/****************************************************************** * Function: StringInterface * * This function gives the user the option of either Encrypting or * decrypting whichever string they enter. * *Inputs: None *Output: None ******************************************************************/ void StringInterface() { /*The string choice which is going to contain the user choice*/ /*and The newline character*/ char *choice; choice = (char *) malloc(CHOICESIZE * sizeof(char)) ; if(choice == NULL) { fprintf(stderr, "Out of memory - getting space for choice\n"); exit (-1); } PrintSMenu(); /*Reads the choice from the user*/ fscanf(stdin, "%s", choice); { /*For both lowercase and uppercase choices, launch Encryption*/ /*or decryption modes*/ switch(choice[0]) { case 'E': TranslateString(); break; case 'e': TranslateString(); break; case'D': DecryptString(); break; case 'd': DecryptString(); break; default: return; break; } } free(choice); return; }
static void test_symmetric_decrypt(void) { char *ciphertext = (char *)CIPHERTEXT_PRECOMPUTED; int ciphertext_len = sizeof(CIPHERTEXT_PRECOMPUTED); char plaintext_out[CF_BUFSIZE]; int plaintext_len = DecryptString(CIPHER_TYPE_CFENGINE, ciphertext, plaintext_out, KEY, ciphertext_len); assert_int_equal(plaintext_len, strlen(PLAINTEXT) + 1); assert_string_equal(plaintext_out, PLAINTEXT); }
bool CSettings::SetSetting(char *name, char *value) { if (strcmp(name, "godmode") == 0) { godmode = atoi(value); return true; } else if (strcmp(name, "videomode") == 0) { videomode = atoi(value); return true; } else if (strcmp(name, "videopatch") == 0) { videopatch = atoi(value); return true; } else if (strcmp(name, "videoPatchDol") == 0) { videoPatchDol = atoi(value); return true; } else if (strcmp(name, "language") == 0) { language = atoi(value); return true; } else if (strcmp(name, "ocarina") == 0) { ocarina = atoi(value); return true; } else if (strcmp(name, "hddinfo") == 0) { hddinfo = atoi(value); return true; } else if (strcmp(name, "sinfo") == 0) { sinfo = atoi(value); return true; } else if (strcmp(name, "rumble") == 0) { rumble = atoi(value); return true; } else if (strcmp(name, "volume") == 0) { volume = atoi(value); return true; } else if (strcmp(name, "sfxvolume") == 0) { sfxvolume = atoi(value); return true; } else if (strcmp(name, "gamesoundvolume") == 0) { gamesoundvolume = atoi(value); return true; } else if (strcmp(name, "tooltips") == 0) { tooltips = atoi(value); return true; } else if (strcmp(name, "RememberUnlock") == 0) { RememberUnlock = atoi(value); return true; } else if (strcmp(name, "password") == 0) { char EncryptedTxt[50]; strlcpy(EncryptedTxt, value, sizeof(EncryptedTxt)); DecryptString(EncryptedTxt, unlockCode); if(!RememberUnlock && strlen(unlockCode) > 0 && strcmp(unlockCode, "not set") != 0) godmode = 0; return true; } else if (strcmp(name, "GameSort") == 0) { GameSort = atoi(value); return true; } else if (strcmp(name, "LoaderIOS") == 0) { LoaderIOS = atoi(value); return true; } else if (strcmp(name, "cios") == 0) { cios = atoi(value); return true; } else if (strcmp(name, "keyset") == 0) { keyset = atoi(value); return true; } else if (strcmp(name, "xflip") == 0) { xflip = atoi(value); return true; } else if (strcmp(name, "gridRows") == 0) { gridRows = atoi(value); return true; } else if (strcmp(name, "quickboot") == 0) { quickboot = atoi(value); return true; } else if (strcmp(name, "partition") == 0) { partition = atoi(value); return true; } else if (strcmp(name, "wsprompt") == 0) { wsprompt = atoi(value); return true; } else if (strcmp(name, "gameDisplay") == 0) { gameDisplay = atoi(value); return true; } else if (strcmp(name, "parentalcontrol") == 0) { parentalcontrol = atoi(value); return true; } else if (strcmp(name, "screensaver") == 0) { screensaver = atoi(value); return true; } else if (strcmp(name, "titlesOverride") == 0) { titlesOverride = atoi(value); return true; } else if (strcmp(name, "ForceDiscTitles") == 0) { ForceDiscTitles = atoi(value); return true; } else if (strcmp(name, "musicloopmode") == 0) { musicloopmode = atoi(value); return true; } else if (strcmp(name, "gamesound") == 0) { gamesound = atoi(value); return true; } else if (strcmp(name, "wiilight") == 0) { wiilight = atoi(value); return true; } else if (strcmp(name, "marknewtitles") == 0) { marknewtitles = atoi(value); return true; } else if (strcmp(name, "ShowPlayCount") == 0) { ShowPlayCount = atoi(value); return true; } else if (strcmp(name, "ShowFreeSpace") == 0) { ShowFreeSpace = atoi(value); return true; } else if (strcmp(name, "HomeMenu") == 0) { HomeMenu = atoi(value); return true; } else if (strcmp(name, "MultiplePartitions") == 0) { MultiplePartitions = atoi(value); return true; } else if (strcmp(name, "BlockIOSReload") == 0) { BlockIOSReload = atoi(value); return true; } else if (strcmp(name, "USBPort") == 0) { USBPort = atoi(value); return true; } else if (strcmp(name, "USBAutoMount") == 0) { USBAutoMount = atoi(value); return true; } else if (strcmp(name, "CacheTitles") == 0) { CacheTitles = atoi(value); return true; } else if (strcmp(name, "patchcountrystrings") == 0) { patchcountrystrings = atoi(value); return true; } else if (strcmp(name, "discart") == 0) { discart = atoi(value); return true; } else if (strcmp(name, "coversfull") == 0) { coversfull = atoi(value); return true; } else if (strcmp(name, "autonetwork") == 0) { autonetwork = atoi(value); return true; } else if (strcmp(name, "InstallToDir") == 0) { InstallToDir = atoi(value); return true; } else if (strcmp(name, "GameSplit") == 0) { GameSplit = atoi(value); return true; } else if (strcmp(name, "PlaylogUpdate") == 0) { PlaylogUpdate = atoi(value); return true; } else if(strcmp(name, "Wiinnertag") == 0) { Wiinnertag = atoi(value); } else if(strcmp(name, "SelectedGame") == 0) { SelectedGame = atoi(value); } else if(strcmp(name, "GameListOffset") == 0) { GameListOffset = atoi(value); } else if(strcmp(name, "sneekVideoPatch") == 0) { sneekVideoPatch = atoi(value); } else if(strcmp(name, "UseSystemFont") == 0) { UseSystemFont = atoi(value); } else if(strcmp(name, "Hooktype") == 0) { Hooktype = atoi(value); } else if(strcmp(name, "WiirdDebugger") == 0) { WiirdDebugger = atoi(value); } else if(strcmp(name, "WiirdDebuggerPause") == 0) { WiirdDebuggerPause = atoi(value); } else if(strcmp(name, "NandEmuMode") == 0) { NandEmuMode = atoi(value); } else