From bfea7f3e4dc34998f298741cba81faaf637fa2cd Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Wed, 10 Jun 2015 14:57:48 -0400 Subject: Enable key_prot API for backward compatibility with glibc's SunRPC The only missing file was key_prot.h. I copied the SunRPC-licenced version of key_prot.x from glibc, and generated key_prot.h using rpcgen. Signed-off-by: Chuck Lever --- tirpc/rpc/key_prot.h | 264 ++++++++++++++++++++++++++++++++++++++++++++ tirpc/rpcsvc/key_prot.x | 284 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 548 insertions(+) create mode 100644 tirpc/rpc/key_prot.h create mode 100644 tirpc/rpcsvc/key_prot.x (limited to 'tirpc') diff --git a/tirpc/rpc/key_prot.h b/tirpc/rpc/key_prot.h new file mode 100644 index 0000000..ff852dc --- /dev/null +++ b/tirpc/rpc/key_prot.h @@ -0,0 +1,264 @@ +/* + * Please do not edit this file. + * It was generated using rpcgen. + */ + +#ifndef _KEY_PROT_H_RPCGEN +#define _KEY_PROT_H_RPCGEN + +#include + + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Sun RPC is a product of Sun Microsystems, Inc. and is provided for + * unrestricted use provided that this legend is included on all tape + * media and as a part of the software program in whole or part. Users + * may copy or modify Sun RPC without charge, but are not authorized + * to license or distribute it to anyone else except as part of a product or + * program developed by the user. + * + * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE + * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR + * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. + * + * Sun RPC is provided with no support and without any obligation on the + * part of Sun Microsystems, Inc. to assist in its use, correction, + * modification or enhancement. + * + * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE + * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC + * OR ANY PART THEREOF. + * + * In no event will Sun Microsystems, Inc. be liable for any lost revenue + * or profits or other special, indirect and consequential damages, even if + * Sun has been advised of the possibility of such damages. + * + * Sun Microsystems, Inc. + * 2550 Garcia Avenue + * Mountain View, California 94043 + */ +#if 0 +#pragma ident "@(#)key_prot.x 1.7 94/04/29 SMI" +#endif + +/* Copyright (c) 1990, 1991 Sun Microsystems, Inc. */ + +/* + * Compiled from key_prot.x using rpcgen. + * DO NOT EDIT THIS FILE! + * This is NOT source code! + */ +#define PROOT 3 +#define HEXMODULUS "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b" +#define HEXKEYBYTES 48 +#define KEYSIZE 192 +#define KEYBYTES 24 +#define KEYCHECKSUMSIZE 16 + +enum keystatus { + KEY_SUCCESS = 0, + KEY_NOSECRET = 1, + KEY_UNKNOWN = 2, + KEY_SYSTEMERR = 3, +}; +typedef enum keystatus keystatus; + +typedef char keybuf[HEXKEYBYTES]; + +typedef char *netnamestr; + +struct cryptkeyarg { + netnamestr remotename; + des_block deskey; +}; +typedef struct cryptkeyarg cryptkeyarg; + +struct cryptkeyarg2 { + netnamestr remotename; + netobj remotekey; + des_block deskey; +}; +typedef struct cryptkeyarg2 cryptkeyarg2; + +struct cryptkeyres { + keystatus status; + union { + des_block deskey; + } cryptkeyres_u; +}; +typedef struct cryptkeyres cryptkeyres; +#define MAXGIDS 16 + +struct unixcred { + u_int uid; + u_int gid; + struct { + u_int gids_len; + u_int *gids_val; + } gids; +}; +typedef struct unixcred unixcred; + +struct getcredres { + keystatus status; + union { + unixcred cred; + } getcredres_u; +}; +typedef struct getcredres getcredres; + +struct key_netstarg { + keybuf st_priv_key; + keybuf st_pub_key; + netnamestr st_netname; +}; +typedef struct key_netstarg key_netstarg; + +struct key_netstres { + keystatus status; + union { + key_netstarg knet; + } key_netstres_u; +}; +typedef struct key_netstres key_netstres; + +#ifndef opaque +#define opaque char +#endif + + +#define KEY_PROG 100029 +#define KEY_VERS 1 + +#if defined(__STDC__) || defined(__cplusplus) +#define KEY_SET 1 +extern keystatus * key_set_1(char *, CLIENT *); +extern keystatus * key_set_1_svc(char *, struct svc_req *); +#define KEY_ENCRYPT 2 +extern cryptkeyres * key_encrypt_1(cryptkeyarg *, CLIENT *); +extern cryptkeyres * key_encrypt_1_svc(cryptkeyarg *, struct svc_req *); +#define KEY_DECRYPT 3 +extern cryptkeyres * key_decrypt_1(cryptkeyarg *, CLIENT *); +extern cryptkeyres * key_decrypt_1_svc(cryptkeyarg *, struct svc_req *); +#define KEY_GEN 4 +extern des_block * key_gen_1(void *, CLIENT *); +extern des_block * key_gen_1_svc(void *, struct svc_req *); +#define KEY_GETCRED 5 +extern getcredres * key_getcred_1(netnamestr *, CLIENT *); +extern getcredres * key_getcred_1_svc(netnamestr *, struct svc_req *); +extern int key_prog_1_freeresult (SVCXPRT *, xdrproc_t, caddr_t); + +#else /* K&R C */ +#define KEY_SET 1 +extern keystatus * key_set_1(); +extern keystatus * key_set_1_svc(); +#define KEY_ENCRYPT 2 +extern cryptkeyres * key_encrypt_1(); +extern cryptkeyres * key_encrypt_1_svc(); +#define KEY_DECRYPT 3 +extern cryptkeyres * key_decrypt_1(); +extern cryptkeyres * key_decrypt_1_svc(); +#define KEY_GEN 4 +extern des_block * key_gen_1(); +extern des_block * key_gen_1_svc(); +#define KEY_GETCRED 5 +extern getcredres * key_getcred_1(); +extern getcredres * key_getcred_1_svc(); +extern int key_prog_1_freeresult (); +#endif /* K&R C */ +#define KEY_VERS2 2 + +#if defined(__STDC__) || defined(__cplusplus) +extern keystatus * key_set_2(char *, CLIENT *); +extern keystatus * key_set_2_svc(char *, struct svc_req *); +extern cryptkeyres * key_encrypt_2(cryptkeyarg *, CLIENT *); +extern cryptkeyres * key_encrypt_2_svc(cryptkeyarg *, struct svc_req *); +extern cryptkeyres * key_decrypt_2(cryptkeyarg *, CLIENT *); +extern cryptkeyres * key_decrypt_2_svc(cryptkeyarg *, struct svc_req *); +extern des_block * key_gen_2(void *, CLIENT *); +extern des_block * key_gen_2_svc(void *, struct svc_req *); +extern getcredres * key_getcred_2(netnamestr *, CLIENT *); +extern getcredres * key_getcred_2_svc(netnamestr *, struct svc_req *); +#define KEY_ENCRYPT_PK 6 +extern cryptkeyres * key_encrypt_pk_2(cryptkeyarg2 *, CLIENT *); +extern cryptkeyres * key_encrypt_pk_2_svc(cryptkeyarg2 *, struct svc_req *); +#define KEY_DECRYPT_PK 7 +extern cryptkeyres * key_decrypt_pk_2(cryptkeyarg2 *, CLIENT *); +extern cryptkeyres * key_decrypt_pk_2_svc(cryptkeyarg2 *, struct svc_req *); +#define KEY_NET_PUT 8 +extern keystatus * key_net_put_2(key_netstarg *, CLIENT *); +extern keystatus * key_net_put_2_svc(key_netstarg *, struct svc_req *); +#define KEY_NET_GET 9 +extern key_netstres * key_net_get_2(void *, CLIENT *); +extern key_netstres * key_net_get_2_svc(void *, struct svc_req *); +#define KEY_GET_CONV 10 +extern cryptkeyres * key_get_conv_2(char *, CLIENT *); +extern cryptkeyres * key_get_conv_2_svc(char *, struct svc_req *); +extern int key_prog_2_freeresult (SVCXPRT *, xdrproc_t, caddr_t); + +#else /* K&R C */ +extern keystatus * key_set_2(); +extern keystatus * key_set_2_svc(); +extern cryptkeyres * key_encrypt_2(); +extern cryptkeyres * key_encrypt_2_svc(); +extern cryptkeyres * key_decrypt_2(); +extern cryptkeyres * key_decrypt_2_svc(); +extern des_block * key_gen_2(); +extern des_block * key_gen_2_svc(); +extern getcredres * key_getcred_2(); +extern getcredres * key_getcred_2_svc(); +#define KEY_ENCRYPT_PK 6 +extern cryptkeyres * key_encrypt_pk_2(); +extern cryptkeyres * key_encrypt_pk_2_svc(); +#define KEY_DECRYPT_PK 7 +extern cryptkeyres * key_decrypt_pk_2(); +extern cryptkeyres * key_decrypt_pk_2_svc(); +#define KEY_NET_PUT 8 +extern keystatus * key_net_put_2(); +extern keystatus * key_net_put_2_svc(); +#define KEY_NET_GET 9 +extern key_netstres * key_net_get_2(); +extern key_netstres * key_net_get_2_svc(); +#define