34#include <sys/types.h> 35#include <errno.h> 36#include <string.h> 37#include <netncp/ncp_lib.h> 38 39static void nw_passencrypt(char *old, char *new, char *out); 40 41int 42ncp_get_bindery_object_id(NWCONN_HANDLE connid, u_int16_t object_type, 43 const char *object_name, struct ncp_bindery_object *target) 44{ 45 int error; 46 DECLARE_RQ; 47 48 ncp_init_request_s(conn, 53); 49 ncp_add_word_hl(conn, object_type); 50 ncp_add_pstring(conn, object_name); 51 52 if ((error = ncp_request(connid, 23, conn)) != 0) { 53 return error; 54 } 55 if (conn->rpsize < 54) { 56 return EACCES; 57 } 58 target->object_id = ncp_reply_dword_hl(conn, 0); 59 target->object_type = ncp_reply_word_hl(conn, 4); 60 memcpy(target->object_name, ncp_reply_data(conn, 6), 48); 61 return 0; 62} 63 64int 65ncp_read_property_value(NWCONN_HANDLE connid, int object_type, 66 const char *object_name, int segment, const char *prop_name, 67 struct nw_property *target) 68{ 69 int error; 70 struct ncp_buf conn; 71 ncp_init_request_s(&conn, 61); 72 ncp_add_word_hl(&conn, object_type); 73 ncp_add_pstring(&conn, object_name); 74 ncp_add_byte(&conn, segment); 75 ncp_add_pstring(&conn, prop_name); 76 77 if ((error = ncp_request(connid,23,&conn)) != 0) { 78 return error; 79 } 80 memcpy(&(target->value), ncp_reply_data(&conn, 0), 128); 81 target->more_flag = ncp_reply_byte(&conn, 128); 82 target->property_flag = ncp_reply_byte(&conn, 129); 83 return 0; 84} 85 86int 87ncp_scan_bindery_object(NWCONN_HANDLE connid, u_int32_t last_id, 88 u_int16_t object_type, char *search_string, 89 struct ncp_bindery_object *target) 90{ 91 int error; 92 DECLARE_RQ; 93 94 ncp_init_request_s(conn, 55); 95 ncp_add_dword_hl(conn, last_id); 96 ncp_add_word_hl(conn, object_type); 97 ncp_add_pstring(conn, search_string); 98 error = ncp_request(connid, 23, conn); 99 if (error) return error; 100 target->object_id = ncp_reply_dword_hl(conn, 0); 101 target->object_type = ncp_reply_word_hl(conn, 4); 102 memcpy(target->object_name, ncp_reply_data(conn, 6),NCP_BINDERY_NAME_LEN); 103 target->object_flags = ncp_reply_byte(conn, 54); 104 target->object_security = ncp_reply_byte(conn, 55); 105 target->object_has_prop = ncp_reply_byte(conn, 56); 106 return 0; 107} 108 109int 110ncp_get_bindery_object_name(NWCONN_HANDLE connid, u_int32_t object_id, 111 struct ncp_bindery_object *target) 112{ 113 int error; 114 DECLARE_RQ; 115 116 ncp_init_request_s(conn, 54); 117 ncp_add_dword_hl(conn, object_id); 118 if ((error = ncp_request(connid, 23, conn)) != 0) 119 return error; 120 target->object_id = ncp_reply_dword_hl(conn, 0); 121 target->object_type = ncp_reply_word_hl(conn, 4); 122 memcpy(target->object_name, ncp_reply_data(conn, 6), 48); 123 return 0; 124} 125 126int 127ncp_change_obj_passwd(NWCONN_HANDLE connid, 128 const struct ncp_bindery_object *object, 129 const u_char *key, 130 const u_char *oldpasswd, 131 const u_char *newpasswd) 132{ 133 long id = htonl(object->object_id); 134 u_char