1 /*
2 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5
6 /*
7 * Copyright (c) 1983 Regents of the University of California.
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms are permitted
11 * provided that the above copyright notice and this paragraph are
12 * duplicated in all such forms and that any documentation,
13 * advertising materials, and other materials related to such
14 * distribution and use acknowledge that the software was developed
15 * by the University of California, Berkeley. The name of the
16 * University may not be used to endorse or promote products derived
17 * from this software without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
20 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21 */
22
23 /* derived from @(#)rcmd.c 5.17 (Berkeley) 6/27/88 */
24
25 #include <unistd.h>
26 #include <stdlib.h>
27 #include <stdio.h>
28 #include <ctype.h>
29 #include <string.h>
30 #include <pwd.h>
31 #include <sys/param.h>
32 #include <sys/types.h>
33 #include <fcntl.h>
34
35 #include <signal.h>
36 #include <sys/file.h>
37 #include <sys/socket.h>
38 #include <sys/stat.h>
39
40 #include <netinet/in.h>
41 #include <arpa/inet.h>
42 #include <netdb.h>
43 #include <locale.h>
44 #include <syslog.h>
45
46 #include <errno.h>
47 #include <com_err.h>
48 #include <k5-int.h>
49 #include <kcmd.h>
50
51 static char *default_service = "host";
52
53 #define KCMD_BUFSIZ 102400
54 #define KCMD8_BUFSIZ (4096 - 256)
55 /*
56 * For compatibility with earlier versions of Solaris and other OS
57 * (kerborized rsh uses 4KB of RSH_BUFSIZE)- 256 to make sure
58 * there is room
59 */
60 static int deswrite_compat(int, char *, int, int);
61
62 #define KCMD_KEYUSAGE 1026
63
64 static char storage[KCMD_BUFSIZ];
65 static int nstored = 0;
66 static int MAXSIZE = (KCMD_BUFSIZ + 8);
67 static char *store_ptr = storage;
68 static krb5_data desinbuf, desoutbuf;
69
70 static boolean_t encrypt_flag = B_FALSE;
71 static krb5_context kcmd_context;
72
73 /* XXX Overloaded: use_ivecs!=0 -> new protocol, inband signalling, etc. */
74 static boolean_t use_ivecs = B_FALSE;
75 static krb5_data encivec_i[2], encivec_o[2];
76 static krb5_keyusage enc_keyusage_i[2], enc_keyusage_o[2];
77 static krb5_enctype final_enctype;
78 static krb5_keyblock *skey;
79
80 /* ARGSUSED */
81 int
kcmd(int * sock,char ** ahost,ushort_t rport,char * locuser,char * remuser,char * cmd,int * fd2p,char * service,char * realm,krb5_context bsd_context,krb5_auth_context * authconp,krb5_creds ** cred,krb5_int32 * seqno,krb5_int32 * server_seqno,krb5_flags authopts,int anyport,enum kcmd_proto * protonump)82 kcmd(int *sock, char **ahost, ushort_t rport,
83 char *locuser, char *remuser,
84 char *cmd, int *fd2p, char *service, char *realm,
85 krb5_context bsd_context, krb5_auth_context *authconp,
