEY: - if (!xdr_ypreq_key(xdrs, &objp->yp_reqbody.yp_req_keytype)) { - printf("error 2\n"); - return (FALSE); - } - break; - case YPREQ_NOKEY: - if (!xdr_ypreq_nokey(xdrs, &objp->yp_reqbody.yp_req_nokeytype)) { - printf("error 3\n"); - return (FALSE); - } - break; - case YPREQ_MAP_PARMS: - if (!xdr_ypmap_parms(xdrs, &objp->yp_reqbody.yp_req_map_parmstype)) { - printf("error 4\n"); - return (FALSE); - } - break; - default: - printf("error 5\n"); - return (FALSE); - } - return (TRUE); -} - -bool_t -xdr_ypresponse(xdrs, objp) - XDR *xdrs; - ypresponse *objp; -{ - - register long *buf; - - if (!xdr_ypresptype(xdrs, &objp->yp_resptype)) { - return (FALSE); - } - switch (objp->yp_resptype) { - case YPRESP_VAL: - if (!xdr_ypresp_val(xdrs, &objp->yp_respbody.yp_resp_valtype)) { - return (FALSE); - } - break; - case YPRESP_KEY_VAL: - if (!xdr_ypresp_key_val(xdrs, &objp->yp_respbody.yp_resp_key_valtype)) { - return (FALSE); - } - break; - case YPRESP_MAP_PARMS: - if (!xdr_ypmap_parms(xdrs, &objp->yp_respbody.yp_resp_map_parmstype)) { - return (FALSE); - } - break; - default: - return (FALSE); - } - return (TRUE); -} - diff --git a/ypserv.tproj/ypv1.h b/ypserv.tproj/ypv1.h deleted file mode 100644 index d378f83..0000000 --- a/ypserv.tproj/ypv1.h +++ /dev/null @@ -1,264 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypv1.h,v 1.2 1997/07/25 20:12:31 mickey Exp $ */ - -/* - * Please do not edit this file. - * It was generated using rpcgen. - */ - -#ifndef _YPV1_H_RPCGEN -#define _YPV1_H_RPCGEN - -#include - -#define YPOLDVERS ((u_long)1) - -enum ypreqtype { - YPREQ_KEY = 1, - YPREQ_NOKEY = 2, - YPREQ_MAP_PARMS = 3 -}; -typedef enum ypreqtype ypreqtype; -#ifdef __cplusplus -extern "C" bool_t xdr_ypreqtype(XDR *, ypreqtype*); -#elif defined(__STDC__) -extern bool_t xdr_ypreqtype(XDR *, ypreqtype*); -#else /* Old Style C */ -bool_t xdr_ypreqtype(); -#endif /* Old Style C */ - -typedef struct { - ypreqtype yp_reqtype; - union { - struct ypreq_key yp_req_keytype; - struct ypreq_nokey yp_req_nokeytype; - struct ypmap_parms yp_req_map_parmstype; - }yp_reqbody; -} yprequest; -#ifdef __cplusplus -extern "C" bool_t xdr_yprequest(XDR *, yprequest*); -#elif defined(__STDC__) -extern bool_t xdr_yprequest(XDR *, yprequest*); -#else /* Old Style C */ -bool_t xdr_yprequest(); -#endif /* Old Style C */ - -#define YPMATCH_REQTYPE YPREQ_KEY -#define ypmatch_req_domain yp_reqbody.yp_req_keytype.domain -#define ypmatch_req_map yp_reqbody.yp_req_keytype.map -#define ypmatch_req_keydat yp_reqbody.yp_req_keytype.key -#define ypmatch_req_keyptr yp_reqbody.yp_req_keytype.key.keydat_val -#define ypmatch_req_keysize yp_reqbody.yp_req_keytype.key.keydat_len - -#define YPFIRST_REQTYPE YPREQ_NOKEY -#define ypfirst_req_domain yp_reqbody.yp_req_nokeytype.domain -#define ypfirst_req_map yp_reqbody.yp_req_nokeytype.map - -#define YPNEXT_REQTYPE YPREQ_KEY -#define ypnext_req_domain yp_reqbody.yp_req_keytype.domain -#define ypnext_req_map yp_reqbody.yp_req_keytype.map -#define ypnext_req_keydat yp_reqbody.yp_req_keytype.key -#define ypnext_req_keyptr yp_reqbody.yp_req_keytype.key.keydat_val -#define ypnext_req_keysize yp_reqbody.yp_req_keytype.key.keydat_len - -#define YPPUSH_REQTYPE YPREQ_NOKEY -#define yppush_req_domain yp_reqbody.yp_req_nokeytype.domain -#define yppush_req_map yp_reqbody.yp_req_nokeytype.map - -#define YPPULL_REQTYPE YPREQ_NOKEY -#define yppull_req_domain yp_reqbody.yp_req_nokeytype.domain -#define yppull_req_map yp_reqbody.yp_req_nokeytype.map - -#define YPPOLL_REQTYPE YPREQ_NOKEY -#define yppoll_req_domain yp_reqbody.yp_req_nokeytype.domain -#define yppoll_req_map yp_reqbody.yp_req_nokeytype.map - -#define YPGET_REQTYPE YPREQ_MAP_PARMS -#define ypget_req_domain yp_reqbody.yp_req_map_parmstype.domain -#define ypget_req_map yp_reqbody.yp_req_map_parmstype.map -#define ypget_req_ordernum yp_reqbody.yp_req_map_parmstype.ordernum -#define ypget_req_owner yp_reqbody.yp_req_map_parmstype.peer - -enum ypresptype { - YPRESP_VAL = 1, - YPRESP_KEY_VAL = 2, - YPRESP_MAP_PARMS = 3 -}; -typedef enum ypresptype ypresptype; -#ifdef __cplusplus -extern "C" bool_t xdr_ypresptype(XDR *, ypresptype*); -#elif defined(__STDC__) -extern bool_t xdr_ypresptype(XDR *, ypresptype*); -#else /* Old Style C */ -bool_t xdr_ypresptype(); -#endif /* Old Style C */ - -typedef struct { - ypresptype yp_resptype; - union { - struct ypresp_val yp_resp_valtype; - struct ypresp_key_val yp_resp_key_valtype; - struct ypmap_parms yp_resp_map_parmstype; - } yp_respbody; -} ypresponse; -#ifdef __cplusplus -extern "C" bool_t xdr_ypresponse(XDR *, ypresponse*); -#elif defined(__STDC__) -extern bool_t xdr_ypresponse(XDR *, ypresponse*); -#else /* Old Style C */ -bool_t xdr_ypresponse(); -#endif /* Old Style C */ - -#define YPMATCH_RESPTYPE YPRESP_VAL -#define ypmatch_resp_status yp_respbody.yp_resp_valtype.stat -#define ypmatch_resp_val yp_respbody.yp_resp_valtype -#define ypmatch_resp_valdat yp_respbody.yp_resp_valtype.val -#define ypmatch_resp_valptr yp_respbody.yp_resp_valtype.val.valdat_val -#define ypmatch_resp_valsize yp_respbody.yp_resp_valtype.val.valdat_len - -#define YPFIRST_RESPTYPE YPRESP_KEY_VAL -#define ypfirst_resp_status yp_respbody.yp_resp_key_valtype.stat -#define ypfirst_resp_keydat yp_respbody.yp_resp_key_valtype.key -#define ypfirst_resp_keyptr yp_respbody.yp_resp_key_valtype.key.keydat_val -#define ypfirst_resp_keysize yp_respbody.yp_resp_key_valtype.key.keydat_len -#define ypfirst_resp_val yp_respbody.yp_resp_key_valtype -#define ypfirst_resp_valdat yp_respbody.yp_resp_key_valtype.val -#define ypfirst_resp_valptr yp_respbody.yp_resp_key_valtype.val.valdat_val -#define ypfirst_resp_valsize yp_respbody.yp_resp_key_valtype.val.valdat_len - -#define YPNEXT_RESPTYPE YPRESP_KEY_VAL -#define ypnext_resp_status yp_respbody.yp_resp_key_valtype.stat -#define ypnext_resp_keydat yp_respbody.yp_resp_key_valtype.key -#define ypnext_resp_keyptr yp_respbody.yp_resp_key_valtype.key.keydat_val -#define ypnext_resp_keysize yp_respbody.yp_resp_key_valtype.key.keydat_len -#define ypnext_resp_val yp_respbody.yp_resp_key_valtype -#define ypnext_resp_valdat yp_respbody.yp_resp_key_valtype.val -#define ypnext_resp_valptr yp_respbody.yp_resp_key_valtype.val.valdat_val -#define ypnext_resp_valsize yp_respbody.yp_resp_key_valtype.val.valdat_len - -#define YPPOLL_RESPTYPE YPRESP_MAP_PARMS -#define yppoll_resp_domain yp_respbody.yp_resp_map_parmstype.domain -#define yppoll_resp_map yp_respbody.yp_resp_map_parmstype.map -#define yppoll_resp_ordernum yp_respbody.yp_resp_map_parmstype.ordernum -#define yppoll_resp_owner yp_respbody.yp_resp_map_parmstype.peer - -#ifdef __cplusplus -#define YPOLDPROC_NULL ((u_long)0) -extern "C" void * ypproc_null_1(void *, CLIENT *); -extern "C" void * ypproc_null_1_svc(void *, struct svc_req *); -#define YPOLDPROC_DOMAIN ((u_long)1) -extern "C" bool_t * ypproc_domain_1(domainname *, CLIENT *); -extern "C" bool_t * ypproc_domain_1_svc(domainname *, struct svc_req *); -#define YPOLDPROC_DOMAIN_NONACK ((u_long)2) -extern "C" bool_t * ypproc_domain_nonack_1(domainname *, CLIENT *); -extern "C" bool_t * ypproc_domain_nonack_1_svc(domainname *, struct svc_req *); -#define YPOLDPROC_MATCH ((u_long)3) -extern "C" ypresponse * ypproc_match_1(yprequest *, CLIENT *); -extern "C" ypresponse * ypproc_match_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_FIRST ((u_long)4) -extern "C" ypresponse * ypproc_first_1(yprequest *, CLIENT *); -extern "C" ypresponse * ypproc_first_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_NEXT ((u_long)5) -extern "C" ypresponse * ypproc_next_1(yprequest *, CLIENT *); -extern "C" ypresponse * ypproc_next_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_POLL ((u_long)6) -extern "C" ypresponse * ypproc_poll_1(yprequest *, CLIENT *); -extern "C" ypresponse * ypproc_poll_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_PUSH ((u_long)7) -extern "C" void * ypproc_push_1(yprequest *, CLIENT *); -extern "C" void * ypproc_push_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_PULL ((u_long)8) -extern "C" void * ypproc_pull_1(yprequest *, CLIENT *); -extern "C" void * ypproc_pull_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_GET ((u_long)9) -extern "C" void * ypproc_get_1(yprequest *, CLIENT *); -extern "C" void * ypproc_get_1_svc(yprequest *, struct svc_req *); - -#elif defined(__STDC__) -#define YPOLDPROC_NULL ((u_long)0) -extern void * ypproc_null_1(void *, CLIENT *); -extern void * ypproc_null_1_svc(void *, struct svc_req *); -#define YPOLDPROC_DOMAIN ((u_long)1) -extern bool_t * ypproc_domain_1(domainname *, CLIENT *); -extern bool_t * ypproc_domain_1_svc(domainname *, struct svc_req *); -#define YPOLDPROC_DOMAIN_NONACK ((u_long)2) -extern bool_t * ypproc_domain_nonack_1(domainname *, CLIENT *); -extern bool_t * ypproc_domain_nonack_1_svc(domainname *, struct svc_req *); -#define YPOLDPROC_MATCH ((u_long)3) -extern ypresponse * ypproc_match_1(yprequest *, CLIENT *); -extern ypresponse * ypproc_match_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_FIRST ((u_long)4) -extern ypresponse * ypproc_first_1(yprequest *, CLIENT *); -extern ypresponse * ypproc_first_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_NEXT ((u_long)5) -extern ypresponse * ypproc_next_1(yprequest *, CLIENT *); -extern ypresponse * ypproc_next_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_POLL ((u_long)6) -extern ypresponse * ypproc_poll_1(yprequest *, CLIENT *); -extern ypresponse * ypproc_poll_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_PUSH ((u_long)7) -extern void * ypproc_push_1(yprequest *, CLIENT *); -extern void * ypproc_push_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_PULL ((u_long)8) -extern void * ypproc_pull_1(yprequest *, CLIENT *); -extern void * ypproc_pull_1_svc(yprequest *, struct svc_req *); -#define YPOLDPROC_GET ((u_long)9) -extern void * ypproc_get_1(yprequest *, CLIENT *); -extern void * ypproc_get_1_svc(yprequest *, struct svc_req *); - -#else /* Old Style C */ -#define YPOLDPROC_NULL ((u_long)0) -extern void * ypproc_null_1(); -extern void * ypproc_null_1_svc(); -#define YPOLDPROC_DOMAIN ((u_long)1) -extern bool_t * ypproc_domain_1(); -extern bool_t * ypproc_domain_1_svc(); -#define YPOLDPROC_DOMAIN_NONACK ((u_long)2) -extern bool_t * ypproc_domain_nonack_1(); -extern bool_t * ypproc_domain_nonack_1_svc(); -#define YPOLDPROC_MATCH ((u_long)3) -extern ypresponse * ypproc_match_1(); -extern ypresponse * ypproc_match_1_svc(); -#define YPOLDPROC_FIRST ((u_long)4) -extern ypresponse * ypproc_first_1(); -extern ypresponse * ypproc_first_1_svc(); -#define YPOLDPROC_NEXT ((u_long)5) -extern ypresponse * ypproc_next_1(); -extern ypresponse * ypproc_next_1_svc(); -#define YPOLDPROC_POLL ((u_long)6) -extern ypresponse * ypproc_poll_1(); -extern ypresponse * ypproc_poll_1_svc(); -#define YPOLDPROC_PUSH ((u_long)7) -extern void * ypproc_push_1(); -extern void * ypproc_push_1_svc(); -#define YPOLDPROC_PULL ((u_long)8) -extern void * ypproc_pull_1(); -extern void * ypproc_pull_1_svc(); -#define YPOLDPROC_GET ((u_long)9) -extern void * ypproc_get_1(); -extern void * ypproc_get_1_svc(); -#endif /* Old Style C */ - -#endif /* !_YPV1_H_RPCGEN */ diff --git a/ypset.tproj/Makefile b/ypset.tproj/Makefile deleted file mode 100644 index f419aa0..0000000 --- a/ypset.tproj/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = ypset - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = ypset.c - -OTHERSRCS = Makefile.dist Makefile.preamble Makefile.postamble ypset.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -WINDOWS_INSTALLDIR = /usr/sbin -PDO_UNIX_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/ypset.tproj/Makefile.dist b/ypset.tproj/Makefile.dist deleted file mode 100644 index 1f141de..0000000 --- a/ypset.tproj/Makefile.dist +++ /dev/null @@ -1,7 +0,0 @@ -# from: @(#)Makefile 5.8 (Berkeley) 7/28/90 -# $Id: Makefile.dist,v 1.1 1999/05/02 03:59:06 wsanchez Exp $ - -PROG= ypset -NOMAN= - -.include diff --git a/ypset.tproj/Makefile.postamble b/ypset.tproj/Makefile.postamble deleted file mode 100644 index 772f79e..0000000 --- a/ypset.tproj/Makefile.postamble +++ /dev/null @@ -1,103 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -after_install: - mkdir -p "$(DSTROOT)/usr/share/man/man8" - install -c -m 644 ypset.8 "$(DSTROOT)/usr/share/man/man8/ypset.8" diff --git a/ypset.tproj/Makefile.preamble b/ypset.tproj/Makefile.preamble deleted file mode 100644 index cdcdf89..0000000 --- a/ypset.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include -AFTER_INSTALL = after_install diff --git a/ypset.tproj/PB.project b/ypset.tproj/PB.project deleted file mode 100644 index 2a2ccfa..0000000 --- a/ypset.tproj/PB.project +++ /dev/null @@ -1,36 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (); - M_FILES = (); - OTHER_LINKED = (ypset.c); - OTHER_SOURCES = (Makefile.dist, Makefile.preamble, Makefile.postamble, ypset.8); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/sbin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = ypset; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/sbin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/ypset.tproj/ypset.8 b/ypset.tproj/ypset.8 deleted file mode 100644 index 09c0c23..0000000 --- a/ypset.tproj/ypset.8 +++ /dev/null @@ -1,91 +0,0 @@ -.\" $OpenBSD: ypset.8,v 1.3 1996/04/24 21:39:27 deraadt Exp $ -.\" $NetBSD: ypset.8,v 1.2 1996/02/28 01:25:08 thorpej Exp $ -.\" -.\" Copyright (c) 1996 The NetBSD Foundation, Inc. -.\" All rights reserved. -.\" -.\" This code is derived from software contributed to The NetBSD Foundation -.\" by Jason R. Thorpe. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the NetBSD -.\" Foundation, Inc. and its contributors. -.\" 4. Neither the name of The NetBSD Foundation nor the names of its -.\" contributors may be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS -.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE -.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -.\" POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd October 25, 1994 -.Dt YPSET 8 -.Os -.Sh NAME -.Nm ypset -.Nd tell -.Xr ypbind 8 -which YP server process to use -.Sh SYNOPSIS -.Nm ypset -.Op Fl h Ar host -.Op Fl d Ar domain -.Ar server -.Sh DESCRIPTION -.Nm Ypset -tells the -.Xr ypbind 8 -process on the current machine which YP server process to communicate with. -If -.Ar server -is down or is not running a YP server process, it is not discovered until -a YP client process attempts to access a YP map, at which time -.Xr ypbind 8 -tests the binding and takes appropriate action. -.Pp -.Nm Ypset -is most useful for binding a YP client that is not on the same broadcast -network as the closest YP server, but can also be used for debugging -a local network's YP configuration, testing specific YP client -programs, or binding to a specific server when there are many servers on -the local network supplying YP maps. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl h Ar host -Set the YP binding on -.Ar host -instead of the local machine. -.It Fl d Ar domain -Use the YP domain -.Ar domain -instead of the default domain as returned by -.Xr domainname 1 . -.El -.Sh SEE ALSO -.Xr domainname 1 , -.Xr ypbind 8 , -.Xr ypcat 1 , -.Xr ypmatch 1 , -.Xr yppoll 8 , -.Xr ypwhich 1 , -.Xr yp 8 -.Sh AUTHOR -Theo de Raadt diff --git a/ypset.tproj/ypset.c b/ypset.tproj/ypset.c deleted file mode 100644 index cddc148..0000000 --- a/ypset.tproj/ypset.c +++ /dev/null @@ -1,187 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1992, 1993 Theo de Raadt - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Theo de Raadt. - * 4. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "ypset.c,v 1.3 1993/06/12 00:02:37 deraadt Exp"; -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -//#include -//#include -#include - -extern bool_t xdr_domainname(); - -void -usage() -{ - fprintf(stderr, "Usage:\n"); - fprintf(stderr, "\typset [-h host ] [-d domain] server\n"); - exit(1); -} - -int -bind_tohost(sin, dom, server) -struct sockaddr_in *sin; -char *dom, *server; -{ - ypbind_setdom ypsd; - struct timeval tv; - struct hostent *hp; - CLIENT *client; - int sock; - u_short port; - int r; - unsigned long server_addr; - - if( (port=htons(getrpcport(server, YPPROG, YPPROC_NULL, IPPROTO_UDP))) == 0) { - fprintf(stderr, "%s not running ypserv.\n", server); - exit(1); - } - - tv.tv_sec = 15; - tv.tv_usec = 0; - sock = RPC_ANYSOCK; - client = clntudp_create(sin, YPBINDPROG, YPBINDVERS, tv, &sock); - if (client==NULL) { - fprintf(stderr, "RPC error: can't create YPBIND client\n"); - return YP_YPERR; - } - client->cl_auth = authunix_create_default(); - - bzero(&ypsd, sizeof(struct ypbind_setdom)); - - - if( (hp = gethostbyname (server)) != NULL ) { - /* is this the most compatible way?? */ - bcopy(hp->h_addr_list[0], &ypsd.ypsetdom_binding.ypbind_binding_addr, 4); - } else if( (long)(server_addr = inet_addr (server)) == -1) { - fprintf(stderr, "can't find address for %s\n", server); - exit(1); - } else - bcopy (&server_addr, &ypsd.ypsetdom_binding.ypbind_binding_addr, 4); - - ypsd.ypsetdom_domain = dom; - - bcopy(&port, ypsd.ypsetdom_binding.ypbind_binding_port, 2); - ypsd.ypsetdom_vers = YPVERS; - - r = clnt_call(client, YPBINDPROC_SETDOM, - xdr_ypbind_setdom, &ypsd, xdr_void, NULL, tv); - if (r != RPC_SUCCESS) - { - fprintf(stderr, "Can't ypset for domain %s: %s \n", - dom, clnt_sperror(client, "setdomain")); - clnt_destroy(client); - return YP_YPERR; - } - clnt_destroy(client); - return 0; -} - -int -main(argc, argv) -char **argv; -{ - struct sockaddr_in sin; - struct hostent *hent; - extern char *optarg; - extern int optind; - char *domainname; - int c; - - yp_get_default_domain(&domainname); - - bzero(&sin, sizeof sin); - sin.sin_family = AF_INET; - sin.sin_addr.s_addr = htonl(0x7f000001); - - while( (c=getopt(argc, argv, "h:d:")) != -1) - switch(c) { - case 'd': - domainname = optarg; - break; - case 'h': - if( (sin.sin_addr.s_addr=inet_addr(optarg)) == -1) { - hent = gethostbyname(optarg); - if(hent==NULL) { - fprintf(stderr, "ypset: host %s unknown\n", - optarg); - exit(1); - } - bcopy(&hent->h_addr_list[0], &sin.sin_addr, - sizeof sin.sin_addr); - } - break; - default: - usage(); - } - - if(optind + 1 != argc ) - usage(); - - if (bind_tohost(&sin, domainname, argv[optind])) - exit(1); - exit(0); -} diff --git a/ypwhich.tproj/Makefile b/ypwhich.tproj/Makefile deleted file mode 100644 index 231a00b..0000000 --- a/ypwhich.tproj/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = ypwhich - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -CFILES = ypwhich.c - -OTHERSRCS = Makefile.dist Makefile.preamble Makefile.postamble ypwhich.1 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/bin -WINDOWS_INSTALLDIR = /usr/bin -PDO_UNIX_INSTALLDIR = /usr/bin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/ypwhich.tproj/Makefile.dist b/ypwhich.tproj/Makefile.dist deleted file mode 100644 index 35be32f..0000000 --- a/ypwhich.tproj/Makefile.dist +++ /dev/null @@ -1,6 +0,0 @@ -# from: @(#)Makefile 5.8 (Berkeley) 7/28/90 -# $Id: Makefile.dist,v 1.1 1999/05/02 03:59:06 wsanchez Exp $ - -PROG= ypwhich - -.include diff --git a/ypwhich.tproj/Makefile.postamble b/ypwhich.tproj/Makefile.postamble deleted file mode 100644 index 1659a18..0000000 --- a/ypwhich.tproj/Makefile.postamble +++ /dev/null @@ -1,103 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -after_install: - $(MKDIR) -p $(DSTROOT)/usr/share/man/man1 - $(CP) ypwhich.1 $(DSTROOT)/usr/share/man/man1/ diff --git a/ypwhich.tproj/Makefile.preamble b/ypwhich.tproj/Makefile.preamble deleted file mode 100644 index cdcdf89..0000000 --- a/ypwhich.tproj/Makefile.preamble +++ /dev/null @@ -1,3 +0,0 @@ -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include -AFTER_INSTALL = after_install diff --git a/ypwhich.tproj/PB.project b/ypwhich.tproj/PB.project deleted file mode 100644 index 6bbaabd..0000000 --- a/ypwhich.tproj/PB.project +++ /dev/null @@ -1,36 +0,0 @@ -{ - FILESTABLE = { - C_FILES = (); - H_FILES = (); - M_FILES = (); - OTHER_LINKED = (ypwhich.c); - OTHER_SOURCES = (Makefile.dist, Makefile.preamble, ypwhich.1); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/bin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/bin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = ypwhich; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/bin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/ypwhich.tproj/ypwhich.1 b/ypwhich.tproj/ypwhich.1 deleted file mode 100644 index 7bd05c9..0000000 --- a/ypwhich.tproj/ypwhich.1 +++ /dev/null @@ -1,94 +0,0 @@ -.\" -.\" Copyright (c) 1994 Christopher G. Demetriou -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Christopher G. Demetriou. -.\" 3. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $Id: ypwhich.1,v 1.1 1999/05/02 03:59:06 wsanchez Exp $ -.\" -.Dd February 23, 1994 -.Dt YPWHICH 1 -.Os -.Sh NAME -.Nm ypwhich -.Nd return hostname of YP server of map master -.Sh SYNOPSIS -.Nm ypwhich -.Op Fl d Ar domain -.Oo -.Op Fl t -.Fl m Op Ar mname -| -.Ar host -.Oc -.Nm ypmatch -.Fl x -.Sh DESCRIPTION -.Nm Ypmatch -tells which -.Tn YP -server supplies -.Tn YP -services to a client, or which is the master for a map. -If invoked without arguments, it gives the -.Tn YP -server for the local machine. -If -.Ar host -is specified, that machine is queried to find out -which -.Tn YP -server it is using. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl d Ar domain -Specify a domain other than the default domain. -.It Fl t -Inhibit translation of map nicknames -to their corresponding map names. -.It Fl m Op Ar mname -Find the master -.Tn YP -server for the named map. No -.Ar host -may be specified with the -.Fl m -option. -.Ar Mname -can be a map name or nickname. If -.Ar mname -is ommitted, -.Nm ypwhich -will produce a list of available maps. -.It Fl x -Display the map nickname table. -.El -.Sh SEE ALSO -.Xr ypset 8 , -.Xr yp 8 -.Sh AUTHOR -Theo De Raadt diff --git a/ypwhich.tproj/ypwhich.c b/ypwhich.tproj/ypwhich.c deleted file mode 100644 index ccc38ac..0000000 --- a/ypwhich.tproj/ypwhich.c +++ /dev/null @@ -1,311 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1992, 1993 Theo de Raadt - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Theo de Raadt. - * 4. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$Id: ypwhich.c,v 1.1 1999/05/02 03:59:06 wsanchez Exp $"; -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -//#include -#include -#include -#include -#include -#include -#include - -extern bool_t xdr_domainname(); - -struct ypalias { - char *alias, *name; -} ypaliases[] = { - { "passwd", "passwd.byname" }, - { "group", "group.byname" }, - { "networks", "networks.byaddr" }, - { "hosts", "hosts.byaddr" }, - { "protocols", "protocols.bynumber" }, - { "services", "services.byname" }, - { "aliases", "mail.aliases" }, - { "ethers", "ethers.byname" }, -}; -static int n_aliases = 8; - -void -usage() -{ - fprintf(stderr, "Usage:\n"); - fprintf(stderr, "\typwhich [-d domain] [[-t] -m [mname] | host]\n"); - fprintf(stderr, "\typwhich -x\n"); - exit(1); -} - - -/* - * Like yp_bind except can query a specific host - */ -int -bind_host(char *dom, struct sockaddr_in *sin) -{ - struct hostent *hent = NULL; - struct ypbind_resp ypbr; - struct timeval tv; - CLIENT *client; - int sock, r; - struct in_addr addr; - - sock = RPC_ANYSOCK; - tv.tv_sec = 15; - tv.tv_usec = 0; - client = clntudp_create(sin, YPBINDPROG, YPBINDVERS, tv, &sock); - if (client==NULL) - { - fprintf(stderr, "can't clntudp_create: %s\n", - yperr_string(YPERR_YPBIND)); - return YPERR_YPBIND; - } - - tv.tv_sec = 5; - tv.tv_usec = 0; - r = clnt_call(client, YPBINDPROC_DOMAIN, - xdr_domainname, &dom, xdr_ypbind_resp, &ypbr, tv); - - if (r != RPC_SUCCESS) - { - fprintf(stderr, "can't clnt_call: %s\n", yperr_string(YPERR_YPBIND)); - clnt_destroy(client); - return YPERR_YPBIND; - } - else - { - if (ypbr.ypbind_status != YPBIND_SUCC_VAL) - { - fprintf(stderr, "can't yp_bind: Reason: %s\n", - yperr_string(ypbr.ypbind_status)); - clnt_destroy(client); - return r; - } - } - - clnt_destroy(client); - - memmove(&addr, ypbr.ypbind_resp_u.ypbind_bindinfo.ypbind_binding_addr, 4); - - hent = gethostbyaddr((char *)&(addr.s_addr), sizeof(u_long), AF_INET); - if (hent != NULL) printf("%s\n", hent->h_name); - else printf("%s\n", inet_ntoa(addr)); - return 0; -} - -int -main(int argc, char *argv[]) -{ - char *domainname, *master, *map; - ypmaplist *ypml, *y; - extern char *optarg; - extern int optind; - struct hostent *hent; - struct sockaddr_in sin; - int notrans, mode, getmap; - int c, r, i; - - yp_get_default_domain(&domainname); - - map = NULL; - getmap = notrans = mode = 0; - while ((c = getopt(argc, argv, "xd:mt")) != -1) - { - switch(c) - { - case 'x': - for (i = 0; i < n_aliases; i++) - { - printf("Use \"%s\" for \"%s\"\n", - ypaliases[i].alias, - ypaliases[i].name); - } - exit(0); - - case 'd': - domainname = optarg; - break; - - case 't': - notrans++; - break; - - case 'm': - mode++; - break; - - default: - usage(); - } - } - - if (mode == 0) - { - switch(argc-optind) - { - case 0: - bzero(&sin, sizeof sin); - sin.sin_family = AF_INET; - sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - - if (bind_host(domainname, &sin)) exit(1); - break; - - case 1: - bzero(&sin, sizeof sin); - sin.sin_family = AF_INET; - sin.sin_addr.s_addr = inet_addr(argv[optind]); - if (sin.sin_addr.s_addr == -1) - { - hent = gethostbyname(argv[optind]); - if (hent == NULL) - { - fprintf(stderr, "ypwhich: host %s unknown\n", - argv[optind]); - exit(1); - } - - bcopy((char *)hent->h_addr_list[0], - (char *)&sin.sin_addr, sizeof sin.sin_addr); - } - - if (bind_host(domainname, &sin)) exit(1); - break; - - default: - usage(); - } - - exit(0); - } - - if (argc-optind > 1) usage(); - - if (argv[optind]) - { - map = argv[optind]; - for (i = 0; (!notrans) && (i < n_aliases); i++) - { - if (!strcmp(map, ypaliases[i].alias)) map = ypaliases[i].name; - } - - r = yp_master(domainname, map, &master); - switch(r) - { - case 0: - printf("%s\n", master); - free(master); - break; - case YPERR_YPBIND: - fprintf(stderr, "ypwhich: not running ypbind\n"); - exit(1); - default: - fprintf(stderr, "Can't find master for map %s. Reason: %s\n", - map, yperr_string(r)); - exit(1); - } - exit(0); - } - - ypml = NULL; - r = yp_maplist(domainname, &ypml); - switch(r) - { - case 0: - while (ypml != NULL) - { - r = yp_master(domainname, ypml->map, &master); - switch(r) - { - case 0: - printf("%s %s\n", ypml->map, master); - free(master); - break; - default: - fprintf(stderr, - "YP: can't find the master of %s: Reason: %s\n", - ypml->map, yperr_string(r)); - break; - } - - y = ypml; - ypml = ypml->next; - free(y); - } - break; - - case YPERR_YPBIND: - fprintf(stderr, "ypwhich: not running ypbind\n"); - exit(1); - - default: - fprintf(stderr, "Can't get map list for domain %s. Reason: %s\n", - domainname, yperr_string(r)); - exit(1); - } - - exit(0); -} diff --git a/ypxfr.tproj/Makefile b/ypxfr.tproj/Makefile deleted file mode 100644 index bec2e2c..0000000 --- a/ypxfr.tproj/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = ypxfr - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = ypdb.h ypdef.h yplib_host.h yplog.h - -CFILES = ypdb.c yplib_host.c yplog.c ypxfr.c ypxfr_xdr.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble\ - ypxfr_1perday.sh ypxfr_1perhour.sh ypxfr_2perday.sh ypxfr.