if(strcmp(name, "NandEmuChanMode") == 0) { NandEmuChanMode = atoi(value); } else if(strcmp(name, "LoaderMode") == 0) { LoaderMode = atoi(value); } else if(strcmp(name, "SearchMode") == 0) { SearchMode = atoi(value); } else if(strcmp(name, "GameAspectRatio") == 0) { GameAspectRatio = atoi(value); } else if(strcmp(name, "UseChanLauncher") == 0) { UseChanLauncher = atoi(value); } else if(strcmp(name, "AdjustOverscanX") == 0) { AdjustOverscanX = atoi(value); } else if(strcmp(name, "AdjustOverscanY") == 0) { AdjustOverscanY = atoi(value); } else if(strcmp(name, "TooltipDelay") == 0) { TooltipDelay = atoi(value); } else if(strcmp(name, "BannerZoomDuration") == 0) { BannerZoomDuration = atoi(value); } else if(strcmp(name, "GameWindowMode") == 0) { GameWindowMode = atoi(value); } else if(strcmp(name, "BannerAnimStart") == 0) { BannerAnimStart = atoi(value); } else if(strcmp(name, "CacheBNRFiles") == 0) { CacheBNRFiles = atoi(value); } else if (strcmp(name, "InstallPartitions") == 0) { InstallPartitions = strtoul(value, 0, 16); return true; } else if (strcmp(name, "WSFactor") == 0) { WSFactor = atof(value); return true; } else if (strcmp(name, "FontScaleFactor") == 0) { FontScaleFactor = atof(value); return true; } else if (strcmp(name, "ClockFontScaleFactor") == 0) { ClockFontScaleFactor = atof(value); return true; } else if (strcmp(name, "PointerSpeed") == 0) { PointerSpeed = atof(value); return true; } else if (strcmp(name, "BannerGridSpeed") == 0) { BannerGridSpeed = atof(value); return true; } else if (strcmp(name, "BannerProjectionOffsetX") == 0) { BannerProjectionOffsetX = atof(value); return true; } else if (strcmp(name, "BannerProjectionOffsetY") == 0) { BannerProjectionOffsetY = atof(value); return true; } else if (strcmp(name, "BannerProjectionWidth") == 0) { BannerProjectionWidth = atof(value); return true; } else if (strcmp(name, "BannerProjectionHeight") == 0) { BannerProjectionHeight = atof(value); return true; } else if (strcmp(name, "GCBannerScale") == 0) { GCBannerScale = atof(value); return true; } else if (strcmp(name, "ParentalBlocks") == 0) { ParentalBlocks = strtoul(value, 0, 16); return true; } else if (strcmp(name, "GameCubeMode") == 0) { GameCubeMode = atoi(value); return true; } else if (strcmp(name, "GameCubeSource") == 0) { GameCubeSource = atoi(value); return true; } else if (strcmp(name, "MultiDiscPrompt") == 0) { MultiDiscPrompt = atoi(value); return true; } else if (strcmp(name, "DMLVideo") == 0) { DMLVideo = atoi(value); return true; } else if (strcmp(name, "DMLProgPatch") == 0) { DMLProgPatch = atoi(value); return true; } else if (strcmp(name, "DMLNMM") == 0) { DMLNMM = atoi(value); return true; } else if (strcmp(name, "DMLActivityLED") == 0) { DMLActivityLED = atoi(value); return true; } else if (strcmp(name, "DMLPADHOOK") == 0) { DMLPADHOOK = atoi(value); return true; } else if (strcmp(name, "DMLNoDisc2") == 0) { DMLNoDisc2 = atoi(value); return true; } else if (strcmp(name, "DMLWidescreen") == 0) { DMLWidescreen = atoi(value); return true; } else if (strcmp(name, "DMLScreenshot") == 0) { DMLScreenshot = atoi(value); return true; } else if (strcmp(name, "DMLJPNPatch") == 0) { DMLJPNPatch = atoi(value); return true; } else if (strcmp(name, "DMLDebug") == 0) { DMLDebug = atoi(value); return true; } else if (strcmp(name, "NINDeflicker") == 0) { NINDeflicker = atoi(value); return true; } else if (strcmp(name, "NINPal50Patch") == 0) { NINPal50Patch = atoi(value); return true; } else if (strcmp(name, "NINWiiUWide") == 0) { NINWiiUWide = atoi(value); return true; } else if (strcmp(name, "NINVideoScale") == 0) { NINVideoScale = atoi(value); return true; } else if (strcmp(name, "NINVideoOffset") == 0) { NINVideoOffset = atoi(value); return true; } else if (strcmp(name, "NINRemlimit") == 0) { NINRemlimit = atoi(value); return true; } else if (strcmp(name, "NINMCEmulation") == 0) { NINMCEmulation = atoi(value); return true; } else if (strcmp(name, "NINMCSize") == 0) { NINMCSize = atoi(value); return true; } else if (strcmp(name, "NINAutoboot") == 0) { NINAutoboot = atoi(value); return true; } else if (strcmp(name, "NINSettings") == 0) { NINSettings = atoi(value); return true; } else if (strcmp(name, "NINUSBHID") == 0) { NINUSBHID = atoi(value); return true; } else if (strcmp(name, "NINMaxPads") == 0) { NINMaxPads = atoi(value); return true; } else if (strcmp(name, "NINNativeSI") == 0) { NINNativeSI = atoi(value); return true; } else if (strcmp(name, "NINOSReport") == 0) { NINOSReport = atoi(value); return true; } else if (strcmp(name, "NINLED") == 0) { NINLED = atoi(value); return true; } else if (strcmp(name, "NINLog") == 0) { NINLog = atoi(value); return true; } else if (strcmp(name, "DEVOMCEmulation") == 0) { DEVOMCEmulation = atoi(value); return true; } else if (strcmp(name, "DEVOWidescreen") == 0) { DEVOWidescreen = atoi(value); return true; } else if (strcmp(name, "DEVOActivityLED") == 0) { DEVOActivityLED = atoi(value); return true; } else if (strcmp(name, "DEVOFZeroAX") == 0) { DEVOFZeroAX = atoi(value); return true; } else if (strcmp(name, "DEVOTimerFix") == 0) { DEVOTimerFix = atoi(value); return true; } else if (strcmp(name, "DEVODButtons") == 0) { DEVODButtons = atoi(value); return true; } else if (strcmp(name, "DEVOCropOverscan") == 0) { DEVOCropOverscan = atoi(value); return true; } else if (strcmp(name, "DEVODiscDelay") == 0) { DEVODiscDelay = atoi(value); return true; } else if (strcmp(name, "DEVOLoaderPath") == 0) { strlcpy(DEVOLoaderPath, value, sizeof(DEVOLoaderPath)); return true; } else if (strcmp(name, "NINLoaderPath") == 0) { strlcpy(NINLoaderPath, value, sizeof(NINLoaderPath)); return true; } else if (strcmp(name, "GCInstallCompressed") == 0) { GCInstallCompressed = atoi(value); return true; } else if (strcmp(name, "GCInstallAligned") == 0) { GCInstallAligned = atoi(value); return true; } else if (strcmp(name, "covers_path") == 0) { strlcpy(covers_path, value, sizeof(covers_path)); return true; } else if (strcmp(name, "covers2d_path") == 0) { strlcpy(covers2d_path, value, sizeof(covers2d_path)); return true; } else if (strcmp(name, "coversFull_path") == 0) { strlcpy(coversFull_path, value, sizeof(coversFull_path)); return true; } else if (strcmp(name, "theme_path") == 0) { strlcpy(theme_path, value, sizeof(theme_path)); return true; } else if (strcmp(name, "theme") == 0) { strlcpy(theme, value, sizeof(theme)); return