ckuath.c

KERMIT工具 这在办公室下载不了,很多人都没有载不到.

int
#ifdef CK_ANSIC
ck_tn_sb_encrypt(char * sb, int len)
#else
ck_tn_sb_encrypt(sb,len) char * sb; int len;
#endif /* CK_ANSIC */
{
    /* encrypt_parse() assumes that sb starts at pos 1 not 0 as in ckcnet.c */
    /* and it wants the length to exclude the IAC SE bytes                  */
#ifdef CK_ENCRYPTION
    char * buf;
    int rc = -1;

    buf = malloc(len-1);
    if ( !buf ) return(-1);

    buf[0] = SB;
    memcpy( &buf[1], sb, len-2 );
    rc = encrypt_parse(buf,len-1);

    if (rc < 0) {
        free(buf);
        return(-1);
    }

    /* This is a hack.  It does not belong here but should really be in */
    /* encrypt_parse() but in K95 the encrypt_parse() routine does not  */
    /* have access to the telopt_states array.                          */
    if ( buf[1] == ENCRYPT_REQEND )
        TELOPT_SB(TELOPT_ENCRYPTION).encrypt.stop = 1;
    else if ( buf[1] == ENCRYPT_REQSTART )
        TELOPT_SB(TELOPT_ENCRYPTION).encrypt.stop = 0;
#ifndef NOLOCAL
#ifdef OS2
    ipadl25();
#endif /* OS2 */
#endif /* NOLOCAL */
    free(buf);
#endif /* ENCRYPTION */
    return(0);
}


/*  C K _ K R B _ E N C R Y P T I N G
 *  Returns 1 if we are encrypting and 0 if we are not
 */

int
#ifdef CK_ANSIC
ck_tn_encrypting(VOID)
#else /* CK_ANSIC */
ck_tn_encrypting()
#endif /* CK_ANSIC */
{
#ifdef CK_ENCRYPTION
    if ( g_kstream == NULL )
        return(0);
    if ( g_kstream->encrypt && encrypt_is_encrypting()) {
        debug(F111,"ck_tn_encrypting","encrypting",
               g_kstream->encrypt_type);
        return(g_kstream->encrypt_type);
    }
#endif /* CK_ENCRYPTION */
    debug(F110,"ck_tn_encrypting","not encrypting",0);
    return(0);
}

/*  C K _ K R B _ D E C R Y P T I N G
 *  Returns 1 if we are decrypting and 0 if we are not
 */

int
#ifdef CK_ANSIC
ck_tn_decrypting(VOID)
#else
ck_tn_decrypting()
#endif /* CK_ANSIC */
{
#ifdef CK_ENCRYPTION
    if ( g_kstream == NULL )
        return(0);
    if ( g_kstream->decrypt && encrypt_is_decrypting()) {
        debug(F111,"ck_tn_decrypting","decrypting",
               g_kstream->decrypt_type);
        return(g_kstream->decrypt_type);
    }
#endif /* CK_ENCRYPTION */
    debug(F110,"ck_tn_decrypting","not decrypting",0);
    return(0);
}

/*  C K _ K R B _ A U T H E N T I C A T E D
 *  Returns the authentication type: AUTHTYPE_NULL, AUTHTYPE_KERBEROS4,
 *  or AUTHTYPE_KERBEROS5, AUTHTYPE_SRP, ... (see ckctel.h)
 */

int
#ifdef CK_ANSIC
ck_tn_authenticated(VOID)
#else
ck_tn_authenticated()
#endif
{
    return(authentication_version);
}

/*  C K _ K R B _ E N C R Y P T
 *  encrypts n characters in s if we are encrypting
 */

VOID
#ifdef CK_ANSIC
ck_tn_encrypt( char * s, int n )
#else
ck_tn_encrypt( s,n ) char * s; int n;
#endif
{
#ifdef CK_ENCRYPTION
    struct kstream_data_block i;

    if (g_kstream->encrypt && encrypt_is_encrypting()) {
#ifdef DEBUG
      hexdump("from plaintext", s, n);
#endif
        i.ptr = s;
        i.length = n;
        g_kstream->encrypt(&i, NULL);
#ifdef DEBUG
        hexdump("to cyphertext", s, n);
#endif
    }
    else debug(F101,"ck_tn_encrypt not encrypting","",n);
#endif /* ENCRYPTION */
}

/*  C K _ K R B _ D E C R Y P T
 *  decrypts n characters in s if we are decrypting
 */

VOID
#ifdef CK_ANSIC
ck_tn_decrypt( char * s, int n )
#else
ck_tn_decrypt( s,n ) char * s; int n;
#endif
{
#ifdef CK_ENCRYPTION
    struct kstream_data_block i;

    if (g_kstream->decrypt && encrypt_is_decrypting()) {

#ifdef DEBUG
        hexdump("from cyphertext", s, n);
#endif

        i.ptr = s;
        i.length = n;
        g_kstream->decrypt(&i, NULL);
#ifdef DEBUG
        hexdump("to plaintext", s, n);
#endif
    }
    else debug(F101,"ck_tn_decrypt not decrypting","",n);
#endif /* ENCRYPTION */
}

