int
_des_crypt_call(char *buf, int len, struct desparams *dparms)
{
CLIENT *clnt;
desresp *result_1;
desargs des_crypt_1_arg;
struct netconfig *nconf;
void *localhandle;
int stat;
nconf = NULL;
localhandle = setnetconfig();
while ((nconf = getnetconfig(localhandle)) != NULL) {
if (nconf->nc_protofmly != NULL &&
strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0)
break;
}
if (nconf == NULL) {
warnx("getnetconfig: %s", nc_sperror());
endnetconfig(localhandle);
return(DESERR_HWERROR);
}
clnt = clnt_tp_create(NULL, CRYPT_PROG, CRYPT_VERS, nconf);
if (clnt == (CLIENT *) NULL) {
endnetconfig(localhandle);
return(DESERR_HWERROR);
}
endnetconfig(localhandle);
des_crypt_1_arg.desbuf.desbuf_len = len;
des_crypt_1_arg.desbuf.desbuf_val = buf;
des_crypt_1_arg.des_dir = (dparms->des_dir == ENCRYPT) ? ENCRYPT_DES : DECRYPT_DES;
des_crypt_1_arg.des_mode = (dparms->des_mode == CBC) ? CBC_DES : ECB_DES;
bcopy(dparms->des_ivec, des_crypt_1_arg.des_ivec, 8);
bcopy(dparms->des_key, des_crypt_1_arg.des_key, 8);
result_1 = des_crypt_1(&des_crypt_1_arg, clnt);
if (result_1 == (desresp *) NULL) {
clnt_destroy(clnt);
return(DESERR_HWERROR);
}
stat = result_1->stat;
if (result_1->stat == DESERR_NONE ||
result_1->stat == DESERR_NOHWDEVICE) {
bcopy(result_1->desbuf.desbuf_val, buf, len);
bcopy(result_1->des_ivec, dparms->des_ivec, 8);
}
clnt_freeres(clnt, (xdrproc_t)xdr_desresp, result_1);
clnt_destroy(clnt);
return(stat);
}
/*
* Determines the availability of rpc.yppasswdd. Returns -1 for not
* available (or unable to determine), 0 for available, 1 for available in
* master mode.
*/
int
ypclnt_havepasswdd(ypclnt_t *ypclnt)
{
struct netconfig *nc = NULL;
void *localhandle = 0;
CLIENT *clnt = NULL;
int ret;
/* check if rpc.yppasswdd is running */
if (getrpcport(ypclnt->server, YPPASSWDPROG,
YPPASSWDPROC_UPDATE, IPPROTO_UDP) == 0) {
ypclnt_error(ypclnt, __func__, "no rpc.yppasswdd on server");
return (-1);
}
/* if we're not root, use remote method */
if (getuid() != 0)
return (0);
/* try to connect to rpc.yppasswdd */
localhandle = setnetconfig();
while ((nc = getnetconfig(localhandle)) != NULL) {
if (nc->nc_protofmly != NULL &&
strcmp(nc->nc_protofmly, NC_LOOPBACK) == 0)
break;
}
if (nc == NULL) {
ypclnt_error(ypclnt, __func__,
"getnetconfig: %s", nc_sperror());
ret = 0;
goto done;
}
if ((clnt = clnt_tp_create(NULL, MASTER_YPPASSWDPROG,
MASTER_YPPASSWDVERS, nc)) == NULL) {
ypclnt_error(ypclnt, __func__,
"failed to connect to rpc.yppasswdd: %s",
clnt_spcreateerror(ypclnt->server));
ret = 0;
goto done;
} else
ret = 1;
done:
if (clnt != NULL) {
clnt_destroy(clnt);
}
endnetconfig(localhandle);
return (ret);
}
int main(int argn, char *argc[])
{
//Program parameters : argc[1] : HostName or Host IP
// argc[2] : Server Program Number
// other arguments depend on test case
//run_mode can switch into stand alone program or program launch by shell script
