C:\cfs-1.3.3\cfs_nfs.c
`
`811
`
`812
`
`813
`814
`
`815
`
`816
`817
`
`818
`
`819
`
`820
`821
`822
`
`823
`824
`
`825
`
`826
`827
`
`828
`
`829
`830
`
`831
`
`832
`833
`
`834
`835
`836
`
`837
`838
`
`839
`
`840
`
`841
`
`842
`843
`
`844
`845
`
`846
`847
`
`848
`849
`850
`
`851
`852
`853
`
`854
`
`855
`856
`
`857
`
`858
`859
`
`860
`
`861
`862
`863
`
`864
`
`ret.status=cfserrno;
`
`break;
`
`}
`become(NULL);
`
`return (&ret);
`
`}
`
`nfsstat *
`
`nfsproc_rmdir_2(ap,rp)
`diropargs *ap;
`SR rp;
`
`{
`
`static nfsstat ret;
`
`char *s;
`
`cfskey *key;
`int uid;
`
`int ht;
`
`cfs_fi1eid *h;
`
`#ifdef DEBUG
`
`printf("rmdir:\n");
`#endif
`
`if ((ht=htype(h=geth(&ap—>dir)))!=H_REG)
`ret=herr(ht);
`return &ret;
`
`{
`
`}
`uid=ruid(rp);
`
`become(rp);
`
`/* become the user */
`
`/* first encrypt the name */
`
`key=keyof(h);
`
`{
`if (key==NULL)
`ret=cfserrno;
`
`} else if ((s=encryptname(key,ap—>name)) == NULL)
`ret=NFSERR_NOENT;
`/* close enough */
`
`{
`
`} else switch (fhde1etedir(h,s)) {
`case 0:
`
`ret=NFS_OK;
`break;
`case -1:
`
`ret=cfsno(errno);
`break;
`default:
`
`ret=cfserrno;
`
`}
`become(NULL);
`
`return (&ret);
`
`}
`
`#define MAXENTRIES 128
`
`#define MAXENTSIZE (NFS_MAXNAMLEN + sizeof(entry) + 32)
`#define dentsize(s)
`(str1en(s) + sizeof(entry) + 32)
`
`/* #define cfsc1osedir(x)
`
`fhc1osedir(x) */
`
`-16-
`
`Petitioner Oracle-Apple — Exhibit 1009 — Page 111
`
`
`
`811
`
`812
`
`813
`814
`
`815
`
`816
`817
`
`818
`
`819
`
`820
`821
`822
`
`823
`824
`
`825
`
`826
`827
`
`828
`
`829
`830
`
`831
`
`832
`833
`
`834
`835
`836
`
`837
`838
`
`839
`
`840
`
`841
`
`842
`843
`
`844
`845
`
`846
`847
`
`848
`849
`850
`
`851
`852
`853
`
`854
`
`855
`856
`
`857
`
`858
`859
`
`860
`
`861
`862
`863
`
`864
`
`ret.status=cfserrno;
`
`break;
`
`}
`become(NULL);
`
`return (&ret);
`
`}
`
`nfsstat *
`
`nfsproc_rmdir_2(ap,rp)
`diropargs *ap;
`SR rp;
`
`{
`
`static nfsstat ret;
`
`char *s;
`
`cfskey *key;
`int uid;
`
`int ht;
`
`cfs_fi1eid *h;
`
`#ifdef DEBUG
`
`printf("rmdir:\n");
`#endif
`
`if ((ht=htype(h=geth(&ap—>dir)))!=H_REG)
`ret=herr(ht);
`return &ret;
`
`{
`
`}
`uid=ruid(rp);
`
`become(rp);
`
`/* become the user */
`
`/* first encrypt the name */
`
`key=keyof(h);
`
`{
`if (key==NULL)
`ret=cfserrno;
`
`} else if ((s=encryptname(key,ap—>name)) == NULL)
`ret=NFSERR_NOENT;
`/* close enough */
`
`{
`
`} else switch (fhde1etedir(h,s)) {
`case 0:
`
`ret=NFS_OK;
`break;
`case -1:
`
