openbsd-ports/net/netatalk/patches/patch-etcafpd-authc

439 lines
11 KiB
Plaintext
Raw Normal View History

$OpenBSD: patch-etcafpd-authc,v 1.2 2001/04/18 13:17:43 brad Exp $
--- etc/afpd/auth.c.orig Sat Mar 15 07:03:18 1997
+++ etc/afpd/auth.c Wed Apr 18 14:19:12 2001
@@ -4,18 +4,22 @@
*/
#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
#include <sys/types.h>
#include <sys/param.h>
#include <sys/syslog.h>
#include <sys/time.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
#include <netatalk/endian.h>
#include <netatalk/at.h>
#include <atalk/afp.h>
#include <atalk/paths.h>
#include <atalk/atp.h>
#include <atalk/asp.h>
+#include <atalk/compat.h>
#include <limits.h>
-#include <strings.h>
#include <string.h>
#include <ctype.h>
#include <pwd.h>
@@ -47,8 +51,8 @@
#include <prot.h>
#endif SOLARIS
-C_Block seskey;
-Key_schedule seskeysched;
+des_cblock *seskey;
+des_key_schedule seskeysched;
static char realm[ REALM_SZ ];
#endif KRB UAM_AFSKRB
@@ -93,6 +97,7 @@ gid_t groups[ NGROUPS ];
int ngroups;
char *username = NULL;
char *mktemp();
+int strndiacasecmp();
/*
* These numbers are scattered throughout the code.
@@ -100,6 +105,8 @@ char *mktemp();
struct afp_versions afp_versions[] = {
{ "AFPVersion 1.1", 11 },
{ "AFPVersion 2.0", 20 },
+ { "AFPVersion 2.1", 21 },
+ { "AFP2.2", 22 }
};
/* Note that these names must match those in main() */
@@ -120,6 +127,7 @@ struct afp_uams *afp_uam = NULL;
/*
* Mark a UAM as off.
*/
+void
uam_off( uam )
char *uam;
{
@@ -134,6 +142,7 @@ uam_off( uam )
return;
}
+void
status_versions( data )
char *data;
{
@@ -147,12 +156,13 @@ status_versions( data )
for ( i = 0; i < num; i++ ) {
len = strlen( afp_versions[ i ].av_name );
*data++ = len;
- bcopy( afp_versions[ i ].av_name , data, len );
+ memcpy( data, afp_versions[ i ].av_name, len );
data += len;
}
status->as_uamsoff = htons( data - (char *)status );
}
+void
status_uams( data )
char *data;
{
@@ -171,13 +181,14 @@ status_uams( data )
if (( afp_uams[ i ].au_flags & AU_OFF ) == 0 ) {
len = strlen( afp_uams[ i ].au_name );
*data++ = len;
- bcopy( afp_uams[ i ].au_name, data, len );
+ memcpy( data, afp_uams[ i ].au_name, len );
data += len;
}
}
status->as_iconoff = htons( data - (char *)status );
}
+int
afp_login( ibuf, ibuflen, rbuf, rbuflen )
char *ibuf, *rbuf;
int ibuflen, *rbuflen;
@@ -230,6 +241,7 @@ afp_login( ibuf, ibuflen, rbuf, rbuflen
return( afp_uam->au_login( ibuf, ibuflen, rbuf, rbuflen ));
}
+int
afp_logincont( ibuf, ibuflen, rbuf, rbuflen, asp )
char *ibuf, *rbuf;
int ibuflen, *rbuflen;
@@ -242,6 +254,7 @@ afp_logincont( ibuf, ibuflen, rbuf, rbuf
return( afp_uam->au_logincont( ibuf, ibuflen, rbuf, rbuflen, asp ));
}
+int
noauth_login( ibuf, ibuflen, rbuf, rbuflen )
char *ibuf, *rbuf;