true; } else if (strcmp(name, "disc_path") == 0) { strlcpy(disc_path, value, sizeof(disc_path)); return true; } else if (strcmp(name, "language_path") == 0) { strlcpy(language_path, value, sizeof(language_path)); return true; } else if (strcmp(name, "languagefiles_path") == 0) { strlcpy(languagefiles_path, value, sizeof(languagefiles_path)); return true; } else if (strcmp(name, "TxtCheatcodespath") == 0) { strlcpy(TxtCheatcodespath, value, sizeof(TxtCheatcodespath)); return true; } else if (strcmp(name, "titlestxt_path") == 0) { strlcpy(titlestxt_path, value, sizeof(titlestxt_path)); return true; } else if (strcmp(name, "dolpath") == 0) { strlcpy(dolpath, value, sizeof(dolpath)); return true; } else if (strcmp(name, "ogg_path") == 0) { strlcpy(ogg_path, value, sizeof(ogg_path)); return true; } else if (strcmp(name, "update_path") == 0) { strlcpy(update_path, value, sizeof(update_path)); return true; } else if (strcmp(name, "homebrewapps_path") == 0) { strlcpy(homebrewapps_path, value, sizeof(homebrewapps_path)); return true; } else if (strcmp(name, "BNRCachePath") == 0) { strlcpy(BNRCachePath, value, sizeof(BNRCachePath)); return true; } else if (strcmp(name, "Cheatcodespath") == 0) { strlcpy(Cheatcodespath, value, sizeof(Cheatcodespath)); return true; } else if (strcmp(name, "BcaCodepath") == 0) { strlcpy(BcaCodepath, value, sizeof(BcaCodepath)); return true; } else if (strcmp(name, "WipCodepath") == 0) { strlcpy(WipCodepath, value, sizeof(WipCodepath)); return true; } else if (strcmp(name, "WDMpath") == 0) { strlcpy(WDMpath, value, sizeof(WDMpath)); return true; } else if (strcmp(name, "returnTo") == 0) { strlcpy(returnTo, value, sizeof(returnTo)); return true; } else if (strcmp(name, "WiinnertagPath") == 0) { strlcpy(WiinnertagPath, value, sizeof(WiinnertagPath)); return true; } else if (strcmp(name, "NandEmuPath") == 0) { strlcpy(NandEmuPath, value, sizeof(NandEmuPath)); return true; } else if (strcmp(name, "NandEmuChanPath") == 0) { strlcpy(NandEmuChanPath, value, sizeof(NandEmuChanPath)); return true; } else if (strcmp(name, "GameCubePath") == 0) { strlcpy(GameCubePath, value, sizeof(GameCubePath)); return true; } else if (strcmp(name, "GameCubeSDPath") == 0) { strlcpy(GameCubeSDPath, value, sizeof(GameCubeSDPath)); return true; } else if (strcmp(name, "CustomBannersURL") == 0) { if( strcmp(value, "http://dl.dropbox.com/u/101209384/") == 0 || strcmp(value, "http://dl.dropboxusercontent.com/u/101209384/") == 0 || strcmp(value, "http://copy.com/vRN3HgFVyk9u7YuB/Public/") == 0) strlcpy(CustomBannersURL, "http://nintendont.gxarena.com/banners/", sizeof(CustomBannersURL)); // update banner URL else strlcpy(CustomBannersURL, value, sizeof(CustomBannersURL)); return true; } else if(strcmp(name, "PrivateServer") == 0) { PrivateServer = atoi(value); } else if (strcmp(name, "EnabledCategories") == 0) { EnabledCategories.clear(); char * strTok = strtok(value, ","); while (strTok != NULL) { u32 id = atoi(strTok); u32 i; for(i = 0; i < EnabledCategories.size(); ++i) { if(EnabledCategories[i] == id) break; } if(i == EnabledCategories.size()) EnabledCategories.push_back(id); strTok = strtok(NULL,","); } return true; } else if (strcmp(name, "RequiredCategories") == 0) { RequiredCategories.clear(); char * strTok = strtok(value, ","); while (strTok != NULL) { u32 id = atoi(strTok); u32 i; for(i = 0; i < RequiredCategories.size(); ++i) { if(RequiredCategories[i] == id) break; } if(i == RequiredCategories.size()) RequiredCategories.push_back(id); strTok = strtok(NULL,","); } return true; } else if (strcmp(name, "ForbiddenCategories") == 0) { ForbiddenCategories.clear(); char * strTok = strtok(value, ","); while (strTok != NULL) { u32 id = atoi(strTok); u32 i; for(i = 0; i < ForbiddenCategories.size(); ++i) { if(ForbiddenCategories[i] == id) break; } if(i == ForbiddenCategories.size()) ForbiddenCategories.push_back(id); strTok = strtok(NULL,","); } return true; } return false; }
int BusyWithClassicConnection(EvalContext *ctx, ServerConnectionState *conn) { time_t tloc, trem = 0; char recvbuffer[CF_BUFSIZE + CF_BUFEXT], check[CF_BUFSIZE]; char sendbuffer[CF_BUFSIZE] = { 0 }; char filename[CF_BUFSIZE], buffer[CF_BUFSIZE], args[CF_BUFSIZE], out[CF_BUFSIZE]; long time_no_see = 0; unsigned int len = 0; int drift, plainlen, received, encrypted = 0; ServerFileGetState get_args; Item *classes; memset(recvbuffer, 0, CF_BUFSIZE + CF_BUFEXT); memset(&get_args, 0, sizeof(get_args)); received = ReceiveTransaction(conn->conn_info, recvbuffer, NULL); if (received == -1 || received == 0) { return false; } if (strlen(recvbuffer) == 0) { Log(LOG_LEVEL_WARNING, "Got NULL transmission, skipping!"); return true; } /* Don't process request if we're signalled to exit. */ if (IsPendingTermination()) { return false; } ProtocolCommandClassic command = GetCommandClassic(recvbuffer); switch (command) { /* Plain text authentication; this MUST be the first command client using classic protocol is sending. */ case PROTOCOL_COMMAND_AUTH_PLAIN: SetConnectionData(conn, (char *) (recvbuffer + strlen("CAUTH "))); if (conn->username == NULL || IsUserNameValid(conn->username) == false) { Log(LOG_LEVEL_INFO, "Client is sending wrong username: '******'", conn->username); RefuseAccess(conn, recvbuffer); return false; } /* This is used only for forcing correct state of state machine while connecting and authenticating user using classic protocol. */ conn->user_data_set = true; return true; /* This MUST be exactly second command client using classic protocol is sending. This is where key agreement takes place. */ case PROTOCOL_COMMAND_AUTH_SECURE: /* First command was ommited by client; this is protocol violation. */ if (!conn->user_data_set) { Log(LOG_LEVEL_INFO, "Client is not verified; rejecting connection"); RefuseAccess(conn, recvbuffer); return false; } conn->rsa_auth = AuthenticationDialogue(conn, recvbuffer, received); if (!conn->rsa_auth) { Log(LOG_LEVEL_INFO, "Auth dialogue error"); RefuseAccess(conn, recvbuffer); return false; } return true; default: break; } /* At this point we should have both user_data_set and rsa_auth set to perform any operation. We can check only for second one as without first it won't be set up. */ if (!conn->rsa_auth) { Log(LOG_LEVEL_INFO, "Server refusal due to no RSA authentication [command: %d]", command); RefuseAccess(conn, recvbuffer); return false; } /* We