From 8f5090c8ca7a221236dade2f2061e616d9142d1c Mon Sep 17 00:00:00 2001 From: Artur Grabowski Date: Wed, 18 Feb 1998 13:30:19 +0000 Subject: a new kpropd. from kth-krb.0.9.8 --- kerberosIV/kpropd/kpropd.c | 687 +++++++++++++++++++-------------------------- 1 file changed, 294 insertions(+), 393 deletions(-) diff --git a/kerberosIV/kpropd/kpropd.c b/kerberosIV/kpropd/kpropd.c index df5edd45bee..c202f17e4b3 100644 --- a/kerberosIV/kpropd/kpropd.c +++ b/kerberosIV/kpropd/kpropd.c @@ -1,442 +1,343 @@ -/* $OpenBSD: kpropd.c,v 1.5 1998/02/18 11:53:59 art Exp $ */ +/* $OpenBSD: kpropd.c,v 1.6 1998/02/18 13:30:18 art Exp $ */ +/* $KTH: kpropd.c,v 2.24 1997/12/05 01:34:57 assar Exp $ */ /* - * This software may now be redistributed outside the US. + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ +#include +#include +#include +#include +#include -/*- - * Copyright (C) 1987 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ +#include +#include -/* - * This program is run on slave servers, to catch updates "pushed" - * from the master kerberos server in a realm. - */ +#include +#include +#include +#include +#include +#include -#include -#include -#include +#include +#include +#include +#include +#include -static char *kdb_util_path = "kdb_util"; -static char kprop_version[KPROP_PROT_VERSION_LEN] = KPROP_PROT_VERSION; +#include +#include +#include +#include +#include -int debug = 0; +#include -char *logfile = K_LOGFIL; +#include "kprop.h" -char errmsg[256]; -int pause_int = 300; /* 5 minutes in seconds */ +#ifndef SBINDIR +#define SBINDIR "/usr/sbin" +#endif -static char buf[KPROP_BUFSIZ+64 /* leave room for private msg overhead */]; +struct sockaddr_in master, slave; -static void -SlowDeath(void) -{ - klog(L_KRB_PERR, "kpropd will pause before dying so as not to loop init"); - sleep(pause_int); - klog(L_KRB_PERR, "AAAAAHHHHhhhh...."); - exit(1); -} +char *database = DBM_FILE; -static void -usage(void) -{ - fprintf(stderr, "\nUsage: kpropd [-r realm] [-s srvtab] [-l logfile] fname\n\n"); - SlowDeath(); -} +char *lockfile = DB_DIR "/slave_propagation"; -static void -recv_auth (int in, int out, int private, struct sockaddr_in *remote, struct sockaddr_in *local, AUTH_DAT *ad) -{ - u_long length; - long kerror; - int n; - MSG_DAT msg_data; - des_key_schedule session_sched; - - if (private) -#ifdef NOENCRYPTION - bzero((char *)session_sched, sizeof(session_sched)); -#else - if (des_key_sched (&ad->session, session_sched)) { - klog (L_KRB_PERR, "kpropd: can't make key schedule"); - SlowDeath(); - } -#endif +char *logfile = K_LOGFIL; - while (1) { - n = krb_net_read (in, (char *)&length, sizeof length); - if (n == 0) break; - if (n < 0) { - snprintf (errmsg, sizeof(errmsg), "kpropd: read: %s", strerror(errno)); - klog (L_KRB_PERR, errmsg); - SlowDeath(); - } - length = ntohl (length); - if (length > sizeof buf) { - snprintf (errmsg, sizeof(errmsg), - "kpropd: read length %ld, bigger than buf %d", - length, (int)(sizeof(buf))); - klog (L_KRB_PERR, errmsg); - SlowDeath(); - } - n = krb_net_read(in, buf, length); - if (n < 0) { - snprintf(errmsg, sizeof(errmsg), "kpropd: read: %s", strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); - } - if (private) - kerror = krb_rd_priv (buf, n, session_sched, &ad->session, - remote, local, &msg_data); - else - kerror = krb_rd_safe (buf, n, &ad->session, - remote, local, &msg_data); - if (kerror != KSUCCESS) { - snprintf (errmsg, sizeof(errmsg), "kpropd: %s: %s", - private ? "krb_rd_priv" : "krb_rd_safe", - krb_err_txt[kerror]); - klog (L_KRB_PERR, errmsg); - SlowDeath(); - } - if (write(out, msg_data.app_data, msg_data.app_length) != - msg_data.app_length) { - snprintf(errmsg, sizeof(errmsg), "kpropd: write: %s", strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); - } - } -} +char *kdb_util = SBINDIR "/kdb_util"; -static void -recv_clear (int in, int out) +char *kdb_util_command = "load"; + +char *srvtab = ""; + +char realm[REALM_SZ]; + +static +int +copy_data(int from, int to, des_cblock *session, des_key_schedule schedule) { - int n; - - while (1) { - n = read (in, buf, sizeof buf); - if (n == 0) break; - if (n < 0) { - snprintf (errmsg, sizeof(errmsg), "kpropd: read: %s", strerror(errno)); - klog (L_KRB_PERR, errmsg); - SlowDeath(); - } - if (write(out, buf, n) != n) { - snprintf(errmsg, sizeof(errmsg), "kpropd: write: %s", strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); + unsigned char tmp[4]; + char buf[KPROP_BUFSIZ + 26]; + u_int32_t length; + int n; + + int kerr; + MSG_DAT m; + + while(1){ + n = krb_net_read(from, tmp, 4); + if(n == 0) + break; + if(n < 0){ + klog(L_KRB_PERR, "krb_net_read: %s", strerror(errno)); + return -1; + } + if(n != 4){ + klog(L_KRB_PERR, "Premature end of data"); + return -1; + } + length = (tmp[0] << 24) | (tmp[1] << 16) | (tmp[2] << 8) | tmp[3]; + if(length > sizeof(buf)){ + klog(L_KRB_PERR, "Giant packet received: %d", length); + return -1; + } + if(krb_net_read(from, buf, length) != length){ + klog(L_KRB_PERR, "Premature end of data"); + return -1; + } + kerr = krb_rd_priv (buf, length, schedule, session, &master, &slave, &m); + if(kerr != KSUCCESS){ + klog(L_KRB_PERR, "Kerberos error: %s", krb_get_err_text(kerr)); + return -1; + } + write(to, m.app_data, m.app_length); } - } + return 0; } + +static int -main(int argc, char **argv) +kprop(int s) { - struct sockaddr_in from; - struct sockaddr_in sin; - struct servent *sp; - int s, s2, fd, n, fdlock; - int from_len; - char local_file[256]; - char local_temp[256]; - struct hostent *hp; - char *dot, admin[MAXHOSTNAMELEN]; - char hostname[MAXHOSTNAMELEN]; - char from_str[128]; - long kerror; - AUTH_DAT auth_dat; - KTEXT_ST ticket; - char my_instance[INST_SZ]; - char my_realm[REALM_SZ]; - char cmd[1024]; - short net_transfer_mode, transfer_mode; - des_key_schedule session_sched; - char version[9]; - int c; - extern char *optarg; - extern int optind; - int rflag = 0; - char *srvtab = ""; - char *local_db = DBM_FILE; - - if (argv[argc - 1][0] == 'k' && isdigit(argv[argc - 1][1])) { - argc--; /* ttys file hack */ - } - while ((c = getopt(argc, argv, "r:s:d:l:p:P:")) != -1) { - switch(c) { - case 'r': - rflag++; - strcpy(my_realm, optarg); - break; - case 's': - srvtab = optarg; - break; - case 'd': - local_db = optarg; - break; - case 'l': - logfile = optarg; - break; - case 'p': - case 'P': - kdb_util_path = optarg; - break; - default: - usage(); - break; - } - } - if (optind != argc-1) - usage(); - - kset_logfile(logfile); - - klog(L_KRB_PERR, "\n\n***** kpropd started *****"); - - strcpy(local_file, argv[optind]); - strcat(strcpy(local_temp, argv[optind]), ".tmp"); - - if ((sp = getservbyname("krb_prop", "tcp")) == NULL) { - klog(L_KRB_PERR, "kpropd: tcp/krb_prop: unknown service."); - SlowDeath(); - } - bzero((char *)&sin, sizeof(sin)); - sin.sin_port = sp->s_port; - sin.sin_family = AF_INET; - - if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - snprintf(errmsg, sizeof(errmsg), "kpropd: socket: %s", strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); - } - if (bind(s, (struct sockaddr*)&sin, sizeof sin) < 0) { - snprintf(errmsg, sizeof(errmsg), "kpropd: bind: %s", strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); - } - - if (!rflag) { - kerror = krb_get_lrealm(my_realm,1); - if (kerror != KSUCCESS) { - snprintf(errmsg, sizeof(errmsg), "kpropd: Can't get local realm. %s", - krb_err_txt[kerror]); - klog (L_KRB_PERR, errmsg); - SlowDeath(); - } - } - - /* Responder uses KPROP_SERVICE_NAME.'hostname' and requestor always - uses KPROP_SERVICE_NAME.KRB_MASTER (rcmd.kerberos) */ - strcpy(my_instance, "*"); + char buf[128]; + int n; + KTEXT_ST ticket; + AUTH_DAT ad; + char sinst[INST_SZ]; + char command[1024]; + des_key_schedule schedule; + int mode; + int kerr; + int lock; - klog(L_KRB_PERR, "Established socket"); - - listen(s, 5); - for (;;) { - from_len = sizeof from; - if ((s2 = accept(s, (struct sockaddr *) &from, &from_len)) < 0) { - snprintf(errmsg, sizeof(errmsg), "kpropd: accept: %s", strerror(errno)); - klog(L_KRB_PERR, errmsg); - continue; + n = sizeof(master); + if(getpeername(s, (struct sockaddr*)&master, &n) < 0){ + klog(L_KRB_PERR, "getpeername: %s", strerror(errno)); + return 1; } - strcpy(from_str, inet_ntoa(from.sin_addr)); - - if ((hp = gethostbyaddr((char*)&(from.sin_addr.s_addr), from_len, AF_INET)) == NULL) { - strcpy(hostname, "UNKNOWN"); - } else { - strcpy(hostname, hp->h_name); + + n = sizeof(slave); + if(getsockname(s, (struct sockaddr*)&slave, &n) < 0){ + klog(L_KRB_PERR, "getsockname: %s", strerror(errno)); + return 1; } - snprintf(errmsg, sizeof(errmsg), "Connection from %s, %s", hostname, - from_str); - klog(L_KRB_PERR, errmsg); + klog(L_KRB_PERR, "Connection from %s", inet_ntoa(master.sin_addr)); - /* for krb_rd_{priv, safe} */ - n = sizeof sin; - if (getsockname (s2, (struct sockaddr *) &sin, &n) != 0) { - fprintf (stderr, "kpropd: can't get socketname.\n"); - perror ("getsockname"); - SlowDeath(); + n = krb_net_read(s, buf, KPROP_PROT_VERSION_LEN + 2); + if(n < KPROP_PROT_VERSION_LEN + 2){ + klog(L_KRB_PERR, "Premature end of data"); + return 1; } - if (n != sizeof (sin)) { - fprintf (stderr, "kpropd: can't get socketname. len"); - SlowDeath(); + if(memcmp(buf, KPROP_PROT_VERSION, KPROP_PROT_VERSION_LEN) != 0){ + klog(L_KRB_PERR, "Bad protocol version string received"); + return 1; } - - if ((fdlock = open(local_temp, O_WRONLY | O_CREAT, 0600)) < 0) { - snprintf(errmsg, sizeof(errmsg), "kpropd: open: %s", strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); + mode = (buf[n-2] << 8) | buf[n-1]; + if(mode != KPROP_TRANSFER_PRIVATE){ + klog(L_KRB_PERR, "Bad transfer mode received: %d", mode); + return 1; } - if (flock(fdlock, LOCK_EX | LOCK_NB)) { - snprintf(errmsg, sizeof(errmsg), "kpropd: flock: %s", strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); + k_getsockinst(s, sinst, sizeof(sinst)); + kerr = krb_recvauth(KOPT_DO_MUTUAL, s, &ticket, + KPROP_SERVICE_NAME, sinst, + &master, &slave, + &ad, srvtab, schedule, + buf); + if(kerr != KSUCCESS){ + klog(L_KRB_PERR, "Kerberos error: %s", krb_get_err_text(kerr)); + return 1; } - if ((fd = creat(local_temp, 0600)) < 