int ibuflen, *rbuflen;
@@ -275,6 +288,7 @@ noauth_login( ibuf, ibuflen, rbuf, rbufl
return( AFP_OK );
}
+int
login( name, uid, gid )
char *name;
uid_t uid;
@@ -302,6 +316,7 @@ login( name, uid, gid )
return( AFP_OK );
}
+void
lcase( p )
char *p;
{
@@ -313,6 +328,7 @@ lcase( p )
return;
}
+void
ucase( p )
char *p;
{
@@ -335,7 +351,7 @@ ucase( p )
#define KRB4WRT_SKIP 7
#define KRB4RPL_DONEMUT 8
-
+int
krb4_login( ibuf, ibuflen, rbuf, rbuflen )
char *ibuf, *rbuf;
int ibuflen, *rbuflen;
@@ -360,7 +376,7 @@ krb4_login( ibuf, ibuflen, rbuf, rbuflen
*p++ = 1;
len = strlen( realm );
*p++ = len;
- strcpy( p, realm );
+ (void)strlcpy( p, realm, sizeof(p) );
p += len + 1;
#ifdef AFS
@@ -375,6 +391,7 @@ krb4_login( ibuf, ibuflen, rbuf, rbuflen
return( AFPERR_AUTHCONT );
}
+int
krb4_logincont( ibuf, ibuflen, rbuf, rbuflen, asp )
char *ibuf, *rbuf;
int ibuflen, *rbuflen;
@@ -384,15 +401,15 @@ krb4_logincont( ibuf, ibuflen, rbuf, rbu
KTEXT_ST tkt;
static AUTH_DAT ad;
int rc;
- short len;
+ int16_t len;
char *p;
- CREDENTIALS cr;
#ifdef AFS
+ CREDENTIALS cr;
struct ViceIoctl vi;
struct ClearToken ct;
-#endif AFS
char buf[ 1024 ];
int aint;
+#endif AFS
if ( asp_wrtcont( asp, rbuf, rbuflen ) < 0 ) {
*rbuflen = 0;
@@ -403,15 +420,15 @@ krb4_logincont( ibuf, ibuflen, rbuf, rbu
switch ( rc = *p++ ) {
case KRB4WRT_SESS :
- bcopy( p, &len, sizeof( short ));
+ memcpy( &len, p, sizeof( len ));
tkt.length = ntohs( len );
- p += sizeof( short );
+ p += sizeof( len );
if ( tkt.length <= 0 || tkt.length > MAX_KTXT_LEN ) {
*rbuflen = 0;
return( AFPERR_BADUAM );
}
- bcopy( p, tkt.dat, tkt.length );
+ memcpy( tkt.dat, p, tkt.length );
p += tkt.length;
if (( rc = krb_rd_req( &tkt, "afpserver", Obj, 0, &ad, "" ))
@@ -424,7 +441,7 @@ krb4_logincont( ibuf, ibuflen, rbuf, rbu
syslog( LOG_INFO, "krb4_login: %s.%s@%s", ad.pname, ad.pinst,
ad.prealm );
- bcopy( ad.session, seskey, sizeof( C_Block ));
+ memcpy( seskey, ad.session, sizeof( C_Block ));
key_sched( seskey, seskeysched );
username = ad.pname;
@@ -444,46 +461,46 @@ krb4_logincont( ibuf, ibuflen, rbuf, rbu
len = strlen( realm );
*p++ = len + 1;
*p++ = '@';
- strcpy( p, realm );
+ (void)strlcpy( p, realm, sizeof(p) );
p += len + 1;
*rbuflen = p - rbuf;
return( AFPERR_AUTHCONT );
case KRB4WRT_TOKEN :
- bcopy( p, &len, sizeof( short ));
+ memcpy( &len, p, sizeof( len ));
len = ntohs( len );
- p += sizeof( short );
- bcopy( p, &cr, len );
+ p += sizeof( len );
+ memcpy( &cr, p, len );
pcbc_encrypt((C_Block *)&cr, (C_Block *)&cr, len, seskeysched,
seskey, DECRYPT );
p = buf;
cr.ticket_st.length = ntohl( cr.ticket_st.length );
- bcopy( &cr.ticket_st.length, p, sizeof( int ));
- p += sizeof( int );
- bcopy( cr.ticket_st.dat, p, cr.ticket_st.length );