//1 : stand alone, debug mode, more screen information
//0 : launch by shell script as test case, only one printf -> result status
int run_mode = 0;
int test_status = 1; //Default test result set to FAILED
int progNum = atoi(argc[2]);
char nettype[16] = "visible";
CLIENT *client = NULL;
struct netconfig *nconf = NULL;
//First, test initialization
nconf = getnetconfigent("udp");
if ((struct netconfig *)nconf == NULL)
{
//Test failed
printf("1\n");
return 1;
}
//Call routine
client = clnt_tp_create(argc[1], progNum,
VERSNUM, (struct netconfig *)nconf);
if (run_mode)
{
printf("client : %d\n", client);
printf("nconf : %d\n", nconf);
}
test_status = ((CLIENT *)client != NULL) ? 0 : 1;
//This last printf gives the result status to the tests suite
//normally should be 0: test has passed or 1: test has failed
printf("%d\n", test_status);
//clnt_destroy(client);
return test_status;
}
static int
yppasswd_local(ypclnt_t *ypclnt, const struct passwd *pwd)
{
struct master_yppasswd yppwd;
struct rpc_err rpcerr;
struct netconfig *nc = NULL;
void *localhandle = 0;
CLIENT *clnt = NULL;
int ret, *result;
/* fill the master_yppasswd structure */
memset(&yppwd, 0, sizeof yppwd);
yppwd.newpw.pw_uid = pwd->pw_uid;
yppwd.newpw.pw_gid = pwd->pw_gid;
yppwd.newpw.pw_change = pwd->pw_change;
yppwd.newpw.pw_expire = pwd->pw_expire;
yppwd.newpw.pw_fields = pwd->pw_fields;
yppwd.oldpass = strdup("");
yppwd.domain = strdup(ypclnt->domain);
if ((yppwd.newpw.pw_name = strdup(pwd->pw_name)) == NULL ||
(yppwd.newpw.pw_passwd = strdup(pwd->pw_passwd)) == NULL ||
(yppwd.newpw.pw_class = strdup(pwd->pw_class)) == NULL ||
(yppwd.newpw.pw_gecos = strdup(pwd->pw_gecos)) == NULL ||
(yppwd.newpw.pw_dir = strdup(pwd->pw_dir)) == NULL ||
(yppwd.newpw.pw_shell = strdup(pwd->pw_shell)) == NULL) {
ypclnt_error(ypclnt, __func__, strerror(errno));
ret = -1;
goto done;
}
/* connect to rpc.yppasswdd */
localhandle = setnetconfig();
while ((nc = getnetconfig(localhandle)) != NULL) {
if (nc->nc_protofmly != NULL &&
strcmp(nc->nc_protofmly, NC_LOOPBACK) == 0)
break;
}
if (nc == NULL) {
ypclnt_error(ypclnt, __func__,
"getnetconfig: %s", nc_sperror());
ret = -1;
goto done;
}
if ((clnt = clnt_tp_create(NULL, MASTER_YPPASSWDPROG,
MASTER_YPPASSWDVERS, nc)) == NULL) {
ypclnt_error(ypclnt, __func__,
"failed to connect to rpc.yppasswdd: %s",
clnt_spcreateerror(ypclnt->server));
ret = -1;
goto done;
}
clnt->cl_auth = authunix_create_default();
/* request the update */
result = yppasswdproc_update_master_1(&yppwd, clnt);
/* check for RPC errors */
clnt_geterr(clnt, &rpcerr);
if (rpcerr.re_status != RPC_SUCCESS) {
ypclnt_error(ypclnt, __func__,
"NIS password update failed: %s",
clnt_sperror(clnt, ypclnt->server));
ret = -1;
goto done;
}
/* check the result of the update */
if (result == NULL || *result != 0) {
ypclnt_error(ypclnt, __func__,
"NIS password update failed");
/* XXX how do we get more details? */
ret = -1;
goto done;
