![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to bind.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / quipu / dish|
Return to bind.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / quipu / dish |
1.1 root 1: /* bind.c - */
2:
3: #ifndef lint
4: static char *rcsid = "$Header: /f/osi/quipu/dish/RCS/bind.c,v 7.5 90/07/09 14:46:57 mrose Exp $";
5: #endif
6:
7: /*
8: * $Header: /f/osi/quipu/dish/RCS/bind.c,v 7.5 90/07/09 14:46:57 mrose Exp $
9: *
10: *
11: * $Log: bind.c,v $
12: * Revision 7.5 90/07/09 14:46:57 mrose
13: * sync
14: *
15: * Revision 7.4 90/04/18 08:49:30 mrose
16: * 6.2
17: *
18: * Revision 7.3 90/03/15 11:18:16 mrose
19: * quipu-sync
20: *
21: * Revision 7.2 90/01/11 18:37:33 mrose
22: * real-sync
23: *
24: * Revision 7.1 89/12/19 16:20:58 mrose
25: * sync
26: *
27: * Revision 7.0 89/11/23 22:19:56 mrose
28: * Release 6.0
29: *
30: */
31:
32: /*
33: * NOTICE
34: *
35: * Acquisition, use, and distribution of this module and related
36: * materials are subject to the restrictions of a license agreement.
37: * Consult the Preface in the User's Manual for the full terms of
38: * this agreement.
39: *
40: */
41:
42:
43: #include <signal.h>
44: #include "manifest.h"
45: #include "quipu/util.h"
46: #include <fcntl.h>
47: #include <sys/stat.h>
48: #include "quipu/dua.h"
49: #include "quipu/name.h"
50: #include "quipu/bind.h"
51: #include "quipu/dsp.h"
52: #include "quipu/ds_error.h"
53: #include "tailor.h"
54:
55: extern DN fixed_pos;
56: DN user_name;
57:
58: #define OPT (!frompipe || rps -> ps_byteno == 0 ? opt : rps)
59: #define RPS (!frompipe || opt -> ps_byteno == 0 ? rps : opt)
60: extern char frompipe;
61: extern PS opt, rps;
62:
63: extern char retpipe[],
64: inbuf [],
65: bound;
66:
67: extern int dsap_ad;
68: extern unsigned connect_time,
69: cache_time;
70:
71: static char username [LINESIZE];
72: static char password [LINESIZE];
73: static int auth_type = DBA_AUTH_SIMPLE;
74: static char first_bind = TRUE;
75:
76: char neverefer = FALSE;
77:
78: static struct ds_bind_arg bindarg;
79: static struct ds_bind_arg bindresult;
80: static struct ds_bind_error binderr;
81:
82: static int main_dsa_id;
83: static int referral_dsa;
84:
85: #ifndef NO_STATS
86: extern LLog * log_stat;
87: #endif
88: extern LLog * log_dsap;
89:
90: extern int parent_pid;
91: static unsigned waiting = 0;
92:
93: extern char *new_version();
94: extern long hash_passwd();
95: extern char *hash2str();
96: extern struct signature *sign_operation();
97: extern struct certificate *cert_cpy();
98: extern int encode_DAS_TokenToSign();
99:
100: SFD alarm_sig ()
101: {
102: SFD dish_quit ();
103:
104: if (frompipe && (parent_pid != 0))
105: if (kill (parent_pid,0) == -1) {
106: /* invoking shell gone - exit */
107: dish_quit (SIGHUP);
108: }
109:
110:
111: if (bound) {
112: (void) dap_unbind (main_dsa_id);
113: #ifndef NO_STATS
114: LLOG (log_stat,LLOG_NOTICE,("Connection closed"));
115: #endif
116: bound = FALSE;
117: if (referral_dsa != 0) {