cryptkey[8]; 135 u_char newpwd[16]; /* new passwd as stored by server */ 136 u_char oldpwd[16]; /* old passwd as stored by server */ 137 u_char len; 138 DECLARE_RQ; 139 140 memcpy(cryptkey, key, 8); 141 nw_keyhash((u_char *)&id, oldpasswd, strlen(oldpasswd), oldpwd); 142 nw_keyhash((u_char *)&id, newpasswd, strlen(newpasswd), newpwd); 143 nw_encrypt(cryptkey, oldpwd, cryptkey); 144 nw_passencrypt(oldpwd, newpwd, newpwd); 145 nw_passencrypt(oldpwd + 8, newpwd + 8, newpwd + 8); 146 if ((len = strlen(newpasswd)) > 63) { 147 len = 63; 148 } 149 len = ((len ^ oldpwd[0] ^ oldpwd[1]) & 0x7f) | 0x40; 150 151 ncp_init_request_s(conn, 75); 152 ncp_add_mem(conn, cryptkey, 8); 153 ncp_add_word_hl(conn, object->object_type); 154 ncp_add_pstring(conn, object->object_name); 155 ncp_add_byte(conn, len); 156 ncp_add_mem(conn, newpwd, 16); 157 return ncp_request(connid, 23, conn); 158} 159 160/* 161 * target is a 8-byte buffer 162 */ 163int 164ncp_get_encryption_key(NWCONN_HANDLE cH, char *target) { 165 int error; 166 DECLARE_RQ; 167 168 ncp_init_request_s(conn, 23); 169 170 error = ncp_request(cH, 23, conn); 171 if (error) 172 return error; 173 if (conn->rpsize < 8) 174 return EACCES; 175 memcpy(target, ncp_reply_data(conn, 0), 8); 176 return 0; 177} 178 179int 180ncp_keyed_verify_password(NWCONN_HANDLE cH, char *key, char *passwd, 181 struct ncp_bindery_object *objinfo) 182{ 183 u_long id = htonl(objinfo->object_id); 184 u_char cryptkey[8]; 185 u_char buf[128]; 186 DECLARE_RQ; 187 188 nw_keyhash((u_char *)&id, passwd, strlen(passwd), buf); 189 nw_encrypt(key, buf, cryptkey); 190 191 ncp_init_request_s(conn, 74); 192 ncp_add_mem(conn, cryptkey, sizeof(cryptkey)); 193 ncp_add_word_hl(conn, objinfo->object_type); 194 ncp_add_pstring(conn, objinfo->object_name); 195 196 return ncp_request(cH, 23, conn); 197} 198 199static char passkeys[256 + 16] = { 200 0x0f, 0x08, 0x05, 0x07, 0x0c, 0x02, 0x0e, 0x09, 201 0x00, 0x01, 0x06, 0x0d, 0x03, 0x04, 0x0b, 0x0a, 202 0x02, 0x0c, 0x0e, 0x06, 0x0f, 0x00, 0x01, 0x08, 203 0x0d, 0x03, 0x0a, 0x04, 0x09, 0x0b, 0x05, 0x07, 204 0x05, 0x02, 0x09, 0x0f, 0x0c, 0x04, 0x0d, 0x00, 205 0x0e, 0x0a, 0x06, 0x08, 0x0b, 0x01, 0x03, 0x07, 206 0x0f, 0x0d, 0x02, 0x06, 0x07, 0x08, 0x05, 0x09, 207 0x00, 0x04, 0x0c, 0x03, 0x01, 0x0a, 0x0b, 0x0e, 208 0x05, 0x0e, 0x02, 0x0b, 0x0d, 0x0a, 0x07, 0x00, 209 0x08, 0x06, 0x04, 0x01, 0x0f, 0x0c, 0x03, 0x09, 210 0x08, 0x02, 0x0f, 0x0a, 0x05, 0x09, 0x06, 0x0c, 211 0x00, 0x0b, 0x01, 0x0d, 0x07, 0x03, 0x04, 0x0e, 212 0x0e, 0x08, 0x00, 0x09, 0x04, 0x0b, 0x02, 0x07, 213 0x0c, 0x03, 0x0a, 0x05, 0x0d, 0x01, 0x06, 0x0f, 214 0x01, 0x04, 0x08, 0x0a, 0x0d, 0x0b, 0x07, 0x0e, 215 0x05, 0x0f, 0x03, 0x09, 0x00, 0x02, 0x06, 0x0c, 216 0x05, 0x03, 0x0c, 0x08, 0x0b, 0x02, 0x0e, 0x0a, 217 0x04, 0x01, 0x0d, 0x00, 0x06, 0x07, 0x0f, 0x09, 218 0x06, 0x00, 0x0b, 0x0e, 0x0d, 0x04, 0x0c, 0x0f, 219 0x07, 0x02, 0x08, 0x0a, 0x01, 0x05, 0x03, 0x09, 220 0x0b, 0x05, 0x0a, 0x0e, 0x0f, 0x01, 0x0c, 0x00, 221 