`ret=cfsno(errno);
`break;
`default:
`
`ret=cfserrno;
`
`}
`become(NULL);
`
`return (&ret);
`
`}
`
`#define MAXENTRIES 128
`
`#define MAXENTSIZE (NFS_MAXNAMLEN + sizeof(entry) + 32)
`#define dentsize(s)
`(str1en(s) + sizeof(entry) + 32)
`
`/* #define cfsc1osedir(x)
`
`fhc1osedir(x) */
`
`-16-
`
`Petitioner Oracle-Apple — Exhibit 1009 — Page 111
`
`
`
`C:\cfs-1.3.3\cfs_nfs.c
`
`865
`
`866
`
`867
`868
`869
`
`870
`871
`
`872
`
`873
`
`874
`
`875
`876
`
`877
`878
`
`879
`
`880
`
`881
`882
`
`883
`
`884
`
`885
`886
`
`887
`
`888
`
`889
`
`890
`891
`892
`
`893
`
`894
`895
`
`896
`897
`
`898
`899
`900
`901
`
`902
`903
`
`904
`905
`
`906
`907
`
`908
`909
`
`910
`911
`912
`
`913
`
`914
`
`915
`
`916
`917
`918
`
`readdirres *
`
`nfsproc_readdir_2(ap,rp)
`readdirargs *ap;
`SR rp;
`
`{
`
`static readdirres ret;
`
`int uid;
`
`int ht;
`
`static entry entrytab[MAXENTRIES];
`
`/* just deal w/ it staticaly */
`
`typedef char str[NFS_MAXNAMLEN+1];
`static str names[MAXENTRIES];
`
`static DIR *dp=NULL;
`static struct dirent *dent;
`
`entry **preV;
`
`long loc;
`
`char s1[NFS_MAXNAMLEN+1];
`char *s;
`
`cfskey *key;
`
`static long curcookie=0;
`
`long cookie;
`int eof;
`
`int ne;
`
`int bytes;
`
`DIR *cfsopendir();
`
`cfs_fileid *h;
`static int fid= -10;
`
`#ifdef DEBUG
`
`printf("readdir:\n");
`#endif
`
`{
`if ((ht=htype(h=geth(&ap—>dir)))!=H_REG)
`/* this is an ugly hack to deal w/ readdir of root, */
`
`if (ht==H_ROOT)
`return (rootreaddir(ap));
`ret.status=herr(ht);
`return &ret;
`
`}
`uid=ruid(rp);
`
`become(rp);
`
`/* become the user */
`
`bytes = ap->count
`ne=O;
`
`— MAXENTSIZE;
`
`prev: &ret.readdirres_u.reply.entries;
`*preV=NULL;
`
`bcopy(ap->cookie,&cookie,sizeof(cookie));
`eof=TRUE;
`
`key=keyof(h);
`
`ret.status=NFS_OK;
`
`if (l((h->fileid==fid)&&(cookie==curcookie)))
`
`{
`
`{
`if (dp!=NULL)
`cfsclosedir(dp);
`dp=NULL;
`
`-17-
`
`Petitioner Oracle-Apple — Exhibit 1009 — Page 112
`
`
`
`C:\cfs-1.3.3\cfs_nfs.c
`
`919
`
`920
`921
`
`922
`
`923
`924
`
`925
`
`926
`
`927
`
`928
`
`929
`930
`931
`
`932
`933
`934
`
`935
`936
`
`937
`938
`
`939
`
`940
`
`941
`
`942
`
`943
`
`944
`
`945
`
`946
`947
`
`948
`
`949
`
`950
`951
`
`952
`
`953
`
`954
`955
`
`956
`957
`
`958
`
`959
`
`960
`961
`
`962
`
`963
`964
`
`965
`
`966
`
`967
`968
`
`969
`
`970
`
`971
`972
`
`}
`
`if ((dp=cfsopendir(h,cookie)) == NULL)
`fid = -10;
`
`{
`
`ret.status=cfserrno;
`
`} else {
`fid=h—>fi1eid;
`
