Пример #1
0
FUNCTION COUNT t_highlight
(
 TEXT	string[]		/* in/out: string to highlight	*/
)
    {
    TEXT local[STRINGSIZ+1];

/*
 *	t_highlight has a conceptual problem in unix:  the escape
 *	sequences in the termcap file have numeric prefixes indicating
 *	the number of milliseconds delay required for highlighting.
 *	Such delays are normally interpreted by tputs, for example
 *	see t_clear.   With the TAE highlight concept--i.e., surrounding
 *	a string with escape sequence and letting the user 
 *	subsequently write the string with t_write/t_output--we
 *	never have the opportunity to call tputs to interpret the
 *	delays.
 *
 *	Our approach is to strip the highlighting escape
 *	sequence of this delay element during the initialization
 *	phase. See t_init() above.
 */
    if (stand_out1 == NULL || stand_out2 == NULL)
	return(0);
    s_copy (string, local);		/* local copy 		*/
    s_copy(stand_out1, string);	
    s_append(local, string);
    s_append(stand_out2, string);

    return (s_length(stand_out1) + s_length(stand_out2));
    }
Пример #2
0
Файл: mmsg.c Проект: E-LLP/VICAR
FUNCTION  CODE  m_msg
(
 TEXT	message[],			/* In: message to be logged */
 TEXT	key[]				/* In: message key */
 )
    {
    CODE 	code;

/* the following avoids declaring a full PARBLK just to send a message	*/
#define ALDIM(bytes) 	1+((bytes-1)/sizeof (ALIGN)) 
#define HEAD_SIZ (sizeof(struct PARBLK) - P_BYTES + 8)  /* 8 for align safety*/
#define MBLKDIM (3*sizeof(struct VARIABLE) + 3*OUTMSGSIZ + HEAD_SIZ)
						/* block size in bytes	*/
    ALIGN	block[ALDIM(MBLKDIM)];		/* parameter block to send */
    struct	PARBLK  *parblk;		/* pointer to parameter block*/

    TEXT	*vector[1];			/* pointer to value */
    TEXT	msgbuf[OUTMSGSIZ+1];
    TEXT	msgkey[KEYSIZ+1];

    
    parblk = (struct PARBLK *) block;
    q_init (parblk, MBLKDIM - HEAD_SIZ, P_ABORT);	/* initialize block */
    s_bcopy((GENPTR)message, (GENPTR)msgbuf, OUTMSGSIZ); /* copy locally */
    if (s_length(message) > OUTMSGSIZ)			/* if too long-	*/
	msgbuf[OUTMSGSIZ] = EOS;			/* truncate	*/
    vector[0] = (TEXT *) msgbuf;
    code = q_string(parblk, "MESSAGE", 1, vector, P_ADD); /* add message */
    if (code == SUCCESS)
	{
	s_bcopy(key, msgkey, KEYSIZ);			/* copy key locally */
	if (s_length(key) > KEYSIZ)
	    msgkey[KEYSIZ] = EOS;			/* police length */
        vector[0] = (TEXT *) msgkey;			/* pointer to key   */
	code = q_string(parblk, "KEY", 1, vector, P_ADD); /* add key 	    */
	}
    if (code == SUCCESS)
	{
	code = q_sndp(parblk, M_HLOGMSG);		/* send message     */
	if (code == SUCCESS)
	    {
	    code = c_rcvp((GENPTR)parblk, sizeof(block)); /* rcv handsh blk */
	    (*parblk).hostcode = code;			/* save host code   */
	    if (code != SUCCESS)
		{
		t_write(
	"[TAE-MSGHANDS] Unable to confirm message reception by TM", T_STDCC);
		procexit(code);
		}
	    }
	}
    s_copy(msgkey, savekey);				/* save the key     */
    m_msgout(msgbuf, msgkey);				/* write to output  */
    return(code);
    }
Пример #3
0
static STREAM
cssp_encode_tspasswordcreds(char *username, char *password, char *domain)
{
	STREAM out, h1, h2;
	struct stream tmp = { 0 };
	struct stream message = { 0 };

	memset(&tmp, 0, sizeof(tmp));
	memset(&message, 0, sizeof(message));

	// domainName [0]
	s_realloc(&tmp, 4 + strlen(domain) * sizeof(uint16));
	s_reset(&tmp);
	rdp_out_unistr(&tmp, domain, strlen(domain) * sizeof(uint16));
	s_mark_end(&tmp);
	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 0, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// userName [1]
	s_realloc(&tmp, 4 + strlen(username) * sizeof(uint16));
	s_reset(&tmp);
	rdp_out_unistr(&tmp, username, strlen(username) * sizeof(uint16));
	s_mark_end(&tmp);

	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 1, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// password [2]
	s_realloc(&tmp, 4 + strlen(password) * sizeof(uint16));
	s_reset(&tmp);
	rdp_out_unistr(&tmp, password, strlen(password) * sizeof(uint16));
	s_mark_end(&tmp);
	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 2, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// build message
	out = ber_wrap_hdr_data(BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED, &message);

	// cleanup
	xfree(tmp.data);
	xfree(message.data);
	return out;
}
Пример #4
0
FUNCTION VOID BRIDGE2_NAME(xrstr)
(
    TAEINT		*block,		/* in: parameter block		*/
    FORSTR		*name,		/* in: parameter name		*/
    TAEINT		*dimen,		/* in: dimension of string	*/
    FORSTR		*string,	/* out: FOR-77 string(s)	*/
    TAEINT		length[],	/* out: length of each string	*/
    TAEINT		*n,		/* out: number of strings	*/
    TAEINT		*status	/* out: status code		*/

)
{
    IMPORT TEXT		pm_dim[],pk_dim[],pm_type[],pk_type[];
    struct PARBLK *parblk;
    struct VARIABLE *v;
    TEXT	**s;			/* ptr to value vector in block	*/
    TEXT	c_name[STRINGSIZ+1];	/* name in C string format	*/
    COUNT	i;
    CODE	code;


    parblk = (struct PARBLK *) block;
    s_for2c(name, c_name, 0);			/* convert name to C string	*/
    s_strip(c_name);				/* remove trailing blanks	*/
    *n = 0;					/* caution in case error	*/

    v = p_find(parblk, c_name);
    if (v == NULL) goto p__bnerr;
    if ((*v).v_type != V_STRING) goto p__bterr; /* error if not string    */
    s = (TEXT **) (*v).v_cvp;			/* value pointer          */
    *status = SUCCESS;
    *n = (*v).v_count;				/* number of strings 		*/
    for (i=0; i < (*v).v_count && i < *dimen; i++)
    {
        length[i] = s_length(s[i]);		/* pass this length to caller	*/
        code = s_c2for(s[i], string, i);	/* copy string to caller	*/
        if (code != SUCCESS)
        {
            x_error((*parblk).mode, "String size overflows buffer",
                    "TAE-OVER", 0, 0, 0);
            *status = P_OVER;
            return;
        }
    }
    if ((*v).v_count > *dimen)
    {
        x_error((*parblk).mode, pm_dim, pk_dim,(uintptr_t) c_name, 0, 0);
        *status = P_BADCOUNT;		/* bad count		*/
    }
    return;

p__bnerr:
    *status = P_BADNAME;
    return;

p__bterr:
    *status = P_BADTYPE;
    x_error((*parblk).mode, pm_type, pk_type, (uintptr_t) c_name, 0, 0);
    return;
}
Пример #5
0
    FUNCTION  CODE  p_mput(

    TEXT	message[],			/* In: message to be logged */
    TEXT	key[]				/* In: message key */
    ) 
    {
    CODE 	code = 0;