have to have key at this point. */ assert(conn->session_key); /* At this point we can safely do next switch and make sure user is authenticated. */ switch (command) { case PROTOCOL_COMMAND_EXEC: memset(args, 0, CF_BUFSIZE); sscanf(recvbuffer, "EXEC %255[^\n]", args); if (!AllowedUser(conn->username)) { Log(LOG_LEVEL_INFO, "Server refusal due to non-allowed user"); RefuseAccess(conn, recvbuffer); return false; } if (!AccessControl(ctx, CommandArg0(CFRUNCOMMAND), conn, false)) { Log(LOG_LEVEL_INFO, "Server refusal due to denied access to requested object"); RefuseAccess(conn, recvbuffer); return false; } if (!MatchClasses(ctx, conn)) { Log(LOG_LEVEL_INFO, "Server refusal due to failed class/context match"); Terminate(conn->conn_info); return false; } DoExec(ctx, conn, args); Terminate(conn->conn_info); return false; case PROTOCOL_COMMAND_VERSION: snprintf(sendbuffer, sizeof(sendbuffer), "OK: %s", Version()); SendTransaction(conn->conn_info, sendbuffer, 0, CF_DONE); return conn->user_data_set; case PROTOCOL_COMMAND_GET: memset(filename, 0, CF_BUFSIZE); sscanf(recvbuffer, "GET %d %[^\n]", &(get_args.buf_size), filename); if ((get_args.buf_size < 0) || (get_args.buf_size > CF_BUFSIZE)) { Log(LOG_LEVEL_INFO, "GET buffer out of bounds"); RefuseAccess(conn, recvbuffer); return false; } if (!AccessControl(ctx, filename, conn, false)) { Log(LOG_LEVEL_INFO, "Access denied to get object"); RefuseAccess(conn, recvbuffer); return true; } memset(sendbuffer, 0, sizeof(sendbuffer)); if (get_args.buf_size >= CF_BUFSIZE) { get_args.buf_size = 2048; } get_args.connect = conn; get_args.encrypt = false; get_args.replybuff = sendbuffer; get_args.replyfile = filename; CfGetFile(&get_args); return true; case PROTOCOL_COMMAND_GET_SECURE: memset(buffer, 0, CF_BUFSIZE); sscanf(recvbuffer, "SGET %u %d", &len, &(get_args.buf_size)); if (received != len + CF_PROTO_OFFSET) { Log(LOG_LEVEL_VERBOSE, "Protocol error SGET"); RefuseAccess(conn, recvbuffer); return false; } plainlen = DecryptString(conn->encryption_type, recvbuffer + CF_PROTO_OFFSET, buffer, conn->session_key, len); cfscanf(buffer, strlen("GET"), strlen("dummykey"), check, sendbuffer, filename); if (strcmp(check, "GET") != 0) { Log(LOG_LEVEL_INFO, "SGET/GET problem"); RefuseAccess(conn, recvbuffer); return true; } if ((get_args.buf_size < 0) || (get_args.buf_size > 8192)) { Log(LOG_LEVEL_INFO, "SGET bounding error"); RefuseAccess(conn, recvbuffer); return false; } if (get_args.buf_size >= CF_BUFSIZE) { get_args.buf_size = 2048; } Log(LOG_LEVEL_DEBUG, "Confirm decryption, and thus validity of caller"); Log(LOG_LEVEL_DEBUG, "SGET '%s' with blocksize %d", filename, get_args.buf_size); if (!AccessControl(ctx, filename, conn, true)) { Log(LOG_LEVEL_INFO, "Access control error"); RefuseAccess(conn, recvbuffer); return false; } memset(sendbuffer, 0, sizeof(sendbuffer)); get_args.connect = conn; get_args.encrypt = true; get_args.replybuff = sendbuffer; get_args.replyfile = filename; CfEncryptGetFile(&get_args); return true; case PROTOCOL_COMMAND_OPENDIR_SECURE: memset(buffer, 0, CF_BUFSIZE); sscanf(recvbuffer, "SOPENDIR %u", &len); if ((len >= sizeof(out)) || (received != (len + CF_PROTO_OFFSET))) { Log(LOG_LEVEL_VERBOSE, "Protocol error OPENDIR: %d", len); RefuseAccess(conn, recvbuffer); return false; } memcpy(out, recvbuffer + CF_PROTO_OFFSET, len); plainlen = DecryptString(conn->encryption_type, out, recvbuffer, conn->session_key, len); if (strncmp(recvbuffer, "OPENDIR", 7) != 0) { Log(LOG_LEVEL_INFO, "Opendir failed to decrypt"); RefuseAccess(conn, recvbuffer); return true; } memset(filename, 0, CF_BUFSIZE); sscanf(recvbuffer, "OPENDIR %[^\n]", filename); if (!AccessControl(ctx, filename, conn, true)) /* opendir don't care about privacy */ { Log(LOG_LEVEL_INFO, "Access error"); RefuseAccess(conn, recvbuffer); return false; } CfSecOpenDirectory(conn, sendbuffer, filename); return true; case PROTOCOL_COMMAND_OPENDIR: memset(filename, 0, CF_BUFSIZE); sscanf(recvbuffer, "OPENDIR %[^\n]", filename); if (!AccessControl(ctx, filename, conn, true)) /* opendir don't care about privacy */ { Log(LOG_LEVEL_INFO, "DIR access error"); RefuseAccess(conn, recvbuffer); return false; } CfOpenDirectory(conn, sendbuffer, filename); return true; case PROTOCOL_COMMAND_SYNC_SECURE: memset(buffer, 0, CF_BUFSIZE); sscanf(recvbuffer, "SSYNCH %u", &len); if ((len >= sizeof(out)) || (received != (len + CF_PROTO_OFFSET))) { Log(LOG_LEVEL_VERBOSE, "Protocol error SSYNCH: %d", len); RefuseAccess(conn, recvbuffer); return false; } memcpy(out, recvbuffer + CF_PROTO_OFFSET, len); plainlen = DecryptString(conn->encryption_type, out, recvbuffer, conn->session_key, len); if (plainlen < 0) { DebugBinOut((char *) conn->session_key, 32, "Session key"); Log(LOG_LEVEL_ERR, "Bad decrypt (%d)", len); } if (strncmp(recvbuffer, "SYNCH", 5) != 0) { Log(LOG_LEVEL_INFO, "No synch"); RefuseAccess(conn, recvbuffer); return true; } /* roll through, no break */ case PROTOCOL_COMMAND_SYNC: memset(filename, 0, CF_BUFSIZE); sscanf(recvbuffer, "SYNCH %ld STAT %[^\n]", &time_no_see, filename); trem = (time_t) time_no_see; if ((time_no_see == 0) || (filename[0] == '\0')) { break; } if ((tloc = time((time_t *) NULL)) == -1) { Log(LOG_LEVEL_INFO, "Couldn't read system clock. (time: %s)", GetErrorStr()); SendTransaction(conn->conn_info, "BAD: clocks out of synch", 0, CF_DONE); return true; } drift = (int) (tloc - trem); if (!AccessControl(ctx, filename, conn, true)) { Log(LOG_LEVEL_INFO, "Access control in sync"); RefuseAccess(conn, recvbuffer); return true; } if (DENYBADCLOCKS && (drift * drift > CLOCK_DRIFT * CLOCK_DRIFT)) { snprintf(sendbuffer, sizeof(sendbuffer), "BAD: Clocks are too far unsynchronized %ld/%ld", (long) tloc, (long) trem); SendTransaction(conn->conn_info, sendbuffer, 0, CF_DONE); return true; } else { Log(LOG_LEVEL_DEBUG, "Clocks were off by %ld", (long) tloc - (long) trem); StatFile(conn, sendbuffer, filename); } return true; case PROTOCOL_COMMAND_MD5_SECURE: sscanf(recvbuffer, "SMD5 %u", &len); if ((len >= sizeof(out)) || (received != (len + CF_PROTO_OFFSET))) { Log(LOG_LEVEL_INFO, "Decryption error"); RefuseAccess(conn, recvbuffer); return true; } memcpy(out, recvbuffer + CF_PROTO_OFFSET, len); plainlen = DecryptString(conn->encryption_type, out, recvbuffer, conn->session_key, len); if (strncmp(recvbuffer, "MD5", 3) != 0) { Log(LOG_LEVEL_INFO, "MD5 protocol