Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/netncp/ncp_ncp.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* 2 * Copyright (c) 1999, 2000, 2001 Boris Popov 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by Boris Popov. 16 * 4. Neither the name of the author nor the names of any co-contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * $FreeBSD: releng/5.1/sys/netncp/ncp_ncp.c 114983 2003-05-13 20:36:02Z jhb $ 33 * 34 * Core of NCP protocol 35 */ 36 37 #include <sys/param.h> 38 #include <sys/errno.h> 39 #include <sys/systm.h> 40 #include <sys/proc.h> 41 #include <sys/signalvar.h> 42 #include <sys/sysctl.h> 43 #include <sys/mbuf.h> 44 #include <sys/lock.h> 45 #include <sys/mutex.h> 46 #include <sys/uio.h> 47 48 #include <netipx/ipx.h> 49 #include <netipx/ipx_var.h> 50 51 #include <netncp/ncp.h> 52 #include <netncp/ncp_conn.h> 53 #include <netncp/ncp_sock.h> 54 #include <netncp/ncp_subr.h> 55 #include <netncp/ncp_ncp.h> 56 #include <netncp/ncp_rq.h> 57 #include <netncp/nwerror.h> 58 59 #ifdef NCP_DATA_DEBUG 60 static 61 void m_dumpm(struct mbuf *m) { 62 char *p; 63 int len; 64 printf("d="); 65 while(m) { 66 p=mtod(m,char *); 67 len=m->m_len; 68 printf("(%d)",len); 69 while(len--){ 70 printf("%02x ",((int)*(p++)) & 0xff); 71 } 72 m=m->m_next; 73 }; 74 printf("\n"); 75 } 76 #endif /* NCP_DATA_DEBUG */ 77 78 int 79 ncp_chkintr(struct ncp_conn *conn, struct thread *td) 80 { 81 struct proc *p; 82 sigset_t tmpset; 83 84 if (td == NULL) 85 return 0; 86 p = td->td_proc; 87 PROC_LOCK(p); 88 tmpset = p->p_siglist; 89 SIGSETOR(tmpset, td->td_siglist); 90 SIGSETNAND(tmpset, td->td_sigmask); 91 mtx_lock(&p->p_sigacts->ps_mtx); 92 SIGSETNAND(tmpset, p->p_sigacts->ps_sigignore); 93 mtx_unlock(&p->p_sigacts->ps_mtx); 94 if (SIGNOTEMPTY(td->td_siglist) && NCP_SIGMASK(tmpset)) { 95 PROC_UNLOCK(p); 96 return EINTR; 97 } 98 PROC_UNLOCK(p); 99 return 0; 100 } 101 102 /* 103 * Process initial NCP handshake (attach) 104 * NOTE: Since all functions below may change conn attributes, they 105 * should be called with LOCKED connection, also they use procp & ucred 106 */ 107 int 108 ncp_ncp_connect(struct ncp_conn *conn) 109 { 110 struct ncp_rq *rqp; 111 struct ncp_rphdr *rp; 112 int error; 113 114 error = ncp_rq_alloc_any(NCP_ALLOC_SLOT, 0, conn, conn->td, conn->ucred, &rqp); 115 if (error) 116 return error; 117 118 conn->flags &= ~(NCPFL_SIGNACTIVE | NCPFL_SIGNWANTED | 119 NCPFL_ATTACHED | NCPFL_LOGGED | NCPFL_INVALID); 120 conn->seq = 0; 121 error = ncp_request_int(rqp); 122 if (!error) { 123 rp = mtod(rqp->rp.md_top, struct ncp_rphdr*); 124 conn->connid = rp->conn_low + (rp->conn_high << 8); 125 } 126 ncp_rq_done(rqp); 127 if (error) 128 return error; 129 conn->flags |= NCPFL_ATTACHED | NCPFL_WASATTACHED; 130 return 0; 131 } 132 133 int 134 ncp_ncp_disconnect(struct ncp_conn *conn) 135 { 136 struct ncp_rq *rqp; 137 int error; 138 139 NCPSDEBUG("for connid=%d\n",conn->nc_id); 140 #ifdef NCPBURST 141 ncp_burst_disconnect(conn); 142 #endif 143 if (conn->flags & NCPFL_ATTACHED) { 144 error = ncp_rq_alloc_any(NCP_FREE_SLOT, 0, conn, conn->td, conn->ucred, &rqp); 145 if (!error) { 146 ncp_request_int(rqp); 147 ncp_rq_done(rqp); 148 } 149 } 150 ncp_conn_invalidate(conn); 151 