    TEXT	msgbuf[OUTMSGSIZ+1];
    TEXT	msgkey[KEYSIZ+1];

    
    bytmov((GENPTR)message, (GENPTR)msgbuf, OUTMSGSIZ); /* copy locally	*/
    if (s_length(message) >= OUTMSGSIZ)			/* if too long-	*/
	msgbuf[OUTMSGSIZ] = EOS;			/* truncate	*/
    if (!key || s_equal (key, " "))			/* note: one blank */
	msgkey[0] = EOS;				/* as close as FOR */
    else						/* can get to null */
	s_bcopy (key, msgkey, KEYSIZ);
    msgkey[KEYSIZ] = EOS;

    s_copy(msgkey, savekey);				/* save the key     */
    p_msgout(msgbuf, msgkey);				/* write to output  */
    return(code);
    }
Пример #6
0
static RD_BOOL
cssp_gss_unwrap(gss_ctx_id_t * ctx, STREAM in, STREAM out)
{
	OM_uint32 major_status;
	OM_uint32 minor_status;
	gss_qop_t qop_state;
	gss_buffer_desc inbuf, outbuf;
	int conf_state;

	inbuf.value = in->data;
	inbuf.length = s_length(in);

	major_status = gss_unwrap(&minor_status, ctx, &inbuf, &outbuf, &conf_state, &qop_state);

	if (major_status != GSS_S_COMPLETE)
	{
		cssp_gss_report_error(GSS_C_GSS_CODE, "Failed to decrypt message",
				      major_status, minor_status);
		return False;
	}

	out->data = out->p = xmalloc(outbuf.length);
	out->size = outbuf.length;
	out_uint8p(out, outbuf.value, outbuf.length);
	s_mark_end(out);

	gss_release_buffer(&minor_status, &outbuf);

	return True;
}
Пример #7
0
/* Return a truncated string of length n
given a string of arbitrary length and n.
*/
String truncate_to_n(String input, int length) {
    if (s_length(input) <= length) {
        return input;
    } else {
        return s_sub(input, 0, length);
    }
}
Пример #8
0
void
streamsave(STREAM s, char *fn)
{
	FILE *f = fopen(fn, "wb");
	fwrite(s->data, s_length(s), 1, f);
	fclose(f);
}
Пример #9
0
static STREAM
ber_wrap_hdr_data(int tagval, STREAM in)
{
	STREAM out;
	int size = s_length(in) + 16;

	out = xmalloc(sizeof(struct stream));
	memset(out, 0, sizeof(struct stream));
	out->data = xmalloc(size);
	out->size = size;
	out->p = out->data;

	ber_out_header(out, tagval, s_length(in));
	out_uint8p(out, in->data, s_length(in));
	s_mark_end(out);

	return out;
}
Пример #10
0
FUNCTION CODE getkey 
(
    FAST struct SYNBLK	*sb,		/* in/out: symbol table		*/
    TEXT		key[TOKESIZ+1]	/* out: parameter name		*/

 )
    {
    FAST CODE	code;
    FAST CODE	toktyp;			/* token type				*/
    TEXT	dummy[TOKESIZ+1];

    key[0] = EOS;
    code = SUCCESS;
    if ((toktyp = gettok(sb, key)) == S_WHITE)	/* get token into key		*/
	toktyp = gettok(sb, key);	/* if white, get another		*/
    if (toktyp == S_COMSEP)		/* if comma separator			*/
	code = S_NONE;
    else if (toktyp == EOS)
	if ((*sb).lstcg == S_COMSEP)	/* if following comma			*/
	    {
	    code = S_NONE;		/* null value				*/
	    (*sb).lstcg = EOS;
	    }
	else				/* otherwise				*/
	    code = EOS;			/* end of command stream		*/
    else if (toktyp == FLAG_CHAR)	/* start of flagged keyword?	*/
	code = S_KEYWORD;
    else if (toktyp != S_ALPHA && toktyp != S_QALPHA)
	{
	(*sb).errchr = (*sb).curchr - 1;/* point to where error detected	*/
	synerr(sb, "Invalid parameter name");	/* put EM in syntax block	*/
	code = S_SYNERR;
	}
    else				/* got a keyword (or positional value)	*/
	{
	if ((toktyp = gettok(sb, dummy)) == S_WHITE)	/* eat the "="		*/
	    toktyp = gettok(sb, dummy);
	if (toktyp ==  '=')		/* if trailing "=" was present		*/
	    {
	    if (s_length(key) > F_Q_NAMESIZ)
		{
		(*sb).errchr = (*sb).curchr - 1;
		synerr(sb, "Parameter name too long");
		code = S_SYNERR;
		}
	    }
	else				/* else no trailing blank, so...	*/
	    code = S_NONE;		/* value without keyword		*/
	}
    return(code);
    }
Пример #11
0
/*
 *	Vm_CopyValid.  Copy a variable's valid structure
 *
 *	return FAIL if out of pooled memory.  If you
 *	pass NULL for pool, then it's ok to ignore 
 *	the return code (because tae_alloc always
 *	returns with memory or aborts).
 *
 */
    FUNCTION CODE Vm_CopyValid(

    FUNINT		type,		/* in: variable type		*/
    GENPTR		in,		/* in: valid structure		*/
    GENPTR		out,		/* out: valid structure 	*/
    GENPTR		pool		/* in: NULL for tae_allocation  */
					/* or pool for r_allocation     */
    )

    {
    FAST struct R_VALID *vin, *vout;	/* use any type to get count	*/
    struct S_VALID *svalidIn;
    struct S_VALID *svalidOut;
    COUNT	i, length;
    TEXT	*s;			/* valid string pointer */

    vin = (struct R_VALID *)in;
    vout = (struct R_VALID *)out;
    bytmov (in, out, Vm_ValidSize (type, (*vin).count));
    (*vout).count = (*vin).count;
#ifdef POINTER_VALIDS
    if (type == V_STRING)
	{
	svalidIn = (struct S_VALID *) vin;
	svalidOut = (struct S_VALID *) vout;
	for (i=0; i < (*svalidIn).count; i++)
	    {
	    length = s_length ((*svalidIn).slist[i].string);
	    if (pool)
		{
		s = (TEXT *) r_alloc ((ALIGN *)pool, length+1);  /* pooled allocation */
		if (s == NULL)
		    return (FAIL);
		}
	    else
		s = (TEXT *) tae_alloc (1, length+1);	/* free allocation */
	    s_copy ((*svalidIn).slist[i].string, s);
	    (*svalidOut).slist[i].string = s; 
	    }
	}
#endif
    return(SUCCESS);
    }
Пример #12
0
FUNCTION VOID  m_pfmt
(
 TEXT 	control[],		/* in: control string		*/
 TEXT	key[],			/* in: message key		*/
 TEXT	mputrec[],		/* out: output string		*/
 uintptr_t a1,			/* in: integers or string ptrs	*/
 uintptr_t a2,
 uintptr_t a3,
 uintptr_t a4,
 uintptr_t a5
)
    {
    TEXT loccon[2*STRINGSIZ+KEYSIZ+4];	/* local version of control	*/

    loccon[0] = EOS;
    if (key  && key[0] && !s_equal (key, " "))  /* if substantial key	*/
	{
	s_copy("[", loccon);		        /* prefix the message key */
	s_append(key, loccon);		
	s_append("] ", loccon);
	}
    s_append(control, loccon);