/*  S E N D K 5 A U T H S B
 *  Send a Kerberos 5 Authentication Subnegotiation to host and
 *  output appropriate Telnet Debug messages
 *
 *  type - Sub Negotiation type
 *  data - ptr to buffer containing data
 *  len  - len of buffer if not NUL terminated
 *
 *  returns number of characters sent or error value
 */

static int
#ifdef CK_ANSIC
SendK5AuthSB(int type, void *data, int len)
#else
SendK5AuthSB(type,data,len) int type; void *data; int len;
#endif
{
    int rc;
    unsigned char *p = str_data + 3;
    unsigned char *cd = (unsigned char *)data;
    extern int sstelnet;

#ifdef CK_SSL
    if (TELOPT_SB(TELOPT_START_TLS).start_tls.me_follows) {
        if (ttchk() < 0)
          return(0);
        else
          return(1);
    }
#endif /* CK_SSL */

    if ( type < 0 || type > 7 )         /* Check for invalid values */
        return(0);

    if (!cd) {
        cd = (unsigned char *)"";
        len = 0;
    }

    if (len == -1)                        /* Use strlen() for len */
        len = strlen((char *)cd);

    /* Construct Message */
    *p++ = sstelnet ? TELQUAL_REPLY : TELQUAL_IS;
    *p++ = AUTHTYPE_KERBEROS_V5;
    *p = AUTH_CLIENT_TO_SERVER;
    *p |= auth_how;
#ifdef CK_ENCRYPTION
    *p |= auth_crypt;
#endif
#ifdef USE_INI_CRED_FWD
    if (auth_fwd)
        *p |= INI_CRED_FWD_ON;
#endif /* USE_INI_CRED_FWD */
    p++;
    *p++ = type;
    while (len-- > 0) {
        if ((*p++ = *cd++) == IAC)
            *p++ = IAC;
    }
    *p++ = IAC;
    *p++ = SE;

    /* Handle Telnet Debugging Messages */
    if (deblog || tn_deb || debses) {
        int i;
        int deblen=p-str_data-2;
        char *s=NULL;
        int mode = AUTH_CLIENT_TO_SERVER | (auth_how & AUTH_HOW_MASK) |
            auth_crypt
#ifdef USE_INI_CRED_FWD
              | (auth_fwd?INI_CRED_FWD_ON:INI_CRED_FWD_OFF)
#endif /* USE_INI_CRED_FWD */
                    ;

        switch (type) {
        case 0:
            s = "AUTH";
            break;
        case 1:
            s = "REJECT";
            break;
        case 2:
            s = "ACCEPT";
            break;
        case 3:
            s = "RESPONSE";
            break;
        case 4:
            s = "FORWARD";
            break;
        case 5:
            s = "FORWARD_ACCEPT";
            break;
        case 6:
            s = "FORWARD_REJECT";
            break;
        case 7:
            s = "TLS_VERIFY";
                break;
        }

        ckmakxmsg(tn_msg,TN_MSG_LEN,
                  "TELNET SENT SB ",
                 TELOPT(TELOPT_AUTHENTICATION)," ",
                 str_data[3] == TELQUAL_IS ? "IS" :
                 str_data[3] == TELQUAL_REPLY ? "REPLY" : "???"," ",
                 AUTHTYPE_NAME(authentication_version)," ",
                 AUTHMODE_NAME(mode)," ",
                 s," ",NULL);
        tn_hex((CHAR *)tn_msg,TN_MSG_LEN,&str_data[7],deblen-7);
        ckstrncat(tn_msg,"IAC SE",TN_MSG_LEN);
        debug(F100,tn_msg,"",0);
        if (tn_deb || debses) tn_debug(tn_msg);
    }

    /* Send data */
#ifdef OS2
    RequestTelnetMutex( SEM_INDEFINITE_WAIT );
#endif
    rc = ttol((CHAR *)str_data, p - str_data);
#ifdef OS2
    ReleaseTelnetMutex();
#endif
    debug(F111,"SendK5AuthSB","ttol()",rc);
    return(rc);
}

/*  S E N D K 4 A U T H S B
 *  Send a Kerberos 4 Authentication Subnegotiation to host and
 *  output appropriate Telnet Debug messages
 *
 *  type - Sub Negotiation type
 *  data - ptr to buffer containing data
 *  len  - len of buffer if not NUL terminated
 *
 *  returns number of characters sent or error value
 */

static int
#ifdef CK_ANSIC
SendK4AuthSB(int type, void *data, int len)
#else
SendK4AuthSB(type,data,len) int type; void *data; int len;
#endif
{
    int rc;
    unsigned char *p = str_data + 3;
    unsigned char *cd = (unsigned char *)data;
    extern int sstelnet;
    int mode = (auth_how & AUTH_HOW_MASK) |
        auth_crypt;

    if ( type < 0 || type > 4 )         /* Check for invalid values */
        return(0);