`curcookie=cookie;
`
`dent=readdir(dp);
`
`}
`
`}
`
`{
`if (dp!=NULL) while (dent!=NULL)
`s=decryptname(key,dent—>d_name);
`cookie++;
`
`/* just skip bogus names */
`{
`if (s==NULL)
`dent=readdir(dp);
`continue;
`
`}
`eof=FALSE;
`
`if (((bytes -= dentsize(s)) < 0)
`break;
`
`||
`
`(ne >= MAXENTRIES))
`
`eof=TRUE;
`
`strcpy(names[ne],s);
`
`entrytab[ne].name=names[ne];
`
`if (strcmp(s,".")==O)
`
`/* me */
`
`entrytab[ne].fileid=fhid(h);
`
`else if (strcmp(s,"..")==O)
`
`/* parent */
`
`entrytab[ne].fileid=fhpid(h);
`
`else entrytab[ne].fileid=dent->d_fileno;
`bcopy(&cookie,entrytab[ne].cookie,sizeof(long));
`
`*prev = &entrytab[ne];
`
`prev = &entrytab[ne].nextentry;
`
`entrytab[ne].nextentry=NULL;
`ne++;
`
`curcookie++;
`
`dent=readdir(dp);
`
`}
`ret.readdirres_u.rep1y.eof=eof;
`
`if (dent==NULL)
`fid: -10;
`
`{
`
`cfsc1osedir(dp);
`
`dp=NULL;
`
`}
`become(NULL);
`
`return (&ret);
`
`}
`
`DIR *curdir;
`
`int curdirid=O;
`
`long curcookie;
`
`DIR *
`
`cfsopendir(dir,cookie)
`
`cfs_fi1eid *dir;
`long cookie;
`
`-18-
`
`Petitioner Oracle-Apple — Exhibit 1009 — Page 113
`
`
`
`C:\cfs-1.3.3\cfs_nfs.c
`
`973
`974
`
`975
`976
`
`977
`
`978
`
`979
`
`980
`
`981
`982
`
`983
`984
`
`985
`986
`
`987
`
`988
`
`989
`990
`
`991
`992
`
`993
`
`994
`
`995
`996
`
`997
`998
`999
`
`1000
`
`1001
`1002
`
`1003
`1004
`1005
`
`1006
`1007
`
`1008
`1009
`
`1010
`1011
`
`1012
`1013
`
`1014
`
`1015
`1016
`
`1017
`1018
`
`1019
`
`1020
`
`1021
`
`1022
`
`1023
`
`1024
`1025
`
`DIR *ret;
`
`DIR *fhopendir();
`
`if ((ret=fhopendir(dir))==NULL)
`
`return NULL;
`
`/* fhopendir sets cfserrno */
`
`/* this is an ugly hack to deal with braindead systems (afs)
`
`that can't
`
`do seekdir properly.
`
`fortunately, we almost always already have
`
`the dir open so we don't have to do this bogosity */
`while (cookie—— > 0)
`
`readdir(ret);
`return ret;
`
`{
`
`}
`
`cfsclosedir(dp)
`
`DIR *dp;
`
`{
`
`}
`
`fhclosedir(dp);
`
`statfsres *
`
`nfsproc_statfs_2(ap,rp)
`
`nfs_fh *ap;
`SR rp;
`
`{
`
`static statfsres ret;
`
`#ifdef DEBUG
`
`printf("statfs: %s\n",pfh(ap));
`#endif
`
`setstatfsokres(&ret.statfsres_u.reply);
`ret.status=NFS_OK;
`return (&ret);
`
`}
`
`rootgetattr(f)
`struct fattr *f;
`
`{
`
`f->type=NFDIR;
`
`f->mode=NFSMODE_DIR|0777;
`f->nlink=4;
`
`f—>uid=0;
`
`f->gid=O;
`f—>size=8192;
`
`f—>blocksize=8192;
`f—>rdeV= -1;
`
`f—>blocks=1;
`
`f—>fsid=0;
`
`f—>fileid=1;
`
`bcopy(&roottime,&f->atime,sizeof(nfstime));
