Diane Delgado's changes for a fixed table-locking order

[moira.git] / update / get_file.c

diff --git a/update/get_file.c b/update/get_file.c
index e13f74951abcf69069c1c2b3e62a0ef02caf0ab1..17a2f97b60bbd4325d6cbf9b6d67696c3961b4ad 100644 (file)
--- a/update/get_file.c
+++ b/update/get_file.c
@@ -14,8 +14,12 @@ static char *rcsid_get_file_c = "$Header$";
 #include <stdio.h>
 #include <gdb.h>
 #include <ctype.h>
+#include <string.h>
 #include <sys/param.h>
 #include <sys/file.h>
+#include <fcntl.h>
+#include <des.h>
+#include <krb.h>
 #include <moira.h>
 #include "update.h"
 
@@ -29,6 +33,9 @@ char buf[BUFSIZ];
 extern int code, errno, uid;
 
 extern int have_authorization, have_file, done;
+extern C_Block session;
+static des_key_schedule sched;
+static des_cblock ivec;
 
 int get_block();
 
@@ -65,11 +72,12 @@ int get_block();
  */
 
 int
-get_file(pathname, file_size, checksum, mode)
+get_file(pathname, file_size, checksum, mode, encrypt)
     char *pathname;
     int file_size;
     int checksum;
     int mode;
+    int encrypt;
 {
     int fd, n_written;
     int found_checksum;
@@ -80,7 +88,11 @@ get_file(pathname, file_size, checksum, mode)
     }
     if (done)                  /* re-initialize data */
        initialize();
+#ifdef POSIX
+    if (setuid(uid) < 0) {
+#else
     if (setreuid(0, uid) < 0) {
+#endif
        com_err(whoami, errno, "Unable to setuid to %d\n", uid);
        exit(1);
     }
@@ -127,9 +139,18 @@ get_file(pathname, file_size, checksum, mode)
     lseek(fd, 0, L_SET);
     if (send_ok())
        lose("sending okay for file transfer (get_file)");
+    if (encrypt) {
+#ifdef DEBUG
+       com_err(whoami, 0, "Session %02x %02x %02x %02x  %02x %02x %02x %02x",
+               session[0], session[1], session[2], session[3], 
+               session[4], session[5], session[6], session[7]);
+#endif /* DEBUG */
+       des_key_sched(session, sched);
+       memcpy(ivec, session, sizeof(ivec));
+    }
     n_written = 0;
     while (n_written < file_size && code == 0) {
-       int n_got = get_block(fd, file_size - n_written);
+       int n_got = get_block(fd, file_size - n_written, encrypt);
        if (n_got == -1) {
            /* get_block has already printed a message */
            unlink(pathname);
@@ -182,18 +203,30 @@ get_file(pathname, file_size, checksum, mode)
 }
 
 static int
-get_block(fd, max_size)
+get_block(fd, max_size, encrypt)
     int fd;
     int max_size;
+    int encrypt;
 {
     STRING data;
-    int n_read, n;
+    unsigned char dst[UPDATE_BUFSIZ + 8], *src;
+    int n_read, n, i;
 
     code = receive_object(conn, (char *)&data, STRING_T);
     if (code) {
        code = connection_errno(conn);
        lose("receiving data file (get_file)");
     }
+
+    if (encrypt) {
+       src = (unsigned char *)STRING_DATA(data);
+       n = MAX_STRING_SIZE(data);
+       des_pcbc_encrypt(src, dst, n, sched, ivec, 1);
+       for (i = 0; i < 8; i++)
+         ivec[i] = src[n - 8 + i] ^ dst[n - 8 + i];
+       memcpy(STRING_DATA(data), dst, n);
+    }
+
     n_read = MIN(MAX_STRING_SIZE(data), max_size);
     n = 0;
     while (n < n_read) {