/***************** Note, *********************
This isn't strictly a safe operation. We are passing uintptr_t for things
that might be a pointer or a int. uintptr_t is large enough, but sprintf
might fail because it isn't the type expected. Unfortunately, there is
no portable way to pass a variable number of arguments through a function
- a1 through a5 have to have a type. This works under gcc, and is likely
to work on all systems. But be aware that this is a potential problem.
***********************************************/

    sprintf(mputrec, loccon, a1, a2, a3, a4, a5);	/* temporary for...	*/
    if (s_length(mputrec) > STRINGSIZ)			/* allow upto STRINGSIZ */
	s_copy("...", &mputrec[STRINGSIZ-3]);		/* truncate with ...*/
    return;
    }
Пример #13
0
FUNCTION CODE app_cmd 
(
 TEXT	inbuf[],		/* in/out: single input line buffer  */
 TEXT	cmdstr[],		/* in/out: accumulated cmd string    */
 BOOL	inquote		/* in/out: TRUE if quote in effect   */
 )
    {
    BOOL	cont;			/* TRUE if next line is continuation */
    FAST	COUNT	i;
    COUNT	cmdlen;			/* length of input cmdstr	     */

    if (!cmdstr[0] && inbuf[0] == '#')		/* if "#" is first character */
	return (SUCCESS);			/* then treat as null cmd    */
    for (i = 0; inbuf[i] != EOS; i++)
	{
	if (!inquote)				/* non-quoted  '!' 	    */
	    if (inbuf[i] == '!') break;
	if (inbuf[i] == '\"') inquote = !inquote;	/* toggle flag	    */
	}
    inbuf[i] = EOS;
    for (i--; i >= 0; i--)			/* strip trail blanks	    */
	{
	if (inbuf[i] != ' ' && inbuf[i] != '\t')
	    break;
	inbuf[i] = EOS;
	}
    if (i >= 0)					/* EOS at i+1		    */
	cont = (inbuf[i] == '+');
    else
	cont = FALSE;
    cmdlen = s_length(cmdstr);
    if (i + 1 + cmdlen > CMDLINSIZ)		/* if resultant str too big */
	return(FAIL);
    if (cont) inbuf[i] = ' ';			/* replace with blank 	    */
    s_copy(inbuf, &cmdstr[cmdlen]);		/* append to full string    */
    return(cont ? CONTINUE : SUCCESS);
    }
Пример #14
0
static RD_BOOL
cssp_gss_wrap(gss_ctx_id_t * ctx, STREAM in, STREAM out)
{
	int conf_state;
	OM_uint32 major_status;
	OM_uint32 minor_status;
	gss_buffer_desc inbuf, outbuf;

	inbuf.value = in->data;
	inbuf.length = s_length(in);

	major_status = gss_wrap(&minor_status, ctx, True,
				GSS_C_QOP_DEFAULT, &inbuf, &conf_state, &outbuf);

	if (major_status != GSS_S_COMPLETE)
	{
		cssp_gss_report_error(GSS_C_GSS_CODE, "Failed to encrypt and sign message",
				      major_status, minor_status);
		return False;
	}

	if (!conf_state)
	{
		error("GSS Confidentiality failed, no encryption of message performed.");
		return False;
	}

	// write enc data to out stream
	out->data = out->p = xmalloc(outbuf.length);
	out->size = outbuf.length;
	out_uint8p(out, outbuf.value, outbuf.length);
	s_mark_end(out);

	gss_release_buffer(&minor_status, &outbuf);

	return True;
}
Пример #15
0
RD_BOOL
cssp_read_tsrequest(STREAM token, STREAM pubkey)
{
	STREAM s;
	int length;
	int tagval;

	s = tcp_recv(NULL, 4);

	if (s == NULL)
		return False;

	// verify ASN.1 header
	if (s->p[0] != (BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED))
	{
		error("Expected BER_TAG_SEQUENCE|BER_TAG_CONSTRUCTED, got %x", s->p[0]);
		return False;
	}

	// peek at first 4 bytes to get full message length
	if (s->p[1] < 0x80)
		length = s->p[1] - 2;
	else if (s->p[1] == 0x81)
		length = s->p[2] - 1;
	else if (s->p[1] == 0x82)
		length = (s->p[2] << 8) | s->p[3];
	else
		return False;

	// receive the remainings of message
	s = tcp_recv(s, length);

#if WITH_DEBUG_CREDSSP
	streamsave(s, "tsrequest_in.raw");
	printf("In TSRequest token %ld bytes\n", s_length(s));
	hexdump(s->data, s_length(s));
#endif

	// parse the response and into nego token
	if (!ber_in_header(s, &tagval, &length) ||
	    tagval != (BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED))
		return False;

	// version [0]
	if (!ber_in_header(s, &tagval, &length) ||
	    tagval != (BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 0))
		return False;
	in_uint8s(s, length);

	// negoToken [1]
	if (token)
	{
		if (!ber_in_header(s, &tagval, &length)
		    || tagval != (BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 1))
			return False;
		if (!ber_in_header(s, &tagval, &length)
		    || tagval != (BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED))
			return False;
		if (!ber_in_header(s, &tagval, &length)
		    || tagval != (BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED))
			return False;
		if (!ber_in_header(s, &tagval, &length)
		    || tagval != (BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 0))
			return False;

		if (!ber_in_header(s, &tagval, &length) || tagval != BER_TAG_OCTET_STRING)
			return False;

		token->end = token->p = token->data;
		out_uint8p(token, s->p, length);
		s_mark_end(token);
	}

	// pubKey [3]
	if (pubkey)
	{
		if (!ber_in_header(s, &tagval, &length)
		    || tagval != (BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 3))
			return False;

		if (!ber_in_header(s, &tagval, &length) || tagval != BER_TAG_OCTET_STRING)
			return False;

		pubkey->data = pubkey->p = s->p;
		pubkey->end = pubkey->data + length;
		pubkey->size = length;
	}


	return True;
}
Пример #16
0
RD_BOOL
cssp_send_tsrequest(STREAM token, STREAM auth, STREAM pubkey)
{
	STREAM s;
	STREAM h1, h2, h3, h4, h5;

	struct stream tmp = { 0 };
	struct stream message = { 0 };

	memset(&message, 0, sizeof(message));
	memset(&tmp, 0, sizeof(tmp));

	// version [0]
	s_realloc(&tmp, sizeof(uint8));
	s_reset(&tmp);
	out_uint8(&tmp, 2);
	s_mark_end(&tmp);
	h2 = ber_wrap_hdr_data(BER_TAG_INTEGER, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 0, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// negoToken [1]
	if (token && s_length(token))
	{
		h5 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, token);
		h4 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 0, h5);
		h3 = ber_wrap_hdr_data(BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED, h4);
		h2 = ber_wrap_hdr_data(BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED, h3);
		h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 1, h2);
		s_realloc(&message, s_length(&message) + s_length(h1));
		out_uint8p(&message, h1->data, s_length(h1));
		s_mark_end(&message);
		s_free(h5);
		s_free(h4);
		s_free(h3);
		s_free(h2);
		s_free(h1);
	}

	// authInfo [2]
	if (auth && s_length(auth))
	{
		h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, auth);
		h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 2, h2);

		s_realloc(&message, s_length(&message) + s_length(h1));
		out_uint8p(&message, h1->data, s_length(h1));

		s_free(h2);
		s_free(h1);
	}

	// pubKeyAuth [3]
	if (pubkey && s_length(pubkey))
	{
		h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, pubkey);
		h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 3, h2);

		s_realloc(&message, s_length(&message) + s_length(h1));
		out_uint8p(&message, h1->data, s_length(h1));
		s_mark_end(&message);
		s_free(h2);
		s_free(h1);
	}
	s_mark_end(&message);

	// Construct ASN.1 Message
	// Todo: can h1 be send directly instead of tcp_init() approach
	h1 = ber_wrap_hdr_data(BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED, &message);
	s = tcp_init(s_length(h1));
	out_uint8p(s, h1->data, s_length(h1));
	s_mark_end(s);
	s_free(h1);

#if WITH_DEBUG_CREDSSP
	streamsave(s, "tsrequest_out.raw");
	printf("Out TSRequest %ld bytes\n", s_length(s));
	hexdump(s->data, s_length(s));
#endif

	tcp_send(s);