118: (void) dap_unbind (referral_dsa);
119: referral_dsa = 0;
120: }
121: }
122:
123: waiting += connect_time;
124: if (frompipe && (waiting >= cache_time))
125: dish_quit (SIGHUP);
126:
127: (void) signal (SIGALRM, alarm_sig);
128: (void) alarm (connect_time);
129: }
130:
131: set_alarm ()
132: {
133: waiting = 0;
134: (void) signal (SIGALRM, alarm_sig);
135: (void) alarm (connect_time);
136: }
137:
138: SFD bind_sig ()
139: {
140: extern jmp_buf dish_env;
141:
142: ps_print (OPT,"Bind timeout\n");
143: if (referral_dsa != 0) {
144: referral_dsa = 0;
145: dsap_ad = main_dsa_id;
146: }
147: longjmp (dish_env,1);
148: }
149:
150: bind_alarm ()
151: {
152: (void) signal (SIGALRM, bind_sig);
153: (void) alarm (connect_time);
154: }
155:
156: call_bind (argc,argv)
157: int argc;
158: char ** argv;
159: {
160: int x;
161: char noconnect = FALSE;
162: static char bdsa [LINESIZE], save_bdsa[LINESIZE];
163: char *save_address;
164: extern char * dsa_address,
165: * myname;
166: FILE *fp;
167: char buf[BUFSIZ];
168: DN newdn;
169: extern char * tailfile;
170: extern DN sequence_dn ();
171: char got_name = FALSE;
172: char got_pass = FALSE;
173:
174: bdsa[0] = 0;
175: save_address = dsa_address;
176:
177: for (x=1; x<argc; x++) {
178: if (test_arg (argv[x], "-noconnect",3))
179: noconnect = TRUE;
180: #ifdef PDU_DUMP
181: else if (test_arg (argv[x], "-pdus",2)) {
182: if (++x == argc) {
183: ps_print (OPT,"PDU file name missing\n");
184: Usage (argv[0]);
185: return (NOTOK);
186: }
187: ps_printf (RPS,"Dumping PDUs in directory %s\n",argv[x]);
188: pdu_dump_init (argv[x]);
189: }
190: #endif
191: else if (test_arg (argv[x], "-user",1)) {
192: got_name = TRUE;
193: if ((++x == argc) || (*argv[x] == '-')) {
194: x--;
195: *username = 0;
196: } else
197: (void) strcpy (username,argv[x]);
198: } else if (test_arg (argv[x], "-pipe",2)) {
199: if (strcmp (argv[0],"dish") == 0)
200: ps_print (OPT,"Sorry... '-pipe' must be the first argument to dish.\n");
201: else
202: Usage (argv[0]);
203: return (NOTOK);
204: } else if (test_arg (argv[x], "-norefer",3))
205: neverefer = TRUE;
206: else if (test_arg (argv[x], "-refer",1))
207: neverefer = FALSE;
208: /* these flags select the mode of authentication only */
209: else if (test_arg (argv[x],"-noauthentication",3))
210: auth_type = DBA_AUTH_NONE;
211: else if (test_arg (argv[x], "-protected", 3))
212: auth_type = DBA_AUTH_PROTECTED;
213: else if (test_arg (argv[x], "-simple", 3))
214: auth_type = DBA_AUTH_SIMPLE;
215: else if (test_arg (argv[x], "-strong", 3))
216: auth_type = DBA_AUTH_STRONG;
217: /* -password sets the `key', whatever the mode */
218: else if (test_arg (argv[x], "-password",2)) {
219: got_pass = TRUE;
220: if ((++x == argc) || (*argv[x] == '-')) {
221: x--;
222: *password = 0;
223: } else {
224: int i;
225: (void) strcpy (password,argv[x]);
226: for (i=0; i< strlen(password) ; i++)
227: if ( i < 4 )
228: argv[x][i] = 'X';
229: else
230: argv[x][i] = 0;
231:
232: }