ncp_sock_disconnect(conn); 152 return 0; 153 } 154 155 /* 156 * All negotiation functions expect a locked connection 157 */ 158 159 int 160 ncp_negotiate_buffersize(struct ncp_conn *conn, int size, int *target) 161 { 162 struct ncp_rq *rqp; 163 u_int16_t bsize; 164 int error; 165 166 error = ncp_rq_alloc(0x21, conn, conn->td, conn->ucred, &rqp); 167 if (error) 168 return error; 169 mb_put_uint16be(&rqp->rq, size); 170 error = ncp_request(rqp); 171 if (error) 172 return error; 173 md_get_uint16be(&rqp->rp, &bsize); 174 *target = min(bsize, size); 175 ncp_rq_done(rqp); 176 return error; 177 } 178 179 static int 180 ncp_negotiate_size_and_options(struct ncp_conn *conn, int size, int options, 181 int *ret_size, u_int8_t *ret_options) 182 { 183 struct ncp_rq *rqp; 184 u_int16_t rs; 185 int error; 186 187 error = ncp_rq_alloc(0x61, conn, conn->td, conn->ucred, &rqp); 188 if (error) 189 return error; 190 mb_put_uint16be(&rqp->rq, size); 191 mb_put_uint8(&rqp->rq, options); 192 rqp->nr_minrplen = 2 + 2 + 1; 193 error = ncp_request(rqp); 194 if (error) 195 return error; 196 md_get_uint16be(&rqp->rp, &rs); 197 *ret_size = (rs == 0) ? size : min(rs, size); 198 md_get_uint16be(&rqp->rp, &rs); /* skip echo socket */ 199 md_get_uint8(&rqp->rp, ret_options); 200 ncp_rq_done(rqp); 201 return error; 202 } 203 204 int 205 ncp_renegotiate_connparam(struct ncp_conn *conn, int buffsize, u_int8_t in_options) 206 { 207 u_int8_t options; 208 int neg_buffsize, error, sl, ckslevel, ilen; 209 210 sl = conn->li.sig_level; 211 if (sl >= 2) 212 in_options |= NCP_SECURITY_LEVEL_SIGN_HEADERS; 213 if (conn->li.saddr.sa_family == AF_IPX) { 214 ilen = sizeof(ckslevel); 215 error = kernel_sysctlbyname(curthread, "net.ipx.ipx.checksum", 216 &ckslevel, &ilen, NULL, 0, NULL); 217 if (error) 218 return error; 219 if (ckslevel == 2) 220 in_options |= NCP_IPX_CHECKSUM; 221 } 222 error = ncp_negotiate_size_and_options(conn, buffsize, in_options, 223 &neg_buffsize, &options); 224 if (!error) { 225 if (conn->li.saddr.sa_family == AF_IPX && 226 ((options ^ in_options) & NCP_IPX_CHECKSUM)) { 227 if (ckslevel == 2) { 228 printf("Server refuses to support IPX checksums\n"); 229 return NWE_REQUESTER_FAILURE; 230 } 231 in_options |= NCP_IPX_CHECKSUM; 232 error = 1; 233 } 234 if ((options ^ in_options) & 2) { 235 if (sl == 0 || sl == 3) 236 return NWE_SIGNATURE_LEVEL_CONFLICT; 237 if (sl == 1) { 238 in_options |= NCP_SECURITY_LEVEL_SIGN_HEADERS; 239 error = 1; 240 } 241 } 242 if (error) { 243 error = ncp_negotiate_size_and_options(conn, 244 buffsize, in_options, &neg_buffsize, &options); 245 if ((options ^ in_options) & 3) { 246 return NWE_SIGNATURE_LEVEL_CONFLICT; 247 } 248 } 249 } else { 250 in_options &= ~NCP_SECURITY_LEVEL_SIGN_HEADERS; 251 error = ncp_negotiate_buffersize(conn, NCP_DEFAULT_BUFSIZE, 252 &neg_buffsize); 253 } 254 if (error) return error; 255 if ((neg_buffsize < 512) || (neg_buffsize > NCP_MAX_BUFSIZE)) 256 return EINVAL; 257 conn->buffer_size = neg_buffsize; 258 if (in_options & NCP_SECURITY_LEVEL_SIGN_HEADERS) 259 conn->flags |= NCPFL_SIGNWANTED; 260 if (conn->li.saddr.sa_family == AF_IPX) 261 ncp_sock_checksum(conn, in_options & NCP_IPX_CHECKSUM); 262 return 0; 263 } 264 265 void 266 ncp_check_rq(struct