0) { - snprintf(errmsg, sizeof(errmsg), "kpropd: creat: %s", strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); + + if(strcmp(ad.pname, KPROP_SERVICE_NAME) || +#if 0 + strcmp(ad.pinst, /* XXX remote host */) || +#else + strcmp(ad.pinst, KRB_MASTER) || +#endif + strcmp(ad.prealm, realm)){ + klog(L_KRB_PERR, "Connection from unauthorized client: %s", + krb_unparse_name_long(ad.pname, ad.pinst, ad.prealm)); + return 1; } - if ((n = read (s2, buf, sizeof (kprop_version))) - != sizeof (kprop_version)) { - klog (L_KRB_PERR, "kpropd: can't read kprop protocol version str."); - SlowDeath(); + + des_set_key(&ad.session, schedule); + + lock = open(lockfile, O_WRONLY|O_CREAT, 0600); + if(lock < 0){ + klog(L_KRB_PERR, "Failed to open file: %s", strerror(errno)); + return 1; + } + if(flock(lock, K_LOCK_EX | K_LOCK_NB)){ + close(lock); + klog(L_KRB_PERR, "Failed to lock file: %s", strerror(errno)); + return 1; } - if (strncmp (buf, kprop_version, sizeof (kprop_version)) - != 0) { - snprintf (errmsg, sizeof(errmsg), "kpropd: unsupported version %s", buf); - klog (L_KRB_PERR, errmsg); - SlowDeath(); + + if(ftruncate(lock, 0) < 0){ + close(lock); + klog(L_KRB_PERR, "Failed to lock file: %s", strerror(errno)); + return 1; } - if ((n = read (s2, &net_transfer_mode, sizeof (net_transfer_mode))) - != sizeof (net_transfer_mode)) { - klog (L_KRB_PERR, "kpropd: can't read transfer mode."); - SlowDeath(); + if(copy_data(s, lock, &ad.session, schedule)){ + close(lock); + return 1; } - transfer_mode = ntohs (net_transfer_mode); - kerror = krb_recvauth(KOPT_DO_MUTUAL, s2, &ticket, - KPROP_SERVICE_NAME, - my_instance, - &from, - &sin, - &auth_dat, - srvtab, - session_sched, - version); - if (kerror != KSUCCESS) { - snprintf (errmsg, sizeof(errmsg), "kpropd: %s: Calling getkdata", - krb_err_txt[kerror]); - klog (L_KRB_PERR, errmsg); - SlowDeath(); + close(lock); + snprintf(command, sizeof(command), + "%s %s %s %s", kdb_util, kdb_util_command, + lockfile, database); + if(system(command) == 0){ + klog(L_KRB_PERR, "Propagation finished successfully"); + return 0; } - - snprintf (errmsg, sizeof(errmsg), "kpropd: Connection from %s.%s@%s", - auth_dat.pname, auth_dat.pinst, auth_dat.prealm); - klog (L_KRB_PERR, errmsg); - - /* AUTHORIZATION is done here. We might want to expand this to - * read an acl file at some point, but allowing for now - * KPROP_SERVICE_NAME.KRB_MASTER@local-realm is fine ... */ - if (krb_get_admhst(admin, my_realm, 1) != KSUCCESS) { - klog (L_KRB_PERR, "Unable to get admin host"); - SlowDeath(); + klog(L_KRB_PERR, "*** Propagation failed ***"); + return 1; +} + +static int +doit(void) +{ + return kprop(0); +} + +static int +doit_interactive(void) +{ + struct sockaddr_in sa; + int salen; + int s, s2; + int ret; + + s = socket(AF_INET, SOCK_STREAM, 0); + if(s < 0){ + klog(L_KRB_PERR, "socket: %s", strerror(errno)); + return 1; } - if ((dot = strchr(admin, '.')) != NULL) - *dot = '\0'; - - if ((strcmp (KPROP_SERVICE_NAME, auth_dat.pname) != 0) || - (strcmp (admin, auth_dat.pinst) != 0) || - (strcmp (my_realm, auth_dat.prealm) != 0)) { - klog (L_KRB_PERR, "Authorization denied!"); - SlowDeath(); + memset(&sa, 0, sizeof(sa)); + sa.sin_family = AF_INET; + sa.sin_port = k_getportbyname ("krb_prop", "tcp", htons(KPROP_PORT)); + ret = bind(s, (struct sockaddr*)&sa, sizeof(sa)); + if (ret < 0) { + klog(L_KRB_PERR, "bind: %s", strerror(errno)); + return 