#ifdef CK_SSL
    if (TELOPT_SB(TELOPT_START_TLS).start_tls.me_follows) {
        if (ttchk() < 0)
          return(0);
        else
          return(1);
    }
#endif /* CK_SSL */

    if (!cd) {
        cd = (unsigned char *)"";
        len = 0;
    }

    if (len == -1)                        /* Use strlen() for len */
        len = strlen((char *)cd);


    /* Construct Message */
    *p++ = sstelnet ? TELQUAL_REPLY : TELQUAL_IS;
    *p++ = AUTHTYPE_KERBEROS_V4;
    *p = AUTH_CLIENT_TO_SERVER;
    *p |= mode;
    p++;
    *p++ = type;
    while (len-- > 0) {
        if ((*p++ = *cd++) == IAC)
            *p++ = IAC;
        }
    *p++ = IAC;
    *p++ = SE;

    /* Handle Telnet Debugging Messages */
    if (deblog || tn_deb || debses) {
        int i;
        int deblen=p-str_data-2;
        char *s=NULL;

        switch (type) {
        case 0:
            s = "AUTH";
            break;
        case 1:
            s = "REJECT";
            break;
        case 2:
            s = "ACCEPT";
            break;
        case 3:
            s = "CHALLENGE";
            break;
        case 4:
            s = "RESPONSE";
            break;
        }

        ckmakxmsg(tn_msg,TN_MSG_LEN,"TELNET SENT SB ",
                 TELOPT(TELOPT_AUTHENTICATION)," ",
                 str_data[3] == TELQUAL_IS ? "IS" :
                 (str_data[3] == TELQUAL_REPLY ? "REPLY" : "???")," ",
                 AUTHTYPE_NAME(authentication_version)," ",
                 AUTHMODE_NAME(mode)," ",
                 s," ",NULL);
        tn_hex((CHAR *)tn_msg,TN_MSG_LEN,&str_data[7],deblen-7);
        ckstrncat(tn_msg,"IAC SE",TN_MSG_LEN);
        debug(F100,tn_msg,"",0);
        if (tn_deb || debses) tn_debug(tn_msg);
    }

    /* Send data */
#ifdef OS2
    RequestTelnetMutex( SEM_INDEFINITE_WAIT );
#endif
    rc = ttol((CHAR *)str_data, p - str_data);
#ifdef OS2
    ReleaseTelnetMutex();
#endif
    debug(F111,"SendK4AuthSB","ttol()",rc);
    return(rc);
}

/*  S E N D S R P A U T H S B
 *  Send a SRP Authentication Subnegotiation to host and
 *  output appropriate Telnet Debug messages
 *
 *  type - Sub Negotiation type
 *  data - ptr to buffer containing data
 *  len  - len of buffer if not NUL terminated
 *
 *  returns number of characters sent or error value
 */

static int
#ifdef CK_ANSIC
SendSRPAuthSB(int type, void *data, int len)
#else
SendSRPAuthSB(type,data,len) int type; void *data; int len;
#endif
{
    int rc;
    unsigned char *p = str_data + 3;
    unsigned char *cd = (unsigned char *)data;
    extern int sstelnet;

    /* Check for invalid values */
    if ( type != SRP_EXP && type != SRP_RESPONSE &&
         type != SRP_REJECT && type != SRP_ACCEPT &&
         type != SRP_CHALLENGE && type != SRP_PARAMS &&
         type != SRP_AUTH)
        return(0);

    if (len == -1)                        /* Use strlen() for len */
        len = strlen((char *)cd);

    /* Construct Message */
    *p++ = sstelnet ? TELQUAL_REPLY : TELQUAL_IS;
    *p++ = AUTHTYPE_SRP;
    *p = AUTH_CLIENT_TO_SERVER;
    *p |= auth_how;
#ifdef CK_ENCRYPTION
    *p |= auth_crypt;
#endif
    p++;
    *p++ = type;
    while (len-- > 0) {
        if ((*p++ = *cd++) == IAC)
            *p++ = IAC;
        }
    *p++ = IAC;
    *p++ = SE;

    /* Handle Telnet Debugging Messages */
    if (deblog || tn_deb || debses) {
        int i;
        int deblen=p-str_data-2;
        char *s=NULL;
        int mode = AUTH_CLIENT_TO_SERVER | (auth_how & AUTH_HOW_MASK) |
            auth_crypt;

        switch (type) {
        case 0:
            s = "AUTH";
            break;
        case 1:
            s = "REJECT";
            break;
        case 2:
            s = "ACCEPT";
            break;
        case 3:
            s = "CHALLENGE";
            break;
        case 4:
            s = "RESPONSE";
            break;
        case 5:
            s = "FORWARD";