Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/external/bsd/dhcpcd/dist delete extra file
details: https://anonhg.NetBSD.org/src/rev/a19a39cdd4da
branches: trunk
changeset: 822757:a19a39cdd4da
user: christos <christos%NetBSD.org@localhost>
date: Wed Apr 05 21:26:30 2017 +0000
description:
delete extra file
diffstat:
external/bsd/dhcpcd/dist/auth.c | 674 ----------------------------------------
1 files changed, 0 insertions(+), 674 deletions(-)
diffs (truncated from 678 to 300 lines):
diff -r 27be80ce44ec -r a19a39cdd4da external/bsd/dhcpcd/dist/auth.c
--- a/external/bsd/dhcpcd/dist/auth.c Wed Apr 05 20:38:53 2017 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,674 +0,0 @@
-#include <sys/cdefs.h>
- __RCSID("$NetBSD: auth.c,v 1.11 2016/05/09 10:15:59 roy Exp $");
-
-/*
- * dhcpcd - DHCP client daemon
- * Copyright (c) 2006-2015 Roy Marples <roy%marples.name@localhost>
- * All rights reserved
-
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <sys/file.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <inttypes.h>
-#include <stddef.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
-
-#include "config.h"
-#include "auth.h"
-#include "crypt/crypt.h"
-#include "dhcp.h"
-#include "dhcp6.h"
-#include "dhcpcd.h"
-
-#ifdef __sun
-#define htonll
-#define ntohll
-#endif
-
-#ifndef htonll
-#if (BYTE_ORDER == LITTLE_ENDIAN)
-static inline uint64_t
-htonll(uint64_t x)
-{
-
- return (uint64_t)htonl((uint32_t)(x >> 32)) |
- (uint64_t)htonl((uint32_t)(x & 0xffffffff)) << 32;
-}
-#else /* (BYTE_ORDER == LITTLE_ENDIAN) */
-#define htonll(x) (x)
-#endif
-#endif /* htonll */
-
-#ifndef ntohll
-#if (BYTE_ORDER == LITTLE_ENDIAN)
-static inline uint64_t
-ntohll(uint64_t x)
-{
-
- return (uint64_t)ntohl((uint32_t)(x >> 32)) |
- (uint64_t)ntohl((uint32_t)(x & 0xffffffff)) << 32;
-}
-#else /* (BYTE_ORDER == LITTLE_ENDIAN) */
-#define ntohll(x) (x)
-#endif
-#endif /* ntohll */
-
-#define HMAC_LENGTH 16
-
-void
-dhcp_auth_reset(struct authstate *state)
-{
-
- state->replay = 0;
- if (state->token) {
- free(state->token->key);
- free(state->token->realm);
- free(state->token);
- state->token = NULL;
- }
- if (state->reconf) {
- free(state->reconf->key);
- free(state->reconf->realm);
- free(state->reconf);
- state->reconf = NULL;
- }
-}
-
-/*
- * Authenticate a DHCP message.
- * m and mlen refer to the whole message.
- * t is the DHCP type, pass it 4 or 6.
- * data and dlen refer to the authentication option within the message.
- */
-const struct token *
-dhcp_auth_validate(struct authstate *state, const struct auth *auth,
- const uint8_t *m, size_t mlen, int mp, int mt,
- const uint8_t *data, size_t dlen)
-{
- uint8_t protocol, algorithm, rdm, *mm, type;
- uint64_t replay;
- uint32_t secretid;
- const uint8_t *d, *realm;
- size_t realm_len;
- const struct token *t;
- time_t now;
- uint8_t hmac[HMAC_LENGTH];
-
- if (dlen < 3 + sizeof(replay)) {
- errno = EINVAL;
- return NULL;
- }
-
- /* Ensure that d is inside m which *may* not be the case for DHPCPv4 */
- if (data < m || data > m + mlen || data + dlen > m + mlen) {
- errno = ERANGE;
- return NULL;
- }
-
- d = data;
- protocol = *d++;
- algorithm = *d++;
- rdm = *d++;
- if (!(auth->options & DHCPCD_AUTH_SEND)) {
- /* If we didn't send any authorisation, it can only be a
- * reconfigure key */
- if (protocol != AUTH_PROTO_RECONFKEY) {
- errno = EINVAL;
- return NULL;
- }
- } else if (protocol != auth->protocol ||
- algorithm != auth->algorithm ||
- rdm != auth->rdm)
- {
- /* As we don't require authentication, we should still
- * accept a reconfigure key */
- if (protocol != AUTH_PROTO_RECONFKEY ||
- auth->options & DHCPCD_AUTH_REQUIRE)
- {
- errno = EPERM;
- return NULL;
- }
- }
- dlen -= 3;
-
- memcpy(&replay, d, sizeof(replay));
- replay = ntohll(replay);
- if (state->token) {
- if (state->replay == (replay ^ 0x8000000000000000ULL)) {
- /* We don't know if the singular point is increasing
- * or decreasing. */
- errno = EPERM;
- return NULL;
- }
- if ((uint64_t)(replay - state->replay) <= 0) {
- /* Replay attack detected */
- errno = EPERM;
- return NULL;
- }
- }
- d+= sizeof(replay);
- dlen -= sizeof(replay);
-
- realm = NULL;
- realm_len = 0;
-
- /* Extract realm and secret.