	// cleanup
	xfree(message.data);
	xfree(tmp.data);

	return True;
}
Пример #17
0
STREAM
cssp_encode_tscredentials(char *username, char *password, char *domain)
{
	STREAM out;
	STREAM h1, h2, h3;
	struct stream tmp = { 0 };
	struct stream message = { 0 };

	// credType [0]
	s_realloc(&tmp, sizeof(uint8));
	s_reset(&tmp);
	if (g_use_password_as_pin == False)
	{
		out_uint8(&tmp, 1);	// TSPasswordCreds
	}
	else
	{
		out_uint8(&tmp, 2);	// TSSmartCardCreds
	}

	s_mark_end(&tmp);
	h2 = ber_wrap_hdr_data(BER_TAG_INTEGER, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 0, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// credentials [1]
	if (g_use_password_as_pin == False)
	{
		h3 = cssp_encode_tspasswordcreds(username, password, domain);
	}
	else
	{
		h3 = cssp_encode_tssmartcardcreds(username, password, domain);
	}

	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, h3);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 1, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h3);
	s_free(h2);
	s_free(h1);

	// Construct ASN.1 message
	out = ber_wrap_hdr_data(BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED, &message);

#if WITH_DEBUG_CREDSSP
	streamsave(out, "tscredentials.raw");
	printf("Out TSCredentials %ld bytes\n", s_length(out));
	hexdump(out->data, s_length(out));
#endif

	// cleanup
	xfree(message.data);
	xfree(tmp.data);

	return out;
}
Пример #18
0
static STREAM
cssp_encode_tssmartcardcreds(char *username, char *password, char *domain)
{
	STREAM out, h1, h2;
	struct stream tmp = { 0 };
	struct stream message = { 0 };

	// pin [0]
	s_realloc(&tmp, strlen(password) * sizeof(uint16));
	s_reset(&tmp);
	rdp_out_unistr(&tmp, password, strlen(password) * sizeof(uint16));
	s_mark_end(&tmp);
	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 0, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// cspData[1]        
	h2 = cssp_encode_tscspdatadetail(AT_KEYEXCHANGE, g_sc_card_name, g_sc_reader_name,
					 g_sc_container_name, g_sc_csp_name);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 1, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// userHint [2]
	if (username && strlen(username))
	{
		s_realloc(&tmp, strlen(username) * sizeof(uint16));
		s_reset(&tmp);
		rdp_out_unistr(&tmp, username, strlen(username) * sizeof(uint16));
		s_mark_end(&tmp);
		h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
		h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 2, h2);
		s_realloc(&message, s_length(&message) + s_length(h1));
		out_uint8p(&message, h1->data, s_length(h1));
		s_mark_end(&message);
		s_free(h2);
		s_free(h1);
	}

	// domainHint [3]
	if (domain && strlen(domain))
	{
		s_realloc(&tmp, strlen(domain) * sizeof(uint16));
		s_reset(&tmp);
		rdp_out_unistr(&tmp, domain, strlen(domain) * sizeof(uint16));
		s_mark_end(&tmp);
		h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
		h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 3, h2);
		s_realloc(&message, s_length(&message) + s_length(h1));
		out_uint8p(&message, h1->data, s_length(h1));
		s_mark_end(&message);
		s_free(h2);
		s_free(h1);
	}

	s_mark_end(&message);

	// build message
	out = ber_wrap_hdr_data(BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED, &message);

	// cleanup
	free(tmp.data);
	free(message.data);
	return out;
}
Пример #19
0
static STREAM
cssp_encode_tscspdatadetail(unsigned char keyspec, char *card, char *reader, char *container,
			    char *csp)
{
	STREAM out;
	STREAM h1, h2;
	struct stream tmp = { 0 };
	struct stream message = { 0 };

	// keySpec [0]
	s_realloc(&tmp, sizeof(uint8));
	s_reset(&tmp);
	out_uint8(&tmp, keyspec);
	s_mark_end(&tmp);
	h2 = ber_wrap_hdr_data(BER_TAG_INTEGER, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 0, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// cardName [1]
	if (card)
	{
		s_realloc(&tmp, 4 + strlen(card) * sizeof(uint16));
		s_reset(&tmp);
		rdp_out_unistr(&tmp, card, strlen(card) * sizeof(uint16));
		s_mark_end(&tmp);
		h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
		h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 1, h2);
		s_realloc(&message, s_length(&message) + s_length(h1));
		out_uint8p(&message, h1->data, s_length(h1));
		s_mark_end(&message);
		s_free(h2);
		s_free(h1);
	}

	// readerName [2]
	if (reader)
	{
		s_realloc(&tmp, 4 + strlen(reader) * sizeof(uint16));
		s_reset(&tmp);
		rdp_out_unistr(&tmp, reader, strlen(reader) * sizeof(uint16));
		s_mark_end(&tmp);
		h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
		h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 2, h2);
		s_realloc(&message, s_length(&message) + s_length(h1));
		out_uint8p(&message, h1->data, s_length(h1));
		s_mark_end(&message);
		s_free(h2);
		s_free(h1);
	}

	// containerName [3]
	if (container)
	{
		s_realloc(&tmp, 4 + strlen(container) * sizeof(uint16));
		s_reset(&tmp);
		rdp_out_unistr(&tmp, container, strlen(container) * sizeof(uint16));
		s_mark_end(&tmp);
		h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
		h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 3, h2);
		s_realloc(&message, s_length(&message) + s_length(h1));
		out_uint8p(&message, h1->data, s_length(h1));
		s_mark_end(&message);
		s_free(h2);
		s_free(h1);
	}

	// cspName [4]
	if (csp)
	{
		s_realloc(&tmp, 4 + strlen(csp) * sizeof(uint16));
		s_reset(&tmp);
		rdp_out_unistr(&tmp, csp, strlen(csp) * sizeof(uint16));
		s_mark_end(&tmp);
		h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
		h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 4, h2);
		s_realloc(&message, s_length(&message) + s_length(h1));
		out_uint8p(&message, h1->data, s_length(h1));
		s_mark_end(&message);
		s_free(h2);
		s_free(h1);
	}

	s_mark_end(&message);

	// build message
	out = ber_wrap_hdr_data(BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED, &message);

	// cleanup
	free(tmp.data);
	free(message.data);
	return out;
}
Пример #20
0
/**
 * Transforms a scene object, a vector or a list of sceneobjects.
 */
SchemeObject* TransformationFactory::transform(Scheme* scheme, SchemeObject* s_obj, const Matrix& m, const wchar_t* subr) 
{
    // Tjek if it's a vector
    if (scm2bool(s_vector_p(scheme, s_obj))) {
	if (3 == safe_scm2int(s_vector_length(scheme, s_obj), 0, L"")) {
	    bool is_num = true;
	    for(uint32_t i = 0; i < 3; i++) {
		SchemeObject* thing = s_vector_ref(scheme, s_obj, int2scm(i));
		is_num &= scm2bool(i_number_p(thing));
	    }
	    if (is_num) {
		Vector v = scm2vector(s_obj, subr, 0);
		return vector2scm(m * v);
	    }
	}
    }

