#ifdef SECURE_RPC
#include "X.h"
#include "Xauth.h"
#include "misc.h"
#include "os.h"
#include "dixstruct.h"
#include <rpc/rpc.h>
#ifdef sun
extern bool_t xdr_opaque_auth(XDR *, struct opaque_auth *);
#endif
#if defined(DGUX)
#include <time.h>
#include <rpc/auth_des.h>
#endif
#ifdef ultrix
#include <time.h>
#include <rpc/auth_des.h>
#endif
static enum auth_stat why;
static char *
authdes_ezdecode(char *inmsg, int len)
{
struct rpc_msg msg;
char cred_area[MAX_AUTH_BYTES];
char verf_area[MAX_AUTH_BYTES];
char *temp_inmsg;
struct svc_req r;
bool_t res0, res1;
XDR xdr;
SVCXPRT xprt;
temp_inmsg = (char *) xalloc(len);
memmove(temp_inmsg, inmsg, len);
memset((char *)&msg, 0, sizeof(msg));
memset((char *)&r, 0, sizeof(r));
memset(cred_area, 0, sizeof(cred_area));
memset(verf_area, 0, sizeof(verf_area));
msg.rm_call.cb_cred.oa_base = cred_area;
msg.rm_call.cb_verf.oa_base = verf_area;
why = AUTH_FAILED;
xdrmem_create(&xdr, temp_inmsg, len, XDR_DECODE);
if ((r.rq_clntcred = (caddr_t) xalloc(MAX_AUTH_BYTES)) == NULL)
goto bad1;
r.rq_xprt = &xprt;
res0 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_cred));
res1 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_verf));
if ( ! (res0 && res1) )
goto bad2;
r.rq_cred = msg.rm_call.cb_cred;
if (r.rq_cred.oa_flavor != AUTH_DES) {
why = AUTH_TOOWEAK;
goto bad2;
}
#ifdef SVR4
if ((why = __authenticate(&r, &msg)) != AUTH_OK) {
#else
if ((why = _authenticate(&r, &msg)) != AUTH_OK) {
#endif
goto bad2;
}
return (((struct authdes_cred *) r.rq_clntcred)->adc_fullname.name);
bad2:
xfree(r.rq_clntcred);
bad1:
return ((char *)0);
}
static XID rpc_id = (XID) ~0L;
static Bool
CheckNetName (
unsigned char *addr,
short len,
pointer closure
)
{
return (len == strlen ((char *) closure) &&
strncmp ((char *) addr, (char *) closure, len) == 0);
}
static char rpc_error[MAXNETNAMELEN+50];
XID
SecureRPCCheck (unsigned short data_length, char *data,
ClientPtr client, char **reason)
{
char *fullname;
if (rpc_id == (XID) ~0L) {
*reason = "Secure RPC authorization not initialized";
} else {
fullname = authdes_ezdecode(data, data_length);
if (fullname == (char *)0) {
sprintf(rpc_error, "Unable to authenticate secure RPC client (why=%d)", why);
*reason = rpc_error;
} else {
if (ForEachHostInFamily (FamilyNetname, CheckNetName, fullname))
return rpc_id;
sprintf(rpc_error, "Principal \"%s\" is not authorized to connect",
fullname);
*reason = rpc_error;
}
}
return (XID) ~0L;
}
void
SecureRPCInit (void)
{
if (rpc_id == ~0L)
AddAuthorization (9, "SUN-DES-1", 0, (char *) 0);
}
int
SecureRPCAdd (unsigned short data_length, char *data, XID id)
{
if (data_length)
AddHost ((pointer) 0, FamilyNetname, data_length, data);
rpc_id = id;
return 1;
}
int
SecureRPCReset (void)
{
rpc_id = (XID) ~0L;
return 1;
}
XID
SecureRPCToID (unsigned short data_length, char *data)
{
return rpc_id;
}
int
SecureRPCFromID (XID id, unsigned short *data_lenp, char **datap)
{
return 0;
}
int
SecureRPCRemove (unsigned short data_length, char *data)
{
return 0;
}
#endif