PageRenderTime 97ms CodeModel.GetById 39ms RepoModel.GetById 0ms app.codeStats 1ms

/sys/netncp/ncp_ncp.c

https://github.com/okuoku/freebsd-head
C | 503 lines | 420 code | 38 blank | 45 comment | 76 complexity | 1236e422ee5a715df5228554f893b79e MD5 | raw file
  1. /*-
  2. * Copyright (c) 1999, 2000, 2001 Boris Popov
  3. * All rights reserved.
  4. *
  5. * Redistribution and use in source and binary forms, with or without
  6. * modification, are permitted provided that the following conditions
  7. * are met:
  8. * 1. Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * 2. Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in the
  12. * documentation and/or other materials provided with the distribution.
  13. *
  14. * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  15. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  16. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  17. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  18. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  19. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  20. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  21. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  22. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  23. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  24. * SUCH DAMAGE.
  25. *
  26. * Core of NCP protocol
  27. */
  28. #include <sys/cdefs.h>
  29. __FBSDID("$FreeBSD$");
  30. #include <sys/param.h>
  31. #include <sys/errno.h>
  32. #include <sys/systm.h>
  33. #include <sys/proc.h>
  34. #include <sys/signalvar.h>
  35. #include <sys/sysctl.h>
  36. #include <sys/mbuf.h>
  37. #include <sys/lock.h>
  38. #include <sys/mutex.h>
  39. #include <sys/uio.h>
  40. #include <netipx/ipx.h>
  41. #include <netipx/ipx_var.h>
  42. #include <netncp/ncp.h>
  43. #include <netncp/ncp_conn.h>
  44. #include <netncp/ncp_sock.h>
  45. #include <netncp/ncp_subr.h>
  46. #include <netncp/ncp_ncp.h>
  47. #include <netncp/ncp_rq.h>
  48. #include <netncp/nwerror.h>
  49. #ifdef NCP_DATA_DEBUG
  50. static
  51. void m_dumpm(struct mbuf *m) {
  52. char *p;
  53. int len;
  54. printf("d=");
  55. while(m) {
  56. p=mtod(m,char *);
  57. len=m->m_len;
  58. printf("(%d)",len);
  59. while(len--){
  60. printf("%02x ",((int)*(p++)) & 0xff);
  61. }
  62. m=m->m_next;
  63. };
  64. printf("\n");
  65. }
  66. #endif /* NCP_DATA_DEBUG */
  67. int
  68. ncp_chkintr(struct ncp_conn *conn, struct thread *td)
  69. {
  70. struct proc *p;
  71. sigset_t tmpset;
  72. if (td == NULL)
  73. return 0;
  74. p = td->td_proc;
  75. PROC_LOCK(p);
  76. tmpset = p->p_siglist;
  77. SIGSETOR(tmpset, td->td_siglist);
  78. SIGSETNAND(tmpset, td->td_sigmask);
  79. mtx_lock(&p->p_sigacts->ps_mtx);
  80. SIGSETNAND(tmpset, p->p_sigacts->ps_sigignore);
  81. mtx_unlock(&p->p_sigacts->ps_mtx);
  82. if (SIGNOTEMPTY(td->td_siglist) && NCP_SIGMASK(tmpset)) {
  83. PROC_UNLOCK(p);
  84. return EINTR;
  85. }
  86. PROC_UNLOCK(p);
  87. return 0;
  88. }
  89. /*
  90. * Process initial NCP handshake (attach)
  91. * NOTE: Since all functions below may change conn attributes, they
  92. * should be called with LOCKED connection, also they use procp & ucred