233: } else if (test_arg (argv[x], "-call",1)) {
234: if (++x == argc) {
235: ps_print (OPT,"dsa name missing\n");
236: Usage (argv[0]);
237: return (NOTOK);
238: }
239: (void) strcpy (bdsa,argv[x]);
240: } else {
241: /* assume its the user name */
242: if (got_name) {
243: ps_print (OPT,"One user name only please!\n");
244: Usage (argv[0]);
245: return (NOTOK);
246: }
247: got_name = TRUE;
248: (void) strcpy (username,argv[x]);
249: if (*username == '-') {
250: ps_printf (OPT,"Unknown option %s\n",username);
251: Usage (argv[0]);
252: return (NOTOK);
253: }
254: }
255: }
256:
257:
258: if (noconnect)
259: return (OK);
260:
261: if (isdigit (*username)) {
262: PS ps;
263:
264: if ((newdn = sequence_dn (atoi (username))) == NULLDN) {
265: ps_printf (OPT,"Invalid sequence in username %s\n",username);
266: Usage (argv[0]);
267: return (NOTOK);
268: }
269: if ((ps = ps_alloc (str_open)) == NULLPS) {
270: ps_printf (OPT, "Unable to expand sequence: out of memory\n");
271: return NOTOK;
272: }
273: if (str_setup (ps, username, sizeof username - 2, 1) == NOTOK) {
274: ps_printf (OPT, "Unable to expand sequence: %s\n",
275: ps_error (ps -> ps_errno));
276: ps_free (ps);
277: return NOTOK;
278: }
279: dn_print (ps, newdn, EDBOUT);
280: ps_print (ps, " ");
281: *--ps -> ps_ptr = NULL, ps -> ps_cnt++;
282:
283: ps_free (ps);
284: }
285: else
286: newdn = NULLDN;
287:
288: if ((got_name && ! got_pass) || (*password == 0)) {
289: bindarg.dba_passwd_len = 0;
290: bindarg.dba_passwd[0] = 0;
291: if ((*username != 0) && (auth_type != DBA_AUTH_NONE)) {
292: get_password (username, password);
293: (void) strcpy(&bindarg.dba_passwd[0], password);
294: bindarg.dba_passwd_len = strlen (&bindarg.dba_passwd[0]);
295: }
296: } else {
297: bindarg.dba_passwd_len = strlen (password);
298: (void) strcpy (bindarg.dba_passwd, password);
299: }
300:
301: if ((bindarg.dba_passwd_len == 0) && (auth_type != DBA_AUTH_STRONG))
302: auth_type = DBA_AUTH_NONE;
303:
304: if (*username == 0) {
305: bindarg.dba_dn = NULLDN;
306: /* Don't need credentials to bind as NULLDN! */
307: auth_type = DBA_AUTH_NONE;
308: }
309: else
310: if (newdn)
311: bindarg.dba_dn = dn_cpy (newdn);
312: else {
313: if ((bindarg.dba_dn = str2dn (username[0] != '@' ? username
314: : username + 1))
315: == NULLDN) {
316: ps_printf (OPT,"Invalid DN for username: %s\n",username);
317: Usage (argv[0]);
318: return (NOTOK);
319: }
320: }
321:
322: /* prepare credentials */
323: bindarg.dba_auth_type = auth_type;
324: switch (auth_type) {
325: case DBA_AUTH_NONE:
326: case DBA_AUTH_SIMPLE:
327: break;
328: case DBA_AUTH_PROTECTED:
329: protect_password();
330: break;
331: case DBA_AUTH_STRONG:
332: sign_bindarg();
333: break;
334: }
335:
336: /* now set dsa_address */
337: if (bdsa[0] != 0) {
338: (void) strcpy (myname = save_bdsa, bdsa);
339: dsa_address = NULLCP;
340:
341: /* read tailor file to get address */
342:
343: if( (fp = fopen(isodefile(tailfile, 0), "r")) == (FILE *)NULL) {
