![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to tf_shm.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / krb|
Return to tf_shm.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / krb |
1.1 ! root 1: /* ! 2: * $Source: /usr/src/kerberosIV/krb/RCS/tf_shm.c,v $ ! 3: * $Author: kfall $ ! 4: * ! 5: * Copyright 1988 by the Massachusetts Institute of Technology. ! 6: * ! 7: * For copying and distribution information, please see the file ! 8: * <mit-copyright.h>. ! 9: * ! 10: * Shared memory segment functions for session keys. Derived from code ! 11: * contributed by Dan Kolkowitz ([email protected]). ! 12: */ ! 13: ! 14: #ifndef lint ! 15: static char rcsid_tf_shm_c[] = ! 16: "$Id: tf_shm.c,v 4.3 90/06/25 20:57:30 kfall Exp $"; ! 17: #endif lint ! 18: ! 19: #include <mit-copyright.h> ! 20: ! 21: #include <stdio.h> ! 22: #include <sys/types.h> ! 23: #include <sys/ipc.h> ! 24: #include <sys/shm.h> ! 25: #include <des.h> ! 26: #include <krb.h> ! 27: #include <sys/stat.h> ! 28: #include <fcntl.h> ! 29: ! 30: #define MAX_BUFF sizeof(des_cblock)*1000 /* room for 1k keys */ ! 31: ! 32: extern int errno; ! 33: extern int krb_debug; ! 34: ! 35: /* ! 36: * krb_create_shmtkt: ! 37: * ! 38: * create a shared memory segment for session keys, leaving its id ! 39: * in the specified filename. ! 40: */ ! 41: ! 42: int ! 43: krb_shm_create(file_name) ! 44: char *file_name; ! 45: { ! 46: int retval; ! 47: int shmid; ! 48: struct shmid_ds shm_buf; ! 49: FILE *sfile; ! 50: uid_t me, metoo, getuid(), geteuid(); ! 51: ! 52: (void) krb_shm_dest(file_name); /* nuke it if it exists... ! 53: this cleans up to make sure we ! 54: don't slowly lose memory. */ ! 55: ! 56: shmid = shmget((long)IPC_PRIVATE,MAX_BUFF, IPC_CREAT); ! 57: if (shmid == -1) { ! 58: if (krb_debug) ! 59: perror("krb_shm_create shmget"); ! 60: return(KFAILURE); /* XXX */ ! 61: } ! 62: me = getuid(); ! 63: metoo = geteuid(); ! 64: /* ! 65: * now set up the buffer so that we can modify it ! 66: */ ! 67: shm_buf.shm_perm.uid = me; ! 68: shm_buf.shm_perm.gid = getgid(); ! 69: shm_buf.shm_perm.mode = 0600; ! 70: if (shmctl(shmid,IPC_SET,&shm_buf) < 0) { /*can now map it */ ! 71: if (krb_debug) ! 72: perror("krb_shm_create shmctl"); ! 73: (void) shmctl(shmid, IPC_RMID, 0); ! 74: return(KFAILURE); /* XXX */ ! 75: } ! 76: (void) shmctl(shmid, SHM_LOCK, 0); /* attempt to lock-in-core */ ! 77: /* arrange so the file is owned by the ruid ! 78: (swap real & effective uid if necessary). */ ! 79: if (me != metoo) { ! 80: if (setreuid(metoo, me) < 0) { ! 81: /* can't switch??? barf! */ ! 82: if (krb_debug) ! 83: perror("krb_shm_create: setreuid"); ! 84: (void) shmctl(shmid, IPC_RMID, 0); ! 85: return(KFAILURE); ! 86: } else ! 87: if (krb_debug) ! 88: printf("swapped UID's %d and %d\n",metoo,me); ! 89: } ! 90: if ((sfile = fopen(file_name,"w")) == 0) { ! 91: if (krb_debug) ! 92: perror("krb_shm_create file"); ! 93: (void) shmctl(shmid, IPC_RMID, 0); ! 94: return(KFAILURE); /* XXX */ ! 95: } ! 96: if (fchmod(fileno(sfile),0600) < 0) { ! 97: if (krb_debug) ! 98: perror("krb_shm_create fchmod"); ! 99: (void) shmctl(shmid, IPC_RMID, 0); ! 100: return(KFAILURE); /* XXX */ ! 101: } ! 102: if (me != metoo) { ! 103: if (setreuid(me, metoo) < 0) { ! 104: /* can't switch??? barf! */ ! 105: if (krb_debug) ! 106: perror("krb_shm_create: setreuid2"); ! 107: (void) shmctl(shmid, IPC_RMID, 0); ! 108: return(KFAILURE); ! 109: } else ! 110: if (krb_debug) ! 111: printf("swapped UID's %d and %d\n",me,metoo); ! 112: } ! 113: ! 114: (void) fprintf(sfile,"%d",shmid); ! 115: (void) fflush(sfile); ! 116: (void) fclose(sfile); ! 117: return(KSUCCESS); ! 118: } ! 119: ! 120: ! 121: /* ! 122: * krb_is_diskless: ! 123: * ! 124: * check / to see if file .diskless exists. If so it is diskless. ! 125: * Do it this way now to avoid dependencies on a particular routine. ! 126: * Choose root file system since that will be private to the client. ! 127: */ ! 128: ! 129: int krb_is_diskless() ! 130: { ! 131: struct stat buf; ! 132: if (stat("/.diskless",&buf) < 0) ! 133: return(0); ! 134: else return(1); ! 135: } ! 136: ! 137: /* ! 138: * krb_shm_dest: destroy shared memory segment with session keys, and remove ! 139: * file pointing to it. ! 140: */ ! 141: ! 142: int krb_shm_dest(file) ! 143: char *file; ! 144: { ! 145: int shmid; ! 146: FILE *sfile; ! 147: struct stat st_buf; ! 148: ! 149: if (stat(file,&st_buf) == 0) { ! 150: /* successful stat */ ! 151: if ((sfile = fopen(file,"r")) == 0) { ! 152: if (krb_debug) ! 153: perror("cannot open shared memory file"); ! 154: return(KFAILURE); /* XXX */ ! 155: } ! 156: if (fscanf(sfile,"%d",&shmid) == 1) { ! 157: if (shmctl(shmid,IPC_RMID,0) != 0) { ! 158: if (krb_debug) ! 159: perror("krb_shm_dest: cannot delete shm segment"); ! 160: (void) fclose(sfile); ! 161: return(KFAILURE); /* XXX */ ! 162: } ! 163: } else { ! 164: if (krb_debug) ! 165: fprintf(stderr, "bad format in shmid file\n"); ! 166: (void) fclose(sfile); ! 167: return(KFAILURE); /* XXX */ ! 168: } ! 169: (void) fclose(sfile); ! 170: (void) unlink(file); ! 171: return(KSUCCESS); ! 172: } else ! 173: return(RET_TKFIL); /* XXX */ ! 174: } ! 175: ! 176: ! 177:
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.