86 krb5_creds **cred, krb5_int32 *seqno, krb5_int32 *server_seqno,
87 krb5_flags authopts,
88 int anyport, enum kcmd_proto *protonump)
89 {
90 int s = -1;
91 sigset_t oldmask, urgmask;
92 struct sockaddr_in sin;
93 struct sockaddr_storage from;
94 krb5_creds *get_cred = NULL;
95 krb5_creds *ret_cred = NULL;
96 char c;
97 struct hostent *hp;
98 int rc;
99 char *host_save = NULL;
100 krb5_error_code status;
101 krb5_ap_rep_enc_part *rep_ret;
102 krb5_error *error = 0;
103 krb5_ccache cc;
104 krb5_data outbuf;
105 krb5_flags options = authopts;
106 krb5_auth_context auth_context = NULL;
107 char *cksumbuf;
108 krb5_data cksumdat;
109 int bsize = 0;
110 char *kcmd_version;
111 enum kcmd_proto protonum = *protonump;
112
113 bsize = strlen(cmd) + strlen(remuser) + 64;
114 if ((cksumbuf = malloc(bsize)) == 0) {
115 (void) fprintf(stderr, gettext("Unable to allocate"
116 " memory for checksum buffer.\n"));
117 return (-1);
118 }
119 (void) snprintf(cksumbuf, bsize, "%u:", ntohs(rport));
120 if (strlcat(cksumbuf, cmd, bsize) >= bsize) {
121 (void) fprintf(stderr, gettext("cmd buffer too long.\n"));
122 free(cksumbuf);
123 return (-1);
124 }
125 if (strlcat(cksumbuf, remuser, bsize) >= bsize) {
126 (void) fprintf(stderr, gettext("remuser too long.\n"));
127 free(cksumbuf);
128 return (-1);
129 }
130 cksumdat.data = cksumbuf;
131 cksumdat.length = strlen(cksumbuf);
132
133 hp = gethostbyname(*ahost);
134 if (hp == 0) {
135 (void) fprintf(stderr,
136 gettext("%s: unknown host\n"), *ahost);
137 return (-1);
138 }
139
140 if ((host_save = (char *)strdup(hp->h_name)) == NULL) {
141 (void) fprintf(stderr, gettext("kcmd: no memory\n"));
142 return (-1);
143 }
144
145 /* If no service is given set to the default service */
146 if (!service) service = default_service;
147
148 if (!(get_cred = (krb5_creds *)calloc(1, sizeof (krb5_creds)))) {
149 (void) fprintf(stderr, gettext("kcmd: no memory\n"));
150 return (-1);
151 }
152 (void) sigemptyset(&urgmask);
153 (void) sigaddset(&urgmask, SIGURG);
154 (void) sigprocmask(SIG_BLOCK, &urgmask, &oldmask);
155
156 status = krb5_sname_to_principal(bsd_context, host_save, service,
157 KRB5_NT_SRV_HST, &get_cred->server);
158 if (status) {
159 (void) fprintf(stderr,
160 gettext("kcmd: "
161 "krb5_sname_to_principal failed: %s\n"),
162 error_message(status));
163 status = -1;
164 goto bad;
165 }
166
167 if (realm && *realm) {
168 (void) krb5_xfree(
169 krb5_princ_realm(bsd_context, get_cred->server)->data);
170 krb5_princ_set_realm_length(bsd_context, get_cred->server,
171 strlen(realm));
172 krb5_princ_set_realm_data(bsd_context, get_cred->server,
173 strdup(realm));
174 }
175
176 s = socket(AF_INET, SOCK_STREAM, 0);
177 if (s < 0) {
178 perror(gettext("Error creating socket"));
179 status = -1;
180 goto bad;
181 }
182 /*
183 * Kerberos only supports IPv4 addresses for now.
