oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

implement support for Solaris's named-pipe X transport

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5121 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1998-08-16 16:35:13 +00:00
parent d1b42ba459
commit dc0dfabdfe
5 changed files with 439 additions and 248 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
appl/kx/ChangeLog
View File

@@ -1,3 +1,7 @@
Sun Aug 16 18:34:30 1998 Assar Westerlund <assar@sics.se>
* implement support for Solaris's named-pipe X transport
Thu May 28 17:20:39 1998 Johan Danielsson <joda@emma.pdc.kth.se> Thu May 28 17:20:39 1998 Johan Danielsson <joda@emma.pdc.kth.se>
* common.c: fix for (compiler?) bug in solaris 2.4 bind * common.c: fix for (compiler?) bug in solaris 2.4 bind

214
appl/kx/common.c
View File

@@ -120,18 +120,24 @@ copy_encrypted (int fd1, int fd2, des_cblock *iv,
#define X_UNIX_PATH "/tmp/.X11-unix/X" #define X_UNIX_PATH "/tmp/.X11-unix/X"
#endif #endif
#ifndef X_PIPE_PATH
#define X_PIPE_PATH "/tmp/.X11-pipe/X"
#endif
#ifndef INADDR_LOOPBACK #ifndef INADDR_LOOPBACK
#define INADDR_LOOPBACK 0x7f000001 #define INADDR_LOOPBACK 0x7f000001
#endif #endif
/* /*
* Allocate a unix domain socket.
*
* 0 if all is OK * 0 if all is OK
* -1 if bind failed badly * -1 if bind failed badly
* 1 if dpy is already used * 1 if dpy is already used
*/ */
static int static int
try_one (struct x_socket *s, int dpy, const char *pattern) try_socket (struct x_socket *s, int dpy, const char *pattern)
{ {
struct sockaddr_un addr; struct sockaddr_un addr;
int fd; int fd;
@@ -160,38 +166,121 @@ try_one (struct x_socket *s, int dpy, const char *pattern)
s->pathname = strdup (addr.sun_path); s->pathname = strdup (addr.sun_path);
if (s->pathname == NULL) if (s->pathname == NULL)
errx (1, "strdup: out of memory"); errx (1, "strdup: out of memory");
s->flags = UNIX_SOCKET;
return 0;
}
#ifdef MAY_HAVE_X11_PIPES
/*
* Allocate a stream (masqueraded as a named pipe)
*
* 0 if all is OK
* -1 if bind failed badly
* 1 if dpy is already used
*/
static int
try_pipe (struct x_socket *s, int dpy, const char *pattern)
{
char path[MAXPATHLEN];
int ret;
int fd;
int pipefd[2];
snprintf (path, sizeof(path), pattern, dpy);
fd = open (path, O_WRONLY | O_CREAT | O_EXCL, 0600);
if (fd < 0)
if (errno == EEXIST)
return 1;
else
return -1;
close (fd);
ret = pipe (pipefd);
if (ret < 0)
err (1, "pipe");
ret = ioctl (pipefd[1], I_PUSH, "connld");
if (ret < 0)
err (1, "ioctl I_PUSH");
ret = fattach (pipefd[1], path);
if (ret < 0)
err (1, "fattach %s", path);
s->fd = pipefd[0];
close (pipefd[1]);
s->pathname = strdup (path);
if (s->pathname == NULL)
errx (1, "strdup: out of memory");
s->flags = STREAM_PIPE;
return 0;
}
#endif /* MAY_HAVE_X11_PIPES */
static int
try_tcp (struct x_socket *s, int dpy)
{
struct sockaddr_in tcpaddr;
struct in_addr local;
int one = 1;
int fd;
memset(&local, 0, sizeof(local));
local.s_addr = htonl(INADDR_LOOPBACK);
fd = socket (AF_INET, SOCK_STREAM, 0);
if (fd < 0)
err (1, "socket AF_INET");
#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT)
setsockopt (fd, IPPROTO_TCP, TCP_NODELAY, (void *)&one,
sizeof(one));
#endif
memset (&tcpaddr, 0, sizeof(tcpaddr));
tcpaddr.sin_family = AF_INET;
tcpaddr.sin_addr = local;
tcpaddr.sin_port = htons(6000 + dpy);
if (bind (fd, (struct sockaddr *)&tcpaddr,