344: LLOG (log_dsap,LLOG_FATAL,("can't open %s",tailfile));
345: fatal (-72, "Cannot open tailor file");
346: }
347:
348: while(fgets(buf, sizeof(buf), fp) != NULLCP)
349: if ( (*buf != '#') && (*buf != '\n') )
350: /* not a comment or blank */
351: if (tai_string (buf) == NOTOK)
352: DLOG (log_dsap,LLOG_DEBUG,("tai_string failed %s",buf));
353:
354: (void) fclose(fp);
355:
356: if (dsa_address == NULLCP)
357: dsa_address = myname;
358: }
359:
360: if (bound)
361: (void) ds_unbind ();
362:
363: bound = FALSE;
364: first_bind = FALSE;
365:
366: binderr.dbe_value = 0;
367: bind_alarm ();
368: if (secure_ds_bind (&bindarg, &binderr, &bindresult) != OK) {
369: (void) signal (SIGALRM, SIG_IGN);
370: if (binderr.dbe_value == 0)
371: ps_print (OPT, "*** Service error : Unable to contact DSA ***\n");
372: else
373: ds_bind_error(OPT, &binderr);
374: dsa_address = save_address;
375: return (NOTOK);
376: }
377: (void) signal (SIGALRM, SIG_IGN);
378: main_dsa_id = dsap_ad;
379:
380: #ifndef NO_STATS
381: LLOG (log_stat,LLOG_NOTICE,("Bound '%s' to '%s'",username,myname));
382: #endif
383:
384: bound = TRUE;
385: user_name = bindarg.dba_dn;
386:
387: return (OK);
388:
389: }
390:
391: rebind () {
392:
393: if (referral_dsa != 0) {
394: (void) dap_unbind (referral_dsa);
395: referral_dsa = 0;
396: dsap_ad = main_dsa_id;
397: }
398:
399: if (first_bind) {
400: char * buff = "bind";
401: return (call_bind (1,&buff));
402: }
403:
404: if (bound)
405: return (OK);
406:
407: /* prepare credentials */
408: bindarg.dba_auth_type = auth_type;
409: switch (auth_type) {
410: case DBA_AUTH_NONE:
411: case DBA_AUTH_SIMPLE:
412: break;
413: case DBA_AUTH_PROTECTED:
414: protect_password();
415: break;
416: case DBA_AUTH_STRONG:
417: sign_bindarg();
418: break;
419: }
420:
421: binderr.dbe_value = 0;
422: bind_alarm ();
423: if (secure_ds_bind (&bindarg, &binderr, &bindresult) != OK) {
424: (void) signal (SIGALRM, SIG_IGN);
425: if (binderr.dbe_value == 0)
426: ps_print (OPT, "*** Service error: Unable to contact DSA ***\n");
427: else
428: ds_bind_error(OPT, &binderr);
429: return (NOTOK);
430: }
431: (void) signal (SIGALRM, SIG_IGN);
432: main_dsa_id = dsap_ad;
433: #ifndef NO_STATS
434: LLOG (log_stat,LLOG_NOTICE,("re-connect"));
435: #endif
436:
437: bound = TRUE;
438: user_name = bindarg.dba_dn;
439: return (OK);
440: }
441:
442: referral_bind (addr)
443: struct PSAPaddr * addr;
444: {
445: if (referral_dsa != 0)
446: (void) dap_unbind (referral_dsa++);
447: else
448: referral_dsa = dsap_ad + 1;
449:
450: dsap_ad = referral_dsa;
451:
452: /* prepare credentials */
453: bindarg.dba_auth_type = auth_type;
454: switch (auth_type) {
455: case DBA_AUTH_NONE:
456: case DBA_AUTH_SIMPLE:
457: break;
458: case DBA_AUTH_PROTECTED:
459: protect_password();
460: break;
461: case DBA_AUTH_STRONG:
462: sign_bindarg();
463: break;
464: }
465:
466: binderr.dbe_value = 0;
467: bind_alarm ();
468: if (dap_bind (&dsap_ad, &bindarg, &binderr, &bindresult, addr) != OK) {