184 */
185 if (hp->h_addrtype == AF_INET) {
186 sin.sin_family = hp->h_addrtype;
187 (void) memcpy((void *)&sin.sin_addr,
188 hp->h_addr, hp->h_length);
189 sin.sin_port = rport;
190 } else {
191 syslog(LOG_ERR, "Address type %d not supported for "
192 "Kerberos", hp->h_addrtype);
193 status = -1;
194 goto bad;
195 }
196
197 if (connect(s, (struct sockaddr *)&sin, sizeof (sin)) < 0) {
198 perror(host_save);
199 status = -1;
200 goto bad;
201 }
202
203 if (fd2p == 0) {
204 (void) write(s, "", 1);
205 } else {
206 char num[16];
207 int s2;
208 int s3;
209 struct sockaddr_storage sname;
210 struct sockaddr_in *sp;
211 int len = sizeof (struct sockaddr_storage);
212
213 s2 = socket(AF_INET, SOCK_STREAM, 0);
214 if (s2 < 0) {
215 status = -1;
216 goto bad;
217 }
218 (void) memset((char *)&sin, 0, sizeof (sin));
219 sin.sin_family = AF_INET;
220 sin.sin_addr.s_addr = INADDR_ANY;
221 sin.sin_port = 0;
222
223 if (bind(s2, (struct sockaddr *)&sin, sizeof (sin)) < 0) {
224 perror(gettext("error binding socket"));
225 (void) close(s2);
226 status = -1;
227 goto bad;
228 }
229 if (getsockname(s2, (struct sockaddr *)&sname, &len) < 0) {
230 perror(gettext("getsockname error"));
231 (void) close(s2);
232 status = -1;
233 goto bad;
234 }
235 sp = (struct sockaddr_in *)&sname;
236 (void) listen(s2, 1);
237 (void) snprintf(num, sizeof (num), "%d",
238 htons((ushort_t)sp->sin_port));
239 if (write(s, num, strlen(num)+1) != strlen(num)+1) {
240 perror(gettext("write: error setting up stderr"));
241 (void) close(s2);
242 status = -1;
243 goto bad;
244 }
245
246 s3 = accept(s2, (struct sockaddr *)&from, &len);
247 (void) close(s2);
248 if (s3 < 0) {
249 perror(gettext("accept"));
250 status = -1;
251 goto bad;
252 }
253 *fd2p = s3;
254 if (SOCK_FAMILY(from) == AF_INET) {
255 if (!anyport && SOCK_PORT(from) >= IPPORT_RESERVED) {
256 (void) fprintf(stderr,
257 gettext("socket: protocol "
258 "failure in circuit setup.\n"));
259 status = -1;
260 goto bad2;
261 }
262 } else {
263 (void) fprintf(stderr,
264 gettext("Kerberos does not support "
265 "address type %d\n"),
266 SOCK_FAMILY(from));
267 status = -1;
268 goto bad2;
269 }
270 }
271
272 if (status = krb5_cc_default(bsd_context, &cc))
273 goto bad2;
274
275 status = krb5_cc_get_principal(bsd_context, cc, &get_cred->client);
276 if (status) {
277 (void) krb5_cc_close(bsd_context, cc);
278 goto bad2;
279 }
280
281 /* Get ticket from credentials cache or kdc */
282 status = krb5_get_credentials(bsd_context, 0, cc, get_cred, &ret_cred);
283 (void) krb5_cc_close(bsd_context, cc);
284 if (status) goto bad2;
285
286 /* Reset internal flags; these should not be sent. */
287 authopts &= (~OPTS_FORWARD_CREDS);
288 authopts &= (~OPTS_FORWARDABLE_CREDS);
289
290 if ((status = krb5_auth_con_init(bsd_context, &auth_context)))
291 goto bad2;
292
293 if ((status = krb5_auth_con_setflags(bsd_context, auth_context,
294 KRB5_AUTH_CONTEXT_RET_TIME)))
295 goto bad2;
296
297 /* Only need local address for mk_cred() to send to krlogind */
298 if ((status = krb5_auth_con_genaddrs(bsd_context, auth_context, s,
299 KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR)))
300 goto bad2;
301
302 if (protonum == KCMD_PROTOCOL_COMPAT_HACK) {
303 krb5_boolean is_des;
304 status = krb5_c_enctype_compare(bsd_context,
305 ENCTYPE_DES_CBC_CRC,
306 ret_cred->keyblock.enctype,
307 &is_des);
308 if (status)
309 goto bad2;
310 protonum = is_des ? KCMD_OLD_PROTOCOL : KCMD_NEW_PROTOCOL;
311 }
312
313 switch (protonum) {
314 case KCMD_NEW_PROTOCOL:
315 authopts |= AP_OPTS_USE_SUBKEY;
316 kcmd_version = "KCMDV0.2";
317 break;
318 case KCMD_OLD_PROTOCOL:
319 kcmd_version = "KCMDV0.1";
320 break;
321 default:
322 status = -1;
323 goto bad2;
324 }
325
326 /*
327 * Call the Kerberos library routine to obtain an authenticator,
328 * pass it over the socket to the server, and obtain mutual
329 * authentication.
