/* <mit-copyright.h>. */
#ifndef lint
-static char *rcsid_auth_001_c = "$Header$";
+static char *rcsid_auth_002_c = "$Header$";
#endif
#include <mit-copyright.h>
static char service[] = "rcmd";
static char master[] = "sms";
static char qmark[] = "???";
-C_Block session;
+extern C_Block session;
/*
- * authentication request auth_001:
+ * authentication request auth_002:
*
- * >>> (STRING) "auth_001"
+ * >>> (STRING) "auth_002"
* <<< (int) 0
* >>> (STRING) ticket
* <<< (int) code
+ * <<< (STRING) nonce
+ * >>> (STRING) encrypted nonce
+ * <<< (int) code
*
*/
int
-auth_001(str)
+auth_002(str)
char *str;
{
STRING data;
#ifdef POSIX
struct utsname name;
#endif
+ des_key_schedule sched;
+ C_Block nonce, nonce2;
if (send_ok())
- lose("sending okay for authorization (auth_001)");
+ lose("sending okay for authorization (auth_002)");
code = receive_object(conn, (char *)&data, STRING_T);
if (code) {
code = connection_errno(conn);
strcmp(ainst, ad.pinst) ||
strcmp(arealm, ad.prealm))
goto auth_failed;
+
+ if (send_ok())
+ lose("sending preliminary approval of authorization");
+
+ /* replay protection */
+ des_random_key(&nonce);
+ STRING_DATA(data) = (char *)nonce;
+ MAX_STRING_SIZE(data) = 8;
+ if (send_object(conn, (char *)&data, STRING_T))
+ lose("sending nonce");
+ code = receive_object(conn, (char *)&data, STRING_T);
+ des_key_sched(&ad.session, &sched);
+ des_ecb_encrypt(STRING_DATA(data), nonce2, sched, 0);
+ if (memcmp(nonce, nonce2, sizeof(nonce)))
+ goto auth_failed;
+
if (send_ok())
lose("sending approval of authorization");
have_authorization = 1;
+++ /dev/null
-/*
- * $Source$
- * $Header$
- */
-/* (c) Copyright 1988 by the Massachusetts Institute of Technology. */
-/* For copying and distribution information, please see the file */
-/* <mit-copyright.h>. */
-
-#ifndef lint
-static char *rcsid_inst_001_c = "$Header$";
-#endif
-
-#include <mit-copyright.h>
-#include <stdio.h>
-#include <errno.h>
-#include <ctype.h>
-#include <gdb.h>
-#include <moira.h>
-
-STRING instructions = { 0, 0 };
-extern CONNECTION conn;
-extern int have_instructions, have_authorization;
-extern int code;
-extern char *whoami;
-
-
-/*
- * instruction sequence transmission:
- * syntax:
- * >>> (STRING) "inst_001"
- * <<< (int)0
- * >>> (STRING) instructions
- * <<< (int)0
- */
-
-inst_001(str)
- char *str;
-{
- int file_size;
- int checksum;
- char *pathname;
-
- if (config_lookup("noinstructions")) {
- code = EPERM;
- code = send_object(conn, (char *)&code, INTEGER_T);
- com_err(whoami, EPERM, "Not allowed to receive instructions");
- return;
- }
-
- str += 8;
- while (*str == ' ')
- str++;
- if (!*str) {
- failure:
- reject_call(MR_ARGS);
- return;
- }
- file_size = atoi(str);
- while (isdigit(*str))
- str++;
- while (*str == ' ')
- str++;
- checksum = atoi(str);
- while (isdigit(*str))
- str++;
- while (*str == ' ')
- str++;
- if (*str != '/')
- goto failure;
- pathname = str;
- if (!have_authorization) {
- reject_call(MR_PERM);
- return;
- }
- code = send_ok();
- if (code)
- lose("sending ok for file xfer (2)");
- code = get_file(pathname, file_size, checksum, 0555, 0);
- if (!code) {
- char buf[BUFSIZ];
- have_instructions = 1;
- strcpy(buf, "transferred file ");
- strcat(buf, pathname);
- mr_log_info(buf);
- }
-#ifdef DEBUG
- printf("got instructions: %s\n", STRING_DATA(instructions));
-#endif
-}
#include <termios.h>
#endif
#include "update.h"
+#include "des.h"
-extern int auth_001(), inst_001();
-extern int xfer_002(), xfer_003(), exec_002();
+extern int auth_002(), xfer_002(), xfer_003(), exec_002();
extern int sync_proc(), quit();
extern char *config_lookup();
extern void gdb_debug();
extern int errno;
-extern STRING instructions;
CONNECTION conn;
int code, log_priority;
char *whoami;
int have_authorization = 0;
+C_Block session;
int have_file = 0;
-int have_instructions = 0;
int done = 0;
int uid = 0;
char *str;
int (*proc)();
} dispatch_table[] = {
- { "INST_001", inst_001 },
- { "AUTH_001", auth_001 },
+ { "AUTH_002", auth_002 },
{ "XFER_002", xfer_002 },
{ "XFER_003", xfer_003 },
{ "EXEC_002", exec_002 },
{
/* keep have_authorization around */
have_file = 0;
- have_instructions = 0;
done = 0;
- if (STRING_DATA(instructions) != (char *)NULL)
- string_free(&instructions);
}