}
ypclnt_error(ypclnt, NULL, NULL);
ret = 0;
done:
if (clnt != NULL) {
auth_destroy(clnt->cl_auth);
clnt_destroy(clnt);
}
endnetconfig(localhandle);
free(yppwd.newpw.pw_name);
if (yppwd.newpw.pw_passwd != NULL) {
memset(yppwd.newpw.pw_passwd, 0, strlen(yppwd.newpw.pw_passwd));
free(yppwd.newpw.pw_passwd);
}
free(yppwd.newpw.pw_class);
free(yppwd.newpw.pw_gecos);
free(yppwd.newpw.pw_dir);
free(yppwd.newpw.pw_shell);
if (yppwd.oldpass != NULL) {
memset(yppwd.oldpass, 0, strlen(yppwd.oldpass));
free(yppwd.oldpass);
}
return (ret);
}
CLIENT *
get_client(struct sockaddr *host_addr, rpcvers_t vers)
{
CLIENT *client;
struct timeval retry_time, time_now;
int error, i;
const char *netid;
struct netconfig *nconf;
char host[NI_MAXHOST];
uid_t old_euid;
int clnt_fd;
gettimeofday(&time_now, NULL);
/*
* Search for the given client in the cache, zapping any expired
* entries that we happen to notice in passing.
*/
for (i = 0; i < CLIENT_CACHE_SIZE; i++) {
client = clnt_cache_ptr[i];
if (client && ((clnt_cache_time[i] + CLIENT_CACHE_LIFETIME)
< time_now.tv_sec)) {
/* Cache entry has expired. */
if (debug_level > 3)
syslog(LOG_DEBUG, "Expired CLIENT* in cache");
clnt_cache_time[i] = 0L;
clnt_destroy(client);
clnt_cache_ptr[i] = NULL;
client = NULL;
}
if (client && !addrcmp((struct sockaddr *)&clnt_cache_addr[i],
host_addr) && clnt_cache_vers[i] == vers) {
/* Found it! */
if (debug_level > 3)
syslog(LOG_DEBUG, "Found CLIENT* in cache");
return (client);
}
}
if (debug_level > 3)
syslog(LOG_DEBUG, "CLIENT* not found in cache, creating");
/* Not found in cache. Free the next entry if it is in use. */
if (clnt_cache_ptr[clnt_cache_next_to_use]) {
clnt_destroy(clnt_cache_ptr[clnt_cache_next_to_use]);
clnt_cache_ptr[clnt_cache_next_to_use] = NULL;
}
/*
* Need a host string for clnt_tp_create. Use NI_NUMERICHOST
* to avoid DNS lookups.
*/
error = getnameinfo(host_addr, host_addr->sa_len, host, sizeof host,
NULL, 0, NI_NUMERICHOST);
if (error != 0) {
syslog(LOG_ERR, "unable to get name string for caller: %s",
gai_strerror(error));
return NULL;
}
#if 1
if (host_addr->sa_family == AF_INET6)
netid = "udp6";
else
netid = "udp";
#else
if (host_addr->sa_family == AF_INET6)
netid = "tcp6";
else
netid = "tcp";
#endif
nconf = getnetconfigent(netid);
if (nconf == NULL) {
syslog(LOG_ERR, "could not get netconfig info for '%s': "
"no /etc/netconfig file?", netid);
return NULL;
}
client = clnt_tp_create(host, NLM_PROG, vers, nconf);
freenetconfigent(nconf);
if (!client) {
syslog(LOG_ERR, "%s", clnt_spcreateerror("clntudp_create"));
syslog(LOG_ERR, "Unable to return result to %s", host);
return NULL;
}
/* Get the FD of the client, for bindresvport. */
clnt_control(client, CLGET_FD, &clnt_fd);
/* Regain root privileges, for bindresvport. */
old_euid = geteuid();
seteuid(0);
/*
* Bind the client FD to a reserved port.
* Some NFS servers reject any NLM request from a non-reserved port.