330 */
331 status = krb5_sendauth(bsd_context, &auth_context, (krb5_pointer) &s,
332 kcmd_version, ret_cred->client, ret_cred->server,
333 authopts, &cksumdat, ret_cred, 0, &error,
334 &rep_ret, NULL);
335 krb5_xfree(cksumdat.data);
336 if (status) {
337 (void) fprintf(stderr, gettext("Couldn't authenticate"
338 " to server: %s\n"),
339 error_message(status));
340 if (error) {
341 (void) fprintf(stderr, gettext("Server returned error"
342 " code %d (%s)\n"),
343 error->error,
344 error_message(ERROR_TABLE_BASE_krb5 +
345 error->error));
346 if (error->text.length)
347 (void) fprintf(stderr,
348 gettext("Error text"
349 " sent from server: %s\n"),
350 error->text.data);
351 }
352 if (error) {
353 krb5_free_error(bsd_context, error);
354 error = 0;
355 }
356 goto bad2;
357 }
358 if (rep_ret && server_seqno) {
359 *server_seqno = rep_ret->seq_number;
360 krb5_free_ap_rep_enc_part(bsd_context, rep_ret);
361 }
362
363 (void) write(s, remuser, strlen(remuser)+1);
364 (void) write(s, cmd, strlen(cmd)+1);
365 if (locuser)
366 (void) write(s, locuser, strlen(locuser)+1);
367 else
368 (void) write(s, "", 1);
369
370 if (options & OPTS_FORWARD_CREDS) { /* Forward credentials */
371 if (status = krb5_fwd_tgt_creds(bsd_context, auth_context,
372 host_save,
373 ret_cred->client, ret_cred->server,
374 0, options & OPTS_FORWARDABLE_CREDS,
375 &outbuf)) {
376 (void) fprintf(stderr,
377 gettext("kcmd: Error getting"
378 " forwarded creds\n"));
379 goto bad2;
380 }
381 /* Send forwarded credentials */
382 if (status = krb5_write_message(bsd_context, (krb5_pointer)&s,
383 &outbuf))
384 goto bad2;
385 } else { /* Dummy write to signal no forwarding */
386 outbuf.length = 0;
387 if (status = krb5_write_message(bsd_context,
388 (krb5_pointer)&s, &outbuf))
389 goto bad2;
390 }
391
392 if ((rc = read(s, &c, 1)) != 1) {
393 if (rc == -1) {
394 perror(*ahost);
395 } else {
396 (void) fprintf(stderr, gettext("kcmd: bad connection "
397 "with remote host\n"));
398 }
399 status = -1;
400 goto bad2;
401 }
402 if (c != 0) {
403 while (read(s, &c, 1) == 1) {
404 (void) write(2, &c, 1);
405 if (c == '\n')
406 break;
407 }
408 status = -1;
409 goto bad2;
410 }
411 (void) sigprocmask(SIG_SETMASK, &oldmask, (sigset_t *)0);
412 *sock = s;
413
414 /* pass back credentials if wanted */
415 if (cred) (void) krb5_copy_creds(bsd_context, ret_cred, cred);
416 krb5_free_creds(bsd_context, ret_cred);
417 /*
418 * Initialize *authconp to auth_context, so
419 * that the clients can make use of it
420 */
421 *authconp = auth_context;
422
423 return (0);
424 bad2:
425 if (fd2p != NULL)
426 (void) close(*fd2p);
427 bad:
428 if (s > 0)
429 (void) close(s);
430 if (get_cred)
431 krb5_free_creds(bsd_context, get_cred);
432 if (ret_cred)
433 krb5_free_creds(bsd_context, ret_cred);
434 if (host_save)
435 free(host_save);
436 (void) sigprocmask(SIG_SETMASK, &oldmask, (sigset_t *)0);
437 return (status);
438 }
439
440 /*
441 * Strsave was a routine in the version 4 krb library: we put it here
442 * for compatablilty with version 5 krb library, since kcmd.o is linked
443 * into all programs.