KEY_GET_CONV 10 +extern cryptkeyres * key_get_conv_2(); +extern cryptkeyres * key_get_conv_2_svc(); +extern int key_prog_2_freeresult (); +#endif /* K&R C */ + +/* the xdr functions */ + +#if defined(__STDC__) || defined(__cplusplus) +extern bool_t xdr_keystatus (XDR *, keystatus*); +extern bool_t xdr_keybuf (XDR *, keybuf); +extern bool_t xdr_netnamestr (XDR *, netnamestr*); +extern bool_t xdr_cryptkeyarg (XDR *, cryptkeyarg*); +extern bool_t xdr_cryptkeyarg2 (XDR *, cryptkeyarg2*); +extern bool_t xdr_cryptkeyres (XDR *, cryptkeyres*); +extern bool_t xdr_unixcred (XDR *, unixcred*); +extern bool_t xdr_getcredres (XDR *, getcredres*); +extern bool_t xdr_key_netstarg (XDR *, key_netstarg*); +extern bool_t xdr_key_netstres (XDR *, key_netstres*); + +#else /* K&R C */ +extern bool_t xdr_keystatus (); +extern bool_t xdr_keybuf (); +extern bool_t xdr_netnamestr (); +extern bool_t xdr_cryptkeyarg (); +extern bool_t xdr_cryptkeyarg2 (); +extern bool_t xdr_cryptkeyres (); +extern bool_t xdr_unixcred (); +extern bool_t xdr_getcredres (); +extern bool_t xdr_key_netstarg (); +extern bool_t xdr_key_netstres (); + +#endif /* K&R C */ + +#ifdef __cplusplus +} +#endif + +#endif /* !_KEY_PROT_H_RPCGEN */ diff --git a/tirpc/rpcsvc/key_prot.x b/tirpc/rpcsvc/key_prot.x new file mode 100644 index 0000000..63c1bbc --- /dev/null +++ b/tirpc/rpcsvc/key_prot.x @@ -0,0 +1,284 @@ +%/* +% * Sun RPC is a product of Sun Microsystems, Inc. and is provided for +% * unrestricted use provided that this legend is included on all tape +% * media and as a part of the software program in whole or part. Users +% * may copy or modify Sun RPC without charge, but are not authorized +% * to license or distribute it to anyone else except as part of a product or +% * program developed by the user. +% * +% * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE +% * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR +% * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. +% * +% * Sun RPC is provided with no support and without any obligation on the +% * part of Sun Microsystems, Inc. to assist in its use, correction, +% * modification or enhancement. +% * +% * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE +% * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC +% * OR ANY PART THEREOF. +% * +% * In no event will Sun Microsystems, Inc. be liable for any lost revenue +% * or profits or other special, indirect and consequential damages, even if +% * Sun has been advised of the possibility of such damages. +% * +% * Sun Microsystems, Inc. +% * 2550 Garcia Avenue +% * Mountain View, California 94043 +% */ +/* + * Key server protocol definition + * Copyright (C) 1990, 1991 Sun Microsystems, Inc. + * + * The keyserver is a public key storage/encryption/decryption service + * The encryption method used is based on the Diffie-Hellman exponential + * key exchange technology. + * + * The key server is local to each machine, akin to the portmapper. + * Under TI-RPC, communication with the keyserver is through the + * loopback transport. + * + * NOTE: This .x file generates the USER level headers for the keyserver. + * the KERNEL level headers are created by hand as they kernel has special + * requirements. + */ + +%#if 0 +%#pragma ident "@(#)key_prot.x 1.7 94/04/29 SMI" +%#endif +% +%/* Copyright (c) 1990, 1991 Sun Microsystems, Inc. */ +% +%/* +% * Compiled from key_prot.x using rpcgen. +% * DO NOT EDIT THIS FILE! +% * This is NOT source code! +% */ + +/* + * PROOT and MODULUS define the way the Diffie-Hellman key is generated. + * + * MODULUS should be chosen as a prime of the form: MODULUS == 2*p + 1, + * where p is also prime. + * + * PROOT satisfies the following two conditions: + * (1) (PROOT ** 2) % MODULUS != 1 + * (2) (PROOT ** p) % MODULUS != 1 + * + */ + +const PROOT = 3; +const HEXMODULUS = "d4a0ba0250b6fd2ec626e7efd637df76c716e22d0944b88b"; + +const HEXKEYBYTES = 48; /* HEXKEYBYTES == strlen(HEXMODULUS) */ +const KEYSIZE = 192; /* KEYSIZE == bit length of key */ +const KEYBYTES = 24; /* byte length of key */ + +/* + * The first 16 hex digits of the encrypted secret key are used as + * a checksum in the database. + */ +const KEYCHECKSUMSIZE = 16; + +/* + * status of operation + */ +enum keystatus { + KEY_SUCCESS, /* no problems */ + KEY_NOSECRET, /* no secret key stored */ + KEY_UNKNOWN, /* unknown netname */ + KEY_SYSTEMERR /* system error (out of memory, encryption failure) */ +}; + +typedef opaque keybuf[HEXKEYBYTES]; /* store key in hex */ + +typedef string netnamestr; + +/* + * Argument to ENCRYPT or DECRYPT + */ +struct cryptkeyarg { + netnamestr remotename; + des_block deskey; +}; + +/* + * Argument to ENCRYPT_PK or DECRYPT_PK + */ +struct cryptkeyarg2 { + netnamestr remotename; + netobj remotekey; /* Contains a length up to 1024 bytes */ + des_block deskey; +}; + + +/* + * Result of ENCRYPT, DECRYPT, ENCRYPT_PK, and DECRYPT_PK + */ +union cryptkeyres switch (keystatus status) { +case KEY_SUCCESS: + des_block deskey; +default: + void; +}; + +const MAXGIDS = 16; /* max number of gids in gid list */ + +/* + * Unix credential + */ +struct unixcred { + u_int uid; + u_int gid; + u_int gids; +}; + +/* + * Result returned from GETCRED + */ +union getcredres switch (keystatus status) { +case KEY_SUCCESS: + unixcred cred; +default: + void; +}; +/* + * key_netstarg; + */ + +struct key_netstarg { + keybuf st_priv_key; + keybuf st_pub_key; + netnamestr st_netname; +}; + +union key_netstres switch (keystatus status){ +case KEY_SUCCESS: + key_netstarg knet; +default: + void; +}; + +#ifdef RPC_HDR +% +%#ifndef opaque +%#define opaque char +%#endif +% +#endif +program KEY_PROG { + version KEY_VERS { + + /* + * This is my secret key. + * Store it for me. + */ + keystatus + KEY_SET(keybuf) = 1; + + /* + * I want to talk to X. + * Encrypt a conversation key for me. + */ + cryptkeyres + KEY_ENCRYPT(cryptkeyarg) = 2; + + /* + * X just sent me a message. + * Decrypt the conversation key for me. + */ + cryptkeyres + KEY_DECRYPT(cryptkeyarg) = 3; + + /* + * Generate a secure conversation key for me + */ + des_block + KEY_GEN(void) = 4; + + /* + * Get me the uid, gid and group-access-list associated + * with this netname (for kernel which cannot use NIS) + */ + getcredres + KEY_GETCRED(netnamestr) = 5; + } = 1; + version KEY_VERS2 { + + /* + * ####### + * Procedures 1-5 are identical to version 1 + * ####### + */ + + /* + * This is my secret key. + * Store it for me. + */ + keystatus + KEY_SET(keybuf) = 1; + + /* + * I want to talk to X. + * Encrypt a conversation key for me. + */ + cryptkeyres + KEY_ENCRYPT(cryptkeyarg) = 2; + + /* + * X just sent me a message. + * Decrypt the conversation key for me. + */ + cryptkeyres + KEY_DECRYPT(cryptkeyarg) = 3; + + /* + * Generate a secure conversation key for me + */ + des_block + KEY_GEN(void) = 4; + + /* + * Get me the uid, gid and group-access-list associated + * with this netname (for kernel which cannot use NIS) + */ + getcredres + KEY_GETCRED(netnamestr) = 5; + + /* + * I want to talk to X. and I know X's public key + * Encrypt a conversation key for me. + */ + cryptkeyres + KEY_ENCRYPT_PK(cryptkeyarg2) = 6; + + /* + * X just sent me a message. and I know X's public key + * Decrypt the conversation key for me. + */ + cryptkeyres + KEY_DECRYPT_PK(cryptkeyarg2) = 7; + + /* + * Store my public key, netname and private key. + */ + keystatus + KEY_NET_PUT(key_netstarg) = 8; + + /* + * Retrieve my public key, netname and private key. + */ + key_netstres + KEY_NET_GET(void) = 9; + + /* + * Return me the conversation key that is constructed + * from my secret key and this publickey. + */ + + cryptkeyres + KEY_GET_CONV(keybuf) = 10; + + + } = 2; +} = 100029; -- cgit v1.2.1