Net2/usr/src/lib/librpc/secure_rpc/keyserv/keyenvoy.c
#ifndef lint
static char sccsid[] = "@(#)keyenvoy.c 2.2 88/08/10 4.0 RPCSRC";
#endif
/*
* Sun RPC is a product of Sun Microsystems, Inc. and is provided for
* unrestricted use provided that this legend is included on all tape
* media and as a part of the software program in whole or part. Users
* may copy or modify Sun RPC without charge, but are not authorized
* to license or distribute it to anyone else except as part of a product or
* program developed by the user.
*
* SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
* WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
* PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
*
* Sun RPC is provided with no support and without any obligation on the
* part of Sun Microsystems, Inc. to assist in its use, correction,
* modification or enhancement.
*
* SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
* INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
* OR ANY PART THEREOF.
*
* In no event will Sun Microsystems, Inc. be liable for any lost revenue
* or profits or other special, indirect and consequential damages, even if
* Sun has been advised of the possibility of such damages.
*
* Sun Microsystems, Inc.
* 2550 Garcia Avenue
* Mountain View, California 94043
*/
/*
* Copyright (C) 1986, Sun Microsystems, Inc.
*/
#include <stdio.h>
#include <rpc/rpc.h>
#include <rpc/key_prot.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/time.h>
#include <fcntl.h>
/*
* Talk to the keyserver on a privileged port on the part of a calling program.
*
* Protocol is for caller to send through stdin the procedure number
* to call followed by the argument data. We call the keyserver, and
* send the results back to the caller through stdout.
* Non-zero exit status means something went wrong.
*/
#ifndef DEBUG
#define debug(msg)
#endif
#define TOTAL_TIMEOUT 30 /* total timeout talking to keyserver */
#define TOTAL_TRIES 10 /* Number of tries */
/*
* Opaque data that we send and receive
*/
#define MAXOPAQUE 256
struct opaqn {
u_int len;
u_int data[MAXOPAQUE];
};
bool_t xdr_opaqn();
main(argc,argv)
int argc;
char *argv[];
{
XDR xdrs_args;
XDR xdrs_rslt;
int proc;
struct opaqn args, rslt;
if (isatty(0)) {
fprintf(stderr,
"This program cannot be used interactively.\n");
exit(1);
}
#ifdef DEBUG
close(2);
open("/dev/console", O_WRONLY, 0);
#endif
xdrstdio_create(&xdrs_args, stdin, XDR_DECODE);
xdrstdio_create(&xdrs_rslt, stdout, XDR_ENCODE);
if ( ! xdr_u_long(&xdrs_args, &proc)) {
debug("no proc");
exit(1);
}
if (! xdr_opaqn(&xdrs_args, &args)) {
debug("recving args failed");
exit(1);
}
if (! callkeyserver(proc, xdr_opaqn, &args, xdr_opaqn, &rslt)) {
debug("rpc_call failed");
exit(1);
}
if (! xdr_opaqn(&xdrs_rslt, &rslt)) {
debug("sending args failed");
exit(1);
}
exit(0);
}
callkeyserver(proc, xdr_args, args, xdr_rslt, rslt)
u_long proc;
bool_t (*xdr_args)();
void *args;
bool_t (*xdr_rslt)();
void *rslt;
{
struct sockaddr_in remote;
int port;
struct timeval wait;
enum clnt_stat stat;
CLIENT *client;
int sd;
/*
* set up the remote address
* and create client
*/
remote.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
remote.sin_family = AF_INET;
remote.sin_port = 0;
wait.tv_sec = TOTAL_TIMEOUT/TOTAL_TRIES; wait.tv_usec = 0;
sd = RPC_ANYSOCK;
client = clntudp_create(&remote, KEY_PROG, KEY_VERS, wait, &sd);
if (client == NULL) {
debug("no client");
return (0);
}
/*
* Check that server is bound to a reserved port, so
* that noone can masquerade as the keyserver.
*/
if (ntohs(remote.sin_port) >= IPPORT_RESERVED) {
debug("insecure port");
return (0);
}
/*
* Create authentication
* All we care about really is sending the real uid
*/
client->cl_auth = authunix_create("", getuid(), 0, 0, NULL);
if (client->cl_auth == NULL) {
debug("no auth");
return (0);
}
wait.tv_sec = TOTAL_TIMEOUT; wait.tv_usec = 0;
stat = clnt_call(client, proc, xdr_args, args, xdr_rslt, rslt, wait);
if (stat != RPC_SUCCESS) {
debug("clnt_call failed");
}
return (stat == RPC_SUCCESS);
}
/*
* XDR opaque data
* Don't know the length on decode, so just keep receiving until failure.
*/
bool_t
xdr_opaqn(xdrs, objp)
XDR *xdrs;
struct opaqn *objp;
{
int i;
switch (xdrs->x_op) {
case XDR_FREE:
break;
case XDR_DECODE:
for (i = 0; i < MAXOPAQUE && xdr_int(xdrs, &objp->data[i]); i++) {
}
if (i == MAXOPAQUE) {
return (FALSE);
}
objp->len = i;
break;
case XDR_ENCODE:
for (i = 0; i < objp->len; i++) {
if (! xdr_int(xdrs, &objp->data[i])) {
return (FALSE);
}
}
break;
}
return (TRUE);
}
#ifdef DEBUG
debug(msg)
char *msg;
{
fprintf(stderr, "%s\n", msg);
}
#endif