444 */
445
446 char *
strsave(char * sp)447 strsave(char *sp)
448 {
449 char *ret;
450
451 if ((ret = (char *)strdup(sp)) == NULL) {
452 (void) fprintf(stderr, gettext("no memory for saving args\n"));
453 exit(1);
454 }
455 return (ret);
456 }
457
458
459 /*
460 * This routine is to initialize the desinbuf, desoutbuf and the session key
461 * structures to carry out desread()'s and deswrite()'s successfully
462 */
463 void
init_encrypt(int enc,krb5_context ctxt,enum kcmd_proto protonum,krb5_data * inbuf,krb5_data * outbuf,int amclient,krb5_encrypt_block * block)464 init_encrypt(int enc, krb5_context ctxt, enum kcmd_proto protonum,
465 krb5_data *inbuf, krb5_data *outbuf,
466 int amclient, krb5_encrypt_block *block)
467 {
468 krb5_error_code statuscode;
469 size_t blocksize;
470 int i;
471 krb5_error_code ret;
472
473 kcmd_context = ctxt;
474
475 if (enc > 0) {
476 desinbuf.data = inbuf->data;
477 desoutbuf.data = outbuf->data + 4;
478 desinbuf.length = inbuf->length;
479 desoutbuf.length = outbuf->length + 4;
480 encrypt_flag = B_TRUE;
481 } else {
482 encrypt_flag = B_FALSE;
483 return;
484 }
485
486 skey = block->key;
487 final_enctype = skey->enctype;
488
489 enc_keyusage_i[0] = KCMD_KEYUSAGE;
490 enc_keyusage_i[1] = KCMD_KEYUSAGE;
491 enc_keyusage_o[0] = KCMD_KEYUSAGE;
492 enc_keyusage_o[1] = KCMD_KEYUSAGE;
493
494 if (protonum == KCMD_OLD_PROTOCOL) {
495 use_ivecs = B_FALSE;
496 return;
497 }
498
499 use_ivecs = B_TRUE;
500 switch (skey->enctype) {
501 /*
502 * For the DES-based enctypes and the 3DES enctype we
503 * want to use a non-zero IV because that's what we did.
504 * In the future we use different keyusage for each
505 * channel and direction and a fresh cipher state.
506 */
507 case ENCTYPE_DES_CBC_CRC:
508 case ENCTYPE_DES_CBC_MD4:
509 case ENCTYPE_DES_CBC_MD5:
510 case ENCTYPE_DES3_CBC_SHA1:
511 statuscode = krb5_c_block_size(kcmd_context, final_enctype,
512 &blocksize);
513 if (statuscode) {
514 /* XXX what do I do? */
515 abort();
516 }
517
518 encivec_i[0].length = encivec_i[1].length =
519 encivec_o[0].length = encivec_o[1].length = blocksize;
520
521 if ((encivec_i[0].data = malloc(encivec_i[0].length * 4))
522 == NULL) {
523 /* XXX what do I do? */
524 abort();
525 }
526 encivec_i[1].data = encivec_i[0].data + encivec_i[0].length;
527 encivec_o[0].data = encivec_i[1].data + encivec_i[0].length;
528 encivec_o[1].data = encivec_o[0].data + encivec_i[0].length;
529
530 /* is there a better way to initialize this? */
531 (void) memset(encivec_i[0].data, amclient, blocksize);
532 (void) memset(encivec_o[0].data, 1 - amclient, blocksize);
533 (void) memset(encivec_i[1].data, 2 | amclient, blocksize);
534 (void) memset(encivec_o[1].data, 2 | (1 - amclient), blocksize);
535 break;
536 default:
537 if (amclient) {
538 enc_keyusage_i[0] = 1028;
539 enc_keyusage_i[1] = 1030;
540 enc_keyusage_o[0] = 1032;
541 enc_keyusage_o[1] = 1034;
542 } else { /* amclient */
543 enc_keyusage_i[0] = 1032;
544 enc_keyusage_i[1] = 1034;
545 enc_keyusage_o[0] = 1028;
546 enc_keyusage_o[1] = 1030;
547 }
548 for (i = 0; i < 2; i++) {
549 ret = krb5_c_init_state(ctxt,
550 skey, enc_keyusage_i[i],
551 &encivec_i[i]);
552 if (ret)
553 goto fail;
554 ret = krb5_c_init_state(ctxt,
555 skey, enc_keyusage_o[i],
556 &encivec_o[i]);
557 if (ret)
558 goto fail;
559 }
560 break;
561 }
562 return;
563 fail:
564 abort();
565 }
566
567 int
desread(int fd,char * buf,int len,int secondary)568 desread(int fd, char *buf, int len, int secondary)
569 {
570 int nreturned = 0;
571 long net_len, rd_len;
572 int cc;
573 size_t ret = 0;
574 unsigned char len_buf[4];
575 krb5_enc_data inputd;
576 krb5_data outputd;
577
578 if (!encrypt_flag)
579 return (read(fd, buf, len));
580
581 /*
582 * If there is stored data from a previous read,
583 * put it into the output buffer and return it now.
