Index: linux/libc/ChangeLog diff -u linux/libc/ChangeLog:1.185 linux/libc/ChangeLog:1.186 --- linux/libc/ChangeLog:1.185 Fri Jun 27 09:32:56 1997 +++ linux/libc/ChangeLog Thu Jul 10 08:43:48 1997 @@ -1,3 +1,52 @@ +Thu Jul 10 08:41:49 1997 H.J. Lu (hjl@gnu.ai.mit.edu) + + * version 5.4.35 is released. + + * <_G_config.h>: change version to 5.4.35. + + * elf/libc/jump.params: set version to 5.4.35. + + * release.libc: update. + +Wed Jul 9 08:16:23 1997 H.J. Lu (hjl@gnu.ai.mit.edu) + + * (signal): treat __FAVOR_BSD the same as + __USE_BSD_SIGNAL. + + * libio/fileops.c (_IO_file_underflow): Adjust pointers + before calling _IO_SYSREAD (). + + * posix/execvp.c (execvp): Handle ESTALE. + +Mon Jul 7 08:26:19 1997 H.J. Lu (hjl@gnu.ai.mit.edu) + + * Makeconfig (CANONICAL_TARGET_MACHINE): recognize i686-linux. + (TARGET__MACHINE): Removed. + + * configure (TARGET__MACHINE): Added. + +Fri Jul 4 18:42:08 1997 H.J. Lu (hjl@gnu.ai.mit.edu) + + * locale/cur_max.c: new for glibc compatibility. + +Tue Jul 1 14:05:25 1997 Bill Fenner + + * (struct ip): change ip_csum to ip_sum. + +Tue Jul 1 04:00:58 1997 Thorsten Kukuk + + * rpc/openchild.c: + * rpc/key_call.c: + * rpc/auth_des.c: fix some problems with secure rpc. + +Sun Jun 29 11:38:51 1997 H.J. Lu (hjl@gnu.ai.mit.edu) + + * : new. + + * sysdeps/linux/Makefile (SRC2S): add quotactl.S. + + * sysdeps/linux/quotactl.S: new. + Fri Jun 27 07:31:27 1997 H.J. Lu (hjl@gnu.ai.mit.edu) * version 5.4.34 is released. Index: linux/libc/Makeconfig diff -u linux/libc/Makeconfig:1.23 linux/libc/Makeconfig:1.24 --- linux/libc/Makeconfig:1.23 Thu Nov 14 01:25:25 1996 +++ linux/libc/Makeconfig Thu Jul 10 08:43:49 1997 @@ -393,8 +393,6 @@ CPP =$(CC) -E $(INC_CFLAGS) # $(XCFLAGS) RM =/bin/rm -TARGET__MACHINE = $(subst -unknown-,-,$(TARGET_MACHINE)) - ifeq ($(TARGET__MACHINE),i386-linux) CANONICAL_TARGET_MACHINE=ix86-linux endif @@ -404,6 +402,10 @@ endif ifeq ($(TARGET__MACHINE),i586-linux) +CANONICAL_TARGET_MACHINE=ix86-linux +endif + +ifeq ($(TARGET__MACHINE),i686-linux) CANONICAL_TARGET_MACHINE=ix86-linux endif Index: linux/libc/config.in diff -u linux/libc/config.in:1.38 linux/libc/config.in:1.39 --- linux/libc/config.in:1.38 Wed Jul 17 01:06:37 1996 +++ linux/libc/config.in Thu Jul 10 08:43:49 1997 @@ -6,13 +6,15 @@ TARGET_ROOTDIR=/ ifeq ($(ELF), true) TARGET_MACHINE=i486-linux +TARGET__MACHINE=i386-linux else TARGET_MACHINE=i486-linuxaout +TARGET__MACHINE=i386-linuxaout endif TARGET_OS=linux TARGET_ARCH=i386 TARGET_ARCH_x86=4 MALLOC=dl-malloc OLD_GCC=true -GCCVERSION=2.7.2.l.3 -GCC_ARCH_INC_DIR=/usr/lib/gcc-lib/i486-linux/2.7.2.l.3/include +GCCVERSION=2.7.2 +GCC_ARCH_INC_DIR=/usr/lib/gcc-lib/i486-linux/2.7.2/include Index: linux/libc/configure diff -u linux/libc/configure:1.11 linux/libc/configure:1.12 --- linux/libc/configure:1.11 Tue Sep 24 12:02:40 1996 +++ linux/libc/configure Thu Jul 10 08:43:49 1997 @@ -354,6 +354,7 @@ echo Oops: Unknown target machine "$TARGET_MACHINE". ;; esac + TARGET__MACHINE=${TARGET_ARCH}-${TARGET_OS} fi fi } @@ -442,8 +443,10 @@ echo TARGET_ROOTDIR="${TARGET_ROOTDIR}" echo ifeq \(\$\(ELF\), true\) echo TARGET_MACHINE="${TARGET_MACHINE}" + echo TARGET__MACHINE="${TARGET__MACHINE}" echo else echo TARGET_MACHINE="${TARGET_MACHINE}aout" + echo TARGET__MACHINE="${TARGET__MACHINE}aout" echo endif echo TARGET_OS="${TARGET_OS}" echo TARGET_ARCH="${TARGET_ARCH}" Index: linux/libc/release.libc diff -u linux/libc/release.libc:1.54 linux/libc/release.libc:1.55 --- linux/libc/release.libc:1.54 Fri Jun 27 09:45:09 1997 +++ linux/libc/release.libc Thu Jul 10 08:43:49 1997 @@ -22,20 +22,20 @@ so that the old XFree86 binaries will run fine with the new XFree86 shared librraries compiled with libc 6.x/glibc 2.x. -If you use linux 2.1.x, you need libc 5.4.34 or above to compile libc +If you use linux 2.1.x, you need libc 5.4.35 or above to compile libc yourself. The pre-compiled libc should run fine under linux 2.1.x. Also this library is compiled with -D_REENTRANT so that errno is MT safe. The shared libraries are now compiled with -g1 which can provide minimum information when core dump happens. You can strip -libc.so.5.4.34 if you want. +libc.so.5.4.35 if you want. -Due to the new, improved locale, the Linux C library 5.4.34 is binary +Due to the new, improved locale, the Linux C library 5.4.35 is binary compatible with libc 5.3.12 but not vice versa. The binaries -compiled/linked with libc.so.5.4.34 may not run with libc.so.5.3.12. +compiled/linked with libc.so.5.4.35 may not run with libc.so.5.3.12. You may need to regenerate locale files for the new locale in libc -5.4.34 if you use locales other tha C/POSIX which are the defaults. +5.4.35 if you use locales other tha C/POSIX which are the defaults. The locale sources are at @@ -44,7 +44,7 @@ There are many security bug fixes. Please consult ChangeLog for details. Please let me know if there are more security bugs remains. -This is the beta release of the Linux C library 5.4.34. Please read +This is the beta release of the Linux C library 5.4.35. Please read the ChangeLog for details regarding changes/bug fixes. DISTRIBUTION SITES: @@ -65,11 +65,11 @@ DISTRIBUTION FILES: -1. libc-5.4.34.bin.tar.gz +1. libc-5.4.35.bin.tar.gz REQUIRED. This package contains the header files for libc, shared and static ELF libraries libc and libm, and the static ELF library libbsd.a. -The header files in libc-5.4.34.bin.tar.gz are not complete. You need to +The header files in libc-5.4.35.bin.tar.gz are not complete. You need to install the kernel source tree for the system-dependent header files. The header files are in lib-x.y.z.bin.tar.gz and libc-x.y.z.tar.gz. You @@ -80,11 +80,11 @@ to extract the header files without the binaries files. A separate tar file for the header files may cause unnecessary confusion. -2. libc-5.4.34.tar.gz +2. libc-5.4.35.tar.gz Source tree for libc and header files. -3. libc-5.4.33-5.4.34.diff.gz +3. libc-5.4.34-5.4.35.diff.gz Context diffs against the source tree from the previous libc release. Please make sure the empty libc/regex/rx.h is deleted. @@ -155,7 +155,7 @@ rm -f /usr/include/wcstr.h /usr/include/mbstr.h rm -f /usr/include/ld_so_config.h /usr/include/localeinfo.h rm -rf /usr/include/netinet /usr/include/net /usr/include/pthread -gzip -dc libc-5.4.34.bin.tar.gz | tar xvf - +gzip -dc libc-5.4.35.bin.tar.gz | tar xvf - SOURCE INSTALLATION: @@ -221,4 +221,4 @@ H.J. hjl@gnu.ai.mit.edu -06/27/97 +07/10/97 Index: linux/libc/elf/libc/jump.params diff -u linux/libc/elf/libc/jump.params:1.87 linux/libc/elf/libc/jump.params:1.88 --- linux/libc/elf/libc/jump.params:1.87 Fri Jun 27 09:32:58 1997 +++ linux/libc/elf/libc/jump.params Thu Jul 10 08:43:50 1997 @@ -1 +1 @@ -Version=5.4.34 +Version=5.4.35 Index: linux/libc/libio/fileops.c diff -u