*/
bindresvport(clnt_fd, NULL);
/* Drop root privileges again. */
seteuid(old_euid);
/* Success - update the cache entry */
clnt_cache_ptr[clnt_cache_next_to_use] = client;
memcpy(&clnt_cache_addr[clnt_cache_next_to_use], host_addr,
host_addr->sa_len);
clnt_cache_vers[clnt_cache_next_to_use] = vers;
clnt_cache_time[clnt_cache_next_to_use] = time_now.tv_sec;
if (++clnt_cache_next_to_use >= CLIENT_CACHE_SIZE)
clnt_cache_next_to_use = 0;
/*
* Disable the default timeout, so we can specify our own in calls
* to clnt_call(). (Note that the timeout is a different concept
* from the retry period set in clnt_udp_create() above.)
*/
retry_time.tv_sec = -1;
retry_time.tv_usec = -1;
clnt_control(client, CLSET_TIMEOUT, (char *)&retry_time);
if (debug_level > 3)
syslog(LOG_DEBUG, "Created CLIENT* for %s", host);
return client;
}
CLIENT *
getkwarnd_handle(void)
{
void *localhandle;
struct netconfig *nconf;
struct netconfig *tpconf;
struct timeval wait_time;
struct utsname u;
static char *hostname;
static bool_t first_time = TRUE;
/*
* Total timeout (in seconds) talking to kwarnd.
*/
#define TOTAL_TIMEOUT 5
if (kwarn_clnt)
return (kwarn_clnt);
if (!(localhandle = setnetconfig()))
return (NULL);
tpconf = NULL;
if (first_time == TRUE) {
if (uname(&u) == -1) {
(void) endnetconfig(localhandle);
return ((CLIENT *)NULL);
}
if ((hostname = strdup(u.nodename)) == (char *)NULL) {
(void) endnetconfig(localhandle);
return ((CLIENT *)NULL);
}
first_time = FALSE;
}
while (nconf = getnetconfig(localhandle)) {
if (strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0) {
if (nconf->nc_semantics == NC_TPI_COTS_ORD) {
kwarn_clnt = clnt_tp_create(hostname,
KWARNPROG, KWARNVERS, nconf);
if (kwarn_clnt) {
dprt("got COTS_ORD\n");
break;
}
} else {
tpconf = nconf;
}
}
}
if ((kwarn_clnt == NULL) && (tpconf)) {
/* Now, try the connection-oriented loopback transport */
kwarn_clnt = clnt_tp_create(hostname, KWARNPROG, KWARNVERS,
tpconf);
#ifdef DEBUG
if (kwarn_clnt) {
dprt("got COTS\n");
}
#endif /* DEBUG */
}
(void) endnetconfig(localhandle);
/*
* This bit of code uses an as yet unimplemented argument to
* clnt_control(). CLSET_SVC_PRIV specifies that the underlying
* loopback transport should be checked to ensure it is
* connected to a process running as root. If so, the clnt_control()
* call returns TRUE. If not, it returns FALSE.
*/
#ifdef CLSET_SVC_PRIV
if (clnt_control(kwarn_clnt, CLSET_SVC_PRIV, NULL) != TRUE) {
clnt_destroy(kwarn_clnt);
kwarn_clnt = NULL;
return (NULL);
{
#endif
if (kwarn_clnt == NULL)
return (NULL);
kwarn_clnt->cl_auth = authsys_create("", getuid(), 0, 0, NULL);
if (kwarn_clnt->cl_auth == NULL) {
clnt_destroy(kwarn_clnt);
kwarn_clnt = NULL;
return (NULL);
}
wait_time.tv_sec = TOTAL_TIMEOUT;
wait_time.tv_usec = 0;
(void) clnt_control(kwarn_clnt, CLSET_TIMEOUT, (char *)&wait_time);
return (kwarn_clnt);
}
void
resetkwarnd_handle(void)
{
auth_destroy(kwarn_clnt->cl_auth);
clnt_destroy(kwarn_clnt);
kwarn_clnt = NULL;
}
/*
* Keep the handle cached. This call may be made quite often.