    // Check if it's a 4x4 vector Scheme matrix
    if (scm2bool(s_vector_p(scheme, s_obj))) {
	if (4 == i_vector_length(s_obj)) {
	    bool is_good = true;
	    for(uint32_t i = 0; i < 4; i++) {
		SchemeObject* thing = i_vector_ref(s_obj, i);
		if (scm2bool(i_vector_p(thing)) && 
		    (4 == i_vector_length(thing))) {
		    for(uint32_t i = 0; i < 4; i++) {
			SchemeObject* cell = i_vector_ref(thing, i);
			is_good &= scm2bool(i_number_p(cell));
		    }
		} else {
		    is_good = false;
		}
	    }

	    if (is_good) {
		// Extract matrix
		Matrix sm;  
		SchemeObject* row;
	    	for(uint32_t i = 0; i < 4; i++) {
		    row = i_vector_ref(s_obj, i);
		    for(uint32_t c = 0; c < 4; c++) {
			SchemeObject* s_value = i_vector_ref(row,c);
			sm.set(c,i,scm2double(s_value));
		    }
		}
		// Transform
		sm = m * sm;
		// Convert back to a Scheme 4x4 vector
		SchemeObject* result = SchemeObject::createVector(S_FALSE,4);
	    	for(uint32_t i = 0; i < 4; i++) {
		    row = SchemeObject::createVector(S_FALSE,4);
		    for(uint32_t c = 0; c < 4; c++) {
			SchemeObject* v = double2scm(sm.get(i,c));
			i_vector_set_e(row,c,v);
		    }
		    i_vector_set_e(result,i,row);
		}
		return result;
	    }
	}
    }

    
    vector<SchemeObject*> objs;
    if (scm2bool(s_list_p(scheme, s_obj))) {
    	uint32_t num = safe_scm2int(s_length(scheme, s_obj), 0, L"");
    	for(uint32_t i = 0; i < num; i++) {
    	    SchemeObject* s_value = s_list_ref(scheme, s_obj, int2scm(i));
    	    if (scm2bool(s_list_p(scheme, s_value))) {
    	        // Recurse into embedded lists of objects    
    	        transform(scheme, s_value, m, subr);    
    	    } else {
    	        objs.push_back(s_value);
            }
    	}
    } else {
    	objs.push_back(s_obj);
    }

    uint32_t num = objs.size();
    for(uint32_t i = 0; i < num; i++) {
	SceneObject* object = scm2sceneobject(objs[i], subr, i + 1);
	object->transform(m);
    }
    return s_obj;
}
Пример #21
0
FUNCTION static CODE writeVmToFile (

	Id		vm,		/* in: vm to write	*/
	struct SFILE	*f,		/* in: SFILE to use	*/
	TEXT		*name)		/* in: name of vm	*/

    {
    CODE		code;		
    struct PARHDR	ph;


    TEXT		filespec[STRINGSIZ+1];
    TEXT		sizeString[STRINGSIZ+1];
    TEXT		dateString[STRINGSIZ+1];
    LONG		fileSize;

    struct POSCTX	startPosition;		/* position of file start */
#ifdef UNIX
    struct ar_hdr	header;
    struct POSCTX	headerPosition;
    struct POSCTX	eofPosition;		/* position of next file */
    COUNT		length;
    struct timeval	time;

    /*	build and write the archive header record */

    s_blank ((TEXT *) &header, sizeof (struct ar_hdr) - 1);
    s_copy (name, filespec);
    s_append (".par", filespec);		/* add .par suffix	  */
#ifdef AIX
    length = min(s_length (filespec), sizeof (header._ar_name.ar_name));
    bytmov (filespec, header._ar_name.ar_name, length);
#else
    length = min(s_length (filespec), sizeof (header.ar_name));
    bytmov (filespec, header.ar_name, length); 
#endif
    gettimeofday (&time, NULL);
    sprintf (dateString, "%lu", time.tv_sec);
    bytmov (dateString,   header.ar_date, s_length(dateString));
    bytmov ("000   ", header.ar_uid,  sizeof (header.ar_uid));
    bytmov ("000   ", header.ar_gid,  sizeof (header.ar_gid));
    bytmov ("100644  ", header.ar_mode, sizeof (header.ar_mode));
#ifdef AIX
    header._ar_name.ar_fmag[0] = '\`';
    header._ar_name.ar_fmag[1] = EOS;           /* becomes \n when written */
#else
    header.ar_fmag[0] = '`';
    header.ar_fmag[1] = EOS;			/* becomes \n when written */
#endif
    f_write (f, (TEXT *)&header);		/* write archive hdr recrd */
    f_movpos (&(*f).posctx, &headerPosition);	/* save position of the rec   */
#endif

    zero_block ((GENPTR)&ph, sizeof (ph));
    s_copy (P_SENTINEL, ph.sentinel);
    ph.recsize = sizeof (struct LARGE_PARBLK);
    s_copy ("TIME", ph.datetime);
    s_bcopy (name, ph.filename, sizeof (ph.filename)-1);

    code = f_bwrite (f, (GENPTR)&ph, sizeof (ph));
    if (code != SUCCESS)
	return (0);				/* stop the Co_ForEach   */
    f_movpos (&(*f).posctx, &startPosition);	/* position of PARHDR record */
    code = Vm_WriteVm ((struct VM_STRUCT *)vm, f);
    if (code == SUCCESS)
	{

#ifdef UNIX
        f_curpos (f, &eofPosition);
	f_setpos (f, &headerPosition);		/* go back and update header  */
	fileSize = eofPosition.pos - startPosition.pos;
	sprintf (sizeString, "%ld", fileSize);	/* convert to ascii	    */
	bytmov (sizeString, header.ar_size, s_length (sizeString));
	f_write (f, (TEXT *)&header);
        f_setpos (f, &eofPosition);		/* get ready for next file    */
	if (fileSize & 1)
	    f_write (f, "");			/* get to dble byte bndry */
#endif
        return (0);			/* keep Co_ForEach going  */
	}
    else
        return (0);			/* stop the Co_ForEach	  */
    }
Пример #22
0
SchemeObject* MaterialFactory::s_make_material(Scheme* scheme, SchemeObject* s_options) {
    Material* material = new Material();

    assert(scm2bool(s_list_p (scheme, s_options)));
    uint32_t length = safe_scm2int(s_length(scheme, s_options), 0, L"");
    
    assert(length % 2 == 0);
    uint32_t argc = length / 2;

    for(uint32_t i = 0; i < argc; i++) {
        SchemeObject* s_key = s_list_ref(scheme, s_options, int2scm(i*2));
	    SchemeObject* s_value = s_list_ref(scheme, s_options, int2scm(i*2+1));
        if (i_symbol_p(s_key) == S_FALSE) {
            throw scheme_exception(L"Invalid camera-option-name: " + s_key->toString());
        }    
    	wstring key = s_key->toString();

	    if (key == L"diffuse") {
	        if (s_texture_p(scheme, s_value) == S_TRUE) {
	    	Texture* texture = scm2texture(s_value,L"",0);
	    	material->setDiffuseTexture(texture);
	        } else {
	    	RGB c = scm2rgb(s_value);
	    	material->setDiffuseColor(c);
	        }
	    } else if (key == L"specular") {
	        RGB c = scm2rgb(s_value);
	        material->setSpecularColor(c);
	    } else if (key == L"ks") {
	        double d = safe_scm2double(s_value,0,L"");
	        material->setKs(d);
	    } else if (key == L"kt") {
	        double d = safe_scm2double(s_value,0,L"");
	        material->setKt(d);
	    } else if (key == L"kd") {
	        double d = safe_scm2double(s_value,0,L"");
	        material->setKd(d);
	    } else if (key == L"eta") {
	        double d = safe_scm2double(s_value,0,L"");
	        material->setEta(d);
	    } else if (key == L"alpha-shadows") {
		bool yes = scm2bool(s_value);
	        material->hasAlphaShadows(yes);
		material->setKs(0);
		material->setKt(0);
        } else if (key == L"gloss") {
            assert(scm2bool(s_list_p (scheme, s_value)));
            assert(safe_scm2int(s_length(scheme, s_value),0,L"") == 2);
            SchemeObject* s_rays = s_list_ref(scheme, s_value, int2scm(0));
            uint32_t rays = safe_scm2int(s_rays,0,L"");
  	        SchemeObject* s_angle = s_list_ref(scheme, s_value, int2scm(1));
            double angle = safe_scm2double(s_angle,0,L"");
            material->enableGloss(rays,angle);
	    } else if (key == L"normal") {
	        SchemeNormalPerturber* perturber = new SchemeNormalPerturber(scheme, s_value);
	        material->setNormalPerturber(perturber);
	    } else if (key == L"specpow") {
	        int d = safe_scm2int(s_value,0,L"");
	        material->setSc(d);
	    } else {
	        wcout << L"Unknown material option ignored: " << key << endl;
	    }
    }
    return material2scm(material);
}
Пример #23
0
FUNCTION CODE t_init
(
 COUNT	*lines,			/* out: number of lines on crt	*/
 COUNT	*columns,		/* out: number of columns 	*/
 CODE	*type			/* out: type of terminal:	*/
    				/*	T_CRT			*/
    				/* 	T_NOTCRT		*/
    				/* 	T_NOTTERM		*/
)
    {
    TEXT	buffer[1024];
    TEXT	*area;
    TEXT	*ptr;
    TEXT	*term_name;
    int		i, l;
    CODE	code;

