afs_int32 rxkad_DecryptPacket(const struct rx_connection *conn, const fc_KeySchedule * schedule, const fc_InitializationVector * ivec, const int inlen, struct rx_packet *packet) { afs_uint32 xor[2]; struct rx_securityClass *obj; struct rxkad_cprivate *tp; /* s & c have type at same offset */ char *data; int i, tlen, len; len = inlen; obj = rx_SecurityObjectOf(conn); tp = (struct rxkad_cprivate *)obj->privateData; ADD_RXKAD_STATS(bytesDecrypted[rxkad_TypeIndex(tp->type)],len); memcpy((void *)xor, (void *)ivec, sizeof(xor)); for (i = 0; len; i++) { data = rx_data(packet, i, tlen); if (!data || !tlen) break; tlen = MIN(len, tlen); fc_cbc_encrypt(data, data, tlen, *schedule, xor, DECRYPT); len -= tlen; } /* Do this if packet checksums are ever enabled (below), but * current version just passes zero afs_int32 cksum; cksum = ntohl(rx_GetInt32(packet, 1)); */ return 0; }
afs_int32 rxkad_EncryptPacket(const struct rx_connection * conn, const fc_KeySchedule * schedule, const fc_InitializationVector * ivec, const int inlen, struct rx_packet * packet) { afs_uint32 xor[2]; struct rx_securityClass *obj; struct rxkad_cprivate *tp; /* s & c have type at same offset */ char *data; int i, tlen, len; len = inlen; obj = rx_SecurityObjectOf(conn); tp = (struct rxkad_cprivate *)obj->privateData; ADD_RXKAD_STATS(bytesEncrypted[rxkad_TypeIndex(tp->type)],len); /* * afs_int32 cksum; * cksum = htonl(0); * * Future option to add cksum here, but for now we just put 0 */ rx_PutInt32(packet, 1 * sizeof(afs_int32), 0); memcpy((void *)xor, (void *)ivec, sizeof(xor)); for (i = 0; len; i++) { data = rx_data(packet, i, tlen); if (!data || !tlen) break; tlen = MIN(len, tlen); fc_cbc_encrypt(data, data, tlen, *schedule, xor, ENCRYPT); len -= tlen; } return 0; }
/*! * \brief So that intermittent failures that cause connections to die * don't kill whole ubik connection, refresh them when the connection is in * error. */ struct rx_connection * ubik_RefreshConn(struct rx_connection *tc) { afs_uint32 host; u_short port; u_short service; struct rx_securityClass *sc; int si; struct rx_connection *newTc; host = rx_HostOf(rx_PeerOf(tc)); port = rx_PortOf(rx_PeerOf(tc)); service = rx_ServiceIdOf(tc); sc = rx_SecurityObjectOf(tc); si = rx_SecurityClassOf(tc); /* * destroy old one after creating new one so that refCount on security * object cannot reach zero. */ newTc = rx_NewConnection(host, port, service, sc, si); rx_DestroyConnection(tc); return newTc; }