0x06, 0x04, 0x02, 0x09, 0x03, 0x0d, 0x07, 0x08, 222 0x07, 0x02, 0x0a, 0x00, 0x0e, 0x08, 0x0f, 0x04, 223 0x0c, 0x0b, 0x09, 0x01, 0x05, 0x0d, 0x03, 0x06, 224 0x07, 0x04, 0x0f, 0x09, 0x05, 0x01, 0x0c, 0x0b, 225 0x00, 0x03, 0x08, 0x0e, 0x02, 0x0a, 0x06, 0x0d, 226 0x09, 0x04, 0x08, 0x00, 0x0a, 0x03, 0x01, 0x0c, 227 0x05, 0x0f, 0x07, 0x02, 0x0b, 0x0e, 0x06, 0x0d, 228 0x09, 0x05, 0x04, 0x07, 0x0e, 0x08, 0x03, 0x01, 229 0x0d, 0x0b, 0x0c, 0x02, 0x00, 0x0f, 0x06, 0x0a, 230 0x09, 0x0a, 0x0b, 0x0d, 0x05, 0x03, 0x0f, 0x00, 231 0x01, 0x0c, 0x08, 0x07, 0x06, 0x04, 0x0e, 0x02, 232 0x03, 0x0e, 0x0f, 0x02, 0x0d, 0x0c, 0x04, 0x05, 233 0x09, 0x06, 0x00, 0x01, 0x0b, 0x07, 0x0a, 0x08 234}; 235 236static void 237nw_passencrypt(char *old, char *new, char *out) 238{ 239 char *p, v; 240 char copy[8]; 241 int i, di, ax; 242 243#define HIGH(x) (((x) >> 4) & 0xf) 244#define LOW(x) ((x) & 0xf) 245 memcpy(copy, new, 8); 246 247 for (i = 0; i < 16; i++) { 248 for (di = 0, ax = 0, p = old; di < 8; di++, ax += 0x20, p++) { 249 v = copy[di] ^ *p; 250 copy[di] = (passkeys[HIGH(v) + ax + 0x10] << 4) | 251 passkeys[LOW(v) + ax]; 252 } 253 v = old[7]; 254 for (p = old + 7; p > old; p--) { 255 *p = HIGH(p[-1]) | ((*p) << 4); 256 } 257 *old = HIGH(v) | (*old) << 4; 258 bzero(out, 8); 259 260 for (di = 0; di < 16; di++) { 261 v = passkeys[di + 0x100]; 262 v = (v & 1) ? HIGH(copy[v / 2]) : LOW(copy[v / 2]); 263 out[di / 2] |= ((di & 1) ? v << 4 : v); 264 } 265 memcpy(copy, out, 8); 266 } 267}
| 36#include <sys/types.h> 37#include <errno.h> 38#include <string.h> 39#include <netncp/ncp_lib.h> 40 41static void nw_passencrypt(char *old, char *new, char *out); 42 43int 44ncp_get_bindery_object_id(NWCONN_HANDLE connid, u_int16_t object_type, 45 const char *object_name, struct ncp_bindery_object *target) 46{ 47 int error; 48 DECLARE_RQ; 49 50 ncp_init_request_s(conn, 53); 51 ncp_add_word_hl(conn, object_type); 52 ncp_add_pstring(conn, object_name); 53 54 if ((error = ncp_request(connid, 23, conn)) != 0) { 55 return error; 56 } 57 if (conn->rpsize < 54) { 58 return EACCES; 59 } 60 target->object_id = ncp_reply_dword_hl(conn, 0); 61 target->object_type = ncp_reply_word_hl(conn, 4); 62 memcpy(target->object_name, ncp_reply_data(conn, 6), 48); 63 return 0; 64} 65 66int 67ncp_read_property_value(NWCONN_HANDLE connid, int object_type, 68 const char *object_name, int segment, const char *prop_name, 69 struct nw_property *target) 70{ 71 int error; 72 struct ncp_buf conn; 73 ncp_init_request_s(&conn, 61); 74 ncp_add_word_hl(&conn, object_type); 75 ncp_add_pstring(&conn, object_name); 76 ncp_add_byte(&conn, segment); 77 ncp_add_pstring(&conn, prop_name); 78 79 if ((error = ncp_request(connid,23,&conn)) != 0) { 80 return error; 81 } 82 memcpy(&(target->value), ncp_reply_data(&conn, 0), 128); 83 target->more_flag = ncp_reply_byte(&conn, 128); 84 target->property_flag = ncp_reply_byte(&conn, 129); 85 return 0; 86} 87 88int 89ncp_scan_bindery_object(NWCONN_HANDLE