ncp_conn *conn) 267 { 268 return; 269 if (conn->flags & NCPFL_INTR) 270 return; 271 /* first, check for signals */ 272 if (ncp_chkintr(conn, conn->td)) 273 conn->flags |= NCPFL_INTR; 274 return; 275 } 276 277 int 278 ncp_get_bindery_object_id(struct ncp_conn *conn, 279 u_int16_t object_type, char *object_name, 280 struct ncp_bindery_object *target, 281 struct thread *td, struct ucred *cred) 282 { 283 struct ncp_rq *rqp; 284 int error; 285 286 error = ncp_rq_alloc_subfn(23, 53, conn, conn->td, conn->ucred, &rqp); 287 mb_put_uint16be(&rqp->rq, object_type); 288 ncp_rq_pstring(rqp, object_name); 289 rqp->nr_minrplen = 54; 290 error = ncp_request(rqp); 291 if (error) 292 return error; 293 md_get_uint32be(&rqp->rp, &target->object_id); 294 md_get_uint16be(&rqp->rp, &target->object_type); 295 md_get_mem(&rqp->rp, (caddr_t)target->object_name, 48, MB_MSYSTEM); 296 ncp_rq_done(rqp); 297 return 0; 298 } 299 300 /* 301 * target is a 8-byte buffer 302 */ 303 int 304 ncp_get_encryption_key(struct ncp_conn *conn, char *target) 305 { 306 struct ncp_rq *rqp; 307 int error; 308 309 error = ncp_rq_alloc_subfn(23, 23, conn, conn->td, conn->ucred, &rqp); 310 if (error) 311 return error; 312 rqp->nr_minrplen = 8; 313 error = ncp_request(rqp); 314 if (error) 315 return error; 316 md_get_mem(&rqp->rp, target, 8, MB_MSYSTEM); 317 ncp_rq_done(rqp); 318 return error; 319 } 320 321 /* 322 * Initialize packet signatures. They a slightly modified MD4. 323 * The first 16 bytes of logindata are the shuffled password, 324 * the last 8 bytes the encryption key as received from the server. 325 */ 326 static int 327 ncp_sign_start(struct ncp_conn *conn, char *logindata) 328 { 329 char msg[64]; 330 u_int32_t state[4]; 331 332 memcpy(msg, logindata, 24); 333 memcpy(msg + 24, "Authorized NetWare Client", 25); 334 bzero(msg + 24 + 25, sizeof(msg) - 24 - 25); 335 336 conn->sign_state[0] = 0x67452301; 337 conn->sign_state[1] = 0xefcdab89; 338 conn->sign_state[2] = 0x98badcfe; 339 conn->sign_state[3] = 0x10325476; 340 ncp_sign(conn->sign_state, msg, state); 341 conn->sign_root[0] = state[0]; 342 conn->sign_root[1] = state[1]; 343 conn->flags |= NCPFL_SIGNACTIVE; 344 return 0; 345 } 346 347 348 int 349 ncp_login_encrypted(struct ncp_conn *conn, struct ncp_bindery_object *object, 350 const u_char *key, const u_char *passwd, 351 struct thread *td, struct ucred *cred) 352 { 353 struct ncp_rq *rqp; 354 struct mbchain *mbp; 355 u_int32_t tmpID = htonl(object->object_id); 356 u_char buf[16 + 8]; 357 u_char encrypted[8]; 358 int error; 359 360 nw_keyhash((u_char*)&tmpID, passwd, strlen(passwd), buf); 361 nw_encrypt(key, buf, encrypted); 362 363 error = ncp_rq_alloc_subfn(23, 24, conn, td, cred, &rqp); 364 if (error) 365 return error; 366 mbp = &rqp->rq; 367 mb_put_mem(mbp, encrypted, 8, MB_MSYSTEM); 368 mb_put_uint16be(mbp, object->object_type); 369 ncp_rq_pstring(rqp, object->object_name); 370 error = ncp_request(rqp); 371 if (!error) 372 ncp_rq_done(rqp); 373 if ((conn->flags & NCPFL_SIGNWANTED) && 374 (error == 0 || error == NWE_PASSWORD_EXPIRED)) { 375 bcopy(key, buf + 16, 8); 376 error = ncp_sign_start(conn, buf); 377 } 378 return error; 379 } 380 381 int 382 ncp_login_unencrypted(struct ncp_conn *conn, u_int16_t