+ memcpy( p, &cr.ticket_st.length, sizeof( p ));
+ p += sizeof( p );
+ memcpy( p, cr.ticket_st.dat, cr.ticket_st.length );
p += cr.ticket_st.length;
ct.AuthHandle = ntohl( cr.kvno );
- bcopy( cr.session, ct.HandShakeKey, sizeof( cr.session ));
+ memcpy( ct.HandShakeKey, cr.session, sizeof( cr.session ));
ct.ViceId = 0;
ct.BeginTimestamp = ntohl( cr.issue_date );
ct.EndTimestamp = krb_life_to_time( ntohl( cr.issue_date ),
ntohl( cr.lifetime ));
aint = sizeof( struct ClearToken );
- bcopy( &aint, p, sizeof( int ));
- p += sizeof( int );
- bcopy( &ct, p, sizeof( struct ClearToken ));
+ memcpy( p, &aint, sizeof( p ));
+ p += sizeof( p );
+ memcpy( p, &ct, sizeof( struct ClearToken ));
p += sizeof( struct ClearToken );
aint = 0;
- bcopy( &aint, p, sizeof( int ));
- p += sizeof( int );
+ memcpy( p, &aint, sizeof( p ));
+ p += sizeof( p );
lcase( realm );
- strcpy( p, realm );
+ (void)strlcpy( p, realm, sizeof(p) );
p += strlen( realm ) + 1;
vi.in = buf;
@@ -520,8 +537,9 @@ krb4_logincont( ibuf, ibuflen, rbuf, rbu
extern char *crypt();
-static char clrtxtname[ 32 ];
+static char clrtxtname[MAXLOGNAME];
+int
clrtxt_login( ibuf, ibuflen, rbuf, rbuflen )
char *ibuf, *rbuf;
int ibuflen, *rbuflen;
@@ -536,17 +554,20 @@ clrtxt_login( ibuf, ibuflen, rbuf, rbufl
*rbuflen = 0;
len = *(unsigned char *)ibuf++;
- if ( len > 31 ) {
+ if ( len > (MAXLOGNAME-1)) {
+ syslog( LOG_INFO, "Username > %d characters. OpenBSD only supports max. %d character usernames.", MAXLOGNAME-1, MAXLOGNAME-1);
return( AFPERR_PARAM );
}
- bcopy( ibuf, clrtxtname, len );
+ memcpy( clrtxtname, ibuf, len );
ibuf += len;
clrtxtname[ len ] = '\0';
while ( len-- ) {
clrtxtname[ len ] = tolower( clrtxtname[ len ] );
}
username = clrtxtname;
- if (( pwd = getpwnam( clrtxtname )) == NULL ) {
+ if (( pwd = getpwnam(clrtxtname)) == NULL ) {
+ syslog(LOG_INFO,
+ "Username: %s not in password database: No login.", clrtxtname);
return( AFPERR_NOTAUTH );
}
@@ -594,13 +615,13 @@ afskrb_login( ibuf, ibuflen, rbuf, rbufl
CREDENTIALS cr;
char *p, *q;
int len, rc, whoserealm;
- short slen;
+ int16_t slen;
len = *ibuf++;
ibuf[ len ] = '\0';
- if (( p = index( ibuf, '@' )) != NULL ) {
+ if (( p = strchr( ibuf, '@' )) != NULL ) {
*p++ = '\0';
- strcpy( realm, p );
+ (void)strlcpy( realm, p, sizeof(realm) );
ucase( realm );
whoserealm = 0;
} else {
@@ -610,13 +631,13 @@ afskrb_login( ibuf, ibuflen, rbuf, rbufl
}
whoserealm = 1;
}
- if (( p = index( ibuf, '.' )) != NULL ) {
+ if (( p = strchr( ibuf, '.' )) != NULL ) {
*p++ = '\0';
- strcpy( instance, p );
+ (void)strlcpy( instance, p, sizeof(instance) );
} else {
*instance = '\0';
}
- strcpy( name, ibuf );
+ (void)strlcpy( name, ibuf, sizeof(name) );
/*
* We don't have the session key, yet. Get one.