connid, u_int32_t last_id, 90 u_int16_t object_type, char *search_string, 91 struct ncp_bindery_object *target) 92{ 93 int error; 94 DECLARE_RQ; 95 96 ncp_init_request_s(conn, 55); 97 ncp_add_dword_hl(conn, last_id); 98 ncp_add_word_hl(conn, object_type); 99 ncp_add_pstring(conn, search_string); 100 error = ncp_request(connid, 23, conn); 101 if (error) return error; 102 target->object_id = ncp_reply_dword_hl(conn, 0); 103 target->object_type = ncp_reply_word_hl(conn, 4); 104 memcpy(target->object_name, ncp_reply_data(conn, 6),NCP_BINDERY_NAME_LEN); 105 target->object_flags = ncp_reply_byte(conn, 54); 106 target->object_security = ncp_reply_byte(conn, 55); 107 target->object_has_prop = ncp_reply_byte(conn, 56); 108 return 0; 109} 110 111int 112ncp_get_bindery_object_name(NWCONN_HANDLE connid, u_int32_t object_id, 113 struct ncp_bindery_object *target) 114{ 115 int error; 116 DECLARE_RQ; 117 118 ncp_init_request_s(conn, 54); 119 ncp_add_dword_hl(conn, object_id); 120 if ((error = ncp_request(connid, 23, conn)) != 0) 121 return error; 122 target->object_id = ncp_reply_dword_hl(conn, 0); 123 target->object_type = ncp_reply_word_hl(conn, 4); 124 memcpy(target->object_name, ncp_reply_data(conn, 6), 48); 125 return 0; 126} 127 128int 129ncp_change_obj_passwd(NWCONN_HANDLE connid, 130 const struct ncp_bindery_object *object, 131 const u_char *key, 132 const u_char *oldpasswd, 133 const u_char *newpasswd) 134{ 135 long id = htonl(object->object_id); 136 u_char cryptkey[8]; 137 u_char newpwd[16]; /* new passwd as stored by server */ 138 u_char oldpwd[16]; /* old passwd as stored by server */ 139 u_char len; 140 DECLARE_RQ; 141 142 memcpy(cryptkey, key, 8); 143 nw_keyhash((u_char *)&id, oldpasswd, strlen(oldpasswd), oldpwd); 144 nw_keyhash((u_char *)&id, newpasswd, strlen(newpasswd), newpwd); 145 nw_encrypt(cryptkey, oldpwd, cryptkey); 146 nw_passencrypt(oldpwd, newpwd, newpwd); 147 nw_passencrypt(oldpwd + 8, newpwd + 8, newpwd + 8); 148 if ((len = strlen(newpasswd)) > 63) { 149 len = 63; 150 } 151 len = ((len ^ oldpwd[0] ^ oldpwd[1]) & 0x7f) | 0x40; 152 153 ncp_init_request_s(conn, 75); 154 ncp_add_mem(conn, cryptkey, 8); 155 ncp_add_word_hl(conn, object->object_type); 156 ncp_add_pstring(conn, object->object_name); 157 ncp_add_byte(conn, len); 158 ncp_add_mem(conn, newpwd, 16); 159 return ncp_request(connid, 23, conn); 160} 161 162/* 163 * target is a 8-byte buffer 164 */ 165int 166ncp_get_encryption_key(NWCONN_HANDLE cH, char *target) { 167 int error; 168 DECLARE_RQ; 169 170 ncp_init_request_s(conn, 23); 171 172 error = ncp_request(cH, 23, conn); 173 if (error) 174 return error; 175 if (conn->rpsize < 8) 176 return EACCES; 177 memcpy(target, ncp_reply_data(conn, 0), 8); 178 return 0; 179} 180 181int 182ncp_keyed_verify_password(NWCONN_HANDLE cH, char *key, char *passwd, 183 struct ncp_bindery_object *objinfo) 184{ 185 u_long id = htonl(objinfo->object_id); 186 u_char cryptkey[8]; 187 u_char buf[128]; 188 