linux/libc/libio/fileops.c:1.15 linux/libc/libio/fileops.c:1.16 --- linux/libc/libio/fileops.c:1.15 Fri Jun 27 09:32:59 1997 +++ linux/libc/libio/fileops.c Thu Jul 10 08:43:51 1997 @@ -291,6 +291,15 @@ _IO_switch_to_get_mode(fp); + /* This is very tricky. We have to adjust those + pointers before we call _IO_SYSREAD () since + we may longjump () out while waiting for + input. Those pointers may be screwed up. H.J. */ + fp->_IO_read_base = fp->_IO_read_ptr = fp->_IO_buf_base; + fp->_IO_read_end = fp->_IO_buf_base; + fp->_IO_write_base = fp->_IO_write_ptr = fp->_IO_write_end + = fp->_IO_buf_base; + count = _IO_SYSREAD (fp, fp->_IO_buf_base, fp->_IO_buf_end - fp->_IO_buf_base); if (count <= 0) @@ -300,10 +309,7 @@ else fp->_flags |= _IO_ERR_SEEN, count = 0; } - fp->_IO_read_base = fp->_IO_read_ptr = fp->_IO_buf_base; - fp->_IO_read_end = fp->_IO_buf_base + count; - fp->_IO_write_base = fp->_IO_write_ptr = fp->_IO_write_end - = fp->_IO_buf_base; + fp->_IO_read_end += count; if (count == 0) return EOF; if (fp->_offset != _IO_pos_BAD) Index: linux/libc/locale/Makefile diff -u linux/libc/locale/Makefile:1.11 linux/libc/locale/Makefile:1.12 --- linux/libc/locale/Makefile:1.11 Fri Sep 13 01:44:22 1996 +++ linux/libc/locale/Makefile Thu Jul 10 08:43:51 1997 @@ -16,7 +16,7 @@ -Iprograms $(BASE_CFLAGS) SRCS = setlocale.c loadlocale.c localeconv.c nl_langinfo.c \ - $(categories:%=lc-%.c) $(categories:%=C-%.c) \ + $(categories:%=lc-%.c) $(categories:%=C-%.c) cur_max.c \ explodename.c l10nflist.c findlocale.c C_name.c localealias.c categories = ctype messages monetary numeric time collate Index: linux/libc/locale/cur_max.c diff -u /dev/null linux/libc/locale/cur_max.c:1.1 --- /dev/null Thu Jul 10 08:47:23 1997 +++ linux/libc/locale/cur_max.c Thu Jul 10 08:43:52 1997 @@ -0,0 +1,48 @@ +/* Return number of characters in multibyte representation for current + character set. + Copyright (C) 1996 Free Software Foundation, Inc. + This file is part of the GNU C Library. + Contributed by Ulrich Drepper , 1996. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the GNU C Library; see the file COPYING.LIB. If not, + write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. */ + +#include +#include +#include +#include "localeinfo.h" + + +/* This is a gross hack to get borken programs running. + + ISO C provides no mean to find out how many bytes the wide + character representation really uses. But it defines MB_CUR_LEN to + return the information for the multi-byte character representation. + Many programmers don't know the difference between the two and + thing this means the same. But assuming all characters have a size + of MB_CUR_LEN after they have been processed by `mbrtowc' is wrong. + Instead the maximal number of character used for the conversion is + MB_CURLEN. + + It is known that some Motif applications have this problem. To + cure this one has to make sure the glibc uses the function in this + file instead of the one in locale/mb_cur_max.c. This can either be + done by linking with this file or by using the LD_PRELOAD feature + of the dynamic linker. */ +int +__ctype_get_mb_cur_max (void) +{ + return 1; +} Index: linux/libc/posix/execvp.c diff -u linux/libc/posix/execvp.c:1.3 linux/libc/posix/execvp.c:1.4 --- linux/libc/posix/execvp.c:1.3 Fri Oct 4 15:53:08 1996 +++ linux/libc/posix/execvp.c Thu Jul 10 08:43:54 1997 @@ -112,6 +112,7 @@ { case ENOENT: case EACCES: + case ESTALE: /* Those errors indicate the file is missing or not executable by us, in which case we want to just try the next path directory. */ Index: linux/libc/rpc/auth_des.c diff -u linux/libc/rpc/auth_des.c:1.3 linux/libc/rpc/auth_des.c:1.4 --- linux/libc/rpc/auth_des.c:1.3 Sun Oct 20 21:40:19 1996 +++ linux/libc/rpc/auth_des.c Thu Jul 10 08:43:54 1997 @@ -1,5 +1,5 @@ #if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)auth_des.c 2.2 88/07/29 4.0 RPCSRC; from 1.9 88/02/08 SMI"; +static char sccsid[] = "@(#)auth_des.c 2.2 88/07/29 4.0 RPCSRC; from 1.9 88/02/08 SMI"; #endif /* * Sun RPC is a product of Sun Microsystems, Inc. and is provided for @@ -8,23 +8,23 @@ * may copy or modify Sun RPC without charge, but are not authorized * to license or distribute it to anyone else except as part of a product or * program developed by the user. - * + * * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * + * * Sun RPC is provided with no support and without any obligation on the * part of Sun Microsystems, Inc. to assist in its use, correction, * modification or enhancement. - * + * * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC * OR ANY PART THEREOF. - * + * * In no event will Sun Microsystems, Inc. be liable for any lost revenue * or profits or other special, indirect and consequential damages, even if * Sun has been advised of the possibility of such damages. - * + * * Sun Microsystems, Inc. * 2550 Garcia Avenue * Mountain View, California 94043 @@ -35,12 +35,14 @@ /* * auth_des.c, client-side implementation of DES authentication */ + +#include #include #include -#include #include #include -#include /* XXX: just to get htonl() and ntohl() */ +#include +#include /* XXX: just to get htonl() and ntohl() */ #include #define MILLION 1000000L @@ -51,416 +53,409 @@ #define FREE(ptr, size) mem_free((char *)(ptr), (int) size) #define ATTEMPT(xdr_op) if (!(xdr_op)) return (FALSE) -#define debug(msg) /*printf("%s\n", msg) */ +#define debug(msg) /* printf("%s\n", msg) */ -extern int getnetname ( char * ); -extern int key_gendes ( des_block * ); -extern bool_t xdr_authdes_cred ( XDR *, struct authdes_cred * ); -extern bool_t xdr_authdes_verf ( register XDR *, - register struct authdes_verf * ); -extern int key_encryptsession __P (( char *, des_block * )); -extern int rtime ( struct sockaddr_in *, - struct timeval *, - struct timeval * ); +extern int rtime (struct sockaddr_in *, struct timeval *, struct timeval *); +extern bool_t xdr_authdes_cred (XDR *, struct authdes_cred *); +extern bool_t xdr_authdes_verf (XDR *, struct authdes_verf *); -/* +/* * DES authenticator operations vector */ -#ifdef __STDC__ -AUTH *authdes_create ( char *, u_int, struct sockaddr *, - des_block * ); -static void authdes_nextverf ( AUTH * ); -static bool_t authdes_marshal ( AUTH *, XDR * ); -static bool_t authdes_validate ( AUTH *, struct opaque_auth * ); -static bool_t authdes_refresh ( AUTH * ); -static void authdes_destroy ( AUTH * ); -static bool_t synchronize ( struct sockaddr *, struct timeval * ); -#else -AUTH *authdes_create(); -static void authdes_nextverf(); -static bool_t authdes_marshal(); -static bool_t authdes_validate(); -static bool_t authdes_refresh(); -static void authdes_destroy(); -static bool_t synchronize(); -#endif +AUTH *authdes_create (char *, u_int, struct sockaddr *, des_block *); +AUTH *authdes_pk_create (const char *, netobj *, u_int, + struct sockaddr *, des_block *); +static void authdes_nextverf (AUTH *); +static bool_t authdes_marshal (AUTH *, XDR *); +static bool_t authdes_validate (AUTH *, struct opaque_auth *); +static bool_t authdes_refresh (AUTH *); +static void authdes_destroy (AUTH *); +static bool_t synchronize (struct sockaddr *, struct timeval *); -static struct auth_ops authdes_ops = { - authdes_nextverf, - authdes_marshal, - authdes_validate, - authdes_refresh, - authdes_destroy +static struct auth_ops authdes_ops = +{ + authdes_nextverf, + authdes_marshal, + authdes_validate, + authdes_refresh, + authdes_destroy }; /* * This struct is pointed to by the ah_private field of an "AUTH *" */ -struct ad_private { - char *ad_fullname; /* client's full name */ - u_int ad_fullnamelen; /* length of name, rounded up */ - char *ad_servername; /* server's full name */ - u_int ad_servernamelen; /* length of name, rounded up */ - u_int ad_window; /* client specified window */ - bool_t ad_dosync; /* synchronize? */ - struct sockaddr ad_syncaddr; /* remote host to synch with */ - struct timeval ad_timediff; /* server's time - client's time */ - u_long ad_nickname; /* server's nickname for client */ - struct authdes_cred ad_cred; /* storage for credential */ - struct authdes_verf ad_verf; /* storage for verifier */ - struct timeval ad_timestamp; /* timestamp sent */ - des_block ad_xkey; /* encrypted conversation key */ -}; - +struct ad_private + { + char *ad_fullname; /* client's full name */ + u_int ad_fullnamelen; /* length of name, rounded up */ + char *ad_servername; /* server's full name */ + u_int ad_servernamelen; /* length of name, rounded up */ + u_int ad_window; /* client specified window */ + bool_t ad_dosync; /* synchronize? */ + struct sockaddr ad_syncaddr; /* remote host to synch with */ + struct timeval ad_timediff; /* server's time - client's time */ + u_long ad_nickname; /* server's nickname for client */ + struct authdes_cred ad_cred; /* storage for credential */ + struct authdes_verf ad_verf; /* storage for verifier */ + struct timeval ad_timestamp; /* timestamp sent */ + des_block ad_xkey; /* encrypted conversation key */ + u_char ad_pkey[1024]; /* Servers actual public key */ + }; + + /* * Create the client des authentication object */ -#ifdef __STDC__ -AUTH * -authdes_create( char *servername, u_int window, - struct sockaddr *syncaddr, des_block *ckey ) -#else AUTH * -authdes_create(servername, window, syncaddr, ckey) - char *servername; /* network name of server */ - u_int window; /* time to live */ - struct sockaddr *syncaddr; /* optional addr of host to sync with */ - des_block *ckey; /* optional conversation key to use*/ -#endif +authdes_create (char *servername, u_int window, + struct sockaddr *syncaddr, des_block * ckey) + /* servername - network name of server */ + /* window - time to live */ + /* syncaddr - optional addr of host to sync with */ + /* ckey - optional conversation key to use */ { + u_char pkey_data[1024]; + netobj pkey; - AUTH *auth; - struct ad_private *ad; - char namebuf[MAXNETNAMELEN+1]; - - /* - * Allocate everything now - */ - auth = ALLOC(AUTH); - ad = ALLOC(struct ad_private); - (void) getnetname(namebuf); - - ad->ad_fullnamelen = RNDUP(strlen(namebuf)); - ad->ad_fullname = mem_alloc(ad->ad_fullnamelen + 1); - - ad->ad_servernamelen = strlen(servername); - ad->ad_servername = mem_alloc(ad->ad_servernamelen + 1); - - if (auth == NULL || ad == NULL || ad->ad_fullname == NULL || - ad->ad_servername == NULL) { - debug("authdes_create: out of memory"); - goto failed; - } + if (!getpublickey (servername, pkey_data)) + return (NULL); - /* - * Set up private data - */ - bcopy(namebuf, ad->ad_fullname, ad->ad_fullnamelen + 1); - bcopy(servername, ad->ad_servername, ad->ad_servernamelen + 1); - if (syncaddr != NULL) { - ad->ad_syncaddr = *syncaddr; - ad->ad_dosync = TRUE; - } else { - ad->ad_dosync = FALSE; - } - ad->ad_window = window; - if (ckey == NULL) { - if (key_gendes(&auth->ah_key) < 0) { - debug("authdes_create: unable to gen conversation key"); - return (NULL); - } - } else { - auth->ah_key = *ckey; - } + pkey.n_bytes = (char *) pkey_data; + pkey.n_len = strlen ((char *) pkey_data) + 1; + return authdes_pk_create (servername, &pkey, window, syncaddr, ckey); +} - /* - * Set up auth handle - */ - auth->ah_cred.oa_flavor = AUTH_DES; - auth->ah_verf.oa_flavor = AUTH_DES; - auth->ah_ops = &authdes_ops; - auth->ah_private = (caddr_t)ad; - - if (!authdes_refresh(auth)) { - goto failed; - } - return (auth); +AUTH * +authdes_pk_create (const char *servername, netobj * pkey, u_int window, + struct sockaddr * syncaddr, des_block * ckey) +{ + AUTH *auth; + struct ad_private *ad; + char namebuf[MAXNETNAMELEN + 1]; + + /* + * Allocate everything now + */ + auth = ALLOC (AUTH); + ad = ALLOC (struct ad_private); + memcpy (ad->ad_pkey, pkey->n_bytes, pkey->n_len); + if (!getnetname (namebuf)) + goto failed; + ad->ad_fullnamelen = RNDUP (strlen (namebuf)); + ad->ad_fullname = mem_alloc (ad->ad_fullnamelen + 1); + + ad->ad_servernamelen = strlen (servername); + ad->ad_servername = mem_alloc (ad->ad_servernamelen + 1); + + if (auth == NULL || ad == NULL || ad->ad_fullname == NULL || + ad->ad_servername == NULL) + { + debug ("authdes_create: out of memory"); + goto failed; + } + + /* + * Set up private data + */ + bcopy (namebuf, ad->ad_fullname, ad->ad_fullnamelen + 1); + bcopy (servername, ad->ad_servername, ad->ad_servernamelen + 1); + ad->ad_timediff.tv_sec = ad->ad_timediff.tv_usec = 0; + if (syncaddr != NULL) + { + ad->ad_syncaddr = *syncaddr; + ad->ad_dosync = TRUE; + } + else + ad->ad_dosync = FALSE; + + ad->ad_window = window; + if (ckey == NULL) + { + if (key_gendes (&auth->ah_key) < 0) + { + debug ("authdes_create: unable to gen conversation key"); + return (NULL); + } + } + else + auth->ah_key = *ckey; + + /* + * Set up auth handle + */ + auth->ah_cred.oa_flavor = AUTH_DES; + auth->ah_verf.oa_flavor = AUTH_DES; + auth->ah_ops = &authdes_ops; + auth->ah_private = (caddr_t) ad; + + if (!authdes_refresh (auth)) + goto failed; + + return (auth); failed: - if (auth != NULL) - FREE(auth, sizeof(AUTH)); - if (ad != NULL) - FREE(ad, sizeof(struct ad_private)); - if (ad->ad_fullname != NULL) - FREE(ad->ad_fullname, ad->ad_fullnamelen + 1); - if (ad->ad_servername != NULL) - FREE(ad->ad_servername, ad->ad_servernamelen + 1); - return (NULL); + if (auth != NULL) + FREE (auth, sizeof (AUTH)); + if (ad != NULL) + { + if (ad->ad_fullname != NULL) + FREE (ad->ad_fullname, ad->ad_fullnamelen + 1); + if (ad->ad_servername != NULL) + FREE (ad->ad_servername, ad->ad_servernamelen + 1); + FREE (ad, sizeof (struct ad_private)); + } + return (NULL); } /* * Implement the five authentication operations */ + /* * 1. Next Verifier - */ -/*ARGSUSED*/ -#ifdef __STDC__ -static void -authdes_nextverf( AUTH *auth ) -#else + */ +/*ARGSUSED */ static void -authdes_nextverf(auth) - AUTH *auth; -#endif +authdes_nextverf (AUTH * auth) { - /* what the heck am I supposed to do??? */ + /* what the heck am I supposed to do??? */ } - + + + /* * 2. Marshal */ -#ifdef __STDC__ static bool_t -authdes_marshal( AUTH *auth, XDR *xdrs ) -#else -static bool_t -authdes_marshal(auth, xdrs) - AUTH *auth; - XDR *xdrs; -#endif +authdes_marshal (AUTH * auth, XDR * xdrs) { - struct ad_private *ad = AUTH_PRIVATE(auth); - struct authdes_cred *cred = &ad->ad_cred; - struct authdes_verf *verf = &ad->ad_verf; - des_block cryptbuf[2]; - des_block ivec; - int status; - int len; - register long *ixdr; - - /* - * Figure out the "time", accounting for any time difference - * with the server if necessary. - */ - (void) gettimeofday(&ad->ad_timestamp, (struct timezone *)NULL); - ad->ad_timestamp.tv_sec += ad->ad_timediff.tv_sec; - ad->ad_timestamp.tv_usec += ad->ad_timediff.tv_usec; - if (ad->ad_timestamp.tv_usec >= MILLION) { - ad->ad_timestamp.tv_usec -= MILLION; - ad->ad_timestamp.tv_sec += 1; - } - - /* - * XDR the timestamp and possibly some other things, then - * encrypt them. - */ - ixdr = (long *)cryptbuf; - IXDR_PUT_LONG(ixdr, ad->ad_timestamp.tv_sec); - IXDR_PUT_LONG(ixdr, ad->ad_timestamp.tv_usec); - if (ad->ad_cred.adc_namekind == ADN_FULLNAME) { - IXDR_PUT_U_LONG(ixdr, ad->ad_window); - IXDR_PUT_U_LONG(ixdr, ad->ad_window - 1); - ivec.key.high = ivec.key.low = 0; - status = cbc_crypt((char *)&auth->ah_key, (char *)cryptbuf, - 2*sizeof(des_block), DES_ENCRYPT | DES_HW, (char *)&ivec); - } else { - status = ecb_crypt((char *)&auth->ah_key, (char *)cryptbuf, - sizeof(des_block), DES_ENCRYPT | DES_HW); - } - if (DES_FAILED(status)) { - debug("authdes_marshal: DES encryption failure"); - return (FALSE); - } - ad->ad_verf.adv_xtimestamp = cryptbuf[0]; - if (ad->ad_cred.adc_namekind == ADN_FULLNAME) { - ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high; - ad->ad_verf.adv_winverf = cryptbuf[1].key.low; - } else { - ad->ad_cred.adc_nickname = ad->ad_nickname; - ad->ad_verf.adv_winverf = 0; - } - - /* - * Serialize the credential and verifier into opaque - * authentication data. - */ - if (ad->ad_cred.adc_namekind == ADN_FULLNAME) { - len = ((1 + 1 + 2 + 1)*BYTES_PER_XDR_UNIT + ad->ad_fullnamelen); - } else { - len = (1 + 1)*BYTES_PER_XDR_UNIT; - } - - if ((ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT))) { - IXDR_PUT_LONG(ixdr, AUTH_DES); - IXDR_PUT_LONG(ixdr, len); - } else { -/* enum_t ah_cred.oa_flavor */ - ATTEMPT(xdr_putlong(xdrs, (long *)&auth->ah_cred.oa_flavor)); - ATTEMPT(xdr_putlong(xdrs, (long *)&len)); - } - ATTEMPT(xdr_authdes_cred(xdrs, cred)); - - len = (2 + 1)*BYTES_PER_XDR_UNIT; - if ((ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT))) { - IXDR_PUT_LONG(ixdr, AUTH_DES); - IXDR_PUT_LONG(ixdr, len); - } else { - ATTEMPT(xdr_putlong(xdrs, (long *)&auth->ah_verf.oa_flavor)); - ATTEMPT(xdr_putlong(xdrs, (long *)&len)); - } - ATTEMPT(xdr_authdes_verf(xdrs, verf)); - return (TRUE); + struct ad_private *ad = AUTH_PRIVATE (auth); + struct authdes_cred *cred = &ad->ad_cred; + struct authdes_verf *verf = &ad->ad_verf; + des_block cryptbuf[2]; + des_block ivec; + int status; + int len; + register long *ixdr; + + /* + * Figure out the "time", accounting for any time difference + * with the server if necessary. + */ + gettimeofday (&ad->ad_timestamp, (struct timezone *) NULL); + ad->ad_timestamp.tv_sec += ad->ad_timediff.tv_sec; + ad->ad_timestamp.tv_usec += ad->ad_timediff.tv_usec; + if (ad->ad_timestamp.tv_usec >= MILLION) + { + ad->ad_timestamp.tv_usec -= MILLION; + ad->ad_timestamp.tv_sec += 1; + } + + /* + * XDR the timestamp and possibly some other things, then + * encrypt them. + */ + ixdr = (long *) cryptbuf; + IXDR_PUT_LONG (ixdr, ad->ad_timestamp.tv_sec); + IXDR_PUT_LONG (ixdr, ad->ad_timestamp.tv_usec); + if (ad->ad_cred.adc_namekind == ADN_FULLNAME) + { + IXDR_PUT_U_LONG (ixdr, ad->ad_window); + IXDR_PUT_U_LONG (ixdr, ad->ad_window - 1); + ivec.key.high = ivec.key.low = 0; + status = cbc_crypt ((char *) &auth->ah_key, (char *) cryptbuf, + 2 * sizeof (des_block), DES_ENCRYPT | DES_HW, (char *) &ivec); + } + else + { + status = ecb_crypt ((char *) &auth->ah_key, (char *) cryptbuf, + sizeof (des_block), DES_ENCRYPT | DES_HW); + } + if (DES_FAILED (status)) + { + debug ("authdes_marshal: DES encryption failure"); + return (FALSE); + } + ad->ad_verf.adv_xtimestamp = cryptbuf[0]; + if (ad->ad_cred.adc_namekind == ADN_FULLNAME) + { + ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high; + ad->ad_verf.adv_winverf = cryptbuf[1].key.low; + } + else + { + ad->ad_cred.adc_nickname = ad->ad_nickname; + ad->ad_verf.adv_winverf = 0; + } + + /* + * Serialize the credential and verifier into opaque + * authentication data. + */ + if (ad->ad_cred.adc_namekind == ADN_FULLNAME) + { + len = ((1 + 1 + 2 + 1) * BYTES_PER_XDR_UNIT + ad->ad_fullnamelen); + } + else + { + len = (1 + 1) * BYTES_PER_XDR_UNIT; + } + + if ((ixdr = xdr_inline (xdrs, 2 * BYTES_PER_XDR_UNIT)) != NULL) + { + IXDR_PUT_LONG (ixdr, AUTH_DES); + IXDR_PUT_LONG (ixdr, len); + } + else + { + ATTEMPT (xdr_putlong (xdrs, (long *)&auth->ah_cred.oa_flavor)); + ATTEMPT (xdr_putlong (xdrs, (long *)&len)); + } + ATTEMPT (xdr_authdes_cred (xdrs, cred)); + + len = (2 + 1) * BYTES_PER_XDR_UNIT; + if ((ixdr = xdr_inline (xdrs, 2 * BYTES_PER_XDR_UNIT)) != NULL) + { + IXDR_PUT_LONG (ixdr, AUTH_DES); + IXDR_PUT_LONG (ixdr, len); + } + else + { + ATTEMPT (xdr_putlong (xdrs, (long *)&auth->ah_verf.oa_flavor)); + ATTEMPT (xdr_putlong (xdrs, (long *)&len)); + } + ATTEMPT (xdr_authdes_verf (xdrs, verf)); + return (TRUE); } + /* * 3. Validate */ -#ifdef __STDC__ -static bool_t -authdes_validate( AUTH *auth, struct opaque_auth *rverf ) -#else static bool_t -authdes_validate(auth, rverf) - AUTH *auth; - struct opaque_auth *rverf; -#endif +authdes_validate (AUTH * auth, struct opaque_auth *rverf) { - struct ad_private *ad = AUTH_PRIVATE(auth); - struct authdes_verf verf; - int status; - register u_long *ixdr; - - if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT) { - return (FALSE); - } - ixdr = (u_long *)rverf->oa_base; - verf.adv_xtimestamp.key.high = (u_long)*ixdr++; - verf.adv_xtimestamp.key.low = (u_long)*ixdr++; - verf.adv_int_u = (u_long)*ixdr++; /* nickname not XDR'd ! */ - - /* - * Decrypt the timestamp - */ - status = ecb_crypt((char *)&auth->ah_key, (char *)&verf.adv_xtimestamp, - sizeof(des_block), DES_DECRYPT | DES_HW); - - if (DES_FAILED(status)) { - debug("authdes_validate: DES decryption failure"); - return (FALSE); - } - - /* - * xdr the decrypted timestamp - */ - ixdr = (u_long *)verf.adv_xtimestamp.c; - verf.adv_timestamp.tv_sec = IXDR_GET_LONG(ixdr) + 1; - verf.adv_timestamp.tv_usec = IXDR_GET_LONG(ixdr); - - /* - * validate - */ - if (bcmp((char *)&ad->ad_timestamp, (char *)&verf.adv_timestamp, - sizeof(struct timeval)) != 0) { - debug("authdes_validate: verifier mismatch\n"); - return (FALSE); - } - - /* - * We have a nickname now, let's use it - */ - ad->ad_nickname = verf.adv_nickname; - ad->ad_cred.adc_namekind = ADN_NICKNAME; - return (TRUE); + struct ad_private *ad = AUTH_PRIVATE (auth); + struct authdes_verf verf; + int status; + register u_long *ixdr; + + if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT) + return (FALSE); + + ixdr = (u_long *) rverf->oa_base; + verf.adv_xtimestamp.key.high = (u_long)*ixdr++; + verf.adv_xtimestamp.key.low = (u_long)*ixdr++; + verf.adv_int_u = (u_long)*ixdr++; /* nickname not XDR'd ! */ + + /* + * Decrypt the timestamp + */ + status = ecb_crypt ((char *) &auth->ah_key, (char *) &verf.adv_xtimestamp, + sizeof (des_block), DES_DECRYPT | DES_HW); + + if (DES_FAILED (status)) + { + debug ("authdes_validate: DES decryption failure"); + return (FALSE); + } + + /* + * xdr the decrypted timestamp + */ + ixdr = (u_long *) verf.adv_xtimestamp.c; + verf.adv_timestamp.tv_sec = IXDR_GET_LONG (ixdr) + 1; + verf.adv_timestamp.tv_usec = IXDR_GET_LONG (ixdr); + + /* + * validate + */ + if (bcmp ((char *) &ad->ad_timestamp, (char *) &verf.adv_timestamp, + sizeof (struct timeval)) != 0) + { + debug ("authdes_validate: verifier mismatch\n"); + return (FALSE); + } + + /* + * We have a nickname now, let's use it + */ + ad->ad_nickname = verf.adv_nickname; + ad->ad_cred.adc_namekind = ADN_NICKNAME; + return (TRUE); } /* * 4. Refresh */ -#ifdef __STDC__ static bool_t -authdes_refresh( AUTH *auth ) -#else -static bool_t -authdes_refresh(auth) - AUTH *auth; -#endif +authdes_refresh (AUTH * auth) { - struct ad_private *ad = AUTH_PRIVATE(auth); - struct authdes_cred *cred = &ad->ad_cred; - - if (ad->ad_dosync && - !synchronize(&ad->ad_syncaddr, &ad->ad_timediff)) { - /* - * Hope the clocks are synced! - */ - ad->ad_timediff.tv_sec = ad->ad_timediff.tv_usec = 0; - debug("authdes_refresh: unable to synchronize with server"); - } - ad->ad_xkey = auth->ah_key; - if (key_encryptsession(ad->ad_servername, &ad->ad_xkey) < 0) { - debug("authdes_create: unable to encrypt conversation key"); - return (FALSE); - } - cred->adc_fullname.key = ad->ad_xkey; - cred->adc_namekind = ADN_FULLNAME; - cred->adc_fullname.name = ad->ad_fullname; - return (TRUE); + netobj pkey; + struct ad_private *ad = AUTH_PRIVATE (auth); + struct authdes_cred *cred = &ad->ad_cred; + + if (ad->ad_dosync && + !synchronize (&ad->ad_syncaddr, &ad->ad_timediff)) + { + /* + * Hope the clocks are synced! + */ + ad->ad_timediff.tv_sec = ad->ad_timediff.tv_usec = 0; + debug ("authdes_refresh: unable to synchronize with server"); + } + ad->ad_xkey = auth->ah_key; + pkey.n_bytes = (char *) (ad->ad_pkey); + pkey.n_len = strlen ((char *) ad->ad_pkey) + 1; + if (key_encryptsession_pk (ad->ad_servername, &pkey, &ad->ad_xkey) < 0) + { + debug ("authdes_create: unable to encrypt conversation key"); + return (FALSE); + } + cred->adc_fullname.key = ad->ad_xkey; + cred->adc_namekind = ADN_FULLNAME; + cred->adc_fullname.name = ad->ad_fullname; + return (TRUE); } - /* * 5. Destroy */ -#ifdef __STDC__ static void -authdes_destroy( AUTH *auth ) -#else -static void -authdes_destroy(auth) - AUTH *auth; -#endif +authdes_destroy (AUTH * auth) { - struct ad_private *ad = AUTH_PRIVATE(auth); + struct ad_private *ad = AUTH_PRIVATE (auth); - FREE(ad->ad_fullname, ad->ad_fullnamelen + 1); - FREE(ad->ad_servername, ad->ad_servernamelen + 1); - FREE(ad, sizeof(struct ad_private)); - FREE(auth, sizeof(AUTH)); + FREE (ad->ad_fullname, ad->ad_fullnamelen + 1); + FREE (ad->ad_servername, ad->ad_servernamelen + 1); + FREE (ad, sizeof (struct ad_private)); + FREE (auth, sizeof (AUTH)); } - - /* * Synchronize with the server at the given address, that is, * adjust timep to reflect the delta between our clocks */ -#ifdef __STDC__ -static bool_t -synchronize( struct sockaddr *syncaddr, struct timeval *timep ) -#else static bool_t -synchronize(syncaddr, timep) - struct sockaddr *syncaddr; - struct timeval *timep; -#endif +synchronize (struct sockaddr *syncaddr, struct timeval *timep) { - struct timeval mytime; - struct timeval timeout; + struct timeval mytime; + struct timeval timeout; - timeout.tv_sec = RTIME_TIMEOUT; - timeout.tv_usec = 0; - if (rtime((struct sockaddr_in *)syncaddr, timep, &timeout) < 0) { - return (FALSE); - } - (void) gettimeofday(&mytime, (struct timezone *)NULL); - timep->tv_sec -= mytime.tv_sec; - if (mytime.tv_usec > timep->tv_usec) { - timep->tv_sec -= 1; - timep->tv_usec += MILLION; - } - timep->tv_usec -= mytime.tv_usec; - return (TRUE); + timeout.tv_sec = RTIME_TIMEOUT; + timeout.tv_usec = 0; + if (rtime ((struct sockaddr_in *) syncaddr, timep, &timeout) < 0) + return (FALSE); + + gettimeofday (&mytime, (struct timezone *) NULL); + timep->tv_sec -= mytime.tv_sec; + if (mytime.tv_usec > timep->tv_usec) + { + timep->tv_sec -= 1; + timep->tv_usec += MILLION; + } + timep->tv_usec -= mytime.tv_usec; + return (TRUE); } Index: linux/libc/rpc/key_call.c diff -u linux/libc/rpc/key_call.c:1.5 linux/libc/rpc/key_call.c:1.6 --- linux/libc/rpc/key_call.c:1.5 Sun Nov 3 02:51:32 1996 +++ linux/libc/rpc/key_call.c Thu Jul 10 08:43:54 1997 @@ -31,275 +31,226 @@ */ /* -** The original source is from the RPCSRC 4.0 package from Sun Microsystems. -** The Interface to keyserver protocoll 2 was added by -** Thorsten Kukuk -*/ + * The original source is from the RPCSRC 4.0 package from Sun Microsystems. + * The Interface to keyserver protocoll 2 was added by + * Thorsten Kukuk + */ #include +#include #include +#include +#include #include +#include #include #include #include #include -#include -#include #define KEY_TIMEOUT 5 /* per-try timeout in seconds */ #define KEY_NRETRY 12 /* number of retries */ #define debug(msg) /* turn off debugging */ -static struct timeval trytimeout = { KEY_TIMEOUT, 0 }; -static struct timeval tottimeout = { KEY_TIMEOUT * KEY_NRETRY, 0 }; +extern int _openchild (char *command, FILE **fto, FILE **ffrom); -#ifdef __STDC__ -extern int _openchild ( char *, FILE **, FILE ** ); -extern bool_t xdr_keybuf ( XDR *xdrs, keybuf objp ); -extern bool_t xdr_keystatus ( XDR *xdrs, keystatus *objp ); -extern bool_t xdr_cryptkeyarg ( XDR *, cryptkeyarg * ); -extern bool_t xdr_cryptkeyres ( XDR *, cryptkeyres * ); - -int key_setsecret __P (( char * )); -int key_encryptsession __P (( char *, des_block * )); -int key_decryptsession __P (( char *, des_block * )); -int key_gendes __P (( des_block * )); -static int key_call __P (( u_long proc, - bool_t (*xdr_arg)( XDR *, void * ), - void *arg, - bool_t (*xdr_rslt)( XDR *, void * ), - void *rslt )); -#else -extern bool_t xdr_des_block(); -extern int _openchild(); - -int key_setsecret(); -int key_encryptsession(); -int key_decryptsession(); -int key_gendes(); -static int key_call(); -#endif /* __STDC__ */ -#ifdef __STDC__ -int -key_setsecret( char *secretkey ) -#else +static int key_call (u_long, xdrproc_t xdr_arg, char *, + xdrproc_t xdr_rslt, char *); + +static struct timeval trytimeout = {KEY_TIMEOUT, 0}; +static struct timeval tottimeout = {KEY_TIMEOUT *KEY_NRETRY, 0}; + int -key_setsecret( secretkey ) - char *secretkey; -#endif +key_setsecret (char *secretkey) { keystatus status; - - if (!key_call( (u_long)KEY_SET, xdr_keybuf, (void *) secretkey, - xdr_keystatus, (void *) &status )) { - return (-1); - } - if (status != KEY_SUCCESS) { - debug("set status is nonzero"); - return (-1); - } - return (0); + + if (!key_call ((u_long) KEY_SET, (xdrproc_t) xdr_keybuf, secretkey, + (xdrproc_t) xdr_keystatus, (char *) &status)) + return -1; + if (status != KEY_SUCCESS) + { + debug ("set status is nonzero"); + return -1; + } + return 0; } /* key_secretkey_is_set() returns 1 if the keyserver has a secret key - * stored for the caller's effective uid; it returns 0 otherwise - * - * N.B.: The KEY_NET_GET key call is undocumented. Applications shouldn't - * be using it, because it allows them to get the user's secret key. - */ -int + * stored for the caller's effective uid; it returns 0 otherwise + * + * N.B.: The KEY_NET_GET key call is undocumented. Applications shouldn't + * be using it, because it allows them to get the user's secret key. + */ +int key_secretkey_is_set (void) { struct key_netstres kres; - - memset((void*)&kres, 0, sizeof (kres)); - if (key_call((u_long) KEY_NET_GET, xdr_void, (char *)NULL, - xdr_key_netstres, (char *) &kres) && + + memset (&kres, 0, sizeof (kres)); + if (key_call ((u_long) KEY_NET_GET, (xdrproc_t) xdr_void, (char *) NULL, + (xdrproc_t) xdr_key_netstres, (char *) &kres) && (kres.status == KEY_SUCCESS) && (kres.key_netstres_u.knet.st_priv_key[0] != 0)) { /* avoid leaving secret key in memory */ - memset(kres.key_netstres_u.knet.st_priv_key, 0, HEXKEYBYTES); - return (1); + memset (kres.key_netstres_u.knet.st_priv_key, 0, HEXKEYBYTES); + return 1; } - return (0); + return 0; } - - -#ifdef __STDC__ -int -key_encryptsession( char *remotename, des_block *deskey ) -#else int -key_encryptsession( remotename, deskey ) - char *remotename; - des_block *deskey; -#endif +key_encryptsession (char *remotename, des_block *deskey) { - cryptkeyarg arg; - cryptkeyres res; + cryptkeyarg arg; + cryptkeyres res; + + arg.remotename = remotename; + arg.deskey = *deskey; + if (!key_call ((u_long) KEY_ENCRYPT, (xdrproc_t) xdr_cryptkeyarg, + (char *) &arg, (xdrproc_t) xdr_cryptkeyres, (char *) &res)) + return -1; - arg.remotename = remotename; - arg.deskey = *deskey; - if (!key_call((u_long)KEY_ENCRYPT, xdr_cryptkeyarg, - (void *) &arg, xdr_cryptkeyres, (void *) &res)) { - return (-1); - } - if (res.status != KEY_SUCCESS) { - debug("encrypt status is nonzero"); - return (-1); - } - *deskey = res.cryptkeyres_u.deskey; - return (0); + if (res.status != KEY_SUCCESS) + { + debug ("encrypt status is nonzero"); + return -1; + } + *deskey = res.cryptkeyres_u.deskey; + return 0; } -#ifdef __STDC__ -int -key_decryptsession( char *remotename, des_block *deskey ) -#else int -key_decryptsession( remotename, deskey ) - char *remotename; - des_block *deskey; -#endif +key_decryptsession (char *remotename, des_block *deskey) { - cryptkeyarg arg; - cryptkeyres res; + cryptkeyarg arg; + cryptkeyres res; - arg.remotename = remotename; - arg.deskey = *deskey; - if (!key_call((u_long)KEY_DECRYPT, xdr_cryptkeyarg, - (void *)&arg, xdr_cryptkeyres, (void *)&res)) - { - return (-1); - } - if (res.status != KEY_SUCCESS) { - debug("decrypt status is nonzero"); - return (-1); - } - *deskey = res.cryptkeyres_u.deskey; - return (0); + arg.remotename = remotename; + arg.deskey = *deskey; + if (!key_call ((u_long) KEY_DECRYPT, (xdrproc_t) xdr_cryptkeyarg, + (char *) &arg, (xdrproc_t) xdr_cryptkeyres, (char *) &res)) + return -1; + if (res.status != KEY_SUCCESS) + { + debug ("decrypt status is nonzero"); + return -1; + } + *deskey = res.cryptkeyres_u.deskey; + return 0; } int -key_encryptsession_pk (char *remotename, netobj *remotekey, des_block *deskey) +key_encryptsession_pk (char *remotename, netobj *remotekey, + des_block *deskey) { cryptkeyarg2 arg; cryptkeyres res; - + arg.remotename = remotename; arg.remotekey = *remotekey; arg.deskey = *deskey; - if (!key_call((u_long)KEY_ENCRYPT_PK, xdr_cryptkeyarg2, (char *)&arg, - xdr_cryptkeyres, (char *)&res)) - { - return (-1); - } - if (res.status != KEY_SUCCESS) + if (!key_call ((u_long) KEY_ENCRYPT_PK, (xdrproc_t) xdr_cryptkeyarg2, + (char *) &arg, (xdrproc_t) xdr_cryptkeyres, (char *) &res)) + return -1; + + if (res.status != KEY_SUCCESS) { - debug("encrypt status is nonzero"); - return (-1); + debug ("encrypt status is nonzero"); + return -1; } *deskey = res.cryptkeyres_u.deskey; - return (0); + return 0; } int -key_decryptsession_pk(char *remotename, netobj *remotekey, des_block *deskey) +key_decryptsession_pk (char *remotename, netobj *remotekey, + des_block *deskey) { cryptkeyarg2 arg; cryptkeyres res; - + arg.remotename = remotename; arg.remotekey = *remotekey; arg.deskey = *deskey; - if (!key_call((u_long)KEY_DECRYPT_PK, xdr_cryptkeyarg2, (char *)&arg, - xdr_cryptkeyres, (char *)&res)) - { - return (-1); - } - if (res.status != KEY_SUCCESS) + if (!key_call ((u_long) KEY_DECRYPT_PK, (xdrproc_t) xdr_cryptkeyarg2, + (char *) &arg, (xdrproc_t) xdr_cryptkeyres, (char *) &res)) + return -1; + + if (res.status != KEY_SUCCESS) { - debug("decrypt status is nonzero"); - return (-1); + debug ("decrypt status is nonzero"); + return -1; } *deskey = res.cryptkeyres_u.deskey; - return (0); + return 0; } -#ifdef __STDC__ -int -key_gendes( des_block *key ) -#else int -key_gendes( key ) - des_block *key; -#endif +key_gendes (des_block *key) { struct sockaddr_in sin; CLIENT *client; int socket; enum clnt_stat stat; - - + sin.sin_family = AF_INET; sin.sin_port = 0; - sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - bzero(sin.sin_zero, sizeof(sin.sin_zero)); + sin.sin_addr.s_addr = htonl (INADDR_LOOPBACK); + bzero (sin.sin_zero, sizeof (sin.sin_zero)); socket = RPC_ANYSOCK; - client = clntudp_bufcreate(&sin, (u_long)KEY_PROG, (u_long)KEY_VERS, - trytimeout, &socket, RPCSMALLMSGSIZE, - RPCSMALLMSGSIZE); - if (client == NULL) { - return (-1); - } - stat = clnt_call(client, KEY_GEN, (xdrproc_t)xdr_void, NULL, - (xdrproc_t)xdr_des_block, (caddr_t)key, tottimeout); - clnt_destroy(client); - /* (void) close(socket); */ - if (stat != RPC_SUCCESS) { - return (-1); - } - return (0); + client = clntudp_bufcreate (&sin, (u_long) KEY_PROG, (u_long) KEY_VERS, + trytimeout, &socket, RPCSMALLMSGSIZE, + RPCSMALLMSGSIZE); + if (client == NULL) + return -1; + + stat = clnt_call (client, KEY_GEN, (xdrproc_t) xdr_void, NULL, + (xdrproc_t) xdr_des_block, (caddr_t) key, tottimeout); + clnt_destroy (client); + close (socket); + if (stat != RPC_SUCCESS) + return -1; + + return 0; } int -key_setnet(struct key_netstarg *arg) +key_setnet (struct key_netstarg *arg) { keystatus status; - - if (!key_call((u_long) KEY_NET_PUT, xdr_key_netstarg, (char *) arg, - xdr_keystatus, (char *) &status)) - return (-1); - + + if (!key_call ((u_long) KEY_NET_PUT, (xdrproc_t) xdr_key_netstarg, + (char *) arg,(xdrproc_t) xdr_keystatus, (char *) &status)) + return -1; + if (status != KEY_SUCCESS) { - debug("key_setnet status is nonzero"); - return (-1); + debug ("key_setnet status is nonzero"); + return -1; } - return (1); + return 1; } int -key_get_conv(char *pkey, des_block *deskey) +key_get_conv (char *pkey, des_block *deskey) { cryptkeyres res; - - if (!key_call((u_long) KEY_GET_CONV, xdr_keybuf, pkey, - xdr_cryptkeyres, (char *)&res)) - { - return (-1); - } - if (res.status != KEY_SUCCESS) + + if (!key_call ((u_long) KEY_GET_CONV, (xdrproc_t) xdr_keybuf, pkey, + (xdrproc_t) xdr_cryptkeyres, (char *) &res)) + return -1; + + if (res.status != KEY_SUCCESS) { - debug("get_conv status is nonzero"); - return (-1); + debug ("get_conv status is nonzero"); + return -1; } *deskey = res.cryptkeyres_u.deskey; - return (0); + return 0; } /* @@ -311,115 +262,105 @@ * implementations of these functions, and to call those in key_call(). */ -cryptkeyres *(*__key_encryptsession_pk_LOCAL)() = 0; -cryptkeyres *(*__key_decryptsession_pk_LOCAL)() = 0; -des_block *(*__key_gendes_LOCAL)() = 0; +cryptkeyres *(*__key_encryptsession_pk_LOCAL) (uid_t, char *) = 0; +cryptkeyres *(*__key_decryptsession_pk_LOCAL) (uid_t, char *) = 0; +des_block *(*__key_gendes_LOCAL) (uid_t, char *) = 0; -#include -#include -#include - -#ifdef __STDC__ -static int -key_call( u_long proc, bool_t (*xdr_arg)( XDR *, void * ), void *arg, - bool_t (*xdr_rslt)( XDR *, void * ), void *rslt ) -#else static int -key_call( proc, xdr_arg, arg, xdr_rslt, rslt ) - u_long proc; - bool_t (*xdr_arg)(); - char *arg; - bool_t (*xdr_rslt)(); - char *rslt; -#endif +key_call (u_long proc, xdrproc_t xdr_arg, char *arg, + xdrproc_t xdr_rslt, char *rslt) { XDR xdrargs; XDR xdrrslt; FILE *fargs; FILE *frslt; - int (*osigchild) (); + sigset_t oldmask, mask; union wait status; int pid; int success; - int ruid; - int euid; + uid_t ruid; + uid_t euid; static char MESSENGER[] = "/usr/etc/keyenvoy"; - - success = 1; - osigchild = signal(SIGCHLD, SIG_IGN); if (proc == KEY_ENCRYPT_PK && __key_encryptsession_pk_LOCAL) { cryptkeyres *res; - res = (*__key_encryptsession_pk_LOCAL)(geteuid (), arg); - *(cryptkeyres*)rslt = *res; + res = (*__key_encryptsession_pk_LOCAL) (geteuid (), arg); + *(cryptkeyres *) rslt = *res; return 1; - } - else - if (proc == KEY_DECRYPT_PK && __key_decryptsession_pk_LOCAL) - { - cryptkeyres *res; - res = (*__key_decryptsession_pk_LOCAL)(geteuid (), arg); - *(cryptkeyres*)rslt = *res; - return 1; - } - else - if (proc == KEY_GEN && __key_gendes_LOCAL) - { - des_block *res; - res = (*__key_gendes_LOCAL)(geteuid(), 0); - *(des_block*)rslt = *res; - return 1; - } - + } + else if (proc == KEY_DECRYPT_PK && __key_decryptsession_pk_LOCAL) + { + cryptkeyres *res; + res = (*__key_decryptsession_pk_LOCAL) (geteuid (), arg); + *(cryptkeyres *) rslt = *res; + return 1; + } + else if (proc == KEY_GEN && __key_gendes_LOCAL) + { + des_block *res; + res = (*__key_gendes_LOCAL) (geteuid (), 0); + *(des_block *) rslt = *res; + return 1; + } + + success = 1; + sigemptyset (&mask); + sigaddset (&mask, SIGCHLD); + sigprocmask (SIG_BLOCK, &mask, &oldmask); + /* * We are going to exec a set-uid program which makes our effective uid - * zero, and authenticates us with our real uid. We need to make the - * effective uid be the real uid for the setuid program, and + * zero, and authenticates us with our real uid. We need to make the + * effective uid be the real uid for the setuid program, and * the real uid be the effective uid so that we can change things back. */ - euid = geteuid(); - ruid = getuid(); - (void) setreuid(euid, ruid); - pid = _openchild(MESSENGER, &fargs, &frslt); - (void) setreuid(ruid, euid); - if (pid < 0) { - debug("open_streams"); - return (0); - } - xdrstdio_create(&xdrargs, fargs, XDR_ENCODE); - xdrstdio_create(&xdrrslt, frslt, XDR_DECODE); - - if (!xdr_u_long(&xdrargs, &proc) || !(*xdr_arg)(&xdrargs, arg)) { - debug("xdr args"); - success = 0; - } - (void) fclose(fargs); - - if (success && !(*xdr_rslt)(&xdrrslt, rslt)) { - debug("xdr rslt"); - success = 0; - } - -#ifdef NOTDEF - /* - * WARNING! XXX - * The original code appears first. wait4 returns only after the process - * with the requested pid terminates. The effect of using wait() instead - * has not been determined. - */ - (void) fclose(frslt); - if (wait4(pid, &status, 0, NULL) < 0 || status.w_retcode != 0) { - debug("wait4"); - success = 0; - } -#endif /* def NOTDEF */ - if (wait(&status) < 0 || status.w_retcode != 0) { - debug("wait"); - success = 0; - } - (void)signal(SIGCHLD, osigchild); - + euid = geteuid (); + ruid = getuid (); + setreuid (euid, ruid); + pid = _openchild (MESSENGER, &fargs, &frslt); + setreuid (ruid, euid); + if (pid < 0) + { + debug ("open_streams"); + sigprocmask(SIG_SETMASK, &oldmask, NULL); + return (0); + } + xdrstdio_create (&xdrargs, fargs, XDR_ENCODE); + xdrstdio_create (&xdrrslt, frslt, XDR_DECODE); + + if (!xdr_u_long (&xdrargs, &proc) || !(*xdr_arg) (&xdrargs, arg)) + { + debug ("xdr args"); + success = 0; + } + fclose (fargs); + + if (success && !