*/
static CLIENT *
getkeyserv_handle(int vers)
{
void *localhandle;
struct netconfig *nconf;
struct netconfig *tpconf;
struct key_call_private *kcp = key_call_private_main;
struct timeval wait_time;
struct utsname u;
int main_thread;
int fd;
static thread_key_t key_call_key;
#define TOTAL_TIMEOUT 30 /* total timeout talking to keyserver */
#define TOTAL_TRIES 5 /* Number of tries */
if ((main_thread = thr_main())) {
kcp = key_call_private_main;
} else {
if (key_call_key == 0) {
mutex_lock(&tsd_lock);
if (key_call_key == 0)
thr_keycreate(&key_call_key, key_call_destroy);
mutex_unlock(&tsd_lock);
}
kcp = (struct key_call_private *)thr_getspecific(key_call_key);
}
if (kcp == NULL) {
kcp = (struct key_call_private *)malloc(sizeof (*kcp));
if (kcp == NULL) {
return (NULL);
}
if (main_thread)
key_call_private_main = kcp;
else
thr_setspecific(key_call_key, (void *) kcp);
kcp->client = NULL;
}
/* if pid has changed, destroy client and rebuild */
if (kcp->client != NULL && kcp->pid != getpid()) {
clnt_destroy(kcp->client);
kcp->client = NULL;
}
if (kcp->client != NULL) {
/* if uid has changed, build client handle again */
if (kcp->uid != geteuid()) {
kcp->uid = geteuid();
auth_destroy(kcp->client->cl_auth);
kcp->client->cl_auth =
authsys_create("", kcp->uid, 0, 0, NULL);
if (kcp->client->cl_auth == NULL) {
clnt_destroy(kcp->client);
kcp->client = NULL;
return (NULL);
}
}
/* Change the version number to the new one */
clnt_control(kcp->client, CLSET_VERS, (void *)&vers);
return (kcp->client);
}
if (!(localhandle = setnetconfig())) {
return (NULL);
}
tpconf = NULL;
if (uname(&u) == -1)
{
endnetconfig(localhandle);
return (NULL);
}
while ((nconf = getnetconfig(localhandle)) != NULL) {
if (strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0) {
/*
* We use COTS_ORD here so that the caller can
* find out immediately if the server is dead.
*/
if (nconf->nc_semantics == NC_TPI_COTS_ORD) {
kcp->client = clnt_tp_create(u.nodename,
KEY_PROG, vers, nconf);
if (kcp->client)
break;
} else {
tpconf = nconf;
}
}
}
if ((kcp->client == NULL) && (tpconf))
/* Now, try the CLTS or COTS loopback transport */
kcp->client = clnt_tp_create(u.nodename,
KEY_PROG, vers, tpconf);
endnetconfig(localhandle);
if (kcp->client == NULL) {
return (NULL);
}
kcp->uid = geteuid();
kcp->pid = getpid();
kcp->client->cl_auth = authsys_create("", kcp->uid, 0, 0, NULL);
if (kcp->client->cl_auth == NULL) {
clnt_destroy(kcp->client);
kcp->client = NULL;
return (NULL);
}
wait_time.tv_sec = TOTAL_TIMEOUT/TOTAL_TRIES;
wait_time.tv_usec = 0;
clnt_control(kcp->client, CLSET_RETRY_TIMEOUT,
(char *)&wait_time);
if (clnt_control(kcp->client, CLGET_FD, (char *)&fd))
_fcntl(fd, F_SETFD, 1); /* make it "close on exec" */
return (kcp->client);
}
void setup_resolv(bool *fwding, int *child,
CLIENT **client, char *tp_type, long prognum)
{
enum clnt_stat stat;
struct timeval tv;
char prog_str[15], fd_str[5];
SVCXPRT *xprt = NULL;
char *tp;
#ifdef TDRPC
struct sockaddr_in addr;
int sock;
#else
char name[257];
struct netconfig *nc;
void *h;
#endif
verbose = silent == FALSE ? 1 : 0;
if (! *fwding)
return;
#ifdef TDRPC
tp = (tp_type && strcmp(tp_type, "udp") != 0) ? "udp" : "tcp";
#else
/* try the specified netid (default ticots), then any loopback */
tp = (tp_type && *tp_type) ? tp_type : "ticots";
if (!getconf(tp, &h, &nc)) { /* dont forget endnetconfig() */
syslog(LOG_ERR, "can't get resolv_clnt netconf %s.\n", tp);
*fwding = FALSE;
return;
}
tp = nc->nc_netid;
#endif
/*
* Startup the resolv server: use transient prognum if prognum
* isn't set. Using transient means we create mapping then
* pass child the fd to use for service.
