Changeset View
Changeset View
Standalone View
Standalone View
head/contrib/ntp/libntp/authkeys.c
Show First 20 Lines • Show All 57 Lines • ▼ Show 20 Lines | |||||
#endif | #endif | ||||
symkey key_listhead; /* list of all in-use keys */; | symkey key_listhead; /* list of all in-use keys */; | ||||
/* | /* | ||||
* The hash table. This is indexed by the low order bits of the | * The hash table. This is indexed by the low order bits of the | ||||
* keyid. We make this fairly big for potentially busy servers. | * keyid. We make this fairly big for potentially busy servers. | ||||
*/ | */ | ||||
#define DEF_AUTHHASHSIZE 64 | #define DEF_AUTHHASHSIZE 64 | ||||
//#define HASHMASK ((HASHSIZE)-1) | /*#define HASHMASK ((HASHSIZE)-1)*/ | ||||
#define KEYHASH(keyid) ((keyid) & authhashmask) | #define KEYHASH(keyid) ((keyid) & authhashmask) | ||||
int authhashdisabled; | int authhashdisabled; | ||||
u_short authhashbuckets = DEF_AUTHHASHSIZE; | u_short authhashbuckets = DEF_AUTHHASHSIZE; | ||||
u_short authhashmask = DEF_AUTHHASHSIZE - 1; | u_short authhashmask = DEF_AUTHHASHSIZE - 1; | ||||
symkey **key_hash; | symkey **key_hash; | ||||
u_long authkeynotfound; /* keys not found */ | u_long authkeynotfound; /* keys not found */ | ||||
▲ Show 20 Lines • Show All 431 Lines • ▼ Show 20 Lines | authistrusted( | ||||
} | } | ||||
if (NULL == sk || !(KEY_TRUSTED & sk->flags)) { | if (NULL == sk || !(KEY_TRUSTED & sk->flags)) { | ||||
authkeynotfound++; | authkeynotfound++; | ||||
return FALSE; | return FALSE; | ||||
} | } | ||||
return TRUE; | return TRUE; | ||||
} | } | ||||
/* Note: There are two locations below where 'strncpy()' is used. While | |||||
* this function is a hazard by itself, it's essential that it is used | |||||
* here. Bug 1243 involved that the secret was filled with NUL bytes | |||||
* after the first NUL encountered, and 'strlcpy()' simply does NOT have | |||||
* this behaviour. So disabling the fix and reverting to the buggy | |||||
* behaviour due to compatibility issues MUST also fill with NUL and | |||||
* this needs 'strncpy'. Also, the secret is managed as a byte blob of a | |||||
* given size, and eventually truncating it and replacing the last byte | |||||
* with a NUL would be a bug. | |||||
* perlinger@ntp.org 2015-10-10 | |||||
*/ | |||||
void | void | ||||
MD5auth_setkey( | MD5auth_setkey( | ||||
keyid_t keyno, | keyid_t keyno, | ||||
int keytype, | int keytype, | ||||
const u_char *key, | const u_char *key, | ||||
size_t len | size_t len | ||||
) | ) | ||||
{ | { | ||||
Show All 18 Lines | if (keyno == sk->keyid) { | ||||
} | } | ||||
sk->secret = emalloc(len); | sk->secret = emalloc(len); | ||||
sk->type = (u_short)keytype; | sk->type = (u_short)keytype; | ||||
secretsize = len; | secretsize = len; | ||||
sk->secretsize = (u_short)secretsize; | sk->secretsize = (u_short)secretsize; | ||||
#ifndef DISABLE_BUG1243_FIX | #ifndef DISABLE_BUG1243_FIX | ||||
memcpy(sk->secret, key, secretsize); | memcpy(sk->secret, key, secretsize); | ||||
#else | #else | ||||
strlcpy((char *)sk->secret, (const char *)key, | /* >MUST< use 'strncpy()' here! See above! */ | ||||
strncpy((char *)sk->secret, (const char *)key, | |||||
secretsize); | secretsize); | ||||
#endif | #endif | ||||
if (cache_keyid == keyno) { | if (cache_keyid == keyno) { | ||||
cache_flags = 0; | cache_flags = 0; | ||||
cache_keyid = 0; | cache_keyid = 0; | ||||
} | } | ||||
