2 * Amanda, The Advanced Maryland Automatic Network Disk Archiver
3 * Copyright (c) 1991 University of Maryland
6 * Permission to use, copy, modify, distribute, and sell this software and its
7 * documentation for any purpose is hereby granted without fee, provided that
8 * the above copyright notice appear in all copies and that both that
9 * copyright notice and this permission notice appear in supporting
10 * documentation, and that the name of U.M. not be used in advertising or
11 * publicity pertaining to distribution of the software without specific,
12 * written prior permission. U.M. makes no representations about the
13 * suitability of this software for any purpose. It is provided "as is"
14 * without express or implied warranty.
16 * U.M. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL U.M.
18 * BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
20 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
21 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 * Author: James da Silva, Systems Design and Analysis Group
24 * Computer Science Department
25 * University of Maryland at College Park
28 * amandad-krb4.c - The Kerberos4 support bits for amandad.c.
31 #include "krb4-security.h"
33 void transfer_session_key P((void));
34 void add_mutual_authenticator P((dgram_t *msg));
35 int krb4_security_ok P((struct sockaddr_in *addr,
36 char *str, unsigned long cksum, char **errstr));
40 void transfer_session_key()
46 if(pipe(key_pipe) == -1)
47 error("could not open key pipe: %s", strerror(errno));
49 k = (char *)session_key;
50 for(l = 0, n = sizeof(session_key); l < n; l += s) {
51 if ((s = write(key_pipe[1], k + l, n - l)) < 0) {
52 error("error writing to key pipe: %s", strerror(errno));
56 /* modification by BIS@BBN 4/25/2003:
57 * check that key_pipe[0] is not KEY_PIPE before doing dup2 and
58 * close; otherwise we may inadvertently close KEY_PIPE */
60 if (key_pipe[0] != KEY_PIPE) {
61 dup2(key_pipe[0], KEY_PIPE);
66 void add_mutual_authenticator(msg)
70 char pad[8]; /* minimum size for encryption */
71 uint32_t i; /* "long" on 32-bit machines */
76 blen = sizeof(mutual);
77 memset(&mutual, 0, blen);
78 mutual.i = htonl(auth_cksum+1);
80 encrypt_data(&mutual, blen, session_key);
82 s = vstralloc("SECURITY MUTUAL-AUTH ",
83 bin2astr((unsigned char *)mutual.pad, blen),