DECLARE_RQ; 189 190 nw_keyhash((u_char *)&id, passwd, strlen(passwd), buf); 191 nw_encrypt(key, buf, cryptkey); 192 193 ncp_init_request_s(conn, 74); 194 ncp_add_mem(conn, cryptkey, sizeof(cryptkey)); 195 ncp_add_word_hl(conn, objinfo->object_type); 196 ncp_add_pstring(conn, objinfo->object_name); 197 198 return ncp_request(cH, 23, conn); 199} 200 201static char passkeys[256 + 16] = { 202 0x0f, 0x08, 0x05, 0x07, 0x0c, 0x02, 0x0e, 0x09, 203 0x00, 0x01, 0x06, 0x0d, 0x03, 0x04, 0x0b, 0x0a, 204 0x02, 0x0c, 0x0e, 0x06, 0x0f, 0x00, 0x01, 0x08, 205 0x0d, 0x03, 0x0a, 0x04, 0x09, 0x0b, 0x05, 0x07, 206 0x05, 0x02, 0x09, 0x0f, 0x0c, 0x04, 0x0d, 0x00, 207 0x0e, 0x0a, 0x06, 0x08, 0x0b, 0x01, 0x03, 0x07, 208 0x0f, 0x0d, 0x02, 0x06, 0x07, 0x08, 0x05, 0x09, 209 0x00, 0x04, 0x0c, 0x03, 0x01, 0x0a, 0x0b, 0x0e, 210 0x05, 0x0e, 0x02, 0x0b, 0x0d, 0x0a, 0x07, 0x00, 211 0x08, 0x06, 0x04, 0x01, 0x0f, 0x0c, 0x03, 0x09, 212 0x08, 0x02, 0x0f, 0x0a, 0x05, 0x09, 0x06, 0x0c, 213 0x00, 0x0b, 0x01, 0x0d, 0x07, 0x03, 0x04, 0x0e, 214 0x0e, 0x08, 0x00, 0x09, 0x04, 0x0b, 0x02, 0x07, 215 0x0c, 0x03, 0x0a, 0x05, 0x0d, 0x01, 0x06, 0x0f, 216 0x01, 0x04, 0x08, 0x0a, 0x0d, 0x0b, 0x07, 0x0e, 217 0x05, 0x0f, 0x03, 0x09, 0x00, 0x02, 0x06, 0x0c, 218 0x05, 0x03, 0x0c, 0x08, 0x0b, 0x02, 0x0e, 0x0a, 219 0x04, 0x01, 0x0d, 0x00, 0x06, 0x07, 0x0f, 0x09, 220 0x06, 0x00, 0x0b, 0x0e, 0x0d, 0x04, 0x0c, 0x0f, 221 0x07, 0x02, 0x08, 0x0a, 0x01, 0x05, 0x03, 0x09, 222 0x0b, 0x05, 0x0a, 0x0e, 0x0f, 0x01, 0x0c, 0x00, 223 0x06, 0x04, 0x02, 0x09, 0x03, 0x0d, 0x07, 0x08, 224 0x07, 0x02, 0x0a, 0x00, 0x0e, 0x08, 0x0f, 0x04, 225 0x0c, 0x0b, 0x09, 0x01, 0x05, 0x0d, 0x03, 0x06, 226 0x07, 0x04, 0x0f, 0x09, 0x05, 0x01, 0x0c, 0x0b, 227 0x00, 0x03, 0x08, 0x0e, 0x02, 0x0a, 0x06, 0x0d, 228 0x09, 0x04, 0x08, 0x00, 0x0a, 0x03, 0x01, 0x0c, 229 0x05, 0x0f, 0x07, 0x02, 0x0b, 0x0e, 0x06, 0x0d, 230 0x09, 0x05, 0x04, 0x07, 0x0e, 0x08, 0x03, 0x01, 231 0x0d, 0x0b, 0x0c, 0x02, 0x00, 0x0f, 0x06, 0x0a, 232 0x09, 0x0a, 0x0b, 0x0d, 0x05, 0x03, 0x0f, 0x00, 233 0x01, 0x0c, 0x08, 0x07, 0x06, 0x04, 0x0e, 0x02, 234 0x03, 0x0e, 0x0f, 0x02, 0x0d, 0x0c, 0x04, 0x05, 235 0x09, 0x06, 0x00, 0x01, 0x0b, 0x07, 0x0a, 0x08 236}; 237 238static void 239nw_passencrypt(char *old, char *new, char *out) 240{ 241 char *p, v; 242 char copy[8]; 243 int i, di, ax; 244 245#define HIGH(x) (((x) >> 4) & 0xf) 246#define LOW(x) ((x) & 0xf) 247 memcpy(copy, new, 8); 248 249 for (i = 0; i < 16; i++) { 250 for (di = 0, ax = 0, p = old; di < 8; di++, ax += 0x20, p++) { 251 v = copy[di] ^ *p; 252 copy[di] = (passkeys[HIGH(v) + ax + 0x10] << 4) | 253 passkeys[LOW(v) + ax]; 254 } 255 v = old[7]; 256 for (p = old + 7; p > old; p--) { 257 *p = HIGH(p[-1]) | ((*p) << 4); 258 } 259 *old = HIGH(v) | (*old) << 4; 260 bzero(out, 8); 261 262 for (di = 0; di < 16; di++) { 263 v = passkeys[di + 0x100]; 264 v = (v & 1) ? HIGH(copy[v / 2]) : LOW(copy[v / 2]); 265 out[di / 2] |= ((di & 1) ? v << 4 : v); 266 } 267 memcpy(copy, out, 8); 268 } 269}
|