2 * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 * must display the following acknowledgement:
19 * This product includes software developed by the Kungliga Tekniska
20 * Högskolan and its contributors.
22 * 4. Neither the name of the Institute nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
47 #ifdef HAVE_SYS_TYPES_H
48 #include <sys/types.h>
50 #ifdef HAVE_SYS_SOCKET_H
51 #include <sys/socket.h>
53 #if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
54 #include <sys/ioctl.h>
64 static struct at auth_types
[] = {
65 { "KERBEROS_V4", krb4_auth
, krb4_adat
, krb4_pbsz
, krb4_prot
, krb4_ccc
,
66 krb4_mic
, krb4_conf
, krb4_enc
, krb4_read
, krb4_write
, krb4_userok
,
68 { 0, 0, 0, 0, 0, 0, 0, 0, 0 }
75 unsigned char *data_buffer
;
79 char *protection_names
[] = {
81 "confidential", "private"
92 void new_ftp_command(char *command
)
94 ftp_command
= command
;
97 void delete_ftp_command(void)
107 return ct
&& auth_complete
;
110 void auth(char *auth
)
112 for(ct
=auth_types
; ct
->name
; ct
++){
113 if(!strcasecmp(auth
, ct
->name
)){
118 reply(504, "%s is not a known security mechanism", auth
);
121 void adat(char *auth
)
123 if(ct
&& !auth_complete
)
126 reply(503, "You must (re)issue an AUTH first.");
131 int old
= buffer_size
;
135 reply(503, "Incomplete security data exchange.");
136 if(buffer_size
!= old
){
139 data_buffer
= malloc(buffer_size
+ 4);
147 if(buffer_size
== 0){
148 reply(503, "No protection buffer size negotiated.");
152 if(!strcasecmp(pl
, "C"))
155 if(!strcasecmp(pl
, "S"))
158 if(!strcasecmp(pl
, "E"))
159 p
= prot_confidential
;
161 if(!strcasecmp(pl
, "P"))
165 reply(504, "Unrecognized protection level.");
171 reply(536, "%s does not support %s protection.",
172 ct
->name
, protection_names
[p
]);
175 reply(200, "Data protection is %s.",
176 protection_names
[data_protection
]);
179 reply(503, "Incomplete security data exchange.");
187 prot_level
= prot_clear
;
189 reply(503, "Incomplete security data exchange.");
196 prot_level
= prot_safe
;
198 reply(503, "Incomplete security data exchange.");
205 prot_level
= prot_confidential
;
207 reply(503, "Incomplete security data exchange.");
214 prot_level
= prot_private
;
216 reply(503, "Incomplete security data exchange.");
219 int auth_read(int fd
, void *data
, int length
)
221 if(auth_ok() && data_protection
)
222 return ct
->read(fd
, data
, length
);
224 return read(fd
, data
, length
);
227 int auth_write(int fd
, void *data
, int length
)
229 if(auth_ok() && data_protection
)
230 return ct
->write(fd
, data
, length
);
232 return write(fd
, data
, length
);
235 void auth_vprintf(const char *fmt
, va_list ap
)
237 if(auth_ok() && prot_level
){
238 ct
->vprintf(fmt
, ap
);
243 void auth_printf(const char *fmt
, ...)
247 auth_vprintf(fmt
, ap
);