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/ypxfr.tproj/Makefile.postamble b/ypxfr.tproj/Makefile.postamble deleted file mode 100644 index e19d34d..0000000 --- a/ypxfr.tproj/Makefile.postamble +++ /dev/null @@ -1,104 +0,0 @@ -############################################################################### -# Makefile.postamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile, which is imported after all other makefiles, to -# override attributes for a project's Makefile environment. This allows you -# to take advantage of the environment set up by the other Makefiles. -# You can also define custom rules at the end of this file. -# -############################################################################### -# -# These variables are exported by the standard makefiles and can be -# used in any customizations you make. They are *outputs* of -# the Makefiles and should be used, not set. -# -# PRODUCTS: products to install. All of these products will be placed in -# the directory $(DSTROOT)$(INSTALLDIR) -# GLOBAL_RESOURCE_DIR: The directory to which resources are copied. -# LOCAL_RESOURCE_DIR: The directory to which localized resources are copied. -# OFILE_DIR: Directory into which .o object files are generated. -# DERIVED_SRC_DIR: Directory used for all other derived files -# -# ALL_CFLAGS: flags to pass when compiling .c files -# ALL_MFLAGS: flags to pass when compiling .m files -# ALL_CCFLAGS: flags to pass when compiling .cc, .cxx, and .C files -# ALL_MMFLAGS: flags to pass when compiling .mm, .mxx, and .M files -# ALL_PRECOMPFLAGS: flags to pass when precompiling .h files -# ALL_LDFLAGS: flags to pass when linking object files -# ALL_LIBTOOL_FLAGS: flags to pass when libtooling object files -# ALL_PSWFLAGS: flags to pass when processing .psw and .pswm (pswrap) files -# ALL_RPCFLAGS: flags to pass when processing .rpc (rpcgen) files -# ALL_YFLAGS: flags to pass when processing .y (yacc) files -# ALL_LFLAGS: flags to pass when processing .l (lex) files -# -# NAME: name of application, bundle, subproject, palette, etc. -# LANGUAGE: langage in which the project is written (default "English") -# LOCAL_RESOURCES: localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES: non-localized resources of project -# -# SRCROOT: base directory in which to place the new source files -# SRCPATH: relative path from SRCROOT to present subdirectory -# -# INSTALLDIR: Directory the product will be installed into by 'install' target -# PUBLIC_HDR_INSTALLDIR: where to install public headers. Don't forget -# to prefix this with DSTROOT when you use it. -# PRIVATE_HDR_INSTALLDIR: where to install private headers. Don't forget -# to prefix this with DSTROOT when you use it. -# -# EXECUTABLE_EXT: Executable extension for the platform (i.e. .exe on Windows) -# -############################################################################### - -# Some compiler flags can be overridden here for certain build situations. -# -# WARNING_CFLAGS: flag used to set warning level (defaults to -Wmost) -# DEBUG_SYMBOLS_CFLAGS: debug-symbol flag passed to all builds (defaults -# to -g) -# DEBUG_BUILD_CFLAGS: flags passed during debug builds (defaults to -DDEBUG) -# OPTIMIZE_BUILD_CFLAGS: flags passed during optimized builds (defaults -# to -O) -# PROFILE_BUILD_CFLAGS: flags passed during profile builds (defaults -# to -pg -DPROFILE) -# LOCAL_DIR_INCLUDE_DIRECTIVE: flag used to add current directory to -# the include path (defaults to -I.) -# DEBUG_BUILD_LDFLAGS, OPTIMIZE_BUILD_LDFLAGS, PROFILE_BUILD_LDFLAGS: flags -# passed to ld/libtool (defaults to nothing) - - -# Library and Framework projects only: -# INSTALL_NAME_DIRECTIVE: This directive ensures that executables linked -# against the framework will run against the correct version even if -# the current version of the framework changes. You may override this -# to "" as an alternative to using the DYLD_LIBRARY_PATH during your -# development cycle, but be sure to restore it before installing. - - -# Ownership and permissions of files installed by 'install' target - -#INSTALL_AS_USER = root - # User/group ownership -#INSTALL_AS_GROUP = wheel - # (probably want to set both of these) -#INSTALL_PERMISSIONS = - # If set, 'install' chmod's executable to this - - -# Options to strip. Note: -S strips debugging symbols (executables can be stripped -# down further with -x or, if they load no bundles, with no options at all). - -#STRIPFLAGS = -S -STRIPFLAGS = - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Include them in -# the dependency tree via cvariables like AFTER_INSTALL in the Makefile.preamble. -# -# You should avoid redefining things like "install" or "app", as they are -# owned by the top-level Makefile API and no context has been set up for where -# derived files should go. -# -after_install: - mkdir -p "$(DSTROOT)/usr/share/man/man8" - install -c -m 644 ypxfr.8 "$(DSTROOT)/usr/share/man/man8/ypxfr.8" diff --git a/ypxfr.tproj/Makefile.preamble b/ypxfr.tproj/Makefile.preamble deleted file mode 100644 index 3d12277..0000000 --- a/ypxfr.tproj/Makefile.preamble +++ /dev/null @@ -1,124 +0,0 @@ -############################################################################### -# Makefile.preamble -# Copyright 1997, Apple Computer, Inc. -# -# Use this makefile for configuring the standard application makefiles -# associated with ProjectBuilder. It is included before the main makefile. -# In Makefile.preamble you set attributes for a project, so they are available -# to the project's makefiles. In contrast, you typically write additional rules or -# override built-in behavior in the Makefile.postamble. -# -# Each directory in a project tree (main project plus subprojects) should -# have its own Makefile.preamble and Makefile.postamble. -############################################################################### -# -# Before the main makefile is included for this project, you may set: -# -# MAKEFILEDIR: Directory in which to find $(MAKEFILE) -# MAKEFILE: Top level mechanism Makefile (e.g., app.make, bundle.make) - -# Compiler/linker flags added to the defaults: The OTHER_* variables will be -# inherited by all nested sub-projects, but the LOCAL_ versions of the same -# variables will not. Put your -I, -D, -U, and -L flags in ProjectBuilder's -# Build Attributes inspector if at all possible. To override the default flags -# that get passed to ${CC} (e.g. change -O to -O2), see Makefile.postamble. The -# variables below are *inputs* to the build process and distinct from the override -# settings done (less often) in the Makefile.postamble. -# -# OTHER_CFLAGS, LOCAL_CFLAGS: additional flags to pass to the compiler -# Note that $(OTHER_CFLAGS) and $(LOCAL_CFLAGS) are used for .h, ...c, .m, -# .cc, .cxx, .C, and .M files. There is no need to respecify the -# flags in OTHER_MFLAGS, etc. -# OTHER_MFLAGS, LOCAL_MFLAGS: additional flags for .m files -# OTHER_CCFLAGS, LOCAL_CCFLAGS: additional flags for .cc, .cxx, and ...C files -# OTHER_MMFLAGS, LOCAL_MMFLAGS: additional flags for .mm and .M files -# OTHER_PRECOMPFLAGS, LOCAL_PRECOMPFLAGS: additional flags used when -# precompiling header files -# OTHER_LDFLAGS, LOCAL_LDFLAGS: additional flags passed to ld and libtool -# OTHER_PSWFLAGS, LOCAL_PSWFLAGS: additional flags passed to pswrap -# OTHER_RPCFLAGS, LOCAL_RPCFLAGS: additional flags passed to rpcgen -# OTHER_YFLAGS, LOCAL_YFLAGS: additional flags passed to yacc -# OTHER_LFLAGS, LOCAL_LFLAGS: additional flags passed to lex - -# These variables provide hooks enabling you to add behavior at almost every -# stage of the make: -# -# BEFORE_PREBUILD: targets to build before installing headers for a subproject -# AFTER_PREBUILD: targets to build after installing headers for a subproject -# BEFORE_BUILD_RECURSION: targets to make before building subprojects -# BEFORE_BUILD: targets to make before a build, but after subprojects -# AFTER_BUILD: targets to make after a build -# -# BEFORE_INSTALL: targets to build before installing the product -# AFTER_INSTALL: targets to build after installing the product -# BEFORE_POSTINSTALL: targets to build before postinstalling every subproject -# AFTER_POSTINSTALL: targts to build after postinstalling every subproject -# -# BEFORE_INSTALLHDRS: targets to build before installing headers for a -# subproject -# AFTER_INSTALLHDRS: targets to build after installing headers for a subproject -# BEFORE_INSTALLSRC: targets to build before installing source for a subproject -# AFTER_INSTALLSRC: targets to build after installing source for a subproject -# -# BEFORE_DEPEND: targets to build before building dependencies for a -# subproject -# AFTER_DEPEND: targets to build after building dependencies for a -# subproject -# -# AUTOMATIC_DEPENDENCY_INFO: if YES, then the dependency file is -# updated every time the project is built. If NO, the dependency -# file is only built when the depend target is invoked. - -# Framework-related variables: -# FRAMEWORK_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the framework's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables - -# Library-related variables: -# PUBLIC_HEADER_DIR: Determines where public exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# PRIVATE_HEADER_DIR: Determines where private exported header files -# should be installed. Do not include $(DSTROOT) in this value -- -# it is prefixed automatically. -# LIBRARY_STYLE: This may be either STATIC or DYNAMIC, and determines -# whether the libraries produced are statically linked when they -# are used or if they are