469: (void) signal (SIGALRM, SIG_IGN);
470: if (binderr.dbe_value == 0)
471: ps_print (OPT, "*** Service error : Unable to contact DSA ***\n");
472: else
473: ds_bind_error(OPT, &binderr);
474: referral_dsa = 0;
475: dsap_ad = main_dsa_id;
476: return (0);
477: }
478: (void) signal (SIGALRM, SIG_IGN);
479: referral_dsa = dsap_ad;
480:
481: #ifndef NO_STATS
482: LLOG (log_stat,LLOG_NOTICE,("referral connect"));
483: #endif
484:
485: return (1);
486: }
487:
488: call_unbind (argc,argv)
489: int argc;
490: char ** argv;
491: {
492: int x;
493: char noquit = FALSE;
494: extern char resbuf [];
495:
496: for (x=1; x<argc; x++) {
497: if (test_arg (argv[x], "-noquit",3))
498: noquit = TRUE;
499: else {
500: Usage (argv[0]);
501: return;
502: }
503: }
504: if (!noquit)
505: (void) signal (SIGINT, SIG_DFL);
506:
507: if (bound) {
508: (void) dap_unbind (main_dsa_id);
509: if (referral_dsa != 0) {
510: (void) dap_unbind (referral_dsa);
511: referral_dsa = 0;
512: }
513: }
514:
515: bound = FALSE;
516:
517: if (! noquit) {
518: if (frompipe)
519: exit_pipe ();
520: ps_free (opt);
521: ps_free (rps);
522: exit (0);
523: }
524: }
525:
526: extern char no_rcfile;
527: static time_t rc_mod_time;
528: extern time_t time ();
529: static char Dish_Home[LINESIZE];
530:
531: user_tailor ()
532: {
533: int isenv;
534: char *part1;
535: char *part2;
536: char *getenv ();
537: char *home;
538:
539: FILE *file;
540: char Read_in_Stuff[LINESIZE];
541: char *p,
542: *TidyString();
543: extern char *local_dit;
544: extern char dishinit;
545: struct stat sbuf;
546:
547: *password = 0;
548: *username = 0;
549:
550: set_sequence ("default");
551:
552: (void) set_cmd_default ("modify","-dontusecopy");
553: /* we dont want to make templates with copies */
554:
555: bindarg.dba_version = DBA_VERSION_V1988;
556: bindarg.dba_dn = NULLDN;
557: bindarg.dba_passwd_len = 0;
558: bindarg.dba_passwd[0] = 0;
559:
560: isenv = 0;
561: if (home = getenv ("QUIPURC"))
562: (void) strcpy (Dish_Home, home), isenv = 1;
563: else
564: if (home = getenv ("HOME"))
565: (void) sprintf (Dish_Home, "%s/.quipurc", home);
566: else
567: (void) strcpy (Dish_Home, "./.quipurc");
568:
569: if (no_rcfile)
570: goto out;
571:
572: if (stat (Dish_Home,&sbuf) != 0) {
573: if (isenv)
574: goto no_dice;
575:
576: if (dishinit && !frompipe) {
577: char cmd_buf [LINESIZE];
578: int msk;
579:
580: ps_print (OPT,"Please wait whilst I initialise everything...\n");
581: msk = umask (0111);
582: (void) strcpy (cmd_buf, isodefile ("new_quipurc", 1));
583: if ((file = fopen (Dish_Home, "w")) == 0)
584: return (OK); /* cant make one */
585: (void) umask (msk);
586: (void) fclose (file);
587: if (system (cmd_buf) == 0) {
588: (void) chmod (Dish_Home,0600);
589: if ((file = fopen (Dish_Home, "r")) == 0) {
590: (void) fprintf (stderr,"Cant open %s - BUT I just created it!!!\n", Dish_Home);
591: return (NOTOK);
592: }
593: } else {
594: (void) unlink (Dish_Home);
595: return (NOTOK);
596: }
597: rc_mod_time = time ((time_t *)0);