  93. */
  94. int
  95. ncp_ncp_connect(struct ncp_conn *conn)
  96. {
  97. struct ncp_rq *rqp;
  98. struct ncp_rphdr *rp;
  99. int error;
  100. error = ncp_rq_alloc_any(NCP_ALLOC_SLOT, 0, conn, conn->td, conn->ucred, &rqp);
  101. if (error)
  102. return error;
  103. conn->flags &= ~(NCPFL_SIGNACTIVE | NCPFL_SIGNWANTED |
  104. NCPFL_ATTACHED | NCPFL_LOGGED | NCPFL_INVALID);
  105. conn->seq = 0;
  106. error = ncp_request_int(rqp);
  107. if (!error) {
  108. rp = mtod(rqp->rp.md_top, struct ncp_rphdr*);
  109. conn->connid = rp->conn_low + (rp->conn_high << 8);
  110. }
  111. ncp_rq_done(rqp);
  112. if (error)
  113. return error;
  114. conn->flags |= NCPFL_ATTACHED | NCPFL_WASATTACHED;
  115. return 0;
  116. }
  117. int
  118. ncp_ncp_disconnect(struct ncp_conn *conn)
  119. {
  120. struct ncp_rq *rqp;
  121. int error;
  122. NCPSDEBUG("for connid=%d\n",conn->nc_id);
  123. #ifdef NCPBURST
  124. ncp_burst_disconnect(conn);
  125. #endif
  126. if (conn->flags & NCPFL_ATTACHED) {
  127. error = ncp_rq_alloc_any(NCP_FREE_SLOT, 0, conn, conn->td, conn->ucred, &rqp);
  128. if (!error) {
  129. ncp_request_int(rqp);
  130. ncp_rq_done(rqp);
  131. }
  132. }
  133. ncp_conn_invalidate(conn);
  134. ncp_sock_disconnect(conn);
  135. return 0;
  136. }
  137. /*
  138. * All negotiation functions expect a locked connection
  139. */
  140. int
  141. ncp_negotiate_buffersize(struct ncp_conn *conn, int size, int *target)
  142. {
  143. struct ncp_rq *rqp;
  144. u_int16_t bsize;
  145. int error;
  146. error = ncp_rq_alloc(0x21, conn, conn->td, conn->ucred, &rqp);
  147. if (error)
  148. return error;
  149. mb_put_uint16be(&rqp->rq, size);
  150. error = ncp_request(rqp);
  151. if (error)
  152. return error;
  153. md_get_uint16be(&rqp->rp, &bsize);
  154. *target = min(bsize, size);
  155. ncp_rq_done(rqp);
  156. return error;
  157. }
  158. static int
  159. ncp_negotiate_size_and_options(struct ncp_conn *conn, int size, int options,
  160. int *ret_size, u_int8_t *ret_options)
  161. {
  162. struct ncp_rq *rqp;
  163. u_int16_t rs;
  164. int error;
  165. error = ncp_rq_alloc(0x61, conn, conn->td, conn->ucred, &rqp);
  166. if (error)
  167. return error;
  168. mb_put_uint16be(&rqp->rq, size);
  169. mb_put_uint8(&rqp->rq, options);
  170. rqp->nr_minrplen = 2 + 2 + 1;
  171. error = ncp_request(rqp);
  172. if (error)
  173. return error;
  174. md_get_uint16be(&rqp->rp, &rs);
  175. *ret_size = (rs == 0) ? size : min(rs, size);
  176. md_get_uint16be(&rqp->rp, &rs); /* skip echo socket */
  177. md_get_uint8(&rqp->rp, ret_options);
  178. ncp_rq_done(rqp);
  179. return error;
  180. }
  181. int
  182. ncp_renegotiate_connparam(struct ncp_conn *conn, int buffsize, u_int8_t in_options)
  183. {
  184. u_int8_t options;
  185. int neg_buffsize, error, sl, ckslevel;
  186. size_t ilen;
  187. sl = conn->li.sig_level;
  188. if (sl >= 2)
  189. in_options |= NCP_SECURITY_LEVEL_SIGN_HEADERS;
  190. if (conn->li.saddr.sa_family == AF_IPX) {
  191. ilen = sizeof(ckslevel);
  192. error = kernel_sysctlbyname(curthread, "net.ipx.ipx.checksum",
  193. &ckslevel, &ilen, NULL, 0, NULL, 0);