    if (ltype != 0)			/* only init one time		*/
	{
	*type = ltype;
	*lines = llines;
	*columns = lcols;
	return (SUCCESS);
	}

#ifdef TERMINAL_TOL
    	term_log = FALSE;		/* be sure we don't try to log	*/
#endif

    if (!isatty(1))			/* is stdout a terminal?	*/
        {
	*lines = llines = 0;
	*columns = lcols = 0;
	*type = ltype = T_NOTTERM;
	setvbuf(stdout, NULL, _IOLBF, 0);	/* set line buffering */
	return (SUCCESS);
	}

    setbuf(stdout, NULL);		/* unbuffer terminal output	*/
#ifdef USE_CURSES
    tcgetattr (0, &init_char);
#else
    ioctl(1, TIOCGETP, &init_char);	/* get initial characteristics	*/
#endif
    MOVE_STRUCT(init_char, single_char);/* copy characteristics         */  

#ifdef USE_CURSES
    single_char.c_lflag = init_char.c_lflag & ~(ICANON | ECHO);
    single_char.c_cc[VEOF] = 1;
    single_char.c_cc[VEOL] = 1;
#ifdef CBAUD
    ospeed = init_char.c_cflag & CBAUD;	/* set speed for termlib
					   */
#else
    ospeed = init_char.c_cflag;
#endif
#else
    single_char.sg_flags = 
	(init_char.sg_flags | CBREAK) & ~ECHO;	/* for single char mode */
    ospeed = init_char.sg_ospeed;	/* set speed for termlib	*/
#endif
    *lines = llines = 24;		/* defaults in case unknown	*/
    *columns = lcols = 80;
    term_name = getenv ("TERM");
    if (term_name == NULL)
        goto unknown;
    code = tgetent(buffer, term_name);
    if (code != 1)
        goto unknown;			/* TERM not found in termcap	*/
    llines = tgetnum("li");
    if (llines == -1)
        llines = 24;
    lcols = tgetnum("co");
    if (lcols == -1)
        lcols = 80;
    *lines = llines;
    *columns = lcols;
    area = control;
    ptr = tgetstr("pc", &area);
    PC = (ptr == NULL) ? 0 : *ptr;	/* set for termlib use		*/
    UP = tgetstr("up", &area);		/* set for termlib use		*/
    if (tgetflag("bs"))
	BC = bs_string;			/* use CONTROL-H for backspace	*/
    else
	BC = tgetstr("bc", &area);	/* special backspace		*/
    cursor = tgetstr("cm", &area);
    if (cursor == NULL)
        goto unknown;
    creturn = tgetstr("cr", &area);
    hcursor = tgetstr("ch", &area);
    line_clear = tgetstr("ce", &area);
    screen_clear = tgetstr("cl", &area);
    if (screen_clear == NULL)
        goto unknown;

    stand_out1 = tgetstr("so", &area);	/* highlight on			*/
    stand_out2 = tgetstr("se", &area);	/* highlight off		*/
				/* see t_highlight for explanation	*/
    stand_out1 = isdigit(*stand_out1) ? stand_out1 + 1 : stand_out1;
    stand_out2 = isdigit(*stand_out2) ? stand_out2 + 1 : stand_out2;

    max_esc = 0;
    for (i=0; i < n_escseq; i++)	/* get escape sequences		*/
        {
	escseq[i].strptr = tgetstr (escseq[i].name, &area);
	if (escseq[i].strptr != NULL)
	    {
	    l = s_length (escseq[i].strptr);
	    if (l > max_esc) max_esc = l;
	    }
	}
    *type = ltype = T_CRT;		/* has everything TAE needs	*/
    ptr = tgetstr ("is", &area);	
    if (ptr != NULL && !processInit) 
	tputs (ptr, 1, t_outc);		/* init terminal	*/
    ptr = tgetstr ("ks", &area);
    if (ptr != NULL && !processInit) 
	tputs (ptr, 1, t_outc);		/* init keypad		*/
    return (SUCCESS);    

unknown:
    *type = ltype = T_NOTCRT;		/* if unknown, then unsupported */
    return (SUCCESS);
    }
Пример #24
0
RD_BOOL
cssp_connect(char *server, char *user, char *domain, char *password, STREAM s)
{
	OM_uint32 actual_time;
	gss_cred_id_t cred;
	gss_buffer_desc input_tok, output_tok;
	gss_name_t target_name;
	OM_uint32 major_status, minor_status;
	int context_established = 0;
	gss_ctx_id_t gss_ctx;
	gss_OID desired_mech = &_gss_spnego_krb5_mechanism_oid_desc;

	STREAM ts_creds;
	struct stream token = { 0 };
	struct stream pubkey = { 0 };
	struct stream pubkey_cmp = { 0 };

	// Verify that system gss support spnego
	if (!cssp_gss_mech_available(desired_mech))
	{
		warning("CredSSP: System doesn't have support for desired authentication mechanism.\n");
		return False;
	}

	// Get service name
	if (!cssp_gss_get_service_name(server, &target_name))
	{
		warning("CredSSP: Failed to get target service name.\n");
		return False;
	}

	// Establish tls connection to server
	if (!tcp_tls_connect())
	{
		warning("CredSSP: Failed to establish TLS connection.\n");
		return False;
	}

	tcp_tls_get_server_pubkey(&pubkey);

#ifdef WITH_DEBUG_CREDSSP
	streamsave(&pubkey, "PubKey.raw");
#endif

	// Enter the spnego loop
	OM_uint32 actual_services;
	gss_OID actual_mech;
	struct stream blob = { 0 };

	gss_ctx = GSS_C_NO_CONTEXT;
	cred = GSS_C_NO_CREDENTIAL;

	input_tok.length = 0;
	output_tok.length = 0;
	minor_status = 0;

	int i = 0;

	do
	{
		major_status = gss_init_sec_context(&minor_status,
						    cred,
						    &gss_ctx,
						    target_name,
						    desired_mech,
						    GSS_C_MUTUAL_FLAG | GSS_C_DELEG_FLAG,
						    GSS_C_INDEFINITE,
						    GSS_C_NO_CHANNEL_BINDINGS,
						    &input_tok,
						    &actual_mech,
						    &output_tok, &actual_services, &actual_time);

		if (GSS_ERROR(major_status))
		{
			if (i == 0)
				error("CredSSP: Initialize failed, do you have correct kerberos tgt initialized ?\n");
			else
				error("CredSSP: Negotiation failed.\n");

#ifdef WITH_DEBUG_CREDSSP
			cssp_gss_report_error(GSS_C_GSS_CODE, "CredSSP: SPNEGO negotiation failed.",
					      major_status, minor_status);
#endif
			goto bail_out;
		}