dynamically loadable. <> -# LIBRARY_DLL_INSTALLDIR: On Windows platforms, this variable indicates -# where to put the library's DLL. This variable defaults to -# $(INSTALLDIR)/../Executables -# -# INSTALL_AS_USER: owner of the intalled products (default root) -# INSTALL_AS_GROUP: group of the installed products (default wheel) -# INSTALL_PERMISSION: permissions of the installed product (default o+rX) -# -# OTHER_RECURSIVE_VARIABLES: The names of variables which you want to be -# passed on the command line to recursive invocations of make. Note that -# the values in OTHER_*FLAGS are inherited by subprojects automatically -- -# you do not have to (and shouldn't) add OTHER_*FLAGS to -# OTHER_RECURSIVE_VARIABLES. - -# Additional headers to export beyond those in the PB.project: -# OTHER_PUBLIC_HEADERS -# OTHER_PROJECT_HEADERS -# OTHER_PRIVATE_HEADERS - -# Additional files for the project's product: <> -# OTHER_RESOURCES: (non-localized) resources for this project -# OTHER_OFILES: relocatables to be linked into this project -# OTHER_LIBS: more libraries to link against -# OTHER_PRODUCT_DEPENDS: other dependencies of this project -# OTHER_SOURCEFILES: other source files maintained by .pre/postamble -# OTHER_GARBAGE: additional files to be removed by `make clean' - -# Set this to YES if you don't want a final libtool call for a library/framework. -# BUILD_OFILES_LIST_ONLY - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -# OTHER_GENERATED_OFILES = $(VERS_OFILE) - -# This definition will suppress stripping of debug symbols when an executable -# is installed. By default it is YES. -# STRIP_ON_INSTALL = NO -AFTER_INSTALL = after_install diff --git a/ypxfr.tproj/PB.project b/ypxfr.tproj/PB.project deleted file mode 100644 index 1371c2f..0000000 --- a/ypxfr.tproj/PB.project +++ /dev/null @@ -1,36 +0,0 @@ -{ - DYNAMIC_CODE_GEN = YES; - FILESTABLE = { - FRAMEWORKS = (); - H_FILES = (ypdb.h, ypdef.h, yplib_host.h, yplog.h); - LIBRARYSEARCH = (); - OTHER_LIBS = (); - OTHER_LINKED = (ypdb.c, yplib_host.c, yplog.c, ypxfr.c, ypxfr_xdr.c); - OTHER_SOURCES = ( - Makefile.preamble, - Makefile, - Makefile.postamble, - ypxfr_1perday.sh, - ypxfr_1perhour.sh, - ypxfr_2perday.sh, - ypxfr.8 - ); - SUBPROJECTS = (); - }; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - MAKEFILEDIR = "$(MAKEFILEPATH)/pb_makefiles"; - NEXTSTEP_BUILDTOOL = /bin/gnumake; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDTOOL = $NEXT_ROOT/Developer/bin/make; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = ypxfr; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDTOOL = $NEXT_ROOT/Developer/Executables/make; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/ypxfr.tproj/ypdb.c b/ypxfr.tproj/ypdb.c deleted file mode 100644 index c9bd178..0000000 --- a/ypxfr.tproj/ypdb.c +++ /dev/null @@ -1,297 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdb.c,v 1.5 1997/02/09 09:49:36 maja Exp $ */ - -/* - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * This code is derived from ndbm module of BSD4.4 db (hash) by - * Mats O Jansson - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include -#include -#include - -#include "ypdb.h" - -#ifdef YPDB_PATCH -extern DBM *__hash_open(); -#else -extern DBM *__bt_open(); -#endif - -/* - * Returns: - * *DBM on success - * NULL on failure - */ - -extern DBM * -ypdb_open(file, flags, mode) - const char *file; - int flags, mode; -{ -#ifdef YPDB_PATCH - HASHINFO info; - char path[MAXPATHLEN]; - - info.bsize = 4096; - info.ffactor = 40; - info.nelem = 1; - info.cachesize = NULL; - info.hash = NULL; - info.lorder = 0; - snprintf(path, sizeof(path), "%s%s", file, YPDB_SUFFIX); - return ((DBM *)__hash_open(path, flags, mode, &info, 0)); -#else - BTREEINFO info; - char path[MAXPATHLEN]; - DBM *db; - - info.flags = 0; - info.cachesize = 0; - info.maxkeypage = 0; - info.minkeypage = 0; - info.psize = 0; - info.compare = NULL; - info.prefix = NULL; - info.lorder = 0; - snprintf(path, sizeof(path), "%s%s", file, YPDB_SUFFIX); - db = (DBM *)__bt_open(path, flags, mode, &info, 0); - return (db); -#endif -} - -/* - * Returns: - * *DBM on success - * NULL on failure - */ - -extern DBM * -ypdb_open_suf(file, flags, mode) - const char *file; - int flags, mode; -{ -#ifdef YPDB_PATCH - HASHINFO info; - - info.bsize = 4096; - info.ffactor = 40; - info.nelem = 1; - info.cachesize = NULL; - info.hash = NULL; - info.lorder = 0; - return ((DBM *)__hash_open(file, flags, mode, &info, 0)); -#else - BTREEINFO info; - DBM *db; - - info.flags = 0; - info.cachesize = 0; - info.maxkeypage = 0; - info.minkeypage = 0; - info.psize = 0; - info.compare = NULL; - info.prefix = NULL; - info.lorder = 0; - db = (DBM *)__bt_open(file, flags, mode, &info, 0); - return (db); -#endif -} - -extern void -ypdb_close(db) - DBM *db; -{ - (void)(db->close)(db); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_fetch(db, key) - DBM *db; - datum key; -{ - datum retval; - int status; - - status = (db->get)(db, (DBT *)&key, (DBT *)&retval, 0); - if (status) { - retval.dptr = NULL; - retval.dsize = 0; - } - return (retval); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_firstkey(db) - DBM *db; -{ - int status; - datum retdata, retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST); - if (status) - retkey.dptr = NULL; - return (retkey); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_nextkey(db) - DBM *db; -{ - int status; - datum retdata, retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT); - if (status) - retkey.dptr = NULL; - return (retkey); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ - -extern datum -ypdb_setkey(db, key) - DBM *db; - datum key; -{ - int status; - datum retdata; -#ifdef YPDB_PATCH - datum retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST); - if (status) - retkey.dptr = NULL; - while ((retkey.dptr != NULL) && - ((retkey.dsize != key.dsize) || - (strncmp(key.dptr,retkey.dptr,retkey.dsize) != 0))) { - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT); - if (status) - retkey.dptr = NULL; - }; - return (retkey); -#else - status = (db->seq)(db, (DBT *)&key, (DBT *)&retdata, R_CURSOR); - if (status) - key.dptr = NULL; - return (key); -#endif -} - -/* - * Returns: - * 0 on success - * <0 failure - */ - -int -ypdb_delete(db, key) - DBM *db; - datum key; -{ - int status; - - status = (db->del)(db, (DBT *)&key, 0); - if (status) - return (-1); - else - return (0); -} - -/* - * Returns: - * 0 on success - * <0 failure - * 1 if YPDB_INSERT and entry exists - */ - -int -ypdb_store(db, key, content, flags) - DBM *db; - datum key, content; - int flags; -{ - return ((db->put)(db, (DBT *)&key, (DBT *)&content, - (flags == YPDB_INSERT) ? R_NOOVERWRITE : 0)); -} - diff --git a/ypxfr.tproj/ypdb.h b/ypxfr.tproj/ypdb.h deleted file mode 100644 index 45b0a7f..0000000 --- a/ypxfr.tproj/ypdb.h +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdb.h,v 1.5 1997/02/09 09:49:37 maja Exp $ */ - -/* - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * This code is derived from ndbm module of BSD4.4 db (hash) by - * Mats O Jansson - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPDB_H_ -#define _YPDB_H_ - -#ifndef _DB_H_ -#include -#endif - -#define YPDB_SUFFIX ".db" - -/* Flags to ypdb_store(). */ -#define YPDB_INSERT 0 -#define YPDB_REPLACE 1 - -#ifndef DATUM -typedef struct { - char *dptr; - int dsize; -} datum; -#define DATUM -#endif - -typedef DB DBM; - -__BEGIN_DECLS -void ypdb_close __P((DBM *)); -datum ypdb_fetch __P((DBM *, datum)); -datum ypdb_firstkey __P((DBM *)); -datum ypdb_nextkey __P((DBM *)); -datum ypdb_setkey __P((DBM *, datum)); -DBM *ypdb_open __P((const char *, int, int)); -DBM *ypdb_open_suf __P((const char *, int, int)); -int ypdb_store __P((DBM *, datum, datum, int)); -__END_DECLS - -#endif /* !_YPDB_H_ */ diff --git a/ypxfr.tproj/ypdef.h b/ypxfr.tproj/ypdef.h deleted file mode 100644 index 89970d7..0000000 --- a/ypxfr.tproj/ypdef.h +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypdef.h,v 1.6 1997/03/30 20:51:14 maja Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPDEF_H_ -#define _YPDEF_H_ - -#define YP_DB_PATH "/var/yp" -#define YP_LAST_KEY "YP_LAST_MODIFIED" -#define YP_LAST_LEN (sizeof(YP_LAST_KEY)-1) -#define YP_INPUT_KEY "YP_INPUT_FILE" -#define YP_INPUT_LEN (sizeof(YP_INPUT_KEY)-1) -#define YP_OUTPUT_KEY "YP_OUTPUT_FILE" -#define YP_OUTPUT_LEN (sizeof(YP_OUTPUT_KEY)-1) -#define YP_MASTER_KEY "YP_MASTER_NAME" -#define YP_MASTER_LEN (sizeof(YP_MASTER_KEY)-1) -#define YP_DOMAIN_KEY "YP_DOMAIN_NAME" -#define YP_DOMAIN_LEN (sizeof(YP_DOMAIN_KEY)-1) -#define YP_INTERDOMAIN_KEY "YP_INTERDOMAIN" -#define YP_INTERDOMAIN_LEN (sizeof(YP_INTERDOMAIN_KEY)-1) -#define YP_SECURE_KEY "YP_SECURE" -#define YP_SECURE_LEN (sizeof(YP_SECURE_KEY)-1) - -#define MAX_LAST_LEN 10 -#define MAX_MASTER_LEN 255 -#define YP_HOSTNAME "hosts.byname" -#define YP_HOSTADDR "hosts.byaddr" - -#ifndef TRUE -#define TRUE 1 -#endif - -#ifndef FALSE -#define FALSE 0 -#endif - -#define YPXFR_PROC "/usr/sbin/ypxfr" -#define YPPUSH_PROC "/usr/sbin/yppush" -#define YPSERV_PID_PATH "/var/run/ypserv.pid" -#define YP_SECURENET_FILE "/var/yp/securenet" - -#endif /* !