#include <ctype.h>
#include <sys/param.h>
#include <sys/file.h>
+#include <fcntl.h>
+#include <des.h>
+#include <krb.h>
#include <moira.h>
#include "update.h"
extern CONNECTION conn;
char buf[BUFSIZ];
-extern int code, errno;
+extern int code, errno, uid;
extern int have_authorization, have_file, done;
+extern C_Block session;
+static des_key_schedule sched;
+static des_cblock ivec;
int get_block();
*/
int
-get_file(pathname, file_size, checksum)
+get_file(pathname, file_size, checksum, mode, encrypt)
char *pathname;
int file_size;
int checksum;
+ int mode;
+ int encrypt;
{
int fd, n_written;
int found_checksum;
}
if (done) /* re-initialize data */
initialize();
+ if (setreuid(0, uid) < 0) {
+ com_err(whoami, errno, "Unable to setuid to %d\n", uid);
+ exit(1);
+ }
/* unlink old file */
- (void) unlink(pathname);
+ if (!config_lookup("noclobber"))
+ (void) unlink(pathname);
/* open file descriptor */
- fd = open(pathname, O_CREAT|O_EXCL|O_WRONLY, 0700);
+ fd = open(pathname, O_CREAT|O_EXCL|O_WRONLY, mode);
if (fd == -1) {
code = errno;
sprintf(buf, "%s: creating file %s (get_file)",
error_message(code), pathname);
mr_log_error(buf);
report_error("reporting file creation error (get_file)");
+ if (setuid(0) < 0) {
+ com_err(whoami, errno, "Unable to setuid back to %d\n", 0);
+ exit(1);
+ }
return(1);
}
/* check to see if we've got the disk space */
(void) ftruncate(fd, 0);
(void) close(fd);
report_error("reporting test-write error (get_file)");
+ if (setuid(0) < 0) {
+ com_err(whoami, errno, "Unable to setuid back to %d\n", 0);
+ exit(1);
+ }
return(1);
}
n_written += n_wrote;
lseek(fd, 0, L_SET);
if (send_ok())
lose("sending okay for file transfer (get_file)");
+ if (encrypt) {
+#ifdef DEBUG
+ com_err(whoami, 0, "Session %02x %02x %02x %02x %02x %02x %02x %02x",
+ session[0], session[1], session[2], session[3],
+ session[4], session[5], session[6], session[7]);
+#endif /* DEBUG */
+ des_key_sched(session, sched);
+ bcopy(session, ivec, sizeof(ivec));
+ }
n_written = 0;
while (n_written < file_size && code == 0) {
- int n_got = get_block(fd, file_size - n_written);
+ int n_got = get_block(fd, file_size - n_written, encrypt);
if (n_got == -1) {
/* get_block has already printed a message */
unlink(pathname);
+ if (setuid(0) < 0) {
+ com_err(whoami, errno, "Unable to setuid back to %d\n", 0);
+ exit(1);
+ }
return(1);
}
n_written += n_got;
if (code) {
code = connection_errno(conn);
report_error("reading file (get_file)");
+ if (setuid(0) < 0) {
+ com_err(whoami, errno, "Unable to setuid back to %d\n", 0);
+ exit(1);
+ }
return(1);
}
fsync(fd);
ftruncate(fd, file_size);
fsync(fd);
close(fd);
+ if (setuid(0) < 0) {
+ com_err(whoami, errno, "Unable to setuid back to %d\n", 0);
+ exit(1);
+ }
/* validate checksum */
found_checksum = checksum_file(pathname);
if (checksum != found_checksum) {
}
static int
-get_block(fd, max_size)
+get_block(fd, max_size, encrypt)
int fd;
int max_size;
+ int encrypt;
{
STRING data;
- int n_read, n;
+ unsigned char dst[UPDATE_BUFSIZ + 8], *src;
+ int n_read, n, i;
code = receive_object(conn, (char *)&data, STRING_T);
if (code) {
code = connection_errno(conn);
lose("receiving data file (get_file)");
}
+
+ if (encrypt) {
+ src = (unsigned char *)STRING_DATA(data);
+ n = MAX_STRING_SIZE(data);
+ des_pcbc_encrypt(src, dst, n, sched, ivec, 1);
+ for (i = 0; i < 8; i++)
+ ivec[i] = src[n - 8 + i] ^ dst[n - 8 + i];
+ bcopy(dst, STRING_DATA(data), n);
+ }
+
n_read = MIN(MAX_STRING_SIZE(data), max_size);
n = 0;
while (n < n_read) {