17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * CDDL HEADER START
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the
57c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only
67c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance
77c478bd9Sstevel@tonic-gate * with the License.
87c478bd9Sstevel@tonic-gate *
97c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
107c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
117c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions
127c478bd9Sstevel@tonic-gate * and limitations under the License.
137c478bd9Sstevel@tonic-gate *
147c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
157c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
167c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
177c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
187c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
197c478bd9Sstevel@tonic-gate *
207c478bd9Sstevel@tonic-gate * CDDL HEADER END
217c478bd9Sstevel@tonic-gate */
227c478bd9Sstevel@tonic-gate /*
237c478bd9Sstevel@tonic-gate * Copyright 1999-2003 Sun Microsystems, Inc. All rights reserved.
247c478bd9Sstevel@tonic-gate * Use is subject to license terms.
257c478bd9Sstevel@tonic-gate */
267c478bd9Sstevel@tonic-gate
277c478bd9Sstevel@tonic-gate /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
287c478bd9Sstevel@tonic-gate /* All Rights Reserved */
297c478bd9Sstevel@tonic-gate
307c478bd9Sstevel@tonic-gate #include <stdlib.h>
317c478bd9Sstevel@tonic-gate #include <string.h>
327c478bd9Sstevel@tonic-gate #include <libintl.h>
337c478bd9Sstevel@tonic-gate #include <locale.h>
347c478bd9Sstevel@tonic-gate #include <errno.h>
357c478bd9Sstevel@tonic-gate #include <unistd.h>
367c478bd9Sstevel@tonic-gate #include <ctype.h>
377c478bd9Sstevel@tonic-gate #include <syslog.h>
387c478bd9Sstevel@tonic-gate #include <sys/time.h>
397c478bd9Sstevel@tonic-gate #include "ns_sldap.h"
407c478bd9Sstevel@tonic-gate #include "ns_internal.h"
417c478bd9Sstevel@tonic-gate #include <crypt.h>
427c478bd9Sstevel@tonic-gate
437c478bd9Sstevel@tonic-gate static char t1[ROTORSIZE];
447c478bd9Sstevel@tonic-gate static char t2[ROTORSIZE];
457c478bd9Sstevel@tonic-gate static char t3[ROTORSIZE];
467c478bd9Sstevel@tonic-gate static char hexdig[] = "0123456789abcdef";
477c478bd9Sstevel@tonic-gate
487c478bd9Sstevel@tonic-gate static mutex_t ns_crypt_lock = DEFAULTMUTEX;
497c478bd9Sstevel@tonic-gate static boolean_t crypt_inited = B_FALSE;
507c478bd9Sstevel@tonic-gate
517c478bd9Sstevel@tonic-gate static int
is_cleartext(const char * pwd)527c478bd9Sstevel@tonic-gate is_cleartext(const char *pwd)
537c478bd9Sstevel@tonic-gate {
547c478bd9Sstevel@tonic-gate if (0 == strncmp(pwd, CRYPTMARK, strlen(CRYPTMARK)))
557c478bd9Sstevel@tonic-gate return (FALSE);
567c478bd9Sstevel@tonic-gate return (TRUE);
577c478bd9Sstevel@tonic-gate }
587c478bd9Sstevel@tonic-gate
597c478bd9Sstevel@tonic-gate
607c478bd9Sstevel@tonic-gate static char *
hex2ascii(char * aString,int aLen)617c478bd9Sstevel@tonic-gate hex2ascii(char *aString, int aLen)
627c478bd9Sstevel@tonic-gate {
637c478bd9Sstevel@tonic-gate char *res;
647c478bd9Sstevel@tonic-gate int i = 0;
