2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 2N/A * Use is subject to license terms. 2N/A/* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ 2N/A/* All Rights Reserved */ 2N/A * Portions of this source code were derived from Berkeley 4.3 BSD 2N/A * under license from the Regents of the University of California. 2N/A * Public and Private (secret) key lookup routines. These functions 2N/A * are used by the secure RPC auth_des flavor to get the public and 2N/A * private keys for secure RPC principals. Originally designed to 2N/A * talk only to YP, AT&T modified them to talk to files, and now 2N/A * they can also talk to NIS+. The policy for these lookups is now 2N/A * defined in terms of the nameservice switch as follows : 2N/A * publickey: nis files 2N/Astatic const char *
PKMAP =
"publickey.byname";
2N/A * default publickey policy: 2N/A * publickey: nis [NOTFOUND = return] files 2N/A/* NSW_NOTSUCCESS NSW_NOTFOUND NSW_UNAVAIL NSW_TRYAGAIN */ 2N/A * db_root is used for switch backends. 2N/A * We copy the input string into the output buffer 2N/A * These functions are the "backends" for the switch for public keys. They 2N/A * get both the public and private keys from each of the supported name 2N/A * services (nis, files). They are passed the appropriate parameters 2N/A * and return 0 if unsuccessful with *errp set, or 1 when they got just the 2N/A * public key and 3 when they got both the public and private keys. 2N/A * Internal implementation of getpublickey() using NIS (aka Yellow Pages, 2N/A * NOTE : *** this function returns nsswitch codes and _not_ the 2N/A * value returned by getpublickey. 2N/A * Instead of calling yp_match(), we use __yp_match_cflookup() here 2N/A * which has time-out control for the binding operation to nis 2N/A * The files version of getpublickey. This function attempts to 2N/A * get the publickey from the file PKFILE . 2N/A * netname <whitespace> publickey:privatekey 2N/A * NOTE : *** this function returns nsswitch codes and _not_ the 2N/A * value returned by getpublickey. 2N/A /* Search through the file linearly :-( */ 2N/A "getpublickey: Bad record in %s for %s",
2N/A "getpublickey: Bad record in %s for %s",
2N/A /* NOTE : Case insensitive compare. */ 2N/A "getpublickey: Bad record in %s for %s",
2N/A "getpublickey: Bad record in %s for %s",
2N/A * getpublickey(netname, key) 2N/A * This is the actual exported interface for this function. 2N/A * Routines to cache publickeys. 2N/A * Generic DH (any size keys) version of extract_secret. 2N/A /* strip off pesky colon if it exists */ 2N/A /* raw buf has chksum appended, so let's verify it too */ 2N/A return (
1);
/* yes, return 1 even if xdecrypt fails */ 2N/A * This generic function will extract the private key 2N/A * from a string using the given password. Note that 2N/A * it uses the DES based function xdecrypt() 2N/A * Fetches the key pair from LDAP. This version handles any size 2N/A * LDAP stores the public and secret key info in entries using 2N/A * nisKeyObject objectclass. Each key is tagged with the 2N/A * keytype, keylength, and algorithm. The tag has the following 2N/A * format: {<keytype><keylength>-<algorithm>}. For example, 2N/A * Convert a netname to a name we will hash on. For classic_des, 2N/A * just copy netname as is. But for new and improved ("now in 2N/A * new longer sizes!") DHEXT, add a ":keylen-algtype" suffix to hash on. 2N/A * Returns the hashname string on success or NULL on failure. 2N/A * Flush netname's publickey of the given key length and algorithm type. 2N/A * Generic DH (any size keys) version of __getpublickey_cached. 2N/A /* long DH keys will not be in nis or files */ 2N/A * Generic (all sizes) DH version of getpublickey. 2N/A * Generic (all sizes) DH version of getsecretkey_g. 2N/A /* long DH keys will not be in nis or files */