oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
Files
e87bd14a11d399e7ea453eafa271e3a2ed4344bb
heimdal/appl/kx/common.c
Assar Westerlund e87bd14a11 Use INADDR_LOOPBACK 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@1054 ec53bebd-3082-4978-b11e-865c3cabbd6b
1996-11-19 20:12:37 +00:00

337 lines
8.4 KiB
C
Raw Blame History

/*
* Copyright (c) 1995, 1996 Kungliga Tekniska Högskolan (Royal Institute
* of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "kx.h"
RCSID("$Id$");
char x_socket[MaxPathLen];
u_int32_t display_num;
char display[MaxPathLen];
int display_size = sizeof(display);
char xauthfile[MaxPathLen];
int xauthfile_size = sizeof(xauthfile);
u_char cookie[16];
size_t cookie_len = sizeof(cookie);
static int
do_enccopy (int fd1, int fd2, int mode, des_cblock *iv,
des_key_schedule schedule, int *num)
{
int ret;
u_char buf[BUFSIZ];
ret = read (fd1, buf, sizeof(buf));
if (ret == 0)
return 0;
if (ret < 0) {
fprintf (stderr, "%s: read: %s\n", prog, strerror (errno));
return ret;
}
#ifndef NOENCRYPTION
des_cfb64_encrypt (buf, buf, ret, schedule, iv,
num, mode);
#endif
ret = krb_net_write (fd2, buf, ret);
if (ret < 0) {
fprintf (stderr, "%s: write: %s\n", prog, strerror (errno));
return ret;
}
return 1;
}
/*
* Copy data from `fd1' to `fd2', encrypting it. Data in the other
* direction is of course, decrypted.
*/
int
copy_encrypted (int fd1, int fd2, des_cblock *iv,
des_key_schedule schedule)
{
des_cblock iv1, iv2;
int num1 = 0, num2 = 0;
memcpy (&iv1, iv, sizeof(iv1));
memcpy (&iv2, iv, sizeof(iv2));
for (;;) {
fd_set fdset;
int ret;
FD_ZERO(&fdset);
FD_SET(fd1, &fdset);
FD_SET(fd2, &fdset);
ret = select (max(fd1, fd2)+1, &fdset, NULL, NULL, NULL);
if (ret < 0 && errno != EINTR) {
fprintf (stderr, "%s: select: %s\n", prog, strerror (errno));
return 1;
}
if (FD_ISSET(fd1, &fdset)) {
ret = do_enccopy (fd1, fd2, DES_ENCRYPT, &iv1, schedule, &num1);
if (ret <= 0)
return ret;
}
if (FD_ISSET(fd2, &fdset)) {
ret = do_enccopy (fd2, fd1, DES_DECRYPT, &iv2, schedule, &num2);
if (ret <= 0)
return ret;
}
}
}
#ifndef X_UNIX_PATH
#define X_UNIX_PATH "/tmp/.X11-unix/X"
#endif
/*
* Allocate and listen on a local X server socket and a TCP socket.
* Return the display number.
*/
int
get_xsockets (int *unix_socket, int *tcp_socket)
{
int unixfd, tcpfd = -1;
struct sockaddr_un unixaddr;
struct sockaddr_in tcpaddr;
int dpy;
int oldmask;
struct hostent *h;
struct in_addr local;
char *dir, *p;
dir = strdup (X_UNIX_PATH);
p = strrchr (dir, '/');
if (p)
*p = '\0';
oldmask = umask(0);
mkdir (dir, 01777);
chmod (dir, 01777);
umask (oldmask);
free (dir);
h = gethostbyname ("localhost");
if (h)
memcpy (&local, h->h_addr, h->h_length);
else
local.s_addr = INADDR_LOOPBACK;
for(dpy = 4; dpy < 256; ++dpy) {
unixfd = socket (AF_UNIX, SOCK_STREAM, 0);
if (unixfd < 0) {
fprintf (stderr, "%s: socket: %s\n", prog, strerror(errno));
return -1;
}
memset (&unixaddr, 0, sizeof(unixaddr));
unixaddr.sun_family = AF_UNIX;
sprintf (unixaddr.sun_path, X_UNIX_PATH "%u", dpy);
if(bind(unixfd,
(struct sockaddr *)&unixaddr,
sizeof(unixaddr)) < 0) {
close (unixfd);
if (errno == EADDRINUSE ||