(*xdr_rslt) (&xdrrslt, rslt)) + { + debug ("xdr rslt"); + success = 0; + } + fclose(frslt); + + wait_again: + if (wait4(pid, &status, 0, NULL) < 0) + { + if (errno == EINTR) + goto wait_again; + debug("wait4"); + if (errno == ECHILD || errno == ESRCH) + perror("wait"); + else + success = 0; + } + else + if (status.w_retcode) + { + debug("wait4 1"); + success = 0; + } + sigprocmask(SIG_SETMASK, &oldmask, NULL); + return (success); } - Index: linux/libc/rpc/openchild.c diff -u linux/libc/rpc/openchild.c:1.3 linux/libc/rpc/openchild.c:1.4 --- linux/libc/rpc/openchild.c:1.3 Fri Oct 4 15:53:14 1996 +++ linux/libc/rpc/openchild.c Thu Jul 10 08:43:54 1997 @@ -1,6 +1,3 @@ -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)openchild.c 2.3 88/08/15 4.0 RPCSRC; from 1.7 88/02/08 SMI"; -#endif /* * Sun RPC is a product of Sun Microsystems, Inc. and is provided for * unrestricted use provided that this legend is included on all tape @@ -8,23 +5,23 @@ * may copy or modify Sun RPC without charge, but are not authorized * to license or distribute it to anyone else except as part of a product or * program developed by the user. - * + * * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. - * + * * Sun RPC is provided with no support and without any obligation on the * part of Sun Microsystems, Inc. to assist in its use, correction, * modification or enhancement. - * + * * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC * OR ANY PART THEREOF. - * + * * In no event will Sun Microsystems, Inc. be liable for any lost revenue * or profits or other special, indirect and consequential damages, even if * Sun has been advised of the possibility of such damages. - * + * * Sun Microsystems, Inc. * 2550 Garcia Avenue * Mountain View, California 94043 @@ -40,112 +37,69 @@ * interface, but for internal use only! */ #include +#include #include -#include -#include #include - -#define basename __basename -static char SHELL[] = "/bin/sh"; - -#ifdef __STDC__ -int _openchild ( char *, FILE **, FILE ** ); -static char *basename ( char * ); -#else /* ! __STDC__ */ -int _openchild(); -static char *basename(); -#endif /* __STDC__ */ +#include +#include /* * returns pid, or -1 for failure */ -#ifdef __STDC__ int -_openchild( char *command, FILE **fto, FILE **ffrom ) -#else -int -_openchild(command, fto, ffrom) - char *command; - FILE **fto; - FILE **ffrom; -#endif +_openchild (char *command, FILE ** fto, FILE ** ffrom) { - int i; - int pid; - int pdto[2]; - int pdfrom[2]; - char *com; - - - if (pipe(pdto) < 0) { - goto error1; - } - if (pipe(pdfrom) < 0) { - goto error2; - } - switch (pid = vfork()) { - case -1: - goto error3; - - case 0: - /* - * child: read from pdto[0], write into pdfrom[1] - */ - (void) close(0); - (void) dup(pdto[0]); - (void) close(1); - (void) dup(pdfrom[1]); - for (i = _rpc_dtablesize() - 1; i >= 3; i--) { - (void) close(i); - } - com = malloc((unsigned) strlen(command) + 6); - if (com == NULL) { - _exit(~0); - } - (void) sprintf(com, "exec %s", command); - execl(SHELL, basename(SHELL), "-c", com, NULL); - _exit(~0); - - default: - /* - * parent: write into pdto[1], read from pdfrom[0] - */ - *fto = fdopen(pdto[1], "w"); - (void) close(pdto[0]); - *ffrom = fdopen(pdfrom[0], "r"); - (void) close(pdfrom[1]); - break; - } - return (pid); - - /* - * error cleanup and return - */ + int i; + int pid; + int pdto[2]; + int pdfrom[2]; + + if (pipe (pdto) < 0) + goto error1; + if (pipe (pdfrom) < 0) + goto error2; + switch (pid = fork ()) + { + case -1: + goto error3; + + case 0: + /* + * child: read from pdto[0], write into pdfrom[1] + */ + close (0); + dup (pdto[0]); + close (1); + dup (pdfrom[1]); + fflush (stderr); + for (i = _rpc_dtablesize () - 1; i >= 3; i--) + close (i); + fflush (stderr); + execlp (command, command, 0); + perror ("exec"); + _exit (~0); + + default: + /* + * parent: write into pdto[1], read from pdfrom[0] + */ + *fto = fdopen (pdto[1], "w"); + close (pdto[0]); + *ffrom = fdopen (pdfrom[0], "r"); + close (pdfrom[1]); + break; + } + return pid; + + /* + * error cleanup and return + */ error3: - (void) close(pdfrom[0]); - (void) close(pdfrom[1]); + close (pdfrom[0]); + close (pdfrom[1]); error2: - (void) close(pdto[0]); - (void) close(pdto[1]); + close (pdto[0]); + close (pdto[1]); error1: - return (-1); -} - -#ifdef __STDC__ -static char * -basename( char *path ) -#else -static char * -basename(path) - char *path; -#endif -{ - char *p; - - p = rindex(path, '/'); - if (p == NULL) { - return (path); - } else { - return (p + 1); - } + return -1; } Index: linux/libc/sysdeps/linux/Makefile diff -u linux/libc/sysdeps/linux/Makefile:1.23 linux/libc/sysdeps/linux/Makefile:1.24 --- linux/libc/sysdeps/linux/Makefile:1.23 Sat May 10 14:44:38 1997 +++ linux/libc/sysdeps/linux/Makefile Thu Jul 10 08:43:55 1997 @@ -70,7 +70,7 @@ sched_setparam.S sched_getparam.S sched_setscheduler.S \ sched_getscheduler.S sched_yield.S sched_get_priority_max.S \ sched_get_priority_min.S sched_rr_get_interval.S fdatasync.S \ - nanosleep.S __syscall_poll.S + nanosleep.S __syscall_poll.S quotactl.S SRC3S= fstatfs.c statfs.c uname.c __vfork.c vfork.c SRCS=$(SRC1S) $(SRC2S) $(SRC3S) Index: linux/libc/sysdeps/linux/quotactl.S diff -u /dev/null linux/libc/sysdeps/linux/quotactl.S:1.1 --- /dev/null Thu Jul 10 08:47:28 1997 +++ linux/libc/sysdeps/linux/quotactl.S Thu Jul 10 08:43:55 1997 @@ -0,0 +1,22 @@ +/* Copyright (C) 1991, 1992 Free Software Foundation, Inc. +This file is part of the GNU C Library. + +The GNU C Library is free software; you can redistribute it and/or +modify it under the terms of the GNU Library General Public License as +published by the Free Software Foundation; either version 2 of the +License, or (at your option) any later version. + +The GNU C Library is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +Library General Public License for more details. + +You should have received a copy of the GNU Library General Public +License along with the GNU C Library; see the file COPYING.LIB. If +not, write to the Free Software Foundation, Inc., 675 Mass Ave, +Cambridge, MA 02139, USA. */ + +#include + +SYSCALL__ (quotactl, 4) + ret Index: linux/include/_G_config.h diff -u linux/include/_G_config.h:1.93 linux/include/_G_config.h:1.94 --- linux/include/_G_config.h:1.93 Fri Jun 27 09:33:22 1997 +++ linux/include/_G_config.h Thu Jul 10 08:44:14 1997 @@ -2,10 +2,10 @@ #ifndef _G_config_h #define _G_config_h -#define _LINUX_C_LIB_VERSION "5.4.34" +#define _LINUX_C_LIB_VERSION "5.4.35" #define _LINUX_C_LIB_VERSION_MAJOR 5 #define _LINUX_C_LIB_VERSION_MINOR 4 -#define _LINUX_C_LIB_VERSION_SUBMINOR 34 +#define _LINUX_C_LIB_VERSION_SUBMINOR 35 #define _G_LIB_VERSION "2.7.2" Index: linux/include/signal.h diff -u linux/include/signal.h:1.4 linux/include/signal.h:1.5 --- linux/include/signal.h:1.4 Sat Jun 10 17:25:49 1995 +++ linux/include/signal.h Thu Jul 10 08:44:14 1997 @@ -143,13 +143,13 @@ #endif /* Use BSD. */ -#ifdef __USE_BSD_SIGNAL +#if defined(__USE_BSD_SIGNAL) || defined(__FAVOR_BSD) extern __sighandler_t __bsd_signal __P ((int __sig, __sighandler_t)); #define signal __bsd_signal -#endif /* __USE_BSD_SIGNAL */ +#endif /* __USE_BSD_SIGNAL || __FAVOR_BSD */ __END_DECLS Index: linux/include/netinet/ip.h diff -u linux/include/netinet/ip.h:1.6 linux/include/netinet/ip.h:1.7 --- linux/include/netinet/ip.h:1.6 Mon Apr 7 09:47:26 1997 +++ linux/include/netinet/ip.h Thu Jul 10 08:44:14 1997 @@ -27,7 +27,7 @@ __u16 ip_off; __u8 ip_ttl; __u8 ip_p; - __u16 ip_csum; + __u16 ip_sum; struct in_addr ip_src,ip_dst; }; Index: linux/include/sys/quota.h diff -u /dev/null linux/include/sys/quota.h:1.1 --- /dev/null Thu Jul 10 08:47:32 1997 +++ linux/include/sys/quota.h Thu Jul 10 08:44:14 1997 @@ -0,0 +1,2 @@ +#include +#include