sizeof(tcpaddr)) < 0) {
close (fd);
if (errno == EADDRINUSE)
return 1;
else
return -1;
}
s->fd = fd;
s->pathname = NULL;
s->flags = TCP;
return 0; return 0;
} }
/* /*
* Allocate and listen on a number of local X server socket and a TCP * Allocate and listen on a number of local X server sockets, pipes,
* socket. Return the display number. * and a TCP socket. Return the display number.
*/ */
static char *x_paths[] = { static char *x_sockets[] = {
X_UNIX_PATH "%u", X_UNIX_PATH "%u",
"/var/X/.X11-pipe/X" "%u",
"/var/X/.X11-unix/X" "%u", "/var/X/.X11-unix/X" "%u",
"/usr/spool/sockets/X11/" "%u", "/usr/spool/sockets/X11/" "%u",
NULL NULL
}; };
int static char *x_pipes[] = {
get_xsockets (int *number, struct x_socket **sockets, int tcp_socket) X_PIPE_PATH "%u",
"/var/X/.X11-pipe/X" "%u",
NULL
};
static void
try_mkdir (const char *path)
{ {
int dpy; char *dir;
char *p;
int oldmask; int oldmask;
struct in_addr local;
char *dir, *p;
struct x_socket *s;
int n;
int i;
s = malloc (sizeof(*s) * 5); if((dir = strdup (path)) == NULL)
if (s == NULL)
errx (1, "malloc: out of memory");
if((dir = strdup (X_UNIX_PATH)) == NULL)
errx (1, "strdup: out of memory"); errx (1, "strdup: out of memory");
p = strrchr (dir, '/'); p = strrchr (dir, '/');
if (p) if (p)
@@ -202,9 +291,22 @@ get_xsockets (int *number, struct x_socket **sockets, int tcp_socket)
chmod (dir, 01777); chmod (dir, 01777);
umask (oldmask); umask (oldmask);
free (dir); free (dir);
}
memset(&local, 0, sizeof(local)); int
local.s_addr = htonl(INADDR_LOOPBACK); get_xsockets (int *number, struct x_socket **sockets, int tcp_socket)
{
int dpy;
struct x_socket *s;
int n;
int i;
s = malloc (sizeof(*s) * 5);
if (s == NULL)
errx (1, "malloc: out of memory");
try_mkdir (X_UNIX_PATH);
try_mkdir (X_PIPE_PATH);
for(dpy = 4; dpy < 256; ++dpy) { for(dpy = 4; dpy < 256; ++dpy) {
int tcpfd; int tcpfd;
@@ -212,8 +314,8 @@ get_xsockets (int *number, struct x_socket **sockets, int tcp_socket)
int tmp; int tmp;
n = 0; n = 0;
for (path = x_paths; *path; ++path) { for (path = x_sockets; *path; ++path) {
tmp = try_one (&s[n], dpy, *path); tmp = try_socket (&s[n], dpy, *path);
if (tmp == -1) { if (tmp == -1) {
if (errno != ENOTDIR && errno != ENOENT) if (errno != ENOTDIR && errno != ENOENT)
return -1; return -1;
@@ -229,35 +331,37 @@ get_xsockets (int *number, struct x_socket **sockets, int tcp_socket)
if (tmp == 1) if (tmp == 1)
continue; continue;
if (tcp_socket) { #ifdef MAY_HAVE_X11_PIPES
struct sockaddr_in tcpaddr; for (path = x_pipes; *path; ++path) {
int one = 1; tmp = try_pipe (&s[n], dpy, *path);
if (tmp == -1) {
tcpfd = socket (AF_INET, SOCK_STREAM, 0); if (errno != ENOTDIR && errno != ENOENT)
if (tcpfd < 0) return -1;
err (1, "socket AF_INET"); } else if (tmp == 1) {
#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT)
setsockopt (tcpfd, IPPROTO_TCP, TCP_NODELAY, (void *)&one,
sizeof(one));
#endif
memset (&tcpaddr, 0, sizeof(tcpaddr));
tcpaddr.sin_family = AF_INET;
tcpaddr.sin_addr = local;
tcpaddr.sin_port = htons(6000 + dpy);
if (bind (tcpfd, (struct sockaddr *)&tcpaddr,
sizeof(tcpaddr)) < 0) {
close (tcpfd);
while (--n >= 0) { while (--n >= 0) {
close (s[n].fd); close (s[n].fd);
free (s[n].pathname); free (s[n].pathname);
} }
if (errno == EADDRINUSE) break;
continue; } else if (tmp == 0)
else ++n;
return -1;
} }
s[n].fd = tcpfd;
s[n].pathname = NULL; if (tmp == 1)