_YPDEF_H_ */ diff --git a/ypxfr.tproj/yplib_host.c b/ypxfr.tproj/yplib_host.c deleted file mode 100644 index 70b914b..0000000 --- a/ypxfr.tproj/yplib_host.c +++ /dev/null @@ -1,427 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yplib_host.c,v 1.7 1997/06/23 01:11:12 deraadt Exp $ */ - -/* - * Copyright (c) 1992, 1993 Theo de Raadt - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Theo de Raadt. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char *rcsid = "$OpenBSD: yplib_host.c,v 1.7 1997/06/23 01:11:12 deraadt Exp $"; -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -extern bool_t xdr_domainname(), xdr_ypbind_resp(); -extern bool_t xdr_ypreq_key(), xdr_ypresp_val(); -extern bool_t xdr_ypreq_nokey(), xdr_ypresp_key_val(); -extern bool_t xdr_ypresp_all(), xdr_ypresp_all_seq(); -extern bool_t xdr_ypresp_master(); - -extern int (*ypresp_allfn)(); -extern void *ypresp_data; - -int _yplib_host_timeout = 10; - -CLIENT * -yp_bind_host(server,program,version,port,usetcp) -char *server; -u_long program,version; -u_short port; -int usetcp; -{ - struct sockaddr_in rsrv_sin; - int rsrv_sock; - struct hostent *h; - struct timeval tv; - static CLIENT *client; - - memset(&rsrv_sin, 0, sizeof rsrv_sin); - rsrv_sin.sin_len = sizeof rsrv_sin; - rsrv_sin.sin_family = AF_INET; - rsrv_sock = RPC_ANYSOCK; - if (port != 0) { - rsrv_sin.sin_port = htons(port); - } - - if ((*server >= '0') && (*server <= '9')) { - if(inet_aton(server,&rsrv_sin.sin_addr) == 0) { - fprintf(stderr, "inet_aton: invalid address %s.\n", - server); - exit(1); - } - } else { - h = gethostbyname(server); - if(h == NULL) { - fprintf(stderr, "gethostbyname: unknown host %s.\n", - server); - exit(1); - } - rsrv_sin.sin_addr.s_addr = *(u_int32_t *)h->h_addr; - } - - tv.tv_sec = 10; - tv.tv_usec = 0; - - if (usetcp) { - client = clnttcp_create(&rsrv_sin, program, version, - &rsrv_sock, 0, 0); - } else { - client = clntudp_create(&rsrv_sin, program, version, tv, - &rsrv_sock); - } - - if (client == NULL) { - fprintf(stderr, "clntudp_create: no contact with host %s.\n", - server); - exit(1); - } - - return(client); - -} - -CLIENT * -yp_bind_local(program,version) -u_long program,version; -{ - struct sockaddr_in rsrv_sin; - int rsrv_sock; - struct timeval tv; - static CLIENT *client; - - memset(&rsrv_sin, 0, sizeof rsrv_sin); - rsrv_sin.sin_len = sizeof rsrv_sin; - rsrv_sin.sin_family = AF_INET; - rsrv_sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - rsrv_sock = RPC_ANYSOCK; - - tv.tv_sec = 10; - tv.tv_usec = 0; - - client = clntudp_create(&rsrv_sin, program, version, tv, &rsrv_sock); - if (client == NULL) { - fprintf(stderr,"clntudp_create: no contact with localhost.\n"); - exit(1); - } - - return(client); - -} - -int -yp_match_host(client, indomain, inmap, inkey, inkeylen, outval, outvallen) -CLIENT *client; -char *indomain; -char *inmap; -const char *inkey; -int inkeylen; -char **outval; -int *outvallen; -{ - struct ypresp_val yprv; - struct timeval tv; - struct ypreq_key yprk; - int r; - - *outval = NULL; - *outvallen = 0; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprk.domain = indomain; - yprk.map = inmap; - yprk.key.keydat_val = (char *)inkey; - yprk.key.keydat_len = inkeylen; - - memset(&yprv, 0, sizeof yprv); - - r = clnt_call(client, YPPROC_MATCH, - xdr_ypreq_key, &yprk, xdr_ypresp_val, &yprv, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_match_host: clnt_call"); - } - if( !(r=ypprot_err(yprv.stat)) ) { - *outvallen = yprv.val.valdat_len; - *outval = (char *)malloc(*outvallen+1); - memcpy(*outval, yprv.val.valdat_val, *outvallen); - (*outval)[*outvallen] = '\0'; - } - xdr_free(xdr_ypresp_val, (char *)&yprv); - return r; -} - -int -yp_first_host(client, indomain, inmap, outkey, outkeylen, outval, outvallen) -CLIENT *client; -char *indomain; -char *inmap; -char **outkey; -int *outkeylen; -char **outval; -int *outvallen; -{ - struct ypresp_key_val yprkv; - struct ypreq_nokey yprnk; - struct timeval tv; - int r; - - *outkey = *outval = NULL; - *outkeylen = *outvallen = 0; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprnk.domain = indomain; - yprnk.map = inmap; - memset(&yprkv, 0, sizeof yprkv); - - r = clnt_call(client, YPPROC_FIRST, - xdr_ypreq_nokey, &yprnk, xdr_ypresp_key_val, &yprkv, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_first_host: clnt_call"); - } - if( !(r=ypprot_err(yprkv.stat)) ) { - *outkeylen = yprkv.key.keydat_len; - *outkey = (char *)malloc(*outkeylen+1); - memcpy(*outkey, yprkv.key.keydat_val, *outkeylen); - (*outkey)[*outkeylen] = '\0'; - *outvallen = yprkv.val.valdat_len; - *outval = (char *)malloc(*outvallen+1); - memcpy(*outval, yprkv.val.valdat_val, *outvallen); - (*outval)[*outvallen] = '\0'; - } - xdr_free(xdr_ypresp_key_val, (char *)&yprkv); - return r; -} - -int -yp_next_host(client, indomain, inmap, inkey, inkeylen, outkey, outkeylen, outval, outvallen) -CLIENT *client; -char *indomain; -char *inmap; -char *inkey; -int inkeylen; -char **outkey; -int *outkeylen; -char **outval; -int *outvallen; -{ - struct ypresp_key_val yprkv; - struct ypreq_key yprk; - struct timeval tv; - int r; - - *outkey = *outval = NULL; - *outkeylen = *outvallen = 0; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprk.domain = indomain; - yprk.map = inmap; - yprk.key.keydat_val = inkey; - yprk.key.keydat_len = inkeylen; - memset(&yprkv, 0, sizeof yprkv); - - r = clnt_call(client, YPPROC_NEXT, - xdr_ypreq_key, &yprk, xdr_ypresp_key_val, &yprkv, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_next_host: clnt_call"); - } - if( !(r=ypprot_err(yprkv.stat)) ) { - *outkeylen = yprkv.key.keydat_len; - *outkey = (char *)malloc(*outkeylen+1); - memcpy(*outkey, yprkv.key.keydat_val, *outkeylen); - (*outkey)[*outkeylen] = '\0'; - *outvallen = yprkv.val.valdat_len; - *outval = (char *)malloc(*outvallen+1); - memcpy(*outval, yprkv.val.valdat_val, *outvallen); - (*outval)[*outvallen] = '\0'; - } - xdr_free(xdr_ypresp_key_val, (char *)&yprkv); - return r; -} - -int -yp_all_host(client, indomain, inmap, incallback) -CLIENT *client; -char *indomain; -char *inmap; -struct ypall_callback *incallback; -{ - struct ypreq_nokey yprnk; - struct timeval tv; - u_long status; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprnk.domain = indomain; - yprnk.map = inmap; - ypresp_allfn = incallback->foreach; - ypresp_data = (void *)incallback->data; - - (void) clnt_call(client, YPPROC_ALL, - xdr_ypreq_nokey, &yprnk, xdr_ypresp_all_seq, &status, tv); - xdr_free(xdr_ypresp_all_seq, (char *)&status); /* not really needed... */ - - if(status != YP_FALSE) - return ypprot_err(status); - return 0; -} - -int -yp_order_host(client, indomain, inmap, outorder) -CLIENT *client; -char *indomain; -char *inmap; -u_int32_t *outorder; -{ - struct ypresp_order ypro; - struct ypreq_nokey yprnk; - struct timeval tv; - int r; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprnk.domain = indomain; - yprnk.map = inmap; - - memset(&ypro, 0, sizeof ypro); - - r = clnt_call(client, YPPROC_ORDER, - xdr_ypreq_nokey, &yprnk, xdr_ypresp_order, &ypro, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_order_host: clnt_call"); - } - - *outorder = ypro.ordernum; - xdr_free(xdr_ypresp_order, (char *)&ypro); - return ypprot_err(ypro.stat); -} - -int -yp_master_host(client, indomain, inmap, outname) -CLIENT *client; -char *indomain; -char *inmap; -char **outname; -{ - struct ypresp_master yprm; - struct ypreq_nokey yprnk; - struct timeval tv; - int r; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - yprnk.domain = indomain; - yprnk.map = inmap; - - memset(&yprm, 0, sizeof yprm); - - r = clnt_call(client, YPPROC_MASTER, - xdr_ypreq_nokey, &yprnk, xdr_ypresp_master, &yprm, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_master: clnt_call"); - } - if( !(r=ypprot_err(yprm.stat)) ) { - *outname = (char *)strdup(yprm.peer); - } - xdr_free(xdr_ypresp_master, (char *)&yprm); - return r; -} - -int -yp_maplist_host(client, indomain, outmaplist) -CLIENT *client; -char *indomain; -struct ypmaplist **outmaplist; -{ - struct ypresp_maplist ypml; - struct timeval tv; - int r; - - tv.tv_sec = _yplib_host_timeout; - tv.tv_usec = 0; - - memset(&ypml, 0, sizeof ypml); - - r = clnt_call(client, YPPROC_MAPLIST, - xdr_domainname, &indomain, xdr_ypresp_maplist, &ypml, tv); - if (r != RPC_SUCCESS) { - clnt_perror(client, "yp_maplist: clnt_call"); - } - *outmaplist = ypml.maps; - /* NO: xdr_free(xdr_ypresp_maplist, &ypml);*/ - return ypprot_err(ypml.stat); -} - diff --git a/ypxfr.tproj/yplib_host.h b/ypxfr.tproj/yplib_host.h deleted file mode 100644 index 038fb68..0000000 --- a/ypxfr.tproj/yplib_host.h +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yplib_host.h,v 1.4 1997/05/01 22:14:45 niklas Exp $ */ - -/* - * Copyright (c) 1992, 1993 Theo de Raadt - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Theo de Raadt. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPLIB_HOST_H_ -#define _YPLIB_HOST_H_ - -int yp_match_host __P((CLIENT *client, char *indomain, char *inmap, - const char *inkey, int inkeylen, char **outval, - int *outvallen)); -int yp_first_host __P((CLIENT *client, char *indomain, char *inmap, - char **outkey, int *outkeylen, char **outval, - int *outvallen)); -int yp_next_host __P((CLIENT *client, char *indomain, char *inmap, - char *inkey, int inkeylen, char **outkey, - int *outkeylen, char **outval, int *outvallen)); -int yp_master_host __P((CLIENT *client, - char *indomain, char *inmap, char **outname)); -int yp_order_host __P((CLIENT *client, - char *indomain, char *inmap, u_int32_t *outorder)); -int yp_all_host __P((CLIENT *client, char *indomain, char *inmap, - struct ypall_callback *incallback)); -int yp_maplist_host __P((CLIENT *client, char *indomain, - struct ypmaplist **outmaplist)); -CLIENT *yp_bind_local __P((u_long program, u_long version)); -CLIENT *yp_bind_host __P((char *server, u_long program, u_long version, - u_short port, int usetcp)); - -#endif /* _YPLIB_HOST_H_ */ - diff --git a/ypxfr.tproj/yplog.c b/ypxfr.tproj/yplog.c deleted file mode 100644 index 3460c9a..0000000 --- a/ypxfr.tproj/yplog.c +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yplog.c,v 1.5 1997/08/09 22:44:04 maja Exp $ */ - -/* - * Copyright (c) 1996 Charles D. Cranor - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Charles D. Cranor. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* - * yplog.c: replacement yplog routines for - * Mats O Jansson's ypserv program, as added by - * Chuck Cranor. - */ - -#include -#include -#include -#include -#ifdef __STDC__ -#include -#else -#include -#endif -#include "yplog.h" - -static FILE *logfp = NULL; /* the log file */ - -/* - * yplog(): like a printf, but to the log file. does the flush - * and data for you. - */ - -void -#ifdef __STDC__ -yplog(const char *fmt, ...) -#else -yplog(fmt, va_alist) - char *fmt; - va_dcl -#endif -{ - va_list ap; - -#ifdef __STDC__ - va_start(ap, fmt); -#else - va_start(ap); -#endif - vyplog(fmt, ap); - va_end(ap); -} - -/* - * vyplog() support routine for yplog() - */ - -void -vyplog(fmt, ap) - register const char *fmt; - va_list ap; -{ - time_t t; - - if (logfp == NULL) - return; - (void)time(&t); - fprintf(logfp,"%.15s ", ctime(&t) + 4); - vfprintf(logfp, fmt, ap); - fprintf(logfp,"\n"); - fflush(logfp); -} - -/* - * open log - */ - -void -ypopenlog() -{ - static char logfn[] = "/var/yp/ypserv.log"; - - if (access(logfn, W_OK) == -1) - return; - logfp = fopen("/var/yp/ypserv.log", "a"); - if (logfp == NULL) - return; - yplog("yplog opened"); -} - -/* - * close log - */ - -void -ypcloselog() -{ - if (logfp) { - yplog("yplog closed"); - fclose(logfp); - logfp = NULL; - } -} diff --git a/ypxfr.tproj/yplog.h b/ypxfr.tproj/yplog.h deleted file mode 100644 index c517042..0000000 --- a/ypxfr.tproj/yplog.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: yplog.h,v 1.3 1996/05/30 09:53:04 deraadt Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _YPLOG_H_ -#define _YPLOG_H_ - -#include - -__BEGIN_DECLS -void yplog __P((const char *, ...)); -void vyplog __P((const char *, va_list)); -void ypopenlog __P((void)); -void ypcloselog __P((void)); -__END_DECLS - -#endif /* !_YPLOG_H_ */ diff --git a/ypxfr.tproj/ypxfr.8 b/ypxfr.tproj/ypxfr.8 deleted file mode 100644 index 5a78dad..0000000 --- a/ypxfr.tproj/ypxfr.8 +++ /dev/null @@ -1,92 +0,0 @@ -.\" $OpenBSD: ypxfr.8,v 1.5 1997/04/20 10:08:35 maja Exp $ -.\" Copyright (c) 1994 Mats O Jansson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Mats O Jansson -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $OpenBSD: ypxfr.8,v 1.5 1997/04/20 10:08:35 maja Exp $ -.\" -.Dd August 18, 1994 -.Dt YPXFR 8 -.Os -.Sh NAME -.Nm ypxfr -.Nd get a YP map from YP server -.Sh SYNOPSIS -.Nm ypxfr -.Op Fl bcf -.Op Fl d Ar domain -.Op Fl h Ar host -.Op Fl s Ar domain -.Op Fl C Ar tid prog ipadd port -.Ar mapname -.Sh DESCRIPTION -.Nm ypxfr -is the utiliy in YP that transfers maps to the local host. -.Pp -Since the YP master transfers a map when it has changed, an YP slave should -check for missed maps regulary. This can be done via an entry in -.Xr crontab 5 . -The scripts -.Ar ypxfr_1perhour , ypxfr_2perday -and -.Ar ypxfr_1perday -could be used for that. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl b -Preserve the entry in the database informing a YP server to use -DNS to get information about unknown hosts. This option will only have -effect on the two maps hosts.byname and hosts.byaddr. -.It Fl c -Don't send a "Clear current map" to local ypserv process. Useful if ypserv -isn't running localy to avoid timeout message. -.It Fl f -Force map transfer, even if version of master is older than local copy. -.It Fl d Ar domain -Don't use default domain, use the specifiyed domain. -.It Fl h Ar host -Get map from host insteed of the maps master host. -.It Fl s Ar domain -Specify a source domain other than the target domain. -.It Fl C Ar tid prog ipadd port -This option is only used by ypserv. This is to open communication with -an yppush on another host. -.El -.Sh FILES -.Bl -tag -width /usr/sbin/ypxfr_1perhour -compact -.It Pa /usr/sbin/ypxfr_1perhour -.It Pa /usr/sbin/ypxfr_2perday -.It Pa /usr/sbin/ypxfr_1perday -.El -.Sh SEE ALSO -.Xr yp 8 , -.Xr yppush 8 , -.Xr ypserv 8 -.Sh AUTHOR -Mats O Jansson diff --git a/ypxfr.tproj/ypxfr.c b/ypxfr.tproj/ypxfr.c deleted file mode 100644 index faa88bf..0000000 --- a/ypxfr.tproj/ypxfr.c +++ /dev/null @@ -1,668 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypxfr.c,v 1.22 1997/07/30 12:07:02 maja Exp $ */ - -/* - * Copyright (c) 1994 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: ypxfr.c,v 1.22 1997/07/30 12:07:02 maja Exp $"; -#endif - -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include - -#include "yplib_host.h" -#include "yplog.h" -#include "ypdb.h" -#include "ypdef.h" - -extern char *__progname; /* from crt0.o */ -DBM *db; - -extern bool_t xdr_ypresp_all_seq(); - -extern int (*ypresp_allfn)(); -extern void *ypresp_data; - -static int -ypxfr_foreach(status,keystr,keylen,valstr,vallen,data) -int status,keylen,vallen; -char *keystr,*valstr,*data; -{ - datum key,val; - - if (status == YP_NOMORE) - return(0); - - keystr[keylen] = '\0'; - valstr[vallen] = '\0'; - - key.dptr = keystr; - key.dsize = strlen(keystr); - - val.dptr = valstr; - val.dsize = strlen(valstr); - - ypdb_store(db, key, val, YPDB_INSERT); - - return 0; -} - -int -get_local_ordernum(domain, map, lordernum) -char *domain; -char *map; -u_int32_t *lordernum; -{ - char map_path[MAXPATHLEN]; - char order_key[] = YP_LAST_KEY; - char order[MAX_LAST_LEN+1]; - struct stat finfo; - DBM *db; - datum k,v; - int status; - - /* This routine returns YPPUSH_SUCC or YPPUSH_NODOM */ - - status = YPPUSH_SUCC; - - snprintf(map_path, sizeof map_path, "%s/%s", YP_DB_PATH, domain); - if (!((stat(map_path, &finfo) == 0) && - ((finfo.st_mode & S_IFMT) == S_IFDIR))) { - fprintf(stderr, "%s: domain %s not found locally\n", - __progname, domain); - status = YPPUSH_NODOM; - } - - if(status > 0) { - snprintf(map_path, sizeof map_path, "%s/%s/%s%s", - YP_DB_PATH, domain, map, YPDB_SUFFIX); - if(!(stat(map_path, &finfo) == 0)) { - status = YPPUSH_NOMAP; - } - } - - if(status > 0) { - snprintf(map_path, sizeof map_path, "%s/%s/%s", - YP_DB_PATH, domain, map); - db = ypdb_open(map_path, O_RDONLY, 0444); - if(db == NULL) { - status = YPPUSH_DBM; - } - - } - - if(status > 0) { - k.dptr = (char *)&order_key; - k.dsize = YP_LAST_LEN; - - v = ypdb_fetch(db,k); - ypdb_close(db); - - if (v.dptr == NULL) { - *lordernum = 0; - } else { - strncpy(order, v.dptr, sizeof order-1); - order[sizeof order-1] = '\0'; - *lordernum = (u_int32_t)atol(order); - } - } - - if((status == YPPUSH_NOMAP) || (status == YPPUSH_DBM)) { - *lordernum = 0; - status = YPPUSH_SUCC; - } - - return(status); - -} - -int -get_remote_ordernum(client, domain, map, lordernum, rordernum) -CLIENT *client; -char *domain; -char *map; -u_int32_t lordernum; -u_int32_t *rordernum; -{ - int status; - - status = yp_order_host(client, domain, map, rordernum); - - if (status == 0) { - if(*rordernum <= lordernum) { - status = YPPUSH_AGE; - } else { - status = YPPUSH_SUCC; - } - } - - return status; -} - -void -get_map(client,domain,map,incallback) -CLIENT *client; -char *domain; -char *map; -struct ypall_callback *incallback; -{ - (void)yp_all_host(client, domain, map, incallback); - -} - -DBM * -create_db(domain,map,temp_map) -char *domain; -char *map; -char *temp_map; -{ - return ypdb_open_suf(temp_map, O_RDWR, 0444); -} - -int -install_db(domain,map,temp_map) -char *domain; -char *map; -char *temp_map; -{ - char db_name[MAXPATHLEN]; - - snprintf(db_name, sizeof db_name, "%s/%s/%s%s", - YP_DB_PATH, domain, map, YPDB_SUFFIX); - rename(temp_map, db_name); - - return YPPUSH_SUCC; -} - -int -add_order(db, ordernum) -DBM *db; -u_int32_t ordernum; -{ - char datestr[11]; - datum key,val; - char keystr[] = YP_LAST_KEY; - int status; - - sprintf(datestr, "%010u", ordernum); - - key.dptr = keystr; - key.dsize = strlen(keystr); - - val.dptr = datestr; - val.dsize = strlen(datestr); - - status = ypdb_store(db, key, val, YPDB_INSERT); - if(status >= 0) { - status = YPPUSH_SUCC; - } else { - status = YPPUSH_DBM; - } - return(status); -} - -int -add_master(client, domain, map, db) -CLIENT *client; -char *domain; -char *map; -DBM *db; -{ - char keystr[] = YP_MASTER_KEY; - char *master; - int status; - datum key,val; - - master = NULL; - - /* Get MASTER */ - - status = yp_master_host(client, domain, map, &master); - - if(master != NULL) { - key.dptr = keystr; - key.dsize = strlen(keystr); - - val.dptr = master; - val.dsize = strlen(master); - - status = ypdb_store(db, key, val, YPDB_INSERT); - if(status >= 0) { - status = YPPUSH_SUCC; - } else { - status = YPPUSH_DBM; - } - } - - return status; -} - -int -add_interdomain(client, domain, map, db) -CLIENT *client; -char *domain; -char *map; -DBM *db; -{ - char keystr[] = YP_INTERDOMAIN_KEY; - char *value; - int vallen; - int status; - datum k,v; - - /* Get INTERDOMAIN */ - - k.dptr = keystr; - k.dsize = strlen(keystr); - - status = yp_match_host(client, domain, map, - k.dptr, k.dsize, &value, &vallen); - - if(status == 0 && value) { - v.dptr = value; - v.dsize = vallen; - - if(v.dptr != NULL) { - status = ypdb_store(db,k,v,YPDB_INSERT); - if(status >= 0) { - status = YPPUSH_SUCC; - } else { - status = YPPUSH_DBM; - } - } - } - - return 1; -} - -int -add_secure(client, domain, map, db) -CLIENT *client; -char *domain; -char *map; -DBM *db; -{ - char keystr[] = YP_SECURE_KEY; - char *value; - int vallen; - int status; - datum k,v; - - /* Get SECURE */ - - k.dptr = keystr; - k.dsize = strlen(keystr); - - status = yp_match_host(client, domain, map, - k.dptr, k.dsize, &value, &vallen); - - if(status > 0) { - v.dptr = value; - v.dsize = vallen; - - if(v.dptr != NULL) { - status = ypdb_store(db,k,v,YPDB_INSERT); - if(status >= 0) { - status = YPPUSH_SUCC; - } else { - status = YPPUSH_DBM; - } - } - } - - return status; - -} - -int -send_clear(client) -CLIENT *client; -{ - struct timeval tv; - int r; - int status; - - status = YPPUSH_SUCC; - - tv.tv_sec = 10; - tv.tv_usec = 0; - - /* Send CLEAR */ - - r = clnt_call(client, YPPROC_CLEAR, - xdr_void, 0, xdr_void, 0, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yp_clear: clnt_call"); - } - - return status; - -} - -int -send_reply(client,status,tid) -CLIENT *client; -u_long status; -u_long tid; -{ - struct timeval tv; - struct ypresp_xfr resp; - int r; - - tv.tv_sec = 10; - tv.tv_usec = 0; - - resp.transid = tid; - resp.xfrstat = status; - - /* Send CLEAR */ - - r = clnt_call(client, 1, - xdr_ypresp_xfr, &resp, xdr_void, 0, tv); - if(r != RPC_SUCCESS) { - clnt_perror(client, "yppushresp_xdr: clnt_call"); - } - - return status; - -} - -int -main (argc,argv) -int argc; -char *argv[]; -{ - int usage = 0; - int cflag = 0; - int fflag = 0; - int Cflag = 0; - int ch; - extern char *optarg; - char *domain; - char *host = NULL; - char *srcdomain = NULL; - char *tid = NULL; - char *prog = NULL; - char *ipadd = NULL; - char *port = NULL; - char *map = NULL; - u_int32_t ordernum, new_ordernum; - struct ypall_callback callback; - CLIENT *client; - int status,xfr_status; - int srvport; - - status = YPPUSH_SUCC; - client = NULL; - - yp_get_default_domain(&domain); - - while ((ch = getopt(argc, argv, "cd:fh:s:C:")) != -1) - switch (ch) { - case 'c': - cflag++; - break; - case 'd': - if (strchr(optarg, '/')) /* Ha ha, we are not listening */ - break; - domain = optarg; - break; - case 'f': - fflag++; - break; - case 'h': - host = optarg; - break; - case 's': - if (strchr(optarg, '/')) /* Ha ha, we are not listening */ - break; - srcdomain = optarg; - break; - case 'C': - if (optind + 3 >= argc) { - usage++; - optind = argc; - break; - } - Cflag++; - tid = optarg; - prog = argv[optind++]; - ipadd = argv[optind++]; - port = argv[optind++]; - break; - default: - usage++; - break; - } - - if(optind + 1 != argc) { - usage++; - } else { - map = argv[optind]; - } - - if (usage) { - status = YPPUSH_BADARGS; - fprintf(stderr, "usage: %s %s %s\n", - "[-cf] [-d domain] [-h host] [-s domain]", - "[-C tid prog ipadd port] mapname\n", - __progname); - } - - if (status > 0) { - ypopenlog(); - - yplog("ypxfr: Arguments:"); - yplog("YP clear to local: %s", (cflag) ? "no" : "yes"); - yplog(" Force transfer: %s", (fflag) ? "yes" : "no"); - yplog(" domain: %s", domain); - yplog(" host: %s", host); - yplog(" source domain: %s", srcdomain); - yplog(" transid: %s", tid); - yplog(" prog: %s", prog); - yplog(" port: %s", port); - yplog(" ipadd: %s", ipadd); - yplog(" map: %s", map); - - if(fflag != 0) { - ordernum = 0; - } else { - status = get_local_ordernum(domain, map, &ordernum); - } - } - - if (status > 0) { - - yplog("Get Master"); - - if (host == NULL) { - if (srcdomain == NULL) { - status = yp_master(domain,map,&host); - } else { - status = yp_master(srcdomain,map,&host); - } - if(status == 0) { - status = YPPUSH_SUCC; - } else { - status = -status; - } - } - }; - - /* XXX this is raceable if portmap has holes! */ - if (status > 0) { - - yplog("Check for reserved port on host: %s", host); - - srvport = getrpcport(host,YPPROG,YPVERS,IPPROTO_TCP); - if (srvport >= IPPORT_RESERVED) - status = YPPUSH_REFUSED; - - } - - if (status > 0) { - - yplog("Connect host: %s", host); - - client = yp_bind_host(host,YPPROG,YPVERS,0,1); - - status = get_remote_ordernum(client, domain, map, - ordernum, &new_ordernum); - - } - - if (status == YPPUSH_SUCC) { - char tmpmapname[MAXPATHLEN]; - int fd; - - /* Create temporary db */ - snprintf(tmpmapname, sizeof tmpmapname, - "%s/%s/ypdbXXXXXXXXXX", YP_DB_PATH, domain); - fd = mkstemp(tmpmapname); - if (fd == -1) - status = YPPUSH_DBM; - else - close(fd); - - if (status > 0) { - db = create_db(domain,map,tmpmapname); - if(db == NULL) - status = YPPUSH_DBM; - } - - /* Add ORDER */ - if(status > 0) { - status = add_order(db, new_ordernum); - } - - /* Add MASTER */ - if(status > 0) { - status = add_master(client,domain,map,db); - } - - /* Add INTERDOMAIN */ - if(status > 0) { - status = add_interdomain(client,domain,map,db); - } - - /* Add SECURE */ - if(status > 0) { - status = add_secure(client,domain,map,db); - } - - if(status > 0) { - callback.foreach=ypxfr_foreach; - get_map(client,domain,map,&callback); - } - - /* Close db */ - if(db != NULL) { - ypdb_close(db); - } - - /* Rename db */ - if(status > 0) { - status = install_db(domain,map,tmpmapname); - } else { - unlink(tmpmapname); - status = YPPUSH_SUCC; - } - - } - - xfr_status = status; - - if(client != NULL) { - clnt_destroy(client); - } - - /* YP_CLEAR */ - - if(!cflag) { - client = yp_bind_local(YPPROG,YPVERS); - status = send_clear(client); - clnt_destroy(client); - } - - if(Cflag > 0) { - /* Send Response */ - client = yp_bind_host(ipadd, - atoi(prog), - 1, - atoi(port), - 0); - status = send_reply(client,xfr_status,atoi(tid)); - clnt_destroy(client); - } - - return(0); - -} - diff --git a/ypxfr.tproj/ypxfr_1perday.sh b/ypxfr.tproj/ypxfr_1perday.sh deleted file mode 100755 index dab042c..0000000 --- a/ypxfr.tproj/ypxfr_1perday.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -# $OpenBSD: ypxfr_1perday.sh,v 1.1 1997/04/20 10:08:36 maja Exp $ -# -# ypxfr_1perday.sh - YP maps to be updated daily -# - -/usr/sbin/ypxfr group.byname -/usr/sbin/ypxfr group.bygid -/usr/sbin/ypxfr protocols.byname -/usr/sbin/ypxfr protocols.bynumber -/usr/sbin/ypxfr networks.byname -/usr/sbin/ypxfr networks.byaddr -/usr/sbin/ypxfr services.byname -/usr/sbin/ypxfr rpc.bynumber -/usr/sbin/ypxfr rpc.byname diff --git a/ypxfr.tproj/ypxfr_1perhour.sh b/ypxfr.tproj/ypxfr_1perhour.sh deleted file mode 100755 index 82f43a2..0000000 --- a/ypxfr.tproj/ypxfr_1perhour.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh -# $OpenBSD: ypxfr_1perhour.sh,v 1.1 1997/04/20 10:08:37 maja Exp $ -# -# ypxfr_1perhour.sh - YP maps to be updated every hour -# - -/usr/sbin/ypxfr passwd.byname -/usr/sbin/ypxfr passwd.byuid -/usr/sbin/ypxfr master.passwd.byname -/usr/sbin/ypxfr master.passwd.byuid -/usr/sbin/ypxfr netid.byname diff --git a/ypxfr.tproj/ypxfr_2perday.sh b/ypxfr.tproj/ypxfr_2perday.sh deleted file mode 100755 index 0905270..0000000 --- a/ypxfr.tproj/ypxfr_2perday.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh -# $OpenBSD: ypxfr_2perday.sh,v 1.1 1997/04/20 10:08:38 maja Exp $ -# -# ypxfr_2perday.sh - YP maps to be updated twice a day -# - -/usr/sbin/ypxfr hosts.byname -/usr/sbin/ypxfr hosts.byaddr -/usr/sbin/ypxfr ethers.byaddr -/usr/sbin/ypxfr ethers.byname diff --git a/ypxfr.tproj/ypxfr_xdr.c b/ypxfr.tproj/ypxfr_xdr.c deleted file mode 100644 index 460addf..0000000 --- a/ypxfr.tproj/ypxfr_xdr.c +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* $OpenBSD: ypxfr_xdr.c,v 1.3 1996/06/26 21:26:41 maja Exp $ */ - -/* - * Copyright (c) 1995 Mats O Jansson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Mats O Jansson - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef LINT -static char rcsid[] = "$OpenBSD: ypxfr_xdr.c,v 1.3 1996/06/26 21:26:41 maja Exp $"; -#endif - - - -#include -#include - -bool_t -xdr_ypxfrstat(xdrs, objp) - XDR *xdrs; - ypxfrstat *objp; -{ - if (!xdr_enum(xdrs, (enum_t *)objp)) { - return (FALSE); - } - return (TRUE); -} - -#ifdef notdef -bool_t -xdr_ypreq_xfr(xdrs, objp) - XDR *xdrs; - ypreq_xfr *objp; -{ - if (!xdr_ypmap_parms(xdrs, &objp->map_parms)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->transid)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->prog)) { - return (FALSE); - } - if (!xdr_u_int(xdrs, &objp->port)) { - return (FALSE); - } - return (TRUE); -} -#endif - -bool_t -xdr_ypresp_xfr(xdrs, objp) - XDR *xdrs; - ypresp_xfr *objp; -{ - if (!xdr_u_int(xdrs, &objp->transid)) { - return (FALSE); - } - if (!xdr_ypxfrstat(xdrs, &objp->xfrstat)) { - return (FALSE); - } - return (TRUE); -} - - - -