657c478bd9Sstevel@tonic-gate
667c478bd9Sstevel@tonic-gate if ((res = (char *)calloc(aLen*2 + 1, 1)) == NULL) {
677c478bd9Sstevel@tonic-gate return (NULL);
687c478bd9Sstevel@tonic-gate }
697c478bd9Sstevel@tonic-gate for (;;) {
707c478bd9Sstevel@tonic-gate if (aLen < 1)
717c478bd9Sstevel@tonic-gate break;
727c478bd9Sstevel@tonic-gate res[i] = hexdig[(*aString & 0xf0) >> 4];
737c478bd9Sstevel@tonic-gate res[i + 1] = hexdig[*aString & 0x0f];
747c478bd9Sstevel@tonic-gate i += 2;
757c478bd9Sstevel@tonic-gate aLen--;
767c478bd9Sstevel@tonic-gate aString++;
777c478bd9Sstevel@tonic-gate }
787c478bd9Sstevel@tonic-gate return (res);
797c478bd9Sstevel@tonic-gate }
807c478bd9Sstevel@tonic-gate
817c478bd9Sstevel@tonic-gate
827c478bd9Sstevel@tonic-gate static int
unhex(char c)837c478bd9Sstevel@tonic-gate unhex(char c)
847c478bd9Sstevel@tonic-gate {
857c478bd9Sstevel@tonic-gate return (c >= '0' && c <= '9' ? c - '0'
86*91b658d3SToomas Soome : c >= 'A' && c <= 'F' ? c - 'A' + 10
87*91b658d3SToomas Soome : c - 'a' + 10);
887c478bd9Sstevel@tonic-gate }
897c478bd9Sstevel@tonic-gate
907c478bd9Sstevel@tonic-gate
917c478bd9Sstevel@tonic-gate static char *
ascii2hex(char * anHexaStr,int * aResLen)927c478bd9Sstevel@tonic-gate ascii2hex(char *anHexaStr, int *aResLen)
937c478bd9Sstevel@tonic-gate {
947c478bd9Sstevel@tonic-gate int theLen = 0;
957c478bd9Sstevel@tonic-gate char *theRes = malloc(strlen(anHexaStr) /2 + 1);
967c478bd9Sstevel@tonic-gate
977c478bd9Sstevel@tonic-gate if (theRes == NULL)
987c478bd9Sstevel@tonic-gate return (NULL);
997c478bd9Sstevel@tonic-gate while (isxdigit(*anHexaStr)) {
1007c478bd9Sstevel@tonic-gate theRes[theLen] = unhex(*anHexaStr) << 4;
101*91b658d3SToomas Soome if (*(++anHexaStr) != '\0') {
1027c478bd9Sstevel@tonic-gate theRes[theLen] += unhex(*anHexaStr);
1037c478bd9Sstevel@tonic-gate anHexaStr++;
1047c478bd9Sstevel@tonic-gate }
1057c478bd9Sstevel@tonic-gate theLen++;
1067c478bd9Sstevel@tonic-gate }
1077c478bd9Sstevel@tonic-gate theRes[theLen] = '\0';
1087c478bd9Sstevel@tonic-gate *aResLen = theLen;
1097c478bd9Sstevel@tonic-gate return (theRes);
1107c478bd9Sstevel@tonic-gate }
1117c478bd9Sstevel@tonic-gate
1127c478bd9Sstevel@tonic-gate
1137c478bd9Sstevel@tonic-gate static void
c_setup()1147c478bd9Sstevel@tonic-gate c_setup()
1157c478bd9Sstevel@tonic-gate {
1167c478bd9Sstevel@tonic-gate int ic, i, k, temp;
1177c478bd9Sstevel@tonic-gate unsigned random;
1187c478bd9Sstevel@tonic-gate char buf[13];
1197c478bd9Sstevel@tonic-gate int seed;
1207c478bd9Sstevel@tonic-gate
1217c478bd9Sstevel@tonic-gate (void) mutex_lock(&ns_crypt_lock);
1227c478bd9Sstevel@tonic-gate if (crypt_inited) {
1237c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_crypt_lock);
1247c478bd9Sstevel@tonic-gate return;
1257c478bd9Sstevel@tonic-gate }
1267c478bd9Sstevel@tonic-gate (void) strcpy(buf, "Homer J");
1277c478bd9Sstevel@tonic-gate buf[8] = buf[0];
1287c478bd9Sstevel@tonic-gate buf[9] = buf[1];
1297c478bd9Sstevel@tonic-gate (void) strncpy(buf, (char *)crypt(buf, &buf[8]), 13);
1307c478bd9Sstevel@tonic-gate seed = 123;
1317c478bd9Sstevel@tonic-gate for (i = 0; i < 13; i++)