continue;
#endif
if (tcp_socket) {
tmp = try_tcp (&s[n], dpy);
if (tmp == -1)
return -1;
else if (tmp == 1) {
while (--n >= 0) {
close (s[n].fd);
free (s[n].pathname);
}
break;
} else if (tmp == 0)
++n; ++n;
} }
break; break;
@@ -265,7 +369,8 @@ get_xsockets (int *number, struct x_socket **sockets, int tcp_socket)
if (dpy == 256) if (dpy == 256)
errx (1, "no free x-servers"); errx (1, "no free x-servers");
for (i = 0; i < n; ++i) for (i = 0; i < n; ++i)
if (listen (s[i].fd, SOMAXCONN) < 0) if (s[i].flags & LISTENP
&& listen (s[i].fd, SOMAXCONN) < 0)
err (1, "listen %s", s[i].pathname ? s[i].pathname : "tcp"); err (1, "listen %s", s[i].pathname ? s[i].pathname : "tcp");
*number = n; *number = n;
*sockets = s; *sockets = s;
@@ -283,7 +388,7 @@ connect_local_xsocket (unsigned dnr)
struct sockaddr_un addr; struct sockaddr_un addr;
char **path; char **path;
for (path = x_paths; *path; ++path) { for (path = x_sockets; *path; ++path) {
fd = socket (AF_UNIX, SOCK_STREAM, 0); fd = socket (AF_UNIX, SOCK_STREAM, 0);
if (fd < 0) if (fd < 0)
err (1, "socket AF_UNIX"); err (1, "socket AF_UNIX");
@@ -375,11 +480,12 @@ create_and_write_cookie (char *xauthfile,
* Verify and remove cookies. Read and parse a X-connection from * Verify and remove cookies. Read and parse a X-connection from
* `fd'. Check the cookie used is the same as in `cookie'. Remove the * `fd'. Check the cookie used is the same as in `cookie'. Remove the
* cookie and copy the rest of it to `sock'. * cookie and copy the rest of it to `sock'.
* Expect cookies iff cookiesp.
* Return 0 iff ok. * Return 0 iff ok.
*/ */
int int
verify_and_remove_cookies (int fd, int sock) verify_and_remove_cookies (int fd, int sock, int cookiesp)
{ {
u_char beg[12]; u_char beg[12];
int bigendianp; int bigendianp;
@@ -402,20 +508,24 @@ verify_and_remove_cookies (int fd, int sock)
npad = (4 - (n % 4)) % 4; npad = (4 - (n % 4)) % 4;
dpad = (4 - (d % 4)) % 4; dpad = (4 - (d % 4)) % 4;
protocol_name = malloc(n + npad); protocol_name = malloc(n + npad);
if (protocol_name == NULL) if (n + npad != 0 && protocol_name == NULL)
return 1; return 1;
protocol_data = malloc(d + dpad); protocol_data = malloc(d + dpad);
if (protocol_data == NULL) if (d + dpad != 0 && protocol_data == NULL) {
free (protocol_name);
goto fail; goto fail;
}
if (krb_net_read (fd, protocol_name, n + npad) != n + npad) if (krb_net_read (fd, protocol_name, n + npad) != n + npad)
goto fail; goto fail;
if (krb_net_read (fd, protocol_data, d + dpad) != d + dpad) if (krb_net_read (fd, protocol_data, d + dpad) != d + dpad)
goto fail; goto fail;
if (cookiesp) {
if (strncmp (protocol_name, COOKIE_TYPE, strlen(COOKIE_TYPE)) != 0) if (strncmp (protocol_name, COOKIE_TYPE, strlen(COOKIE_TYPE)) != 0)
goto fail; goto fail;
if (d != cookie_len || if (d != cookie_len ||
memcmp (protocol_data, cookie, cookie_len) != 0) memcmp (protocol_data, cookie, cookie_len) != 0)
goto fail; goto fail;
}
free (protocol_name); free (protocol_name);
free (protocol_data); free (protocol_data);
if (krb_net_write (sock, zeros, 6) != 6) if (krb_net_write (sock, zeros, 6) != 6)
@@ -433,7 +543,7 @@ fail:
*/ */
int int
replace_cookie(int xserver, int fd, char *filename) replace_cookie(int xserver, int fd, char *filename, int cookiesp) /* XXX */
{ {
u_char beg[12]; u_char beg[12];
int bigendianp; int bigendianp;