error"); RefuseAccess(conn, recvbuffer); return false; } /* roll through, no break */ case PROTOCOL_COMMAND_MD5: CompareLocalHash(conn, sendbuffer, recvbuffer); return true; case PROTOCOL_COMMAND_VAR_SECURE: sscanf(recvbuffer, "SVAR %u", &len); if ((len >= sizeof(out)) || (received != (len + CF_PROTO_OFFSET))) { Log(LOG_LEVEL_INFO, "Decrypt error SVAR"); RefuseAccess(conn, "decrypt error SVAR"); return true; } memcpy(out, recvbuffer + CF_PROTO_OFFSET, len); plainlen = DecryptString(conn->encryption_type, out, recvbuffer, conn->session_key, len); encrypted = true; if (strncmp(recvbuffer, "VAR", 3) != 0) { Log(LOG_LEVEL_INFO, "VAR protocol defect"); RefuseAccess(conn, "decryption failure"); return false; } /* roll through, no break */ case PROTOCOL_COMMAND_VAR: if (!LiteralAccessControl(ctx, recvbuffer, conn, encrypted)) { Log(LOG_LEVEL_INFO, "Literal access failure"); RefuseAccess(conn, recvbuffer); return false; } GetServerLiteral(ctx, conn, sendbuffer, recvbuffer, encrypted); return true; case PROTOCOL_COMMAND_CONTEXT_SECURE: sscanf(recvbuffer, "SCONTEXT %u", &len); if ((len >= sizeof(out)) || (received != (len + CF_PROTO_OFFSET))) { Log(LOG_LEVEL_INFO, "Decrypt error SCONTEXT, len,received = %d,%d", len, received); RefuseAccess(conn, "decrypt error SCONTEXT"); return true; } memcpy(out, recvbuffer + CF_PROTO_OFFSET, len); plainlen = DecryptString(conn->encryption_type, out, recvbuffer, conn->session_key, len); encrypted = true; if (strncmp(recvbuffer, "CONTEXT", 7) != 0) { Log(LOG_LEVEL_INFO, "CONTEXT protocol defect..."); RefuseAccess(conn, "Decryption failed?"); return false; } /* roll through, no break */ case PROTOCOL_COMMAND_CONTEXT: if ((classes = ContextAccessControl(ctx, recvbuffer, conn, encrypted)) == NULL) { Log(LOG_LEVEL_INFO, "Context access failure on %s", recvbuffer); RefuseAccess(conn, recvbuffer); return false; } ReplyServerContext(conn, encrypted, classes); return true; case PROTOCOL_COMMAND_QUERY_SECURE: sscanf(recvbuffer, "SQUERY %u", &len); if ((len >= sizeof(out)) || (received != (len + CF_PROTO_OFFSET))) { Log(LOG_LEVEL_INFO, "Decrypt error SQUERY"); RefuseAccess(conn, "decrypt error SQUERY"); return true; } memcpy(out, recvbuffer + CF_PROTO_OFFSET, len); plainlen = DecryptString(conn->encryption_type, out, recvbuffer, conn->session_key, len); if (strncmp(recvbuffer, "QUERY", 5) != 0) { Log(LOG_LEVEL_INFO, "QUERY protocol defect"); RefuseAccess(conn, "decryption failure"); return false; } if (!LiteralAccessControl(ctx, recvbuffer, conn, true)) { Log(LOG_LEVEL_INFO, "Query access failure"); RefuseAccess(conn, recvbuffer); return false; } if (GetServerQuery(conn, recvbuffer, true)) /* always encrypt */ { return true; } break; case PROTOCOL_COMMAND_CALL_ME_BACK: sscanf(recvbuffer, "SCALLBACK %u", &len); if ((len >= sizeof(out)) || (received != (len + CF_PROTO_OFFSET))) { Log(LOG_LEVEL_INFO, "Decrypt error CALL_ME_BACK"); RefuseAccess(conn, "decrypt error CALL_ME_BACK"); return true; } memcpy(out, recvbuffer + CF_PROTO_OFFSET, len); plainlen = DecryptString(conn->encryption_type, out, recvbuffer, conn->session_key, len); if (strncmp(recvbuffer, "CALL_ME_BACK collect_calls", strlen("CALL_ME_BACK collect_calls")) != 0) { Log(LOG_LEVEL_INFO, "CALL_ME_BACK protocol defect"); RefuseAccess(conn, "decryption failure"); return false; } if (!LiteralAccessControl(ctx, recvbuffer, conn, true)) { Log(LOG_LEVEL_INFO, "Query access failure"); RefuseAccess(conn, recvbuffer); return false; } if (ReceiveCollectCall(conn)) { return true; } case PROTOCOL_COMMAND_AUTH_PLAIN: case PROTOCOL_COMMAND_AUTH_SECURE: case PROTOCOL_COMMAND_AUTH: case PROTOCOL_COMMAND_CONTEXTS: case PROTOCOL_COMMAND_BAD: Log(LOG_LEVEL_WARNING, "Unexpected protocol command"); } strcpy(sendbuffer, "BAD: Request denied"); SendTransaction(conn->conn_info, sendbuffer, 0, CF_DONE); Log(LOG_LEVEL_INFO, "Closing connection, due to request: '%s'", recvbuffer); return false; }
BOOL ResolveSupersede(siC *siCObject, greInfo *aGre) { DWORD dwIndex; char szFilePath[MAX_BUF]; char szSupersedeFile[MAX_BUF]; char szSupersedeVersion[MAX_BUF]; char szType[MAX_BUF_TINY]; char szKey[MAX_BUF_TINY]; verBlock vbVersionNew; verBlock vbFileVersion; siCObject->bSupersede = FALSE; if(siCObject->dwAttributes & SIC_SUPERSEDE) { dwIndex = 0; GetConfigIniProfileString(siCObject->szReferenceName, "SupersedeType", "", szType, sizeof(szType)); if(*szType !='\0') { if(lstrcmpi(szType, "File Exists") == 0) { wsprintf(szKey, "SupersedeFile%d", dwIndex); GetConfigIniProfileString(siCObject->szReferenceName, szKey, "", szSupersedeFile, sizeof(szSupersedeFile)); while(*szSupersedeFile != '\0') { DecryptString(szFilePath, szSupersedeFile); if(FileExists(szFilePath)) { wsprintf(szKey, "SupersedeMinVersion%d",dwIndex); GetConfigIniProfileString(siCObject->szReferenceName, szKey, "", szSupersedeVersion, sizeof(szSupersedeVersion)); if(*szSupersedeVersion != '\0') { if(GetFileVersion(szFilePath,&vbFileVersion)) { /* If we can get the version, and it is greater than or equal to the SupersedeVersion * set supersede. If we cannot get the version, do not supersede the file. */ TranslateVersionStr(szSupersedeVersion, &vbVersionNew); if(CompareVersion(vbFileVersion,vbVersionNew) >= 0) { siCObject->bSupersede = TRUE; break; /* Found at least one file, so break out of while loop */ } } } else { /* The file exists, and there's no version to check. set Supersede */ siCObject->bSupersede = TRUE; break; /* Found at least one file, so break out of while loop */ } } wsprintf(szKey, "SupersedeFile%d", ++dwIndex); GetConfigIniProfileString(siCObject->szReferenceName, szKey, "", szSupersedeFile, sizeof(szSupersedeFile)); } } else if(lstrcmpi(szType, "GRE") == 0) { /* save the GRE component */ aGre->siCGreComponent = siCObject; /* If -fgre is passed in, and the current product to install is !GRE, * and the current component is 'Component GRE' then select and * disable it to force it to be installed regardless of supersede * rules. * * If the product is GRE, then it won't have a 'Component GRE', but * rather a 'Component XPCOM', in which case it will always get * installed */ if((gbForceInstallGre) && (lstrcmpi(sgProduct.szProductNameInternal, "GRE") != 0)) { siCObject->dwAttributes |= SIC_SELECTED; siCObject->dwAttributes |= SIC_DISABLED; } else ResolveSupersedeGre(siCObject, aGre); } } if(siCObject->bSupersede) { siCObject->dwAttributes &= ~SIC_SELECTED; siCObject->dwAttributes |= SIC_DISABLED; siCObject->dwAttributes |= SIC_INVISIBLE; } else /* Make sure to unset the DISABLED bit. If the Setup Type is other than * Custom, then we don't care if it's DISABLED or not because this flag * is only used in the Custom dialogs. * * If the Setup Type is Custom and this component is DISABLED by default * via the config.ini, it's default value will be restored in the * SiCNodeSetItemsSelected() function that called ResolveSupersede(). */ siCObject->dwAttributes &= ~SIC_DISABLED; } return(siCObject->bSupersede); }