598: } else {
599: rc_mod_time = time ((time_t *)0);
600: goto out;
601: }
602: } else
603: rc_mod_time = sbuf.st_mtime;
604:
605: if ((file = fopen (Dish_Home, "r")) == 0) {
606: no_dice: ;
607: (void) fprintf (stderr,"Cant open ");
608: perror (Dish_Home);
609: return NOTOK;
610: }
611:
612: while (fgets (Read_in_Stuff, LINESIZE, file) != 0) {
613: p = SkipSpace (Read_in_Stuff);
614: if (( *p == '#') || (*p == '\0'))
615: continue; /* ignore comments and blanks */
616:
617: part1 = p;
618: if ((part2 = index (p,':')) == NULLCP) {
619: ps_printf (OPT,"Seperator missing '%s'\n",p);
620: return (NOTOK);
621: }
622:
623: *part2++ = '\0';
624: part2 = TidyString (part2);
625:
626: if (lexequ (part1, "username") == 0) {
627: if ((user_name = str2dn (*part2 != '@' ? part2
628: : part2 + 1))
629: == NULLDN) {
630: ps_printf (OPT,"Invalid DN for username: %s\n",part2);
631: return (NOTOK);
632: }
633: (void) strcpy (username, part2);
634: bindarg.dba_dn = user_name;
635: }
636: else if (lexequ (part1, "password") == 0) {
637: (void) strcpy (bindarg.dba_passwd,part2);
638: (void) strcpy (password, part2);
639: bindarg.dba_passwd_len = strlen (part2);
640: }
641: else if (lexequ (part1, "certificate") == 0) {
642: extern struct certificate *my_certificate;
643: struct certificate *str2cert();
644: my_certificate = str2cert(part2);
645: } else if (lexequ (part1, "secret_key") == 0)
646: (void) set_secret_key(part2);
647: else if (lexequ (part1, "cache_time") == 0)
648: cache_time = MIN (atoi(part2) * 60, 180000);
649: /* enforce 5 hour maximum */
650: else if (lexequ (part1, "connect_time") == 0)
651: connect_time = MIN (atoi(part2) * 60, 300);
652: /* enforce 5 minute maximum */
653: else if (lexequ (part1, "service") == 0)
654: new_service (part2);
655: else if (lexequ (part1, "type") == 0) {
656: if (lexequ (part2,"unknown") == 0)
657: show_unknown();
658: } else if (lexequ (part1, "notype") == 0)
659: new_ignore (part2);
660: else if (lexequ (part1, "sequence") == 0) {
661: DN sdn;
662: if ( (sdn = str2dn (*part2 != '@' ? part2 : part2 + 1))
663: == NULLDN) {
664: ps_printf (OPT,"Invalid DN for sequence: %s\n",part2);
665: return (NOTOK);
666: }
667: (void) add_sequence (sdn);
668: } else if (lexequ (part1, "dsap") == 0)
669: (void) tai_string (part2);
670: else if (lexequ (part1, "isode") == 0) {
671: char * split;
672: if ((split = index (part2,' ')) != NULLCP) {
673: *split++ = 0;
674: (void)isodesetvar (part2,strdup(split),0);
675: }
676: } else if (set_cmd_default (part1,part2) != OK) {
677: if (*part2 == '@')
678: part2++;
679: if (add_alias (part1,part2) != OK) {
680: ps_printf (OPT,"Unknown parameter %s\n",part1);
681: return (NOTOK);
682: }
683: }
684: }
685: (void) fclose (file);
686:
687: out:;
688: if ((local_dit != NULLCP) && (strcmp ("@", TidyString(local_dit)) != 0))
689: if ((fixed_pos = str2dn (*local_dit != '@' ? local_dit
690: : local_dit + 1))
691: == NULLDN) {