1327c478bd9Sstevel@tonic-gate seed = seed*buf[i] + i;
1337c478bd9Sstevel@tonic-gate for (i = 0; i < ROTORSIZE; i++) {
1347c478bd9Sstevel@tonic-gate t1[i] = i;
1357c478bd9Sstevel@tonic-gate t3[i] = 0;
1367c478bd9Sstevel@tonic-gate }
1377c478bd9Sstevel@tonic-gate for (i = 0; i < ROTORSIZE; i++) {
1387c478bd9Sstevel@tonic-gate seed = 5*seed + buf[i%13];
1397c478bd9Sstevel@tonic-gate random = seed % 65521;
1407c478bd9Sstevel@tonic-gate k = ROTORSIZE-1 - i;
1417c478bd9Sstevel@tonic-gate ic = (random&MASK)%(k+1);
1427c478bd9Sstevel@tonic-gate random >>= 8;
1437c478bd9Sstevel@tonic-gate temp = t1[k];
1447c478bd9Sstevel@tonic-gate t1[k] = t1[ic];
1457c478bd9Sstevel@tonic-gate t1[ic] = temp;
1467c478bd9Sstevel@tonic-gate if (t3[k] != 0) continue;
1477c478bd9Sstevel@tonic-gate ic = (random&MASK) % k;
1487c478bd9Sstevel@tonic-gate while (t3[ic] != 0) ic = (ic + 1) % k;
1497c478bd9Sstevel@tonic-gate t3[k] = ic;
1507c478bd9Sstevel@tonic-gate t3[ic] = k;
1517c478bd9Sstevel@tonic-gate }
1527c478bd9Sstevel@tonic-gate for (i = 0; i < ROTORSIZE; i++)
1537c478bd9Sstevel@tonic-gate t2[t1[i]&MASK] = i;
1547c478bd9Sstevel@tonic-gate crypt_inited = B_TRUE;
1557c478bd9Sstevel@tonic-gate (void) mutex_unlock(&ns_crypt_lock);
1567c478bd9Sstevel@tonic-gate }
1577c478bd9Sstevel@tonic-gate
1587c478bd9Sstevel@tonic-gate
1597c478bd9Sstevel@tonic-gate static char *
modvalue(char * str,int len,int * mod_len)1607c478bd9Sstevel@tonic-gate modvalue(char *str, int len, int *mod_len)
1617c478bd9Sstevel@tonic-gate {
1627c478bd9Sstevel@tonic-gate int i, n1, n2;
1637c478bd9Sstevel@tonic-gate char *s;
1647c478bd9Sstevel@tonic-gate
1657c478bd9Sstevel@tonic-gate if (!crypt_inited)
1667c478bd9Sstevel@tonic-gate c_setup();
1677c478bd9Sstevel@tonic-gate i = 0;
1687c478bd9Sstevel@tonic-gate n1 = 0;
1697c478bd9Sstevel@tonic-gate n2 = 0;
1707c478bd9Sstevel@tonic-gate if ((s = (char *)malloc(2 * len + 1)) != NULL) {
1717c478bd9Sstevel@tonic-gate while (i < len) {
172*91b658d3SToomas Soome s[i] =
173*91b658d3SToomas Soome t2[(t3[(t1[(str[i]+n1)&MASK]+n2)&MASK]-n2)&MASK]-n1;
174*91b658d3SToomas Soome i++;
175*91b658d3SToomas Soome n1++;
176*91b658d3SToomas Soome if (n1 == ROTORSIZE) {
177*91b658d3SToomas Soome n1 = 0;
178*91b658d3SToomas Soome n2++;
179*91b658d3SToomas Soome if (n2 == ROTORSIZE)
180*91b658d3SToomas Soome n2 = 0;
181*91b658d3SToomas Soome }
1827c478bd9Sstevel@tonic-gate }
1837c478bd9Sstevel@tonic-gate s[i] = '\0';
1847c478bd9Sstevel@tonic-gate if (mod_len != NULL)
185*91b658d3SToomas Soome *mod_len = i;
1867c478bd9Sstevel@tonic-gate }
1877c478bd9Sstevel@tonic-gate return (s);
1887c478bd9Sstevel@tonic-gate }
1897c478bd9Sstevel@tonic-gate
1907c478bd9Sstevel@tonic-gate
1917c478bd9Sstevel@tonic-gate char *
evalue(char * ptr)1927c478bd9Sstevel@tonic-gate evalue(char *ptr)
1937c478bd9Sstevel@tonic-gate {
1947c478bd9Sstevel@tonic-gate char *modv, *str, *ev;
1957c478bd9Sstevel@tonic-gate int modv_len;
1967c478bd9Sstevel@tonic-gate size_t len;
1977c478bd9Sstevel@tonic-gate
1987c478bd9Sstevel@tonic-gate /*
1997c478bd9Sstevel@tonic-gate * if not cleartext, return a copy of what ptr
2007c478bd9Sstevel@tonic-gate * points to as that is what evalue does below.