Item *RemoteDirList(const char *dirname, bool encrypt, AgentConnection *conn) { char sendbuffer[CF_BUFSIZE]; char recvbuffer[CF_BUFSIZE]; char in[CF_BUFSIZE]; char out[CF_BUFSIZE]; int n, cipherlen = 0, tosend; char *sp; Item *files = NULL; Item *ret = NULL; if (strlen(dirname) > CF_BUFSIZE - 20) { Log(LOG_LEVEL_ERR, "Directory name too long"); return NULL; } if (encrypt) { if (conn->session_key == NULL) { Log(LOG_LEVEL_ERR, "Cannot do encrypted copy without keys (use cf-key)"); return NULL; } snprintf(in, CF_BUFSIZE, "OPENDIR %s", dirname); cipherlen = EncryptString(conn->encryption_type, in, out, conn->session_key, strlen(in) + 1); snprintf(sendbuffer, CF_BUFSIZE - 1, "SOPENDIR %d", cipherlen); memcpy(sendbuffer + CF_PROTO_OFFSET, out, cipherlen); tosend = cipherlen + CF_PROTO_OFFSET; } else { snprintf(sendbuffer, CF_BUFSIZE, "OPENDIR %s", dirname); tosend = strlen(sendbuffer); } if (SendTransaction(conn->sd, sendbuffer, tosend, CF_DONE) == -1) { return NULL; } while (true) { if ((n = ReceiveTransaction(conn->sd, recvbuffer, NULL)) == -1) { return NULL; } if (n == 0) { break; } if (encrypt) { memcpy(in, recvbuffer, n); DecryptString(conn->encryption_type, in, recvbuffer, conn->session_key, n); } if (FailedProtoReply(recvbuffer)) { Log(LOG_LEVEL_INFO, "Network access to '%s:%s' denied", conn->this_server, dirname); return NULL; } if (BadProtoReply(recvbuffer)) { Log(LOG_LEVEL_INFO, "%s", recvbuffer + 4); return NULL; } for (sp = recvbuffer; *sp != '\0'; sp++) { Item *ip; if (strncmp(sp, CFD_TERMINATOR, strlen(CFD_TERMINATOR)) == 0) /* End transmission */ { return ret; } ip = xcalloc(1, sizeof(Item)); ip->name = (char *) AllocateDirentForFilename(sp); if (files == NULL) /* First element */ { ret = ip; files = ip; } else { files->next = ip; files = ip; } while (*sp != '\0') { sp++; } } } return ret; }
int main(int argc, char *argv[]) #endif { #ifdef _CRTDBG_LEAK_CHECK_DF // Turn on leak-checking int tempflag = _CrtSetDbgFlag( _CRTDBG_REPORT_FLAG ); tempflag |= _CRTDBG_LEAK_CHECK_DF; _CrtSetDbgFlag( tempflag ); #endif #if defined(__MWERKS__) && defined(macintosh) argc = ccommand(&argv); #endif try { std::string command, executableName, edcFilename; if (argc < 2) command = 'h'; else command = argv[1]; if (FIPS_140_2_ComplianceEnabled()) { edcFilename = "edc.dat"; #ifdef CRYPTOPP_WIN32_AVAILABLE TCHAR filename[MAX_PATH]; GetModuleFileName(GetModuleHandle(NULL), filename, sizeof(filename)); executableName = filename; std::string::size_type pos = executableName.rfind('\\'); if (pos != std::string::npos) edcFilename = executableName.substr(0, pos+1) + edcFilename; #else executableName = argv[0]; #endif if (command.substr(0, 4) != "fips") { byte expectedModuleDigest[SHA1::DIGESTSIZE]; FileSource(edcFilename.c_str(), true, new HexDecoder(new ArraySink(expectedModuleDigest, sizeof(expectedModuleDigest)))); DoPowerUpSelfTest(executableName.c_str(), expectedModuleDigest); } } switch (command[0]) { case 'g': { char seed[1024], privFilename[128], pubFilename[128]; unsigned int keyLength; cout << "Key length in bits: "; cin >> keyLength; cout << "\nSave private key to file: "; cin >> privFilename; cout << "\nSave public key to file: "; cin >> pubFilename; cout << "\nRandom Seed: "; ws(cin); cin.getline(seed, 1024); GenerateRSAKey(keyLength, privFilename, pubFilename, seed); return 0; } case 'r': { switch (argv[1][1]) { case 's': RSASignFile(argv[2], argv[3], argv[4]); return 0; case 'v': { bool verified = RSAVerifyFile(argv[2], argv[3], argv[4]); cout << (verified ? "valid signature" : "invalid signature") << endl; return 0; } default: { char privFilename[128], pubFilename[128]; char seed[1024], message[1024]; cout << "Private key file: "; cin >> privFilename; cout << "\nPublic key file: "; cin >> pubFilename; cout << "\nRandom Seed: "; ws(cin); cin.getline(seed, 1024); cout << "\nMessage: "; cin.getline(message, 1024); string ciphertext = RSAEncryptString(pubFilename, seed, message); cout << "\nCiphertext: " << ciphertext << endl; string decrypted = RSADecryptString(privFilename, ciphertext.c_str()); cout << "\nDecrypted: " << decrypted << endl; return 0; } } } case 'm': DigestFile(argv[2]); return 0; case 't': { if (command == "tv") { return !RunTestDataFile(argv[2]); } // VC60 workaround: use char array instead of std::string to workaround MSVC's getline bug char passPhrase[MAX_PHRASE_LENGTH], plaintext[1024]; cout << "Passphrase: "; cin.getline(passPhrase, MAX_PHRASE_LENGTH); cout << "\nPlaintext: "; cin.getline(plaintext, 1024); string ciphertext = EncryptString(plaintext, passPhrase); cout << "\nCiphertext: " << ciphertext << endl; string decrypted = DecryptString(ciphertext.c_str(), passPhrase); cout << "\nDecrypted: " << decrypted << endl; return 0; } case 'e': case 'd': if (command == "e64") Base64Encode(argv[2], argv[3]); else if (command == "d64") Base64Decode(argv[2], argv[3]); else if (command == "e16") HexEncode(argv[2], argv[3]); else if (command == "d16") HexDecode(argv[2], argv[3]); else { char passPhrase[MAX_PHRASE_LENGTH]; cout << "Passphrase: "; cin.getline(passPhrase, MAX_PHRASE_LENGTH); if (command == "e") EncryptFile(argv[2], argv[3], passPhrase); else DecryptFile(argv[2], argv[3], passPhrase); } return 0; case 's': if (argv[1][1] == 's') { char seed[1024]; cout << "\nRandom Seed: "; ws(cin); cin.getline(seed, 1024); SecretShareFile(atoi(argv[2]), atoi(argv[3]), argv[4], seed); } else SecretRecoverFile(argc-3, argv[2], argv+3); return 0; case 'i': if (argv[1][1] == 'd') InformationDisperseFile(atoi(argv[2]), atoi(argv[3]), argv[4]); else InformationRecoverFile(argc-3, argv[2], argv+3); return 0; case 'v': return !Validate(argc>2 ? atoi(argv[2]) : 0, argv[1][1] == 'v', argc>3 ? argv[3] : NULL); case 'b': if (argc<3) BenchMarkAll(); else BenchMarkAll((float)atof(argv[2])); return 0; case 'z': GzipFile(argv[3], argv[4], argv[2][0]-'0'); return 0; case 'u': GunzipFile(argv[2], argv[3]); return 0; case 'f': if (command == "fips") FIPS140_SampleApplication(executableName.c_str(), edcFilename.c_str()); else if (command == "fips-rand") FIPS140_GenerateRandomFiles(); else if (command == "ft") ForwardTcpPort(argv[2], argv[3], argv[4]); return 0; case 'a': if (AdhocTest) return (*AdhocTest)(argc, argv); else return 0; default: FileSource usage("usage.dat", true, new FileSink(cout)); return 1; } } catch(CryptoPP::Exception &e) { cout << "\nCryptoPP::Exception caught: " << e.what() << endl; return -1; } catch(std::exception &e) { cout << "\nstd::exception caught: " << e.what() << endl; return -2; } }