*/
if (!getprognum(&prognum, &xprt, fd_str, prog_str, YPDNSVERS, tp)) {
syslog(LOG_ERR, "can't create resolv xprt for transient.\n");
*fwding = FALSE;
#ifndef TDRPC
endnetconfig(h);
#endif
return;
}
switch (*child = vfork()) {
case -1: /* error */
syslog(LOG_ERR, "can't startup resolv daemon\n");
#ifndef TDRPC
endnetconfig(h);
#endif
*fwding = FALSE;
return;
case 0: /* child */
/*
* if using transient we must maintain fd across
* exec cause unset/set on prognum isn't automic.
*
* if using transient we'll just do svc_tli_create
* in child on our bound fd.
*/
execlp(RESOLV_EXEC_PATH, "rpc.nisd_resolv",
"-F", /* forground */
"-C", fd_str, /* dont close */
"-p", prog_str, /* prognum */
"-t", tp, /* tp type */
NULL);
syslog(LOG_ERR, RESOLV_EXEC_ERR, strerror(errno));
exit(1);
default: /* parent */
/* close fd, free xprt, but leave mapping */
if (xprt)
svc_destroy(xprt);
/* let it crank up before we create client */
sleep(4);
}
#ifdef TDRPC
get_myaddress(&addr);
addr.sin_port = 0;
sock = RPC_ANYSOCK;
tv.tv_sec = 3; tv.tv_usec = 0;
if (strcmp(tp, "udp") != 0) {
*client = clntudp_bufcreate(&addr, prognum, YPDNSVERS,
tv, &sock, YPMSGSZ, YPMSGSZ);
} else {
*client = clnttcp_create(&addr, prognum, YPDNSVERS,
&sock, YPMSGSZ, YPMSGSZ);
}
if (*client == NULL) {
syslog(LOG_ERR, "can't create resolv client handle.\n");
(void) kill (*child, SIGINT);
*fwding = FALSE;
return;
}
#else
if (sysinfo(SI_HOSTNAME, name, sizeof (name)-1) == -1) {
syslog(LOG_ERR, "can't get local hostname.\n");
(void) kill (*child, SIGINT);
endnetconfig(h);
*fwding = FALSE;
return;
}
if ((*client = clnt_tp_create(HOST_SELF_CONNECT, prognum,
YPDNSVERS, nc)) == NULL) {
syslog(LOG_ERR, "can't create resolv_clnt\n");
(void) kill (*child, SIGINT);
endnetconfig(h);
*fwding = FALSE;
return;
}
endnetconfig(h);
#endif
/* ping for comfort */
tv.tv_sec = 10; tv.tv_usec = 0;
if ((stat = clnt_call(*client, 0, xdr_void, 0,
xdr_void, 0, tv)) != RPC_SUCCESS) {
syslog(LOG_ERR, "can't talk with resolv server\n");
clnt_destroy (*client);
(void) kill (*child, SIGINT);
*fwding = FALSE;
return;
}
if (verbose)
syslog(LOG_INFO, "finished setup for dns fwding.\n");
}