4
appl/kx/kx.c
View File

@@ -164,7 +164,7 @@ static int
passive_session (int xserver, int fd, des_cblock *iv, passive_session (int xserver, int fd, des_cblock *iv,
des_key_schedule schedule) des_key_schedule schedule)
{ {
if (replace_cookie (xserver, fd, XauFileName())) if (replace_cookie (xserver, fd, XauFileName(), 1))
return 1; return 1;
else else
return copy_encrypted (xserver, fd, iv, schedule); return copy_encrypted (xserver, fd, iv, schedule);
@@ -174,7 +174,7 @@ static int
active_session (int xserver, int fd, des_cblock *iv, active_session (int xserver, int fd, des_cblock *iv,
des_key_schedule schedule) des_key_schedule schedule)
{ {
if (verify_and_remove_cookies (xserver, fd)) if (verify_and_remove_cookies (xserver, fd, 1))
return 1; return 1;
else else
return copy_encrypted (xserver, fd, iv, schedule); return copy_encrypted (xserver, fd, iv, schedule);

31
appl/kx/kx.h
View File

@@ -105,6 +105,17 @@
#include <X11/Xlib.h> #include <X11/Xlib.h>
#include <X11/Xauth.h> #include <X11/Xauth.h>
#ifdef HAVE_SYS_STREAM_H
#include <sys/stream.h>
#endif
#ifdef HAVE_SYS_STROPTS_H
#include <sys/stropts.h>
#endif
#if defined(HAVE_SYS_STROPTS_H) && defined(HAVE_FATTACH) && defined(I_PUSH)
#define MAY_HAVE_X11_PIPES
#endif
#ifdef SOCKS #ifdef SOCKS
#include <socks.h> #include <socks.h>
/* This doesn't belong here. */ /* This doesn't belong here. */
@@ -117,16 +128,17 @@ struct hostent *gethostbyname(const char *);
#include <err.h> #include <err.h>
#include <roken.h> #include <roken.h>
int copy_encrypted (int fd1, int fd2, des_cblock *iv,
des_key_schedule schedule);
struct x_socket { struct x_socket {
char *pathname; char *pathname;
int fd; int fd;
enum {
LISTENP = 0x80,
TCP = LISTENP | 1,
UNIX_SOCKET = LISTENP | 2,
STREAM_PIPE = 3
} flags;
}; };
int get_xsockets (int *number, struct x_socket **sockets, int tcpp);
extern char x_socket[]; extern char x_socket[];
extern u_int32_t display_num; extern u_int32_t display_num;
extern char display[]; extern char display[];
@@ -136,13 +148,18 @@ extern int xauthfile_size;
extern u_char cookie[]; extern u_char cookie[];
extern size_t cookie_len; extern size_t cookie_len;
int copy_encrypted (int fd1, int fd2, des_cblock *iv,
des_key_schedule schedule);
int get_xsockets (int *number, struct x_socket **sockets, int tcpp);
int connect_local_xsocket (unsigned dnr); int connect_local_xsocket (unsigned dnr);
int create_and_write_cookie (char *xauthfile, int create_and_write_cookie (char *xauthfile,
size_t size, size_t size,
u_char *cookie, u_char *cookie,
size_t sz); size_t sz);
int verify_and_remove_cookies (int fd, int sock); int verify_and_remove_cookies (int fd, int sock, int cookiesp);
int replace_cookie(int xserver, int fd, char *filename); int replace_cookie(int xserver, int fd, char *filename, int cookiesp);
int suspicious_address (int sock, struct sockaddr_in addr); int suspicious_address (int sock, struct sockaddr_in addr);

