diff options
author | Robert S. French <rfrench@mit.edu> | 1987-06-25 23:35:02 +0000 |
---|---|---|
committer | Robert S. French <rfrench@mit.edu> | 1987-06-25 23:35:02 +0000 |
commit | 2c8deb46a0f8da453f53e167a2e90f83fb50fd4c (patch) | |
tree | 05a4de0b5b0062d87d4563d3add5bb39af59d5e0 | |
parent | 6e0a23514dfcd08657ceae8aed4dd05d185acebc (diff) |
safety
-rw-r--r-- | lib/ZFmtAuth.c | 13 | ||||
-rw-r--r-- | lib/ZLocateU.c | 14 | ||||
-rw-r--r-- | lib/ZLocations.c | 39 | ||||
-rw-r--r-- | lib/ZOpenPort.c | 6 | ||||
-rw-r--r-- | lib/ZParseNot.c | 11 | ||||
-rw-r--r-- | lib/ZSendPkt.c | 7 |
6 files changed, 56 insertions, 34 deletions
diff --git a/lib/ZFmtAuth.c b/lib/ZFmtAuth.c index cd131fa..5849345 100644 --- a/lib/ZFmtAuth.c +++ b/lib/ZFmtAuth.c @@ -25,28 +25,25 @@ Code_t ZFormatAuthenticNotice(notice,buffer,buffer_len,len,session) { char *ptr; int result,retval,hdrlen; - AUTH_DAT dat; - KTEXT_ST authent; - ZChecksum_t our_checksum; CREDENTIALS cred; notice->z_auth = 1; notice->z_authent_len = 0; - notice->z_ascii_authent = (KTEXT)""; + notice->z_ascii_authent = (char *)""; if ((retval = Z_FormatRawHeader(notice,buffer,buffer_len,&hdrlen)) != ZERR_NONE) return (retval); - for (hdrlen--;buffer[hdrlen];hdrlen--) + for (hdrlen--;buffer[hdrlen-1];hdrlen--) ; - if (result = get_credentials(SERVER_SERVICE,SERVER_INSTANCE, +/* if (result = get_credentials(SERVER_SERVICE,SERVER_INSTANCE, __Zephyr_realm,&cred)) return (result+krb_err_base); - +*/ notice->z_checksum = (ZChecksum_t)quad_cksum(buffer,NULL,hdrlen,0, - cred.session); + session); if ((retval = Z_FormatRawHeader(notice,buffer,buffer_len,&hdrlen)) != ZERR_NONE) diff --git a/lib/ZLocateU.c b/lib/ZLocateU.c index b1e6e69..6f47a8d 100644 --- a/lib/ZLocateU.c +++ b/lib/ZLocateU.c @@ -45,14 +45,17 @@ Code_t ZLocateUser(user,nlocs) return (retval); if ((retval = ZIfNotice(buffer,sizeof buffer,&retnotice,&auth, - locate_pred,(char *)¬ice.z_uid)) != + Z_UIDpred,(char *)¬ice.z_uid)) != ZERR_NONE) return (retval); + if (retnotice.z_kind == SERVNAK) + return (ZERR_SERVNAK); + if (retnotice.z_kind != SERVACK) return (ZERR_INTERNAL); - end = retnotice.z_message+retnotice.z_message_len+1; + end = retnotice.z_message+retnotice.z_message_len; __locate_num = 0; @@ -77,10 +80,3 @@ Code_t ZLocateUser(user,nlocs) return (ZERR_NONE); } - -static int locate_pred(notice,uid) - ZNotice_t *notice; - ZUnique_Id_t *uid; -{ - return (ZCompareUID(uid,¬ice->z_uid)); -} diff --git a/lib/ZLocations.c b/lib/ZLocations.c index 670a61c..e9cc83c 100644 --- a/lib/ZLocations.c +++ b/lib/ZLocations.c @@ -16,18 +16,45 @@ #include <zephyr/zephyr_internal.h> +#include <pwd.h> +#include <sys/file.h> + Code_t ZSetLocation() { - ZNotice_t notice; - - notice.z_kind = UNACKED; + int retval,quiet; + ZNotice_t notice,retnotice; + ZPacket_t buffer; + char bfr[BUFSIZ]; + struct passwd *pw; + + quiet = 0; + if (pw = getpwuid(getuid())) { + sprintf(bfr,"%s/.hideme",pw->pw_dir); + quiet = !access(bfr,F_OK); + } + + notice.z_kind = ACKED; notice.z_port = 0; notice.z_class = LOGIN_CLASS; - notice.z_class_inst = (char *)Z_GetSender(); - notice.z_opcode = LOGIN_USER_LOGIN; + notice.z_class_inst = ZGetSender(); + notice.z_opcode = quiet?LOGIN_QUIET_LOGIN:LOGIN_USER_LOGIN; notice.z_sender = 0; notice.z_recipient = ""; notice.z_message_len = 0; - return (ZSendNotice(¬ice,1)); + if ((retval = ZSendNotice(¬ice,1)) != ZERR_NONE) + return (retval); + + if ((retval = ZIfNotice(buffer,sizeof buffer,&retnotice,0, + Z_UIDpred,(char *)¬ice.z_uid)) != + ZERR_NONE) + return (retval); + + if (retnotice.z_kind == SERVNAK) + return (ZERR_SERVNAK); + + if (retnotice.z_kind != SERVACK) + return (ZERR_INTERNAL); + + return (ZERR_NONE); } diff --git a/lib/ZOpenPort.c b/lib/ZOpenPort.c index 46ae4af..9374b78 100644 --- a/lib/ZOpenPort.c +++ b/lib/ZOpenPort.c @@ -33,7 +33,7 @@ Code_t ZOpenPort(port) bindin.sin_family = AF_INET; if (port && *port) - bindin.sin_port = htons(*port); + bindin.sin_port = *port; else bindin.sin_port = htons(((getpid()*8)&0xfff)+ ((random()>>4)&0xf)+1024); @@ -55,11 +55,11 @@ Code_t ZOpenPort(port) } } while (retval < 0 && port); - __Zephyr_port = ntohs(bindin.sin_port); + __Zephyr_port = bindin.sin_port; __Zephyr_open = 1; if (port) - *port = ntohs(bindin.sin_port); + *port = bindin.sin_port; return (ZERR_NONE); } diff --git a/lib/ZParseNot.c b/lib/ZParseNot.c index 3dfd657..2f74fd4 100644 --- a/lib/ZParseNot.c +++ b/lib/ZParseNot.c @@ -23,7 +23,7 @@ Code_t ZParseNotice(buffer,len,notice,auth,from) int *auth; struct sockaddr_in *from; { - char *ptr,*cksum; + char *ptr,*cksum,srcprincipal[ANAME_SZ+INST_SZ+REALM_SZ+4]; int result; unsigned int temp[3]; AUTH_DAT dat; @@ -107,16 +107,17 @@ Code_t ZParseNotice(buffer,len,notice,auth,from) &dat,SERVER_SRVTAB); bcopy(dat.session,__Zephyr_session,sizeof(C_Block)); *auth = (result == RD_AP_OK); + sprintf(srcprincipal,"%s%s%s@%s",dat.pname, + dat.pinst[0]?".":"",dat.pinst,dat.prealm); + if (strcmp(srcprincipal,notice->z_sender)) + *auth = 0; return (ZERR_NONE); } if (result = get_credentials(SERVER_SERVICE,SERVER_INSTANCE, - __Zephyr_realm,&cred)) + __Zephyr_realm,&cred)) return (result+krb_err_base); -/* if (result = key_sched(cred.session,sess_sched)) - return (result+krb_err_base); -*/ our_checksum = (ZChecksum_t)quad_cksum(buffer,NULL,cksum-buffer,0, cred.session); diff --git a/lib/ZSendPkt.c b/lib/ZSendPkt.c index bfc6bc8..58b630c 100644 --- a/lib/ZSendPkt.c +++ b/lib/ZSendPkt.c @@ -45,13 +45,14 @@ Code_t ZSendPacket(packet,len) ZParseNotice(packet,len,¬ice,0,0); if (notice.z_kind == UNSAFE || notice.z_kind == HMACK || - notice.z_kind == SERVACK || __HM_set) + notice.z_kind == SERVACK || notice.z_kind == CLIENTACK || + __Zephyr_server || __HM_set) return (ZERR_NONE); tv.tv_sec = 0; - tv.tv_usec = 400000; + tv.tv_usec = 500000; - for (i=0;i<12;i++) { + for (i=0;i<HM_TIMEOUT*2;i++) { select(0,&t1,&t2,&t3,&tv); retval = ZCheckIfNotice(ackpack,sizeof ackpack,¬ice, &auth,findack,(char *)¬ice.z_uid); |