584 */
585 if (nstored >= len) {
586 (void) memcpy(buf, store_ptr, len);
587 store_ptr += len;
588 nstored -= len;
589 return (len);
590 } else if (nstored) {
591 (void) memcpy(buf, store_ptr, nstored);
592 nreturned += nstored;
593 buf += nstored;
594 len -= nstored;
595 nstored = 0;
596 }
597
598 if ((cc = krb5_net_read(kcmd_context, fd, (char *)len_buf, 4)) != 4) {
599 if ((cc < 0) && ((errno == EWOULDBLOCK) || (errno == EAGAIN)))
600 return (cc);
601 /* XXX can't read enough, pipe must have closed */
602 return (0);
603 }
604 rd_len = ((len_buf[0] << 24) | (len_buf[1] << 16) |
605 (len_buf[2] << 8) | len_buf[3]);
606
607 if (krb5_c_encrypt_length(kcmd_context, final_enctype,
608 use_ivecs ? (size_t)rd_len + 4 : (size_t)rd_len,
609 &ret))
610 net_len = ((size_t)-1);
611 else
612 net_len = ret;
613
614 if ((net_len <= 0) || (net_len > desinbuf.length)) {
615 /*
616 * preposterous length; assume out-of-sync; only recourse
617 * is to close connection, so return 0
618 */
619 (void) fprintf(stderr, gettext("Read size problem.\n"));
620 return (0);
621 }
622
623 if ((cc = krb5_net_read(kcmd_context, fd, desinbuf.data, net_len))
624 != net_len) {
625 /* pipe must have closed, return 0 */
626 (void) fprintf(stderr,
627 gettext("Read error: length received %d "
628 "!= expected %d.\n"),
629 cc, net_len);
630 return (0);
631 }
632
633 /*
634 * Decrypt information
635 */
636 inputd.enctype = ENCTYPE_UNKNOWN;
637 inputd.ciphertext.length = net_len;
638 inputd.ciphertext.data = (krb5_pointer)desinbuf.data;
639
640 outputd.length = sizeof (storage);
641 outputd.data = (krb5_pointer)storage;
642
643 /*
644 * data is decrypted into the "storage" buffer, which
645 * had better be large enough!
646 */
647 cc = krb5_c_decrypt(kcmd_context, skey,
648 enc_keyusage_i[secondary],
649 use_ivecs ? encivec_i + secondary : 0,
650 &inputd, &outputd);
651 if (cc) {
652 (void) fprintf(stderr, gettext("Cannot decrypt data "
653 "from network\n"));
654 return (0);
655 }
656
657 store_ptr = storage;
658 nstored = rd_len;
659 if (use_ivecs == B_TRUE) {
660 int rd_len2;
661 rd_len2 = storage[0] & 0xff;
662 rd_len2 <<= 8; rd_len2 |= storage[1] & 0xff;
663 rd_len2 <<= 8; rd_len2 |= storage[2] & 0xff;
664 rd_len2 <<= 8; rd_len2 |= storage[3] & 0xff;
665 if (rd_len2 != rd_len) {
666 /* cleartext length trashed? */
667 errno = EIO;
668 return (-1);
669 }
670 store_ptr += 4;
671 }
672 /*
673 * Copy only as much data as the input buffer will allow.
