summaryrefslogtreecommitdiff
path: root/kerberosIV/kadmind/kadm_ser_wrap.c
diff options
context:
space:
mode:
Diffstat (limited to 'kerberosIV/kadmind/kadm_ser_wrap.c')
-rw-r--r--kerberosIV/kadmind/kadm_ser_wrap.c122
1 files changed, 74 insertions, 48 deletions
diff --git a/kerberosIV/kadmind/kadm_ser_wrap.c b/kerberosIV/kadmind/kadm_ser_wrap.c
index 2f3f35e810d..62064699dc8 100644
--- a/kerberosIV/kadmind/kadm_ser_wrap.c
+++ b/kerberosIV/kadmind/kadm_ser_wrap.c
@@ -1,7 +1,8 @@
-/* $Id: kadm_ser_wrap.c,v 1.4 1997/02/19 09:03:42 tholo Exp $ */
+/* $OpenBSD: kadm_ser_wrap.c,v 1.5 1997/12/15 17:56:22 art Exp $ */
+/* $KTH: kadm_ser_wrap.c,v 1.21 1997/12/05 01:27:29 assar Exp $ */
-/*-
- * Copyright (C) 1989 by the Massachusetts Institute of Technology
+/*
+ * Copyright (C) 1989 by the Massachusetts Institute of Technology
*
* Export of this software from the United States of America is assumed
* to require a specific license from the United States Government.
@@ -18,6 +19,7 @@
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
+ *
*/
/*
@@ -25,49 +27,50 @@
*/
/*
-kadm_ser_wrap.c
-unwraps wrapped packets and calls the appropriate server subroutine
-*/
+ * kadm_ser_wrap.c
+ * unwraps wrapped packets and calls the appropriate server subroutine
+ */
-#include <kadm_locl.h>
-#include <sys/param.h>
+#include "kadm_locl.h"
/* GLOBAL */
Kadm_Server server_parm;
/*
-kadm_ser_init
-set up the server_parm structure
-*/
+ * kadm_ser_init
+ * set up the server_parm structure
+ */
int
kadm_ser_init(int inter, char *realm)
/* interactive or from file */
{
- struct servent *sep;
struct hostent *hp;
char hostname[MAXHOSTNAMELEN];
- (void) init_kadm_err_tbl();
- (void) init_krb_err_tbl();
+ init_kadm_err_tbl();
+ init_krb_err_tbl();
if (gethostname(hostname, sizeof(hostname)))
return KADM_NO_HOSTNAME;
- (void) strcpy(server_parm.sname, PWSERV_NAME);
- (void) strcpy(server_parm.sinst, KADM_SINST);
- (void) strcpy(server_parm.krbrlm, realm);
+ strncpy(server_parm.sname, PWSERV_NAME, ANAME_SZ - 1);
+ server_parm.sname[ANAME_SZ - 1] = '\0';
+ strncpy(server_parm.sinst, KRB_MASTER, INST_SZ - 1);
+ server_parm.sinst[INST_SZ - 1] = '\0';
+ strncpy(server_parm.krbrlm, realm, REALM_SZ - 1);
+ server_parm.krbrlm[REALM_SZ - 1] = '\0';
server_parm.admin_fd = -1;
- /* setting up the addrs */
- if ((sep = getservbyname(KADM_SNAME, "tcp")) == NULL)
- return KADM_NO_SERV;
- bzero((char *)&server_parm.admin_addr,sizeof(server_parm.admin_addr));
+ /* setting up the addrs */
+ memset(&server_parm.admin_addr,0, sizeof(server_parm.admin_addr));
+
+ server_parm.admin_addr.sin_port = k_getportbyname (KADM_SNAME,
+ "tcp",
+ htons(751));
server_parm.admin_addr.sin_family = AF_INET;
if ((hp = gethostbyname(hostname)) == NULL)
return KADM_NO_HOSTNAME;
- bcopy(hp->h_addr, (char *) &server_parm.admin_addr.sin_addr.s_addr,
- hp->h_length);
- server_parm.admin_addr.sin_port = sep->s_port;
+ server_parm.admin_addr.sin_addr.s_addr = INADDR_ANY;
/* setting up the database */
if (kdb_get_master_key((inter==1), &server_parm.master_key,
server_parm.master_key_schedule) != 0)
@@ -84,20 +87,23 @@ static void errpkt(u_char **dat, int *dat_len, int code)
u_int32_t retcode;
char *pdat;
- free((char *)*dat); /* free up req */
+ free(*dat); /* free up req */
*dat_len = KADM_VERSIZE + sizeof(u_int32_t);
*dat = (u_char *) malloc((unsigned)*dat_len);
+ if (dat == NULL)
+ return;
pdat = (char *) *dat;
retcode = htonl((u_int32_t) code);
- (void) strncpy(pdat, KADM_ULOSE, KADM_VERSIZE);
- bcopy((char *)&retcode, &pdat[KADM_VERSIZE], sizeof(u_int32_t));
+ strncpy(pdat, KADM_ULOSE, KADM_VERSIZE);
+ memcpy(&pdat[KADM_VERSIZE], &retcode, sizeof(u_int32_t));
return;
}
/*
-kadm_ser_in
-unwrap the data stored in dat, process, and return it.
-*/
+ * kadm_ser_in
+ * unwrap the data stored in dat, process, and return it.
