X-Git-Url: https://git.distorted.org.uk/~mdw/become/blobdiff_plain/03f996bd8a0d6391518979cdab3dbe38cba0bf83..eacaf60c2846a36bf73a9ce8df90b9eed2782158:/src/check.c

diff --git a/src/check.c b/src/check.c
index 1d1eba8..f4ac5e9 100644
--- a/src/check.c
+++ b/src/check.c
@@ -1,10 +1,10 @@
 /* -*-c-*-
  *
- * $Id: check.c,v 1.2 1997/08/04 10:24:20 mdw Exp $
+ * $Id: check.c,v 1.10 1999/05/04 16:17:12 mdw Exp $
  *
  * Check validity of requests
  *
- * (c) 1997 EBI
+ * (c) 1998 EBI
  */
 
 /*----- Licensing notice --------------------------------------------------*
@@ -29,6 +29,38 @@
 /*----- Revision history --------------------------------------------------*
  *
  * $Log: check.c,v $
+ * Revision 1.10  1999/05/04 16:17:12  mdw
+ * Change to header file name for parser.  See log for `parse.h' for
+ * details.
+ *
+ * Revision 1.9  1998/06/19  13:48:16  mdw
+ * Set close-on-exec flag for UDP socket.
+ *
+ * Revision 1.8  1998/06/18 15:10:44  mdw
+ * SECURITY HOLE: the file descriptor for the secret key was left open and
+ * inherited by the target process.  This is now fixed.  Also set
+ * close-on-exec flags on key file, close config file carefully, and close
+ * UDP socket after receiving reply from server.
+ *
+ * Revision 1.7  1998/04/23 13:22:08  mdw
+ * Support no-network configuration option, and new interface to
+ * configuration file parser.
+ *
+ * Revision 1.6  1998/01/12 16:45:47  mdw
+ * Fix copyright date.
+ *
+ * Revision 1.5  1997/09/26 09:14:58  mdw
+ * Merged blowfish branch into trunk.
+ *
+ * Revision 1.4.2.1  1997/09/26 09:08:01  mdw
+ * Use the Blowfish encryption algorithm instead of IDEA.  This is partly
+ * because I prefer Blowfish (without any particularly strong evidence) but
+ * mainly because IDEA is patented and Blowfish isn't.
+ *
+ * Revision 1.4  1997/08/07 09:52:05  mdw
+ * (Log entry for previous version is bogus.)  Added support for multiple
+ * servers.
+ *
  * Revision 1.2  1997/08/04 10:24:20  mdw
  * Sources placed under CVS control.
  *
@@ -58,24 +90,28 @@
 
 #include <arpa/inet.h>
 
+#include <fcntl.h>
 #include <netdb.h>
 #include <unistd.h>
 
 /* --- Local headers --- */
 
 #include "become.h"
+#include "blowfish.h"
 #include "config.h"
 #include "crypt.h"
-#include "idea.h"
 #include "lexer.h"
 #include "name.h"
+#include "netg.h"
 #include "rule.h"
-#include "parser.h"
+#include "parse.h"
 #include "tx.h"
 #include "userdb.h"
 #include "utils.h"
 
-/*----- Main code ---------------------------------------------------------*/
+/*----- Client-end network support ----------------------------------------*/
+
+#ifndef NONETWORK
 
 /* --- @check__send@ --- *
  *
@@ -128,14 +164,14 @@ static int check__ask(request *rq, struct sockaddr_in *serv, size_t n_serv)
 {
   int fd;
   unsigned char crq[crq_size];
-  unsigned char sk[IDEA_KEYSIZE];
+  unsigned char sk[BLOWFISH_KEYSIZE];
   time_t t;
   pid_t pid;
 
   /* --- First, build the encrypted request packet --- */
 
   {
-    unsigned char k[IDEA_KEYSIZE];
+    unsigned char k[BLOWFISH_KEYSIZE];
     FILE *fp;
 
     /* --- Read in the encryption key --- */
@@ -144,7 +180,12 @@ static int check__ask(request *rq, struct sockaddr_in *serv, size_t n_serv)
       die("couldn't open key file `%s': %s", file_KEY,
 	  strerror(errno));
     }
+    if (fcntl(fileno(fp), F_SETFD, 1) < 0) {
+      die("couldn't set close-on-exec on key file `%s': %s", file_KEY,
+	  strerror(errno));
+    }
     tx_getBits(k, 128, fp);
+    fclose(fp);
 
     /* --- Now build a request packet --- */
 
@@ -162,6 +203,8 @@ static int check__ask(request *rq, struct sockaddr_in *serv, size_t n_serv)
 
     if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) < 0)
       die("couldn't create socket: %s", strerror(errno));
+    if (fcntl(fd, F_SETFD, 1) < 0)
+      die("couldn't set close-on-exec flag for socket: %s", strerror(errno));
 
     /* --- Bind myself to some address --- */
 
@@ -278,7 +321,7 @@ static int check__ask(request *rq, struct sockaddr_in *serv, size_t n_serv)
 	  T( trace(TRACE_CLIENT, "client: reply from unknown host"); )
 	  continue;
 	}
-    
+
 	/* --- Unpack and verify the response --- */
 
 	answer = crypt_unpackReply(buff, sk, t, pid);
@@ -287,6 +330,7 @@ static int check__ask(request *rq, struct sockaddr_in *serv, size_t n_serv)
 		   "client: invalid or corrupt reply packet"); )
 	  continue;
 	}
+	close(fd);
 	return (answer);
       }
     }
@@ -493,6 +537,10 @@ int check__client(request *rq, FILE *fp)
   return (check__ask(rq, serv, n_serv));
 }
 
+#endif
+
+/*----- Main checking function --------------------------------------------*/
+
 /* --- @check@ --- *
  *
  * Arguments:	@request *rq@ = pointer to request buffer
@@ -508,8 +556,10 @@ int check(request *rq)
 
   /* --- Check if we need to talk to a server --- */
 
+#ifndef NONETWORK
   if ((fp = fopen(file_SERVER, "r")) != 0)
     return (check__client(rq, fp));
+#endif
 
   /* --- Otherwise do this all the old-fashioned way --- */
 
@@ -521,10 +571,12 @@ int check(request *rq)
   userdb_init();
   userdb_local();
   userdb_yp();
+  netg_init();
   name_init();
   rule_init();
   lexer_scan(fp);
-  yyparse();
+  parse();
+  fclose(fp);
 
   return (rule_check(rq));
 }