674 * The rest is kept in the 'storage' pointer for the next
675 * read.
676 */
677 if (nstored > len) {
678 (void) memcpy(buf, store_ptr, len);
679 nreturned += len;
680 store_ptr += len;
681 nstored -= len;
682 } else {
683 (void) memcpy(buf, store_ptr, nstored);
684 nreturned += nstored;
685 nstored = 0;
686 }
687
688 return (nreturned);
689 }
690 int
deswrite(int fd,char * buf,int len,int secondary)691 deswrite(int fd, char *buf, int len, int secondary)
692 {
693 int bytes_written;
694 int r;
695 int outlen;
696 char *p;
697 if (!encrypt_flag)
698 return (write(fd, buf, len));
699
700 bytes_written = 0;
701 while (len > 0) {
702 p = buf + bytes_written;
703 if (len > KCMD8_BUFSIZ)
704 outlen = KCMD8_BUFSIZ;
705 else
706 outlen = len;
707 r = deswrite_compat(fd, p, outlen, secondary);
708 if (r == -1)
709 return (r);
710 bytes_written += r;
711 len -= r;
712 }
713 return (bytes_written);
714 }
715 static int
deswrite_compat(int fd,char * buf,int len,int secondary)716 deswrite_compat(int fd, char *buf, int len, int secondary)
717 {
718 int cc;
719 size_t ret = 0;
720 krb5_data inputd;
721 krb5_enc_data outputd;
722 char tmpbuf[KCMD_BUFSIZ + 8];
723 char encrbuf[KCMD_BUFSIZ + 8];
724 unsigned char *len_buf = (unsigned char *)tmpbuf;
725
726 if (use_ivecs == B_TRUE) {
727 unsigned char *lenbuf2 = (unsigned char *)tmpbuf;
728 if (len + 4 > sizeof (tmpbuf))
729 abort();
730 lenbuf2[0] = (len & 0xff000000) >> 24;
731 lenbuf2[1] = (len & 0xff0000) >> 16;
732 lenbuf2[2] = (len & 0xff00) >> 8;
733 lenbuf2[3] = (len & 0xff);
734 (void) memcpy(tmpbuf + 4, buf, len);
735
736 inputd.data = (krb5_pointer)tmpbuf;
737 inputd.length = len + 4;
738 } else {
739 inputd.data = (krb5_pointer)buf;
740 inputd.length = len;
741 }
742
743 desoutbuf.data = encrbuf;
744
745 if (krb5_c_encrypt_length(kcmd_context, final_enctype,
746 use_ivecs ? (size_t)len + 4 : (size_t)len, &ret)) {
747 desoutbuf.length = ((size_t)-1);
748 goto err;
749 } else {
750 desoutbuf.length = ret;
751 }
752
753 if (desoutbuf.length > MAXSIZE) {
754 (void) fprintf(stderr, gettext("Write size problem.\n"));
755 return (-1);
756 }
757
758 /*
759 * Encrypt information
760 */
761 outputd.ciphertext.length = desoutbuf.length;
762 outputd.ciphertext.data = (krb5_pointer)desoutbuf.data;
763
764 cc = krb5_c_encrypt(kcmd_context, skey,
765 enc_keyusage_o[secondary],
766 use_ivecs ? encivec_o + secondary : 0,
767 &inputd, &outputd);
768
769 if (cc) {
770 err:
771 (void) fprintf(stderr, gettext("Write encrypt problem.\n"));
772 return (-1);
773 }
774
775 len_buf[0] = (len & 0xff000000) >> 24;
776 len_buf[1] = (len & 0xff0000) >> 16;
777 len_buf[2] = (len & 0xff00) >> 8;
778 len_buf[3] = (len & 0xff);
779 (void) write(fd, len_buf, 4);
780
781 if (write(fd, desoutbuf.data, desoutbuf.length) != desoutbuf.length) {
782 (void) fprintf(stderr, gettext("Could not write "
783 "out all data.\n"));
784 return (-1);
785 } else {
786 return (len);
787 }
788 }
789