1; } - - switch (transfer_mode) { - case KPROP_TRANSFER_PRIVATE: - recv_auth (s2, fd, 1 /* private */, &from, &sin, &auth_dat); - break; - case KPROP_TRANSFER_SAFE: - recv_auth (s2, fd, 0 /* safe */, &from, &sin, &auth_dat); - break; - case KPROP_TRANSFER_CLEAR: - recv_clear (s2, fd); - break; - default: - snprintf (errmsg, sizeof(errmsg), "kpropd: bad transfer mode %d", - transfer_mode); - klog (L_KRB_PERR, errmsg); - SlowDeath(); + ret = listen(s, SOMAXCONN); + if (ret < 0) { + klog(L_KRB_PERR, "listen: %s", strerror(errno)); + return 1; } - - if (transfer_mode != KPROP_TRANSFER_PRIVATE) { - klog(L_KRB_PERR, "kpropd: non-private transfers not supported\n"); - SlowDeath(); -#ifdef doesnt_work_yet - lseek(fd, (long) 0, L_SET); - if (auth_dat.checksum != get_data_checksum (fd, session_sched)) { - klog(L_KRB_PERR, "kpropd: checksum doesn't match"); - SlowDeath(); - } -#endif - } else - - { - struct stat st; - fstat(fd, &st); - if (st.st_size != auth_dat.checksum) { - klog(L_KRB_PERR, "kpropd: length doesn't match"); - SlowDeath(); + for(;;) { + salen = sizeof(sa); + s2 = accept(s, (struct sockaddr*)&sa, &salen); + switch(fork()){ + case -1: + klog(L_KRB_PERR, "fork: %s", strerror(errno)); + return 1; + case 0: + close(s); + kprop(s2); + return 1; + default: { + int status; + close(s2); + wait(&status); + } } - } - close(fd); - close(s2); - klog(L_KRB_PERR, "File received."); - - if (rename(local_temp, local_file) < 0) { - snprintf(errmsg, sizeof(errmsg), "kpropd: rename: %s", strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); } - klog(L_KRB_PERR, "Temp file renamed to %s", local_file); +} - if (flock(fdlock, LOCK_UN)) { - snprintf(errmsg, sizeof(errmsg), "kpropd: flock (unlock): %s", - strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); - } - close(fdlock); - snprintf(cmd, sizeof(cmd), "%s load %s %s\n", kdb_util_path, local_file, - local_db); - if (system (cmd) != 0) { - klog (L_KRB_PERR, "Couldn't load database"); - SlowDeath(); - } - } +static void +usage (void) +{ + fprintf (stderr, + "Usage: kpropd [-i] [-d database] [-l log] [-m] [-[p|P] program]" + " [-r realm] [-s srvtab]\n"); + exit (1); } -#ifdef doesnt_work_yet -unsigned long get_data_checksum(fd, key_sched) - int fd; - des_key_schedule key_sched; +int +main(int argc, char **argv) { - unsigned long cksum = 0; - unsigned long cbc_cksum(); - int n; - char buf[BUFSIZ]; - char obuf[8]; - - while (n = read(fd, buf, sizeof buf)) { - if (n < 0) { - snprintf(errmsg, sizeof(errmsg), "kpropd: read (in checksum test): %s", - strerror(errno)); - klog(L_KRB_PERR, errmsg); - SlowDeath(); + int opt; + int interactive = 0; + + krb_get_lrealm(realm, 1); + + while((opt = getopt(argc, argv, ":d:l:mp:P:r:s:i")) >= 0){ + switch(opt){ + case 'd': + database = optarg; + break; + case 'l': + logfile = optarg; + break; + case 'm': + kdb_util_command = "merge"; + break; + case 'p': + case 'P': + kdb_util = optarg; + break; + case 'r': + strncpy(realm, optarg, sizeof(realm)); + break; + case 's': + srvtab = optarg; + break; + case 'i': + interactive = 1; + break; + default: + klog(L_KRB_PERR, "Bad option: -%c", optopt); + usage (); + exit(1); + } } -#ifndef NOENCRYPTION - cksum += des_cbc_cksum(buf, obuf, n, key_sched, key_sched); -#endif - } - return cksum; + kset_logfile(logfile); + if (interactive) + return doit_interactive (); + else + return doit (); } -#endif -- cgit v1.2.3