  194. if (error)
  195. return error;
  196. if (ckslevel == 2)
  197. in_options |= NCP_IPX_CHECKSUM;
  198. }
  199. error = ncp_negotiate_size_and_options(conn, buffsize, in_options,
  200. &neg_buffsize, &options);
  201. if (!error) {
  202. if (conn->li.saddr.sa_family == AF_IPX &&
  203. ((options ^ in_options) & NCP_IPX_CHECKSUM)) {
  204. if (ckslevel == 2) {
  205. printf("Server refuses to support IPX checksums\n");
  206. return NWE_REQUESTER_FAILURE;
  207. }
  208. in_options |= NCP_IPX_CHECKSUM;
  209. error = 1;
  210. }
  211. if ((options ^ in_options) & 2) {
  212. if (sl == 0 || sl == 3)
  213. return NWE_SIGNATURE_LEVEL_CONFLICT;
  214. if (sl == 1) {
  215. in_options |= NCP_SECURITY_LEVEL_SIGN_HEADERS;
  216. error = 1;
  217. }
  218. }
  219. if (error) {
  220. error = ncp_negotiate_size_and_options(conn,
  221. buffsize, in_options, &neg_buffsize, &options);
  222. if ((options ^ in_options) & 3) {
  223. return NWE_SIGNATURE_LEVEL_CONFLICT;
  224. }
  225. }
  226. } else {
  227. in_options &= ~NCP_SECURITY_LEVEL_SIGN_HEADERS;
  228. error = ncp_negotiate_buffersize(conn, NCP_DEFAULT_BUFSIZE,
  229. &neg_buffsize);
  230. }
  231. if (error) return error;
  232. if ((neg_buffsize < 512) || (neg_buffsize > NCP_MAX_BUFSIZE))
  233. return EINVAL;
  234. conn->buffer_size = neg_buffsize;
  235. if (in_options & NCP_SECURITY_LEVEL_SIGN_HEADERS)
  236. conn->flags |= NCPFL_SIGNWANTED;
  237. if (conn->li.saddr.sa_family == AF_IPX)
  238. ncp_sock_checksum(conn, in_options & NCP_IPX_CHECKSUM);
  239. return 0;
  240. }
  241. void
  242. ncp_check_rq(struct ncp_conn *conn)
  243. {
  244. return;
  245. if (conn->flags & NCPFL_INTR)
  246. return;
  247. /* first, check for signals */
  248. if (ncp_chkintr(conn, conn->td))
  249. conn->flags |= NCPFL_INTR;
  250. return;
  251. }
  252. int
  253. ncp_get_bindery_object_id(struct ncp_conn *conn,
  254. u_int16_t object_type, char *object_name,
  255. struct ncp_bindery_object *target,
  256. struct thread *td, struct ucred *cred)
  257. {
  258. struct ncp_rq *rqp;
  259. int error;
  260. error = ncp_rq_alloc_subfn(23, 53, conn, conn->td, conn->ucred, &rqp);
  261. mb_put_uint16be(&rqp->rq, object_type);
  262. ncp_rq_pstring(rqp, object_name);
  263. rqp->nr_minrplen = 54;
  264. error = ncp_request(rqp);
  265. if (error)
  266. return error;
  267. md_get_uint32be(&rqp->rp, &target->object_id);
  268. md_get_uint16be(&rqp->rp, &target->object_type);
  269. md_get_mem(&rqp->rp, (caddr_t)target->object_name, 48, MB_MSYSTEM);
  270. ncp_rq_done(rqp);
  271. return 0;
  272. }
  273. /*
  274. * target is a 8-byte buffer
  275. */
  276. int
  277. ncp_get_encryption_key(struct ncp_conn *conn, char *target)
  278. {
  279. struct ncp_rq *rqp;
  280. int error;
  281. error = ncp_rq_alloc_subfn(23, 23, conn, conn->td, conn->ucred, &rqp);
  282. if (error)
  283. return error;
  284. rqp->nr_minrplen = 8;
  285. error = ncp_request(rqp);
  286. if (error)
  287. return error;
  288. md_get_mem(&rqp->rp, target, 8, MB_MSYSTEM);
  289. ncp_rq_done(rqp);
  290. return error;
  291. }
  292. /*
  293. * Initialize packet signatures. They a slightly modified MD4.
