ypupdated_server.c revision 26236
1/* 2 * Copyright (c) 1995, 1996 3 * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by Bill Paul. 16 * 4. Neither the name of the author nor the names of any co-contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * ypupdate server implementation 33 * 34 * Written by Bill Paul <wpaul@ctr.columbia.edu> 35 * Center for Telecommunications Research 36 * Columbia University, New York City 37 * 38 * $Id: ypupdated_server.c,v 1.3 1996/12/26 06:06:05 wpaul Exp wpaul $ 39 */ 40 41#include <stdio.h> 42#include <rpc/rpc.h> 43#include <rpc/auth_des.h> 44#include <rpc/key_prot.h> 45#include <sys/param.h> 46#include <sys/cdefs.h> 47#include <rpcsvc/yp.h> 48#include "ypupdate_prot.h" 49#include "ypupdated_extern.h" 50#include "yp_extern.h" 51#include "ypxfr_extern.h" 52 53#ifndef lint 54static const char rcsid[] = "$Id: ypupdated_server.c,v 1.3 1996/12/26 06:06:05 wpaul Exp wpaul $"; 55#endif 56 57int children = 0; 58int forked = 0; 59 60/* 61 * Try to avoid spoofing: if a client chooses to use a very large 62 * window and then tries a bunch of randomly chosen encrypted timestamps, 63 * there's a chance he might stumble onto a valid combination. 64 * We therefore reject any RPCs with a window size larger than a preset 65 * value. 66 */ 67#ifndef WINDOW 68#define WINDOW (60*60) 69#endif 70 71static enum auth_stat yp_checkauth(svcreq) 72 struct svc_req *svcreq; 73{ 74 struct authdes_cred *des_cred; 75 76 switch (svcreq->rq_cred.oa_flavor) { 77 case AUTH_DES: 78 des_cred = (struct authdes_cred *) svcreq->rq_clntcred; 79 if (des_cred->adc_fullname.window > WINDOW) { 80 yp_error("warning: client-specified window size \ 81was too large -- possible spoof attempt"); 82 return(AUTH_BADCRED); 83 } 84 return(AUTH_OK); 85 break; 86 case AUTH_UNIX: 87 case AUTH_NONE: 88 yp_error("warning: client didn't use DES authentication"); 89 return(AUTH_TOOWEAK); 90 break; 91 default: 92 yp_error("client used unknown auth flavor"); 93 return(AUTH_REJECTEDCRED); 94 break; 95 } 96} 97 98unsigned int *ypu_change_1_svc(args, svcreq) 99 struct ypupdate_args *args; 100 struct svc_req *svcreq; 101{ 102 struct authdes_cred *des_cred; 103 static int res; 104 char *netname; 105 enum auth_stat astat; 106 107 res = 0; 108 109 astat = yp_checkauth(svcreq); 110 111 if (astat != AUTH_OK) { 112 svcerr_auth(svcreq->rq_xprt, astat); 113 return(&res); 114 } 115 116 des_cred = (struct authdes_cred *) svcreq->rq_clntcred; 117 netname = des_cred->adc_fullname.name; 118 119 res = localupdate(netname, "/etc/publickey", YPOP_CHANGE, 120 args->key.yp_buf_len, args->key.yp_buf_val, 121 args->datum.yp_buf_len, args->datum.yp_buf_val); 122 123 if (res) 124 return (&res); 125 126 res = ypmap_update(netname, args->mapname, YPOP_CHANGE, 127 args->key.yp_buf_len, args->key.yp_buf_val, 128 args->datum.yp_buf_len, args->datum.yp_buf_val); 129 130 return (&res); 131} 132 133unsigned int *ypu_insert_1_svc(args, svcreq) 134 struct ypupdate_args *args; 135 struct svc_req *svcreq; 136{ 137 struct authdes_cred *des_cred; 138 static int res; 139 char *netname; 140 enum auth_stat astat; 141 142 res = 0; 143 144 astat = yp_checkauth(svcreq); 145 146 if (astat != AUTH_OK) { 147 svcerr_auth(svcreq->rq_xprt, astat); 148 return(&res); 149 } 150 151 des_cred = (struct authdes_cred *) svcreq->rq_clntcred; 152 netname = des_cred->adc_fullname.name; 153 154 res = localupdate(netname, "/etc/publickey", YPOP_INSERT, 155 args->key.yp_buf_len, args->key.yp_buf_val, 156 args->datum.yp_buf_len, args->datum.yp_buf_val); 157 158 if (res) 159 return (&res); 160 161 res = ypmap_update(netname, args->mapname, YPOP_INSERT, 162 args->key.yp_buf_len, args->key.yp_buf_val, 163 args->datum.yp_buf_len, args->datum.yp_buf_val); 164 165 return (&res); 166} 167 168unsigned int *ypu_delete_1_svc(args, svcreq) 169 struct ypdelete_args *args; 170 struct svc_req *svcreq; 171{ 172 struct authdes_cred *des_cred; 173 static int res; 174 char *netname; 175 enum auth_stat astat; 176 177 res = 0; 178 179 astat = yp_checkauth(svcreq); 180 181 if (astat != AUTH_OK) { 182 svcerr_auth(svcreq->rq_xprt, astat); 183 return(&res); 184 } 185 186 des_cred = (struct authdes_cred *) svcreq->rq_clntcred; 187 netname = des_cred->adc_fullname.name; 188 189 res = localupdate(netname, "/etc/publickey", YPOP_DELETE, 190 args->key.yp_buf_len, args->key.yp_buf_val, 191 0, NULL); 192 193 if (res) 194 return (&res); 195 196 res = ypmap_update(netname, args->mapname, YPOP_DELETE, 197 args->key.yp_buf_len, args->key.yp_buf_val, 198 0, NULL); 199 200 return (&res); 201} 202 203unsigned int *ypu_store_1_svc(args, svcreq) 204 struct ypupdate_args *args; 205 struct svc_req *svcreq; 206{ 207 struct authdes_cred *des_cred; 208 static int res; 209 char *netname; 210 enum auth_stat astat; 211 212 res = 0; 213 214 astat = yp_checkauth(svcreq); 215 216 if (astat != AUTH_OK) { 217 svcerr_auth(svcreq->rq_xprt, astat); 218 return(&res); 219 } 220 221 des_cred = (struct authdes_cred *) svcreq->rq_clntcred; 222 netname = des_cred->adc_fullname.name; 223 224 res = localupdate(netname, "/etc/publickey", YPOP_STORE, 225 args->key.yp_buf_len, args->key.yp_buf_val, 226 args->datum.yp_buf_len, args->datum.yp_buf_val); 227 228 if (res) 229 return (&res); 230 231 res = ypmap_update(netname, args->mapname, YPOP_STORE, 232 args->key.yp_buf_len, args->key.yp_buf_val, 233 args->datum.yp_buf_len, args->datum.yp_buf_val); 234 235 return (&res); 236} 237