		// validate required services
		if (!(actual_services & GSS_C_CONF_FLAG))
		{
			error("CredSSP: Confidiality service required but is not available.\n");
			goto bail_out;
		}

		// Send token to server
		if (output_tok.length != 0)
		{
			if (output_tok.length > token.size)
				s_realloc(&token, output_tok.length);
			s_reset(&token);

			out_uint8p(&token, output_tok.value, output_tok.length);
			s_mark_end(&token);

			if (!cssp_send_tsrequest(&token, NULL, NULL))
				goto bail_out;

			(void) gss_release_buffer(&minor_status, &output_tok);
		}

		// Read token from server
		if (major_status & GSS_S_CONTINUE_NEEDED)
		{
			(void) gss_release_buffer(&minor_status, &input_tok);

			if (!cssp_read_tsrequest(&token, NULL))
				goto bail_out;

			input_tok.value = token.data;
			input_tok.length = s_length(&token);
		}
		else
		{
			// Send encrypted pubkey for verification to server
			context_established = 1;

			if (!cssp_gss_wrap(gss_ctx, &pubkey, &blob))
				goto bail_out;

			if (!cssp_send_tsrequest(NULL, NULL, &blob))
				goto bail_out;

			context_established = 1;
		}

		i++;

	}
	while (!context_established);

	// read tsrequest response and decrypt for public key validation
	if (!cssp_read_tsrequest(NULL, &blob))
		goto bail_out;

	if (!cssp_gss_unwrap(gss_ctx, &blob, &pubkey_cmp))
		goto bail_out;

	pubkey_cmp.data[0] -= 1;

	// validate public key
	if (memcmp(pubkey.data, pubkey_cmp.data, s_length(&pubkey)) != 0)
	{
		error("CredSSP: Cannot guarantee integrity of server connection, MITM ? "
		      "(public key data mismatch)\n");
		goto bail_out;
	}

	// Send TSCredentials
	ts_creds = cssp_encode_tscredentials(user, password, domain);

	if (!cssp_gss_wrap(gss_ctx, ts_creds, &blob))
		goto bail_out;

	s_free(ts_creds);

	if (!cssp_send_tsrequest(NULL, &blob, NULL))
		goto bail_out;

	return True;

      bail_out:
	xfree(token.data);
	return False;
}
Пример #25
0
bool sa_element_empty(String value, int index) {
	return s_length(value) <= 0;
}
Пример #26
0
FUNCTION static CODE chk_p_var
(
 struct PARBLK	*p,		/* in/out: PARBLK pointer	*/
 struct VARIABLE *v,		/* in/out: variable to check	*/
 GENPTR		pool1,		/* in:  beginning of var pool area*/
 GENPTR		pool2,		/* in:  end of var pool area*/
 COUNT		*parms		/* in/out: number of parms so far*/
 )
    {
    GENPTR		gp;
    COUNT		flag;
    COUNT		i;
    struct VARIABLE	*vq;		/* parameter qualifier		*/
    CODE		code;

#define GOOD_PTR(ptr)  (pool1 <= (GENPTR) ptr  &&  (GENPTR) ptr <= pool2)

    (*parms)++;
    flag = 0;
    if (!GOOD_PTR(v))
	goto link;
    (*v).v_name[NAMESIZ] = EOS;		/* max name size	*/
    if ((*v).v_type != V_INTEGER &&
	(*v).v_type != V_REAL    &&
	(*v).v_type != V_STRING  &&
	(*v).v_type != V_NAME)		/* V_NAME OK in compiled*/
	goto type;

/* current value related checks	*/

    if ((*v).v_type == V_NAME)
	{
	if ((*v).v_class != V_PARM)
	    goto type;
	if (!(*v).v_pv12)		/* if var from old TAE...		*/
	    goto name_v_ref;		/* TYPE=NAME didn't go to PARBLKs	*/
	if ((*v).v_nref != NULL  &&  !GOOD_PTR((*v).v_nref))
	    goto nameref;
	}
    else
	{
	if ((*v).v_count > MAXVAL)
	    goto count;
	if ((*v).v_count > 0)		/* check cvp if count > 0 */
	    if (!GOOD_PTR((*v).v_cvp))
		goto value;
	if ((*v).v_type == V_STRING)
	    {	
	    for (i=0; i < (*v).v_count; i++)
		{
		gp = (GENPTR) SVAL(*v, i);
		if (!GOOD_PTR(gp))
		    goto string;
		if (s_length(SVAL(*v,i)) > STRINGSIZ)
		    goto length;
		}
	    }

/* default value related checks	*/

	if ((*v).v_dcount > MAXVAL)
	    goto dcount;
	if ((*v).v_dcount > 0)		/* check cvp if count > 0 */
	    if (!GOOD_PTR((*v).v_dvp))
		goto dvalue;
	if ((*v).v_type == V_STRING)
	    {	
	    for (i=0; i < (*v).v_dcount; i++)
		{
		gp = (GENPTR) DSVAL(*v, i);
		if (!GOOD_PTR(gp))
		    goto dstring;
		if (s_length(DSVAL(*v,i)) > STRINGSIZ)
		    goto dlength;
		}
	    }
	if (!(*v).v_pv12)				/* if from old TAE version */
	    (*v).v_valid = NULL;			/* clear bad valid pointer */
	if ((*v).v_valid != NULL  &&  !GOOD_PTR((*v).v_valid))
	    goto valid;
	}
    if ((*v).v_class != V_GLOBAL &&
	(*v).v_class != V_PARM &&
	(*v).v_class != V_LOCAL)
	goto class;
    if ((*v).v_class == V_GLOBAL)
	if ((*v).v_pdf != NULL  &&  !GOOD_PTR((*v).v_pdf))
	    goto defpdf;
    if ((*v).v_pv12)					/* not if from old TAE	*/
	{						/* parameter qualifiers	*/
	for (vq = (*v).v_qualst.link; vq != NULL; vq = (*vq).v_link)
	    {
	    code = chk_p_var(p, vq, pool1, pool2, parms); /* recursive - chk qual*/
	    if (code != SUCCESS)
		goto parmqual;
	    }
	}
    return (SUCCESS);

    /* for debug, break on 'fail' and look at flag and v	*/

    name_v_ref:		flag++;		/* 17*/
    		        flag++;		/* 16*/
    parmqual:		flag++;		/* 15*/
    nameref:		flag++;		/* 14*/
    dcount:		flag++;		/* 13*/
    dvalue:		flag++;		/* 12*/
    dstring:		flag++;		/* 11*/
    dlength:		flag++;		/* 10*/
    valid:		flag++;		/* 9 */
    class:		flag++;		/* 8 */
    defpdf:		flag++;		/* 7 */
    link:		flag++;		/* 6 */
    type:		flag++;		/* 5 */
    count:		flag++;		/* 4 */
    value:		flag++;		/* 3 */
    string:		flag++;		/* 2 */
    length:		flag++;		/* 1 */
    		return (FAIL);
    }
Пример #27
0
FUNCTION VOID BRIDGE2_NAME(xrfile) 
(
    TAEINT		*block,		/* in: parameter block		*/
    FORSTR		*name,		/* in: parameter name		*/
    TAEINT		*dimen,		/* in: dimension of string	*/
    FORSTR		*tae_file,	/* out: FOR-77 tae file string(s)	*/
    TAEINT		tae_length[],	/* out: length of each tae file string	*/
    FORSTR		*host_file,	/* out: FOR-77 host file string(s)	*/
    TAEINT		host_length[],	/* out: length of each host file string	*/
    TAEINT		*n,		/* out: number of strings	*/
    TAEINT		*status	/* out: status code		*/