  294. * The first 16 bytes of logindata are the shuffled password,
  295. * the last 8 bytes the encryption key as received from the server.
  296. */
  297. static int
  298. ncp_sign_start(struct ncp_conn *conn, char *logindata)
  299. {
  300. char msg[64];
  301. u_int32_t state[4];
  302. memcpy(msg, logindata, 24);
  303. memcpy(msg + 24, "Authorized NetWare Client", 25);
  304. bzero(msg + 24 + 25, sizeof(msg) - 24 - 25);
  305. conn->sign_state[0] = 0x67452301;
  306. conn->sign_state[1] = 0xefcdab89;
  307. conn->sign_state[2] = 0x98badcfe;
  308. conn->sign_state[3] = 0x10325476;
  309. ncp_sign(conn->sign_state, msg, state);
  310. conn->sign_root[0] = state[0];
  311. conn->sign_root[1] = state[1];
  312. conn->flags |= NCPFL_SIGNACTIVE;
  313. return 0;
  314. }
  315. int
  316. ncp_login_encrypted(struct ncp_conn *conn, struct ncp_bindery_object *object,
  317. const u_char *key, const u_char *passwd,
  318. struct thread *td, struct ucred *cred)
  319. {
  320. struct ncp_rq *rqp;
  321. struct mbchain *mbp;
  322. u_int32_t tmpID = htonl(object->object_id);
  323. u_char buf[16 + 8];
  324. u_char encrypted[8];
  325. int error;
  326. nw_keyhash((u_char*)&tmpID, passwd, strlen(passwd), buf);
  327. nw_encrypt(key, buf, encrypted);
  328. error = ncp_rq_alloc_subfn(23, 24, conn, td, cred, &rqp);
  329. if (error)
  330. return error;
  331. mbp = &rqp->rq;
  332. mb_put_mem(mbp, encrypted, 8, MB_MSYSTEM);
  333. mb_put_uint16be(mbp, object->object_type);
  334. ncp_rq_pstring(rqp, object->object_name);
  335. error = ncp_request(rqp);
  336. if (!error)
  337. ncp_rq_done(rqp);
  338. if ((conn->flags & NCPFL_SIGNWANTED) &&
  339. (error == 0 || error == NWE_PASSWORD_EXPIRED)) {
  340. bcopy(key, buf + 16, 8);
  341. error = ncp_sign_start(conn, buf);
  342. }
  343. return error;
  344. }
  345. int
  346. ncp_login_unencrypted(struct ncp_conn *conn, u_int16_t object_type,
  347. const char *object_name, const u_char *passwd,
  348. struct thread *td, struct ucred *cred)
  349. {
  350. struct ncp_rq *rqp;
  351. int error;
  352. error = ncp_rq_alloc_subfn(23, 20, conn, td, cred, &rqp);
  353. if (error)
  354. return error;
  355. mb_put_uint16be(&rqp->rq, object_type);
  356. ncp_rq_pstring(rqp, object_name);
  357. ncp_rq_pstring(rqp, passwd);
  358. error = ncp_request(rqp);
  359. if (!error)
  360. ncp_rq_done(rqp);
  361. return error;
  362. }
  363. int
  364. ncp_read(struct ncp_conn *conn, ncp_fh *file, struct uio *uiop, struct ucred *cred)
  365. {
  366. struct ncp_rq *rqp;
  367. struct mbchain *mbp;
  368. u_int16_t retlen = 0 ;
  369. int error = 0, len = 0, tsiz, burstio;
  370. tsiz = uiop->uio_resid;