- * Rest of data is MAC. */
- switch (protocol) {
- case AUTH_PROTO_TOKEN:
- secretid = 0;
- break;
- case AUTH_PROTO_DELAYED:
- if (dlen < sizeof(secretid) + sizeof(hmac)) {
- errno = EINVAL;
- return NULL;
- }
- memcpy(&secretid, d, sizeof(secretid));
- d += sizeof(secretid);
- dlen -= sizeof(secretid);
- break;
- case AUTH_PROTO_DELAYEDREALM:
- if (dlen < sizeof(secretid) + sizeof(hmac)) {
- errno = EINVAL;
- return NULL;
- }
- realm_len = dlen - (sizeof(secretid) + sizeof(hmac));
- if (realm_len) {
- realm = d;
- d += realm_len;
- dlen -= realm_len;
- }
- memcpy(&secretid, d, sizeof(secretid));
- d += sizeof(secretid);
- dlen -= sizeof(secretid);
- break;
- case AUTH_PROTO_RECONFKEY:
- if (dlen != 1 + 16) {
- errno = EINVAL;
- return NULL;
- }
- type = *d++;
- dlen--;
- switch (type) {
- case 1:
- if ((mp == 4 && mt == DHCP_ACK) ||
- (mp == 6 && mt == DHCP6_REPLY))
- {
- if (state->reconf == NULL) {
- state->reconf =
- malloc(sizeof(*state->reconf));
- if (state->reconf == NULL)
- return NULL;
- state->reconf->key = malloc(16);
- if (state->reconf->key == NULL) {
- free(state->reconf);
- state->reconf = NULL;
- return NULL;
- }
- state->reconf->secretid = 0;
- state->reconf->expire = 0;
- state->reconf->realm = NULL;
- state->reconf->realm_len = 0;
- state->reconf->key_len = 16;
- }
- memcpy(state->reconf->key, d, 16);
- } else {
- errno = EINVAL;
- return NULL;
- }
- if (state->reconf == NULL)
- errno = ENOENT;
- /* Free the old token so we log acceptance */
- if (state->token) {
- free(state->token);
- state->token = NULL;
- }
- /* Nothing to validate, just accepting the key */
- return state->reconf;
- case 2:
- if (!((mp == 4 && mt == DHCP_FORCERENEW) ||
- (mp == 6 && mt == DHCP6_RECONFIGURE)))
- {
- errno = EINVAL;
- return NULL;
- }
- if (state->reconf == NULL) {
- errno = ENOENT;
- return NULL;
- }
- t = state->reconf;
- goto gottoken;
- default:
- errno = EINVAL;
- return NULL;
- }
- default:
- errno = ENOTSUP;
- return NULL;
- }
-
- /* Find a token for the realm and secret */
- secretid = ntohl(secretid);
- TAILQ_FOREACH(t, &auth->tokens, next) {
- if (t->secretid == secretid &&
- t->realm_len == realm_len &&
- (t->realm_len == 0 ||
- memcmp(t->realm, realm, t->realm_len) == 0))
- break;
- }
- if (t == NULL) {
- errno = ESRCH;
- return NULL;
- }
- if (t->expire) {
- if (time(&now) == -1)
- return NULL;
- if (t->expire < now) {
- errno = EFAULT;
- return NULL;
- }
- }
-
Home |
Main Index |
Thread Index |
Old Index