2017c478bd9Sstevel@tonic-gate */
2027c478bd9Sstevel@tonic-gate if (FALSE == is_cleartext(ptr)) {
2037c478bd9Sstevel@tonic-gate str = strdup(ptr);
2047c478bd9Sstevel@tonic-gate return (str);
2057c478bd9Sstevel@tonic-gate }
2067c478bd9Sstevel@tonic-gate
2077c478bd9Sstevel@tonic-gate modv = modvalue(ptr, strlen(ptr), &modv_len);
2087c478bd9Sstevel@tonic-gate str = hex2ascii(modv, modv_len);
2097c478bd9Sstevel@tonic-gate free(modv);
2107c478bd9Sstevel@tonic-gate modv = NULL;
2117c478bd9Sstevel@tonic-gate len = strlen(str) + strlen(CRYPTMARK) + 1;
2127c478bd9Sstevel@tonic-gate ev = malloc(len);
2137c478bd9Sstevel@tonic-gate if (ev == NULL) {
2147c478bd9Sstevel@tonic-gate free(str);
2157c478bd9Sstevel@tonic-gate return (NULL);
2167c478bd9Sstevel@tonic-gate }
2177c478bd9Sstevel@tonic-gate (void) snprintf(ev, len, CRYPTMARK "%s", str);
2187c478bd9Sstevel@tonic-gate free(str);
2197c478bd9Sstevel@tonic-gate str = NULL;
2207c478bd9Sstevel@tonic-gate return (ev);
2217c478bd9Sstevel@tonic-gate }
2227c478bd9Sstevel@tonic-gate
2237c478bd9Sstevel@tonic-gate
2247c478bd9Sstevel@tonic-gate char *
dvalue(char * ptr)2257c478bd9Sstevel@tonic-gate dvalue(char *ptr)
2267c478bd9Sstevel@tonic-gate {
2277c478bd9Sstevel@tonic-gate char *modv, *str, *sb;
2287c478bd9Sstevel@tonic-gate int len;
2297c478bd9Sstevel@tonic-gate
2307c478bd9Sstevel@tonic-gate /* if cleartext return NULL (error!) */
2317c478bd9Sstevel@tonic-gate if (TRUE == is_cleartext(ptr))
2327c478bd9Sstevel@tonic-gate return (NULL);
2337c478bd9Sstevel@tonic-gate
2347c478bd9Sstevel@tonic-gate sb = strchr(ptr, '}');
2357c478bd9Sstevel@tonic-gate sb++;
2367c478bd9Sstevel@tonic-gate len = strlen(sb);
2377c478bd9Sstevel@tonic-gate str = ascii2hex(sb, &len);
2387c478bd9Sstevel@tonic-gate modv = modvalue(str, len, NULL);
2397c478bd9Sstevel@tonic-gate free(str);
2407c478bd9Sstevel@tonic-gate str = NULL;
2417c478bd9Sstevel@tonic-gate return (modv);
2427c478bd9Sstevel@tonic-gate }
243