bool BusyWithNewProtocol(EvalContext *ctx, ServerConnectionState *conn) { time_t tloc, trem = 0; char recvbuffer[CF_BUFSIZE + CF_BUFEXT], sendbuffer[CF_BUFSIZE]; char filename[CF_BUFSIZE], args[CF_BUFSIZE], out[CF_BUFSIZE]; long time_no_see = 0; unsigned int len = 0; int drift, received; ServerFileGetState get_args; Item *classes; /* We never double encrypt within the TLS layer */ const int encrypted = 0; memset(recvbuffer, 0, CF_BUFSIZE + CF_BUFEXT); memset(&get_args, 0, sizeof(get_args)); received = ReceiveTransaction(&conn->conn_info, recvbuffer, NULL); if (received == -1 || received == 0) { return false; } if (strlen(recvbuffer) == 0) { Log(LOG_LEVEL_WARNING, "Got NULL transmission, skipping!"); return true; } /* Don't process request if we're signalled to exit. */ if (IsPendingTermination()) { return false; } switch (GetCommandNew(recvbuffer)) { case PROTOCOL_COMMAND_EXEC: memset(args, 0, CF_BUFSIZE); sscanf(recvbuffer, "EXEC %255[^\n]", args); if (!conn->id_verified) { Log(LOG_LEVEL_INFO, "Server refusal due to incorrect identity"); RefuseAccess(conn, 0, recvbuffer); return false; } if (!AllowedUser(conn->username)) { Log(LOG_LEVEL_INFO, "Server refusal due to non-allowed user"); RefuseAccess(conn, 0, recvbuffer); return false; } if (!conn->rsa_auth) { Log(LOG_LEVEL_INFO, "Server refusal due to no RSA authentication"); RefuseAccess(conn, 0, recvbuffer); return false; } if (!AccessControl(ctx, CommandArg0(CFRUNCOMMAND), conn, false)) { Log(LOG_LEVEL_INFO, "Server refusal due to denied access to requested object"); RefuseAccess(conn, 0, recvbuffer); return false; } if (!MatchClasses(ctx, conn)) { Log(LOG_LEVEL_INFO, "Server refusal due to failed class/context match"); Terminate(&conn->conn_info); return false; } DoExec(ctx, conn, args); Terminate(&conn->conn_info); return false; case PROTOCOL_COMMAND_VERSION: if (!conn->id_verified) { Log(LOG_LEVEL_INFO, "ID not verified"); RefuseAccess(conn, 0, recvbuffer); } snprintf(conn->output, CF_BUFSIZE, "OK: %s", Version()); SendTransaction(&conn->conn_info, conn->output, 0, CF_DONE); return conn->id_verified; case PROTOCOL_COMMAND_GET: memset(filename, 0, CF_BUFSIZE); sscanf(recvbuffer, "GET %d %[^\n]", &(get_args.buf_size), filename); if ((get_args.buf_size < 0) || (get_args.buf_size > CF_BUFSIZE)) { Log(LOG_LEVEL_INFO, "GET buffer out of bounds"); RefuseAccess(conn, 0, recvbuffer); return false; } if (!conn->id_verified) { Log(LOG_LEVEL_INFO, "ID not verified"); RefuseAccess(conn, 0, recvbuffer); return false; } if (!AccessControl(ctx, filename, conn, false)) { Log(LOG_LEVEL_INFO, "Access denied to get object"); RefuseAccess(conn, 0, recvbuffer); return true; } memset(sendbuffer, 0, CF_BUFSIZE); if (get_args.buf_size >= CF_BUFSIZE) { get_args.buf_size = 2048; } get_args.connect = conn; get_args.encrypt = false; get_args.replybuff = sendbuffer; get_args.replyfile = filename; CfGetFile(&get_args); return true; case PROTOCOL_COMMAND_OPENDIR: memset(filename, 0, CF_BUFSIZE); sscanf(recvbuffer, "OPENDIR %[^\n]", filename); if (!conn->id_verified) { Log(LOG_LEVEL_INFO, "ID not verified"); RefuseAccess(conn, 0, recvbuffer); return false; } if (!AccessControl(ctx, filename, conn, true)) /* opendir don't care about privacy */ { Log(LOG_LEVEL_INFO, "DIR access error"); RefuseAccess(conn, 0, recvbuffer); return false; } CfOpenDirectory(conn, sendbuffer, filename); return true; case PROTOCOL_COMMAND_SYNC: if (!conn->id_verified) { Log(LOG_LEVEL_INFO, "ID not verified"); RefuseAccess(conn, 0, recvbuffer); return false; } memset(filename, 0, CF_BUFSIZE); sscanf(recvbuffer, "SYNCH %ld STAT %[^\n]", &time_no_see, filename); trem = (time_t) time_no_see; if ((time_no_see == 0) || (filename[0] == '\0')) { break; } if ((tloc = time((time_t *) NULL)) == -1) { sprintf(conn->output, "Couldn't read system clock\n"); Log(LOG_LEVEL_INFO, "Couldn't read system clock. (time: %s)", GetErrorStr()); SendTransaction(&conn->conn_info, "BAD: clocks out of synch", 0, CF_DONE); return true; } drift = (int) (tloc - trem); if (!AccessControl(ctx, filename, conn, true)) { Log(LOG_LEVEL_VERBOSE, "AccessControl: access denied"); RefuseAccess(conn, 0, recvbuffer); return true; } if (DENYBADCLOCKS && (drift * drift > CLOCK_DRIFT * CLOCK_DRIFT)) { snprintf(conn->output, CF_BUFSIZE - 1, "BAD: Clocks are too far unsynchronized %ld/%ld\n", (long) tloc, (long) trem); SendTransaction(&conn->conn_info, conn->output, 0, CF_DONE); return true; } else { Log(LOG_LEVEL_DEBUG, "Clocks were off by %ld", (long) tloc - (long) trem); StatFile(conn, sendbuffer, filename); } return true; case PROTOCOL_COMMAND_MD5: if (!conn->id_verified) { Log(LOG_LEVEL_INFO, "ID not verified"); RefuseAccess(conn, 0, recvbuffer); return true; } CompareLocalHash(conn, sendbuffer, recvbuffer); return true; case PROTOCOL_COMMAND_VAR: if (!conn->id_verified) { Log(LOG_LEVEL_INFO, "ID not verified"); RefuseAccess(conn, 0, recvbuffer); return true; } if (!LiteralAccessControl(ctx, recvbuffer, conn, encrypted)) { Log(LOG_LEVEL_INFO, "Literal access failure"); RefuseAccess(conn, 0, recvbuffer); return false; } GetServerLiteral(ctx, conn, sendbuffer, recvbuffer, encrypted); return true; case PROTOCOL_COMMAND_CONTEXT: if (!conn->id_verified) { Log(LOG_LEVEL_INFO, "ID not verified"); RefuseAccess(conn, 0, "Context probe"); return true; } if ((classes = ContextAccessControl(ctx, recvbuffer, conn, encrypted)) == NULL) { Log(LOG_LEVEL_INFO, "Context access failure on %s", recvbuffer); RefuseAccess(conn, 0, recvbuffer); return false; } ReplyServerContext(conn, encrypted, classes); return true; case PROTOCOL_COMMAND_QUERY: if (!conn->id_verified) { Log(LOG_LEVEL_INFO, "ID not