692: ps_printf (OPT,"Invalid DN for dsaptailor default position: %s\n",local_dit);
693: return (NOTOK);
694: }
695:
696: (void) strcpy (bindarg.dba_passwd,password);
697: bindarg.dba_passwd_len = strlen (password);
698:
699: isodexport (NULLCP);
700:
701: return (OK);
702: }
703:
704: test_rc_file (ps)
705: PS ps;
706: {
707: struct stat sbuf;
708:
709: if (stat (Dish_Home,&sbuf) != 0)
710: return;
711:
712: if (rc_mod_time < sbuf.st_mtime) {
713: ps_printf (ps,"WARNING: %s has changed - but not re-read!!!\n",
714: Dish_Home);
715: rc_mod_time = sbuf.st_mtime;
716: }
717:
718: }
719:
720: SFD dish_quit (sig)
721: int sig;
722: {
723: if (bound) {
724: (void) dap_unbind (main_dsa_id);
725: if (referral_dsa != 0) {
726: (void) dap_unbind (referral_dsa);
727: referral_dsa = 0;
728: }
729: }
730:
731: if (frompipe)
732: exit_pipe ();
733: else
734: (void) fprintf (stderr,"Dish Problem\n");
735:
736: hide_picture();
737:
738: switch (sig) {
739: case SIGALRM:
740: LLOG (log_dsap, LLOG_EXCEPTIONS, ("Timer expired :- Dish quitting"));
741: exit (0);
742: case SIGHUP:
743: case SIGINT:
744: case SIGTERM:
745: LLOG (log_dsap, LLOG_EXCEPTIONS, ("Dish quitting - signal %d",sig));
746: exit (0);
747: default:
748: LLOG (log_dsap, LLOG_FATAL, ("Dish problem - signal %d",sig));
749: (void) signal (sig, SIG_DFL); /* to stop recursion */
750: abort ();
751: }
752:
753: }
754:
755: static int protect_password()
756: {
757: long hash;
758: char *cp;
759: int len;
760:
761: bindarg.dba_time1 = new_version();
762: bindarg.dba_time2 = NULLCP;
763: bindarg.dba_r1.n_bits = 0;
764: bindarg.dba_r1.value = NULLCP;
765: bindarg.dba_r2.n_bits = 0;
766: bindarg.dba_r2.value = NULLCP;
767: hash = 0;
768: hash = hash_passwd(hash, password, strlen(password));
769: hash = hash_passwd(hash, bindarg.dba_time1, strlen(bindarg.dba_time1));
770: cp = hash2str(hash, &len);
771: bcopy(cp, bindarg.dba_passwd, len);
772: bindarg.dba_passwd_len = len;
773: }
774:
775:
776: static int sign_bindarg()
777: {
778: struct signature sig;
779:
780: bindarg.dba_time1 = new_version();
781: bindarg.dba_time2 = NULLCP;
782:
783: /* Have to send a random number, but don't care what it is */
784: bindarg.dba_r1.n_bits = 8;
785: bindarg.dba_r1.value = strdup("*");
786: bindarg.dba_r2.n_bits = 8;
787: bindarg.dba_r2.value = strdup("*");
788:
789: bindarg.dba_sig = &sig;
790: /* Have to build a signature alg_id now, so can sign it. This will
791: * subsequently be replaced with a new alg_id by sign_operation.
792: */
793: sig.alg.algorithm = oid_cpy(ode2oid("sq_mod_n_with_rsa"));
794: sig.alg.p_type = ALG_PARM_NUMERIC;
795: sig.alg.un.numeric = 512;
796: sig.alg.asn = NULLPE;
797:
798: bindarg.dba_sig = sign_operation((caddr_t) &bindarg,
799: encode_DAS_TokenToSign);
800: if (my_certificate)
801: {
802: bindarg.dba_cpath = (struct certificate_list *)
803: calloc(1, sizeof(struct certificate_list));
804: bindarg.dba_cpath->cert = cert_cpy(my_certificate);
805: }
806: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.