  371. #ifdef NCPBURST
  372. burstio = (ncp_burst_enabled && tsiz > conn->buffer_size);
  373. #else
  374. burstio = 0;
  375. #endif
  376. while (tsiz > 0) {
  377. if (!burstio) {
  378. len = min(4096 - (uiop->uio_offset % 4096), tsiz);
  379. len = min(len, conn->buffer_size);
  380. error = ncp_rq_alloc(72, conn, uiop->uio_td, cred, &rqp);
  381. if (error)
  382. break;
  383. mbp = &rqp->rq;
  384. mb_put_uint8(mbp, 0);
  385. mb_put_mem(mbp, (caddr_t)file, 6, MB_MSYSTEM);
  386. mb_put_uint32be(mbp, uiop->uio_offset);
  387. mb_put_uint16be(mbp, len);
  388. rqp->nr_minrplen = 2;
  389. error = ncp_request(rqp);
  390. if (error)
  391. break;
  392. md_get_uint16be(&rqp->rp, &retlen);
  393. if (uiop->uio_offset & 1)
  394. md_get_mem(&rqp->rp, NULL, 1, MB_MSYSTEM);
  395. error = md_get_uio(&rqp->rp, uiop, retlen);
  396. ncp_rq_done(rqp);
  397. } else {
  398. #ifdef NCPBURST
  399. error = ncp_burst_read(conn, file, tsiz, &len, &retlen, uiop, cred);
  400. #endif
  401. }
  402. if (error)
  403. break;
  404. tsiz -= retlen;
  405. if (retlen < len)
  406. break;
  407. }
  408. return (error);
  409. }
  410. int
  411. ncp_write(struct ncp_conn *conn, ncp_fh *file, struct uio *uiop, struct ucred *cred)
  412. {
  413. struct ncp_rq *rqp;
  414. struct mbchain *mbp;
  415. int error = 0, len, tsiz, backup;
  416. if (uiop->uio_iovcnt != 1) {
  417. printf("%s: can't handle iovcnt>1 !!!\n", __func__);
  418. return EIO;
  419. }
  420. tsiz = uiop->uio_resid;
  421. while (tsiz > 0) {
  422. len = min(4096 - (uiop->uio_offset % 4096), tsiz);
  423. len = min(len, conn->buffer_size);
  424. if (len == 0) {
  425. printf("gotcha!\n");
  426. }
  427. /* rq head */
  428. error = ncp_rq_alloc(73, conn, uiop->uio_td, cred, &rqp);
  429. if (error)
  430. break;
  431. mbp = &rqp->rq;
  432. mb_put_uint8(mbp, 0);
  433. mb_put_mem(mbp, (caddr_t)file, 6, MB_MSYSTEM);
  434. mb_put_uint32be(mbp, uiop->uio_offset);
  435. mb_put_uint16be(mbp, len);
  436. error = mb_put_uio(mbp, uiop, len);
  437. if (error) {
  438. ncp_rq_done(rqp);
  439. break;
  440. }
  441. error = ncp_request(rqp);
  442. if (!error)
  443. ncp_rq_done(rqp);
  444. if (len == 0)
  445. break;
  446. if (error) {
  447. backup = len;
  448. uiop->uio_iov->iov_base =
  449. (char *)uiop->uio_iov->iov_base - backup;
  450. uiop->uio_iov->iov_len += backup;
  451. uiop->uio_offset -= backup;
  452. uiop->uio_resid += backup;
  453. break;
  454. }
  455. tsiz -= len;
  456. }
  457. if (error)
  458. uiop->uio_resid = tsiz;
  459. switch (error) {
  460. case NWE_INSUFFICIENT_SPACE:
  461. error = ENOSPC;
  462. break;
  463. }
  464. return (error);
  465. }