140
appl/kx/kxd.c
View File

@@ -233,29 +233,29 @@ recv_conn (int sock, des_cblock *key, des_key_schedule schedule,
*/ */
static int static int
passive_session (int fd, int sock, des_cblock *key, passive_session (int fd, int sock, int cookiesp, des_cblock *key,
des_key_schedule schedule) des_key_schedule schedule)
{ {
if (verify_and_remove_cookies (fd, sock)) if (verify_and_remove_cookies (fd, sock, cookiesp))
return 1; return 1;
else else
return copy_encrypted (fd, sock, key, schedule); return copy_encrypted (fd, sock, key, schedule);
} }
static int static int
active_session (int fd, int sock, des_cblock *key, active_session (int fd, int sock, int cookiesp, des_cblock *key,
des_key_schedule schedule) des_key_schedule schedule)
{ {
fd = connect_local_xsocket(0); fd = connect_local_xsocket(0);
if (replace_cookie (fd, sock, xauthfile)) if (replace_cookie (fd, sock, xauthfile, cookiesp))
return 1; return 1;
else else
return copy_encrypted (fd, sock, key, schedule); return copy_encrypted (fd, sock, key, schedule);
} }
static int static int
doit_conn (int fd, int meta_sock, int flags, doit_conn (int fd, int meta_sock, int flags, int cookiesp,
des_cblock *key, des_key_schedule schedule, des_cblock *key, des_key_schedule schedule,
struct sockaddr_in *thisaddr, struct sockaddr_in *thisaddr,
struct sockaddr_in *thataddr) struct sockaddr_in *thataddr)
@@ -319,9 +319,9 @@ doit_conn (int fd, int meta_sock, int flags,
close (meta_sock); close (meta_sock);
if (flags & PASSIVE) if (flags & PASSIVE)
return passive_session (fd, sock2, key, schedule); return passive_session (fd, sock2, cookiesp, key, schedule);
else else
return active_session (fd, sock2, key, schedule); return active_session (fd, sock2, cookiesp, key, schedule);
} }
/* /*
@@ -344,30 +344,24 @@ check_user_console (int fd, des_cblock *key, des_key_schedule schedule,
} }
/* /*
* Receive a connection on `sock' and process it. * Handle a passive session on `sock'
*/ */
static int static int
doit(int sock, int tcpp) doit_passive (int sock, des_cblock *key, des_key_schedule schedule,
struct sockaddr_in *me, struct sockaddr_in *him,
int flags, int tcpp)
{ {
des_key_schedule schedule; int tmp;
des_cblock key; int len;
struct sockaddr_in me, him; size_t rem;
int flags;
u_char msg[1024], *p; u_char msg[1024], *p;
struct x_socket *sockets; struct x_socket *sockets;
int nsockets; int nsockets;
flags = recv_conn (sock, &key, schedule, &me, &him);
if (flags & PASSIVE) {
int tmp;
int len;
size_t rem;
tmp = get_xsockets (&nsockets, &sockets, tcpp); tmp = get_xsockets (&nsockets, &sockets, tcpp);
if (tmp < 0) { if (tmp < 0) {
fatal (sock, &key, schedule, &me, &him, fatal (sock, key, schedule, me, him,
"Cannot create X socket(s): %s", "Cannot create X socket(s): %s",
strerror(errno)); strerror(errno));
return 1; return 1;
@@ -380,7 +374,7 @@ doit(int sock, int tcpp)
if(create_and_write_cookie (xauthfile, xauthfile_size, if(create_and_write_cookie (xauthfile, xauthfile_size,
cookie, cookie_len)) { cookie, cookie_len)) {
cleanup(nsockets, sockets); cleanup(nsockets, sockets);
fatal (sock, &key, schedule, &me, &him, fatal (sock, key, schedule, me, him,
"Cookie-creation failed with: %s", "Cookie-creation failed with: %s",
strerror(errno)); strerror(errno));
return 1; return 1;
@@ -419,8 +413,8 @@ doit(int sock, int tcpp)
p += len; p += len;
rem -= len; rem -= len;
if(write_encrypted (sock, msg, p - msg, schedule, &key, if(write_encrypted (sock, msg, p - msg, schedule, key,
&me, &him) < 0) { me, him) < 0) {
syslog (LOG_ERR, "write: %m"); syslog (LOG_ERR, "write: %m");
cleanup(nsockets, sockets); cleanup(nsockets, sockets);
return 1; return 1;
@@ -431,6 +425,7 @@ doit(int sock, int tcpp)
fd_set fds; fd_set fds;
int i; int i;
int ret; int ret;
int cookiesp = TRUE;
FD_ZERO(&fds); FD_ZERO(&fds);
FD_SET(sock, &fds); FD_SET(sock, &fds);
@@ -447,24 +442,57 @@ doit(int sock, int tcpp)