verified"); RefuseAccess(conn, 0, recvbuffer); return true; } if (!LiteralAccessControl(ctx, recvbuffer, conn, encrypted)) { Log(LOG_LEVEL_INFO, "Query access failure"); RefuseAccess(conn, 0, recvbuffer); return false; } if (GetServerQuery(conn, recvbuffer, encrypted)) { return true; } break; case PROTOCOL_COMMAND_CALL_ME_BACK: sscanf(recvbuffer, "SCALLBACK %u", &len); if ((len >= sizeof(out)) || (received != (len + CF_PROTO_OFFSET))) { Log(LOG_LEVEL_INFO, "Decrypt error CALL_ME_BACK"); RefuseAccess(conn, 0, "decrypt error CALL_ME_BACK"); return true; } memcpy(out, recvbuffer + CF_PROTO_OFFSET, len); DecryptString(conn->encryption_type, out, recvbuffer, conn->session_key, len); if (strncmp(recvbuffer, "CALL_ME_BACK collect_calls", strlen("CALL_ME_BACK collect_calls")) != 0) { Log(LOG_LEVEL_INFO, "CALL_ME_BACK protocol defect"); RefuseAccess(conn, 0, "decryption failure"); return false; } if (!conn->id_verified) { Log(LOG_LEVEL_INFO, "ID not verified"); RefuseAccess(conn, 0, recvbuffer); return true; } if (!LiteralAccessControl(ctx, recvbuffer, conn, true)) { Log(LOG_LEVEL_INFO, "Query access failure"); RefuseAccess(conn, 0, recvbuffer); return false; } return ReceiveCollectCall(conn); case PROTOCOL_COMMAND_BAD: Log(LOG_LEVEL_WARNING, "Unexpected protocol command: %s", recvbuffer); } sprintf(sendbuffer, "BAD: Request denied\n"); SendTransaction(&conn->conn_info, sendbuffer, 0, CF_DONE); Log(LOG_LEVEL_INFO, "Closing connection, due to request: '%s'", recvbuffer); return false; }
// ---------------------------------------------------------------------------- // MAINLINE LOGIC // ---------------------------------------------------------------------------- int main() { // declarations int action = UNSET; char rawPT[BUFFER_SIZE] = ""; char cleanPT[BUFFER_SIZE] = ""; int a = A, b = B, inverse = INVERSE, n = ALPHABET_SIZE; char nameInputFile[30] = "input.txt" ; char nameOutputFile[30] = "output.txt"; // seed the random number generator srand((unsigned int)time(NULL)); // get ready action = fGetClnStr(action, rawPT, cleanPT); // display title page DispHeader(nameInputFile, nameOutputFile, a, b, inverse); puts("Welcome to Derrida - the command line Affine Cipher!"); Pause(); // detail loop while(action != QUIT) { ClearScreen(); DispHeader(nameInputFile, nameOutputFile, a, b, inverse); // select an action action = SelectAction(action); DispHeader(nameInputFile, nameOutputFile, a, b, inverse); // execute action switch(action) { case SET_I_FILE: // change the input file action = fGetClnStr(action, rawPT, cleanPT, nameInputFile); break; case SET_O_FILE: // change the output file action = SetOutputFileName(nameOutputFile); break; case DIR_LIST: // display directory listing list_dir(); break; case SET_KEY: // change cipher key action = SetCipherKey(a, b, n, inverse); break; case ENCRYPT: // encrypt the PT codes // display the string before encryption printf("Before encryption, the string contains:\n"); puts(rawPT); printf("\n"); printf("Sanatized, the string contains:\n"); puts(cleanPT); printf("\n"); // if encryption succeeds, inform the user if(EncryptString(cleanPT, a, b, n)) { FileOutput(nameOutputFile, cleanPT); printf("After encryption, the string contains:\n"); puts(cleanPT); printf("\n"); } Pause(); break; case DECRYPT: // display the clean cipher code before decryption puts("Before decryption, the string contains:"); puts(cleanPT); puts("\n"); // if decryption succeeds, inform the user if(DecryptString(cleanPT, a, b, n)) { FileOutput(nameOutputFile, cleanPT); puts("After decryption, the string contains:\n"); puts(cleanPT); puts("\n"); } Pause(); break; } } puts("The program will now exit."); Pause(); // exit program return 0; }
/* Returning NULL (an empty list) does not mean empty directory but ERROR, * since every directory has to contain at least . and .. */ Item *RemoteDirList(const char *dirname, bool encrypt, AgentConnection *conn) { char sendbuffer[CF_BUFSIZE]; char recvbuffer[CF_BUFSIZE]; char in[CF_BUFSIZE]; char out[CF_BUFSIZE]; int cipherlen = 0, tosend; if (strlen(dirname) > CF_BUFSIZE - 20) { Log(LOG_LEVEL_ERR, "Directory name too long"); return NULL; } /* We encrypt only for CLASSIC protocol. The TLS protocol is always over * encrypted layer, so it does not support encrypted (S*) commands. */ encrypt = encrypt && conn->conn_info->protocol == CF_PROTOCOL_CLASSIC; if (encrypt) { if (conn->session_key == NULL) { Log(LOG_LEVEL_ERR, "Cannot do encrypted copy without keys (use cf-key)"); return NULL; } snprintf(in, CF_BUFSIZE, "OPENDIR %s", dirname); cipherlen = EncryptString(conn->encryption_type, in, out, conn->session_key, strlen(in) + 1); snprintf(sendbuffer, CF_BUFSIZE - 1, "SOPENDIR %d", cipherlen); memcpy(sendbuffer + CF_PROTO_OFFSET, out, cipherlen); tosend = cipherlen + CF_PROTO_OFFSET; } else { snprintf(sendbuffer, CF_BUFSIZE, "OPENDIR %s", dirname); tosend = strlen(sendbuffer); } if (SendTransaction(conn->conn_info, sendbuffer, tosend, CF_DONE) == -1) { return NULL; } Item *start = NULL, *end = NULL; /* NULL == empty list */ while (true) { /* TODO check the CF_MORE flag, no need for CFD_TERMINATOR. */ int nbytes = ReceiveTransaction(conn->conn_info, recvbuffer, NULL); /* If recv error or socket closed before receiving CFD_TERMINATOR. */ if (nbytes == -1 || nbytes == 0) { /* TODO mark connection in the cache as closed. */ goto err; } if (recvbuffer[0] == '\0') { Log(LOG_LEVEL_ERR, "Empty%s server packet when listing directory '%s'!", (start == NULL) ? " first" : "", dirname); goto err; } if (encrypt) { memcpy(in, recvbuffer, nbytes); DecryptString(conn->encryption_type, in, recvbuffer, conn->session_key, nbytes); } if (FailedProtoReply(recvbuffer)) { Log(LOG_LEVEL_INFO, "Network access to '%s:%s' denied", conn->this_server, dirname); goto err; } if (BadProtoReply(recvbuffer)) { Log(LOG_LEVEL_INFO, "%s", recvbuffer + strlen("BAD: ")); goto err; } /* Double '\0' means end of packet. */ for (char *sp = recvbuffer; *sp != '\0'; sp += strlen(sp) + 1) { if (strcmp(sp, CFD_TERMINATOR) == 0) /* end of all packets */ { return start; } Item *ip = xcalloc(1, sizeof(Item)); ip->name = (char *) AllocateDirentForFilename(sp); if (start == NULL) /* First element */ { start = ip; end = ip; } else { end->next = ip; end = ip; } } } return start; err: /* free list */ for (Item *ip = start; ip != NULL; ip = start) { start = ip->next; free(ip->name); free(ip); } return NULL; }