return; | return; | ||||
} | } | ||||
} | } | ||||
/* | /* | ||||
* Need to allocate new structure. Do it. | * Need to allocate new structure. Do it. | ||||
*/ | */ | ||||
secretsize = len; | secretsize = len; | ||||
secret = emalloc(secretsize); | secret = emalloc(secretsize); | ||||
#ifndef DISABLE_BUG1243_FIX | #ifndef DISABLE_BUG1243_FIX | ||||
memcpy(secret, key, secretsize); | memcpy(secret, key, secretsize); | ||||
#else | #else | ||||
strlcpy((char *)secret, (const char *)key, secretsize); | /* >MUST< use 'strncpy()' here! See above! */ | ||||
strncpy((char *)secret, (const char *)key, secretsize); | |||||
#endif | #endif | ||||
allocsymkey(bucket, keyno, 0, (u_short)keytype, 0, | allocsymkey(bucket, keyno, 0, (u_short)keytype, 0, | ||||
(u_short)secretsize, secret); | (u_short)secretsize, secret); | ||||
#ifdef DEBUG | #ifdef DEBUG | ||||
if (debug >= 4) { | if (debug >= 4) { | ||||
size_t j; | size_t j; | ||||
printf("auth_setkey: key %d type %d len %d ", (int)keyno, | printf("auth_setkey: key %d type %d len %d ", (int)keyno, | ||||
▲ Show 20 Lines • Show All 59 Lines • ▼ Show 20 Lines | |||||
} | } | ||||
/* | /* | ||||
* authencrypt - generate message authenticator | * authencrypt - generate message authenticator | ||||
* | * | ||||
* Returns length of authenticator field, zero if key not found. | * Returns length of authenticator field, zero if key not found. | ||||
*/ | */ | ||||
int | size_t | ||||
authencrypt( | authencrypt( | ||||
keyid_t keyno, | keyid_t keyno, | ||||
u_int32 * pkt, | u_int32 * pkt, | ||||
int length | size_t length | ||||
) | ) | ||||
{\ | { | ||||
/* | /* | ||||
* A zero key identifier means the sender has not verified | * A zero key identifier means the sender has not verified | ||||
* the last message was correctly authenticated. The MAC | * the last message was correctly authenticated. The MAC | ||||
* consists of a single word with value zero. | * consists of a single word with value zero. | ||||
*/ | */ | ||||
authencryptions++; | authencryptions++; | ||||
pkt[length / 4] = htonl(keyno); | pkt[length / 4] = htonl(keyno); | ||||
if (0 == keyno) { | if (0 == keyno) { | ||||
Show All 11 Lines | |||||
* authdecrypt - verify message authenticator | * authdecrypt - verify message authenticator | ||||
* | * | ||||
* Returns TRUE if authenticator valid, FALSE if invalid or not found. | * Returns TRUE if authenticator valid, FALSE if invalid or not found. | ||||
*/ | */ | ||||
int | int | ||||
authdecrypt( | authdecrypt( | ||||
keyid_t keyno, | keyid_t keyno, | ||||
u_int32 * pkt, | u_int32 * pkt, | ||||
int length, | size_t length, | ||||
int size | size_t size | ||||
) | ) | ||||
{ | { | ||||
/* | /* | ||||
* A zero key identifier means the sender has not verified | * A zero key identifier means the sender has not verified | ||||
* the last message was correctly authenticated. For our | * the last message was correctly authenticated. For our | ||||
* purpose this is an invalid authenticator. | * purpose this is an invalid authenticator. | ||||
*/ | */ | ||||
authdecryptions++; | authdecryptions++; | ||||
if (0 == keyno || !authhavekey(keyno) || size < 4) { | if (0 == keyno || !authhavekey(keyno) || size < 4) { | ||||
return FALSE; | return FALSE; | ||||
} | } | ||||
return MD5authdecrypt(cache_type, cache_secret, pkt, length, | return MD5authdecrypt(cache_type, cache_secret, pkt, length, | ||||
size); | size); | ||||
} | } |