object_type, 383 const char *object_name, const u_char *passwd, 384 struct thread *td, struct ucred *cred) 385 { 386 struct ncp_rq *rqp; 387 int error; 388 389 error = ncp_rq_alloc_subfn(23, 20, conn, td, cred, &rqp); 390 if (error) 391 return error; 392 mb_put_uint16be(&rqp->rq, object_type); 393 ncp_rq_pstring(rqp, object_name); 394 ncp_rq_pstring(rqp, passwd); 395 error = ncp_request(rqp); 396 if (!error) 397 ncp_rq_done(rqp); 398 return error; 399 } 400 401 int 402 ncp_read(struct ncp_conn *conn, ncp_fh *file, struct uio *uiop, struct ucred *cred) 403 { 404 struct ncp_rq *rqp; 405 struct mbchain *mbp; 406 u_int16_t retlen = 0 ; 407 int error = 0, len = 0, tsiz, burstio; 408 409 tsiz = uiop->uio_resid; 410 #ifdef NCPBURST 411 burstio = (ncp_burst_enabled && tsiz > conn->buffer_size); 412 #else 413 burstio = 0; 414 #endif 415 416 while (tsiz > 0) { 417 if (!burstio) { 418 len = min(4096 - (uiop->uio_offset % 4096), tsiz); 419 len = min(len, conn->buffer_size); 420 error = ncp_rq_alloc(72, conn, uiop->uio_td, cred, &rqp); 421 if (error) 422 break; 423 mbp = &rqp->rq; 424 mb_put_uint8(mbp, 0); 425 mb_put_mem(mbp, (caddr_t)file, 6, MB_MSYSTEM); 426 mb_put_uint32be(mbp, uiop->uio_offset); 427 mb_put_uint16be(mbp, len); 428 rqp->nr_minrplen = 2; 429 error = ncp_request(rqp); 430 if (error) 431 break; 432 md_get_uint16be(&rqp->rp, &retlen); 433 if (uiop->uio_offset & 1) 434 md_get_mem(&rqp->rp, NULL, 1, MB_MSYSTEM); 435 error = md_get_uio(&rqp->rp, uiop, retlen); 436 ncp_rq_done(rqp); 437 } else { 438 #ifdef NCPBURST 439 error = ncp_burst_read(conn, file, tsiz, &len, &retlen, uiop, cred); 440 #endif 441 } 442 if (error) 443 break; 444 tsiz -= retlen; 445 if (retlen < len) 446 break; 447 } 448 return (error); 449 } 450 451 int 452 ncp_write(struct ncp_conn *conn, ncp_fh *file, struct uio *uiop, struct ucred *cred) 453 { 454 struct ncp_rq *rqp; 455 struct mbchain *mbp; 456 int error = 0, len, tsiz, backup; 457 458 if (uiop->uio_iovcnt != 1) { 459 printf("%s: can't handle iovcnt>1 !!!\n", __func__); 460 return EIO; 461 } 462 tsiz = uiop->uio_resid; 463 while (tsiz > 0) { 464 len = min(4096 - (uiop->uio_offset % 4096), tsiz); 465 len = min(len, conn->buffer_size); 466 if (len == 0) { 467 printf("gotcha!\n"); 468 } 469 /* rq head */ 470 error = ncp_rq_alloc(73, conn, uiop->uio_td, cred, &rqp); 471 if (error) 472 break; 473 mbp = &rqp->rq; 474 mb_put_uint8(mbp, 0); 475 mb_put_mem(mbp, (caddr_t)file, 6, MB_MSYSTEM); 476 mb_put_uint32be(mbp, uiop->uio_offset); 477 mb_put_uint16be(mbp, len); 478 error = mb_put_uio(mbp, uiop, len); 479 if (error) { 480 ncp_rq_done(rqp); 481 break; 482 } 483 error = ncp_request(rqp); 484 if (!error) 485 ncp_rq_done(rqp); 486 if (len == 0) 487 break; 488 if (error) { 489 backup = len; 490 uiop->uio_iov->iov_base = 491 (char *)uiop->uio_iov->iov_base - backup; 492 uiop->uio_iov->iov_len += backup; 493 uiop->uio_offset -= backup; 494 uiop->uio_resid += backup; 495 break; 496 } 497 tsiz -= len; 498 } 499 if (error) 500 uiop->uio_resid = tsiz; 501 switch (error) { 502 case NWE_INSUFFICIENT_SPACE: 503 error = ENOSPC; 504 break; 505 } 506 return (error); 507 }
Cache object: cd9f85a9f409a6b7b7292f4699e1b5a5
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]