Ejemplo n.º 1
0
static int expbuf_read(struct expbuf_t *buf, int fd)
{
    size_t sz;

    if (read_nbytes(fd, &sz, sizeof(sz)) != 0)
        return -1;
    expbuf_reserve(buf, sz);
    if (read_nbytes(fd, buf->end, sz) != 0)
        return -1;
    buf->end += sz;
    return 0;
}
Ejemplo n.º 2
0
static void *daemon_conn_thread(void *_sock_fd)
{
    int sock_fd = (int)((char *)_sock_fd - (char *)NULL);
    struct expbuf_t buf = {};
    unsigned char auth_token[NEVERBLEED_AUTH_TOKEN_SIZE];

    /* authenticate */
    if (read_nbytes(sock_fd, &auth_token, sizeof(auth_token)) != 0) {
        warnf("failed to receive authencication token from client");
        goto Exit;
    }
    if (memcmp(auth_token, daemon_auth_token, NEVERBLEED_AUTH_TOKEN_SIZE) != 0) {
        warnf("client authentication failed");
        goto Exit;
    }

    while (1) {
        char *cmd;
        if (expbuf_read(&buf, sock_fd) != 0) {
            if (errno != 0)
                warnf("read error");
            break;
        }
        if ((cmd = expbuf_shift_str(&buf)) == NULL) {
            errno = 0;
            warnf("failed to parse request");
            break;
        }
        if (strcmp(cmd, "priv_enc") == 0) {
            if (priv_enc_stub(&buf) != 0)
                break;
        } else if (strcmp(cmd, "priv_dec") == 0) {
            if (priv_dec_stub(&buf) != 0)
                break;
        } else if (strcmp(cmd, "sign") == 0) {
            if (sign_stub(&buf) != 0)
                break;
        } else if (strcmp(cmd, "load_key") == 0) {
            if (load_key_stub(&buf) != 0)
                break;
        } else if (strcmp(cmd, "setuidgid") == 0) {
            if (setuidgid_stub(&buf) != 0)
                break;
        } else {
            warnf("unknown command:%s", cmd);
            break;
        }
        if (expbuf_write(&buf, sock_fd) != 0) {
            warnf(errno != 0 ? "write error" : "connection closed by client");
            break;
        }
        expbuf_dispose(&buf);
    }

Exit:
    expbuf_dispose(&buf);
    close(sock_fd);

    return NULL;
}
Ejemplo n.º 3
0
int aes_handshake(int socket, unsigned char *key)
{
	unsigned char expkey[4 * 4 * (10 + 1)];

	unsigned char token[TOKEN_SIZE];
	unsigned char enc[TOKEN_SIZE];
	unsigned char response[TOKEN_SIZE];
	int i;

	ExpandKey(key,expkey);

	for(i=0;i<TOKEN_SIZE;i++)
	{
		token[i] = rand()%255;
	}

	Encrypt(token, expkey, enc);

	//send token
	write(socket, enc, TOKEN_SIZE);

	//read response
	if(read_nbytes(socket, enc, TOKEN_SIZE) == 0)
		return 0;

	Decrypt(enc, expkey, response);

	//check response
	for(i=0;i<TOKEN_SIZE;i++)
	{
		if((response[i] ^ token_xor_key[i]) != token[i])
			return 0; 
	}

	return 1;
}