errno == EACCES) /* Cray return EACCESS */
continue;
else
return -1;
}
if (tcp_socket) {
int one = 1;
tcpfd = socket (AF_INET, SOCK_STREAM, 0);
if (tcpfd < 0) {
fprintf (stderr, "%s: socket: %s\n", prog,
strerror(errno));
close (unixfd);
return -1;
}
#ifdef TCP_NODELAY
setsockopt (tcpfd, IPPROTO_TCP, TCP_NODELAY, (void *)&one,
sizeof(one));
#endif
memset (&tcpaddr, 0, sizeof(tcpaddr));
tcpaddr.sin_family = AF_INET;
tcpaddr.sin_addr = local;
tcpaddr.sin_port = htons(6000 + dpy);
if (bind (tcpfd, (struct sockaddr *)&tcpaddr,
sizeof(tcpaddr)) < 0) {
close (unixfd);
close (tcpfd);
if (errno == EADDRINUSE)
continue;
else
return -1;
}
}
break;
}
if (dpy == 256) {
fprintf (stderr, "%s: no free x-servers\n", prog);
return -1;
}
if (listen (unixfd, SOMAXCONN) < 0) {
fprintf (stderr, "%s: listen: %s\n", prog,
strerror(errno));
return -1;
}
if (tcp_socket)
if (listen (tcpfd, SOMAXCONN) < 0) {
fprintf (stderr, "%s: listen: %s\n", prog,
strerror(errno));
return -1;
}
strcpy(x_socket, unixaddr.sun_path);
*unix_socket = unixfd;
if (tcp_socket)
*tcp_socket = tcpfd;
return dpy;
}
/*
*
*/
int
connect_local_xsocket (unsigned dnr)
{
int fd;
struct sockaddr_un addr;
fd = socket (AF_UNIX, SOCK_STREAM, 0);
if (fd < 0) {
fprintf (stderr, "%s: socket: %s\n", prog, strerror(errno));
return fd;
}
addr.sun_family = AF_UNIX;
sprintf (addr.sun_path, "/tmp/.X11-unix/X%u", dnr);
if (connect (fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
fprintf (stderr, "%s: connect: %s\n", prog,
strerror(errno));
return -1;
}
return fd;
}
#ifndef INADDR_LOOPBACK
#define INADDR_LOOPBACK 0x7f000001
#endif
int
create_and_write_cookie (char *xauthfile,
u_char *cookie,
size_t sz)
{
Xauth auth;
char tmp[64];
FILE *f;
char hostname[MaxHostNameLen];
struct in_addr loopback;
struct hostent *h;
k_gethostname (hostname, sizeof(hostname));
loopback.s_addr = htonl(INADDR_LOOPBACK);
auth.family = FamilyLocal;
auth.address = hostname;
auth.address_length = strlen(auth.address);
sprintf (tmp, "%d", display_num);
auth.number_length = strlen(tmp);
auth.number = tmp;
auth.name = COOKIE_TYPE;
auth.name_length = strlen(auth.name);
auth.data_length = sz;
auth.data = (char*)cookie;
des_rand_data (cookie, sz);
f = fopen(xauthfile, "w");
if (f == NULL)
return 1;
if(XauWriteAuth(f, &auth) == 0) {
fclose(f);
return 1;
}
h = gethostbyname (hostname);
if (h == NULL) {
fclose (f);
return 1;
}
/*
* I would like to write a cookie for localhost:n here, but some
* stupid code in libX11 will not look for cookies of that type,
* so we are forced to use FamilyWild instead.
*/
auth.family = FamilyWild;
auth.address_length = 0;
#if 0 /* XXX */
auth.address = (char *)&loopback;
auth.address_length = sizeof(loopback);
#endif
if (XauWriteAuth(f, &auth) == 0) {
fclose (f);
return 1;
}
if(fclose(f))
return 1;
return 0;
}
/*
* Some simple controls on the address and corresponding socket
*/
int
suspicious_address (int sock, struct sockaddr_in addr)
{
char data[40];
int len = sizeof(data);
return addr.sin_addr.s_addr != htonl(INADDR_LOOPBACK)
|| getsockopt (sock, IPPROTO_IP, IP_OPTIONS, data, &len) < 0
|| len != 0;
}
Reference in New Issue View Git Blame Copy Permalink