} else if(ret) { } else if(ret) {
for (i = 0; i < nsockets; ++i) { for (i = 0; i < nsockets; ++i) {
if (FD_ISSET(sockets[i].fd, &fds)) { if (FD_ISSET(sockets[i].fd, &fds)) {
if (sockets[i].pathname == NULL) { if (sockets[i].flags == TCP) {
struct sockaddr_in peer; struct sockaddr_in peer;
int len = sizeof(peer); int len = sizeof(peer);
fd = accept (sockets[i].fd, fd = accept (sockets[i].fd,
(struct sockaddr *)&peer, (struct sockaddr *)&peer,
&len); &len);
if (fd < 0 && errno != EINTR)
syslog (LOG_ERR, "accept: %m");
/* XXX */ /* XXX */
if (fd >= 0 && suspicious_address (fd, peer)) { if (fd >= 0 && suspicious_address (fd, peer)) {
close (fd); close (fd);
fd = -1; fd = -1;
errno = EINTR; errno = EINTR;
} }
} else { } else if(sockets[i].flags == UNIX_SOCKET) {
int zero = 0; int zero = 0;
fd = accept (sockets[i].fd, NULL, &zero); fd = accept (sockets[i].fd, NULL, &zero);
if (fd < 0 && errno != EINTR)
syslog (LOG_ERR, "accept: %m");
} else if(sockets[i].flags == STREAM_PIPE) {
/*
* this code tries to handle the
* send fd-over-pipe stuff for
* solaris
*/
struct strrecvfd strrecvfd;
ret = ioctl (sockets[i].fd,
I_RECVFD, &strrecvfd);
if (ret < 0 && errno != EINTR) {
syslog (LOG_ERR, "ioctl I_RECVFD: %m");
} }
/* XXX */
if (ret == 0) {
if (strrecvfd.uid != getuid()) {
close (strrecvfd.fd);
fd = -1;
errno = EINTR;
} else {
fd = strrecvfd.fd;
cookiesp = FALSE;
}
}
} else
abort ();
break; break;
} }
} }
@@ -472,32 +500,42 @@ doit(int sock, int tcpp)
if (fd < 0) if (fd < 0)
if (errno == EINTR) if (errno == EINTR)
continue; continue;
else { else
syslog (LOG_ERR, "accept: %m");
return 1; return 1;
}
child = fork (); child = fork ();
if (child < 0) { if (child < 0) {
syslog (LOG_ERR, "fork: %m"); syslog (LOG_ERR, "fork: %m");
return 1; return 1;
} else if (child == 0) { } else if (child != 0) {
for (i = 0; i < nsockets; ++i) for (i = 0; i < nsockets; ++i)
close (sockets[i].fd); close (sockets[i].fd);
return doit_conn (fd, sock, flags, return doit_conn (fd, sock, flags, cookiesp,
&key, schedule, &me, &him); key, schedule, me, him);
} else { } else {
close (fd); close (fd);
} }
} }
} else { }
check_user_console (sock, &key, schedule, &me, &him);
/*
* Handle an active session on `sock'
*/
static int
doit_active (int sock, des_cblock *key, des_key_schedule schedule,
struct sockaddr_in *me, struct sockaddr_in *him,
int flags, int tcpp)
{
u_char msg[1024], *p;
check_user_console (sock, key, schedule, me, him);
p = msg; p = msg;
*p++ = ACK; *p++ = ACK;
if(write_encrypted (sock, msg, p - msg, schedule, &key, if(write_encrypted (sock, msg, p - msg, schedule, key,
&me, &him) < 0) { me, him) < 0) {
syslog (LOG_ERR, "write: %m"); syslog (LOG_ERR, "write: %m");
return 1; return 1;
} }
@@ -507,8 +545,8 @@ doit(int sock, int tcpp)
void *ret; void *ret;
len = read_encrypted (sock, msg, sizeof(msg), &ret, len = read_encrypted (sock, msg, sizeof(msg), &ret,
schedule, &key, schedule, key,
&him, &me); him, me);
if (len < 0) { if (len < 0) {
syslog (LOG_ERR, "read: %m"); syslog (LOG_ERR, "read: %m");
return 1; return 1;
@@ -524,12 +562,34 @@ doit(int sock, int tcpp)
syslog (LOG_ERR, "fork: %m"); syslog (LOG_ERR, "fork: %m");
return 1; return 1;
} else if (child == 0) { } else if (child == 0) {
return doit_conn (sock, sock, flags, return doit_conn (sock, sock, flags, 1,
&key, schedule, &me, &him); key, schedule, me, him);
} else { } else {
} }
} }
} }
/*
* Receive a connection on `sock' and process it.
*/
static int
doit(int sock, int tcpp)
{
des_key_schedule schedule;
des_cblock key;
struct sockaddr_in me, him;
int flags;
u_char msg[1024], *p;
struct x_socket *sockets;
int nsockets;
flags = recv_conn (sock, &key, schedule, &me, &him);
if (flags & PASSIVE)
return doit_passive (sock, &key, schedule, &me, &him, flags, tcpp);
else
return doit_active (sock, &key, schedule, &me, &him, flags, tcpp);
} }
static void static void