*/
@@ -649,12 +670,12 @@ afskrb_login( ibuf, ibuflen, rbuf, rbufl
return( AFPERR_BADUAM );
}
- bcopy( cr.session, seskey, sizeof( C_Block ));
+ memcpy( seskey, cr.session, sizeof( C_Block ));
key_sched( seskey, seskeysched );
validseskey = 1;
username = name;
- bcopy( authent.dat, p, authent.length );
+ memcpy( p, authent.dat, authent.length );
p += authent.length;
}
@@ -677,13 +698,13 @@ afskrb_login( ibuf, ibuflen, rbuf, rbufl
q += 10;
len = strlen( realm );
- strcpy( p, realm );
+ (void)strlcpy( p, realm, sizeof(p) );
p += len + 1;
- bcopy( q, &slen, sizeof( short ));
- bcopy( &slen, p, sizeof( short ));
- p += sizeof( short );
- q += sizeof( short );
- bcopy( q, p, slen );
+ memcpy( &slen, q, sizeof( slen ));
+ memcpy( p, &slen, sizeof( p ));
+ p += sizeof( p );
+ q += sizeof( q );
+ memcpy( p, q, slen );
p += slen;
*rbuflen = p - rbuf;
@@ -700,13 +721,13 @@ afskrb_logincont( ibuf, ibuflen, rbuf, r
struct passwd *pwd;
char buf[ 1024 ], *p;
int aint;
- short clen;
+ int16_t clen;
*rbuflen = 0;
ibuf += 2;
- bcopy( ibuf, &clen, sizeof( short ));
+ memcpy( &clen, ibuf, sizeof( clen ));
clen = ntohs( clen );
- ibuf += sizeof( short );
+ ibuf += sizeof( clen );
pcbc_encrypt((C_Block *)ibuf, (C_Block *)ibuf,
clen, seskeysched, seskey, DECRYPT );
@@ -723,30 +744,30 @@ afskrb_logincont( ibuf, ibuflen, rbuf, r
}
p = buf;
- bcopy( &cr.ticket_st.length, p, sizeof( int ));
- p += sizeof( int );
- bcopy( cr.ticket_st.dat, p, cr.ticket_st.length );
+ memcpy( p, &cr.ticket_st.length, sizeof( p ));
+ p += sizeof( p );
+ memcpy( p, cr.ticket_st.dat, cr.ticket_st.length );
p += cr.ticket_st.length;
ct.AuthHandle = cr.kvno;
- bcopy( cr.session, ct.HandShakeKey, sizeof( cr.session ));
+ memcpy( ct.HandShakeKey, cr.session, sizeof( cr.session ));
ct.ViceId = 0;
ct.BeginTimestamp = cr.issue_date;
/* ct.EndTimestamp = cr.issue_date + ( cr.lifetime * 5 * 60 ); */
ct.EndTimestamp = krb_life_to_time( cr.issue_date, cr.lifetime );
aint = sizeof( struct ClearToken );
- bcopy( &aint, p, sizeof( int ));
- p += sizeof( int );
- bcopy( &ct, p, sizeof( struct ClearToken ));
+ memcpy( p, &aint, sizeof( p ));
+ p += sizeof( p );
+ memcpy( p, &ct, sizeof( struct ClearToken ));
p += sizeof( struct ClearToken );
aint = 0;
- bcopy( &aint, p, sizeof( int ));
- p += sizeof( int );
+ memcpy( p, &aint, sizeof( p ));
+ p += sizeof( p );
lcase( realm );
- strcpy( p, realm );
+ (void)strlcpy( p, realm, sizeof(p) );
p += strlen( realm ) + 1;
vi.in = buf;