 )
    {
    struct PARBLK 	*parblk;
    TEXT		**s;			/* ptr to value vector in block	*/
    TEXT		c_name[STRINGSIZ+1];	/* name in C string format	*/
    COUNT		i;
    struct VARIABLE	*v;		/* variable in parm block		*/
    TEXT		temp[FSPECSIZ+1];
    TAEINT 		filemode;
    CODE		code;

    parblk = (struct PARBLK *) block;
    s_for2c(name, c_name, 0);			/* convert name to C string	*/
    s_strip(c_name);				/* remove trailing blanks	*/
    *n = 0;					/* caution in case error	*/ 

    v = p_find(parblk, c_name);			/* get string			*/
    if (v == NULL) goto p__bnerr;		/* check for name error		*/
    if ((*v).v_type != V_STRING) goto p__bterr; /* check for type error		*/
    s = (TEXT **) (*v).v_cvp;			/* value pointer		*/

    if (!(*v).v_file) goto p__bterr;
    filemode = (*v).v_filemode;
    *status = SUCCESS;				
    *n = (*v).v_count;				/* number of strings		*/
    for (i=0; i < (*v).v_count && i < *dimen; i++) /* get all tae & host files	*/
	{
	tae_length[i] = s_length(s[i]);	/* pass this length to caller	*/
	code = s_c2for(s[i], tae_file, i);	/* copy tae file to caller*/
        if (code != SUCCESS)
	    {
	    x_error((*parblk).mode, "File name longer than buffer size.",
		    "TAE-OVER", 0, 0, 0);
   	    *status = P_OVER;
	    return;
	    }
	xzhost(s[i], temp, &filemode, status);	/* get host spec	*/
	if (*status != SUCCESS)
	    {
	      x_error((*parblk).mode, (TEXT *) pm_trans, (TEXT *) pk_trans, 
		      (uintptr_t) s[i], 0, 0);
	    *status = P_FAIL;			/* failed to translate	*/
	    return;
	    }
	host_length[i] = s_length(temp);	/* pass this length to caller	*/
	s_c2for(temp, host_file, i);	/* copy host file to caller	*/
	}
    if ((*v).v_count > *dimen)
	*status = P_BADCOUNT;		/* bad count			*/
    return;

p__bnerr:
    *status = P_BADNAME;
    return;

p__bterr:
    x_error((*parblk).mode, (TEXT *) pm_type, (TEXT *) pk_type, 
	    (uintptr_t) (*v).v_name, 0, 0);
    *status = P_BADTYPE;
    return;
    }
Пример #28
0
FUNCTION CODE getfld 
(
    FAST struct SYNBLK	*sb,		/* in/out: syntax block			*/
    FAST TEXT		*field		/* out: field string of length TOKESIZ+1*/

 )
    {
    CODE	code;
    FAST CODE	toktyp;			/* token type				*/
    TEXT	token[TOKESIZ+1];

    *field = EOS;			/* initialize field to null string	*/
    code   = SUCCESS;
    if ((toktyp = gettok(sb,token)) == S_WHITE)	/* get token			*/
	toktyp = gettok(sb,token);	/* if white, get another		*/
    if (toktyp == S_SYNERR)		/* if syntax error			*/
	code = S_SYNERR;
    else if (toktyp == S_COMSEP)
	if ((*sb).inpar)
	    (*sb).lstcp = S_COMSEP;
	else
	    (*sb).lstcg = S_COMSEP;
    else if (toktyp == EOS)
	if ((*sb).lstcg == S_COMSEP || (*sb).lstcg == S_START)
	    (*sb).lstcg = EOS;
	else
	    code = EOS;
    else if (toktyp == ')' )		/* if right paren			*/
	if ((*sb).lstcp  == S_COMSEP || (*sb).lstcp == '(' )
	    {
	    (*sb).lstcp = ')';
	    (*sb).curchr--;		/* so we get right paren on next call	*/
	    }
	else
	    {
	    code  = S_RPAREN;
	    (*sb).inpar = FALSE;	/* no longer w/in parentheses		*/
	    fndsep(sb);			/* posit past trailing sep if present	*/
	    }
    else if (fldtrm(toktyp))		/* if token was a field terminator	*/
	{
	code   = toktyp;
	s_copy(token, field);
	}
    else
	{
	if (toktyp==S_QUOTED) code = S_QUOTED;	/* call it S_QUOTED if we lead with a quote*/
	while (!fldtrm(toktyp))		/* loop until a field terminator	*/
	    {
	    if (toktyp == S_QUOTED)	/* if token is a quoted string		*/
		strpqu(token);		/* strip quotes				*/
	    if (s_length(token) + s_length(field) > TOKESIZ)
		return(S_SYNERR);
	    s_append(token, field);	/* add token to field			*/
	    if ((toktyp = gettok(sb, token)) == S_SYNERR) /* get another token	*/
		return(S_SYNERR);
	    }
	if (toktyp != S_COMSEP && toktyp != S_WHITE)	/* put back terminator...*/
	    if (toktyp != EOS)		/* if not also separator		*/
		(*sb).curchr--;
	if ((*sb).inpar)
	    (*sb).lstcp = toktyp;
	else
	    (*sb).lstcg = toktyp;
	}
    return(code);
    }
Пример #29
0
static bool isShorterThan(Any s, int index, Any x) {
	int n = *(int*)x;
	return s_length(s) < n;
}
Пример #30
0
FUNCTION CODE getqlf 
(
    struct SYNBLK	*sb,		/* in/out: syntax block			*/
    TEXT		qualstr[]	/* out:  qualifier string		*/

 )
    {
    GENPTR		pos;
    CODE		toktyp;
    TEXT		token[TOKESIZ+1];
 

    pos = SAVPOS;			/* save position in case no quals found	*/
    if ((toktyp = gettok(sb, token)) == S_WHITE)	/* get token...		*/
	toktyp  = gettok(sb, token);	/* if white, get another		*/
    if (toktyp == S_SYNERR) goto syn_err;
    if (toktyp != QUAL_SYM)		/* if no qualifiers			*/
	{
	SETPOS(pos);			/* restore position			*/
	return(S_NONE);
	}

    /* The following checks are made to prevent improper syntax of 'proc a,|b|'
       or 'proc (a,b),|c|' from being processed identically to 'proc a|b|' or
       'proc (a,b)|c|', respectively.					*/

    pos = SAVPOS;			/* save pos as syntax check will change it	*/
    if ((*sb).lstcg == S_COMSEP)	/* if terminator char of last field was a comma */
        goto syn_err;
    else if ((*sb).lstcg == S_RPAREN)	/* since a comma separator isn't recorded... */
	{				/* check for one explicitly			*/
	SETPOS(pos-2);			/* back over current and '|' chars		*/
	while (*(*sb).curchr != ')')
	    {
	    if (*(*sb).curchr == ',')
		goto syn_err;
	    else
		(*sb).curchr--;
	    }
	SETPOS(pos);			/* restore position	*/
	}

    qualstr[0] = EOS;
    while (FOREVER)
	{
	if ((toktyp = gettok(sb, token)) == S_SYNERR) goto close_err;	/* get next token*/
	if (toktyp == QUAL_SYM)
	    break;			/* break if qualifiers done		*/
	if (toktyp == EOS) goto close_err;	/* syntax error if no closing "/"*/
	if (s_length(token) + s_length(qualstr) > CMDLINSIZ) goto close_err;	/* if no closing "/"*/
	s_append(token, qualstr);
	}
    return(SUCCESS);

syn_err:
    (*sb).curchr = (*sb).curchr - 1;	/* general syntax error			*/
    synerr(sb, "Incorrect format for qualifier");
    return(S_SYNERR);

close_err:
    (*sb).errchr = (*sb).curchr - 1;	/* point to error detection		*/
    synerr(sb, "No closing '|' in qualifier list");
    return(S_SYNERR);
    }