+ */
+
int
kadm_ser_in(u_char **dat, int *dat_len)
{
@@ -123,17 +129,18 @@ kadm_ser_in(u_char **dat, int *dat_len)
return KADM_LENGTH_ERROR;
in_len += retc;
authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(u_int32_t);
- bcopy((char *)(*dat) + in_len, (char *)authent.dat, authent.length);
+ authent.length = MIN( authent.length, MAX_KTXT_LEN );
+ memcpy(authent.dat, (char *)(*dat) + in_len, authent.length);
authent.mbz = 0;
/* service key should be set before here */
if ((retc = krb_rd_req(&authent, server_parm.sname, server_parm.sinst,
- server_parm.recv_addr.sin_addr.s_addr, &ad, (char *)0)))
+ server_parm.recv_addr.sin_addr.s_addr, &ad, NULL)))
{
errpkt(dat, dat_len,retc + krb_err_base);
return retc + krb_err_base;
}
-#define clr_cli_secrets() {bzero((char *)sess_sched, sizeof(sess_sched)); bzero((char *)ad.session, sizeof(ad.session));}
+#define clr_cli_secrets() {memset(sess_sched, 0, sizeof(sess_sched)); memset(ad.session, 0,sizeof(ad.session));}
in_st = *dat + *dat_len - r_len;
#ifdef NOENCRYPTION
@@ -147,7 +154,7 @@ kadm_ser_in(u_char **dat, int *dat_len)
return KADM_BAD_CHK;
}
#ifdef NOENCRYPTION
- bzero(sess_sched, sizeof(sess_sched));
+ memset(sess_sched, 0, sizeof(sess_sched));
#else
des_key_sched(&ad.session, sess_sched);
#endif
@@ -160,20 +167,24 @@ kadm_ser_in(u_char **dat, int *dat_len)
}
switch (msg_st.app_data[0]) {
case CHANGE_PW:
- retval = kadm_ser_cpw(msg_st.app_data+1,(int) msg_st.app_length,&ad,
- &retdat, &retlen);
+ retval = kadm_ser_cpw(msg_st.app_data+1,(int) msg_st.app_length - 1,
+ &ad, &retdat, &retlen);
break;
case ADD_ENT:
- retval = kadm_ser_add(msg_st.app_data+1,(int) msg_st.app_length,&ad,
- &retdat, &retlen);
+ retval = kadm_ser_add(msg_st.app_data+1,(int) msg_st.app_length - 1,
+ &ad, &retdat, &retlen);
break;
case GET_ENT:
- retval = kadm_ser_get(msg_st.app_data+1,(int) msg_st.app_length,&ad,
- &retdat, &retlen);
+ retval = kadm_ser_get(msg_st.app_data+1,(int) msg_st.app_length - 1,
+ &ad, &retdat, &retlen);
break;
case MOD_ENT:
- retval = kadm_ser_mod(msg_st.app_data+1,(int) msg_st.app_length,&ad,
- &retdat, &retlen);
+ retval = kadm_ser_mod(msg_st.app_data+1,(int) msg_st.app_length - 1,
+ &ad, &retdat, &retlen);
+ break;
+ case DEL_ENT:
+ retval = kadm_ser_delete(msg_st.app_data + 1, msg_st.app_length - 1,
+ &ad, &retdat, &retlen);
break;
default:
clr_cli_secrets();
@@ -181,20 +192,35 @@ kadm_ser_in(u_char **dat, int *dat_len)
return KADM_NO_OPCODE;
}
/* Now seal the response back into a priv msg */
- free((char *)*dat);
+ free(*dat);
+ *dat = NULL;
+
tmpdat = (u_char *) malloc((unsigned)(retlen + KADM_VERSIZE +
sizeof(u_int32_t)));
- (void) strncpy((char *)tmpdat, KADM_VERSTR, KADM_VERSIZE);
+ if (tmpdat == NULL) {
+ clr_cli_secrets();
+ return KADM_NOMEM;
+ }
+
+ strncpy((char *)tmpdat, KADM_VERSTR, KADM_VERSIZE);
retval = htonl((u_int32_t)retval);
- bcopy((char *)&retval, (char *)tmpdat + KADM_VERSIZE, sizeof(u_int32_t));
+ memcpy((char *)tmpdat + KADM_VERSIZE, &retval, sizeof(u_int32_t));
if (retlen) {
- bcopy((char *)retdat, (char *)tmpdat + KADM_VERSIZE + sizeof(u_int32_t),
- retlen);
- free((char *)retdat);
+ memcpy((char *)tmpdat + KADM_VERSIZE + sizeof(u_int32_t), retdat,
+ retlen);
+ free(retdat);
+ retdat = NULL;
}
/* slop for mk_priv stuff */
*dat = (u_char *) malloc((unsigned) (retlen + KADM_VERSIZE +
sizeof(u_int32_t) + 200));
+ if (*dat == NULL) {
+ free(tmpdat);
+ tmpdat = NULL;
+ clr_cli_secrets();
+ return KADM_NOMEM;
+ }
+
if ((*dat_len = krb_mk_priv(tmpdat, *dat,
(u_int32_t) (retlen + KADM_VERSIZE +
sizeof(u_int32_t)),
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-05 23:32:08 +0000