`
`bcopy(&roottime,&f->mtime,sizeof(nfstime));
`
`bcopy(&roottime,&f->ctime,sizeof(nfstime));
`
`1026
`
`}
`
`-19-
`
`Petitioner Oracle-Apple — Exhibit 1009 — Page 114
`
`
`
`C:\cfs-1.3.3\cfs_nfs.c
`
`1027
`
`1028
`
`1029
`
`1030
`1031
`
`1032
`
`1033
`
`1034
`
`1035
`
`1036
`1037
`
`1038
`
`1039
`1040
`
`1041
`1042
`
`1043
`1044
`
`1045
`1046
`1047
`
`1048
`
`1049
`1050
`1051
`
`1052
`1053
`
`1054
`1055
`
`1056
`
`1057
`
`1058
`
`1059
`
`1060
`
`1061
`1062
`
`1063
`
`1064
`1065
`
`1066
`
`1067
`1068
`
`1069
`1070
`
`1071
`
`1072
`
`1073
`
`1074
`1075
`
`1076
`1077
`
`1078
`
`1079
`1080
`
`setstatfsokres(s)
`
`statfsokres *s;
`
`{
`
`}
`
`s—>tsize=8192;
`
`s—>bsize=8192;
`
`s—>blocks=0;
`
`s—>bfree=0;
`
`s—>bavail=0;
`
`int fhstat(fh.fa)
`
`cfs_fileid *fh;
`fattr *fa;
`
`{
`
`struct stat sb;
`
`int r;
`
`{
`if (fh==NULL)
`cfserrno=NFSERR_STALE;
`return -2;
`
`}
`
`if (fh== &rootnode)
`rootgetattr(fa);
`return 0;
`
`{
`
`}
`
`if ((r=fhgetstat(fh.&sb))
`return r;
`
`!= 0)
`
`fa->type = getftype(sb.st_mode);
`
`fa->mode = fhmode(fh,sb.st_mode);
`
`fa—>nlink = sb.st_nlink;
`
`fa—>uid = fhowner(fh,sb.st_uid);
`
`fa->gid = sb.st_gid;
`
`fa->size = sb.st_size;
`#ifdef irix
`
`fa->blocksize = 512;
`
`/* already tweeked */
`
`fa—>blocks = (sb.st_size + 511)/512;
`#else
`
`fa—>blocksize = sb.st_blksize;
`
`fa->blocks = sb.st_blocks;
`#endif
`
`fa->rdev = sb.st_rdev;
`fa->fsid = iid(fh);
`/* we return the instance id */
`
`fa->fileid = fhid(fh);
`
`/* inode or 0—i for iroots */
`
`bcopy(&sb.st_atime,&fa->atime,sizeof(time_t));
`
`bcopy(&sb.st_mtime,&fa->mtime,sizeof(time_t));
`
`bcopy(&sb.st_ctime,&fa->ctime,sizeof(time_t));
`return 0;
`
`}
`
`/* return uid associated w/ rpc call — unix style only for now */
`
`/* note that this really doesnt belong here */
`int
`
`-20-
`
`Petitioner Oracle-Apple — Exhibit 1009 — Page 115
`
`
`
`C:\cfs-1.3.3\cfs_nfs.c
`
`1081
`1082
`
`1083
`1084
`1085
`
`1086
`1087
`
`1088
`
`1089
`
`1090
`1091
`
`1092
`
`1093
`1094
`
`1095
`1096
`1097
`
`1098
`1099
`
`1100
`
`1101
`
`1102
`1103
`
`1104
`
`1105
`1106
`
`1107
`1108
`
`1109
`1110
`
`1111
`1112
`
`1113
`
`1114
`1115
`
`1116
`
`1117
`1118
`
`1119
`1120
`
`1121
`1122
`1123
`
`1124
`1125
`1126
`
`1127
`1128
`
`1129
`
`1130
`1131
`
`1132
`1133
`1134
`
`ruid(rp)
`SR rp;
`
`{
`
`}
`
`struct authunix_parms *cred;
`
`if (rp—>rq_cred.oa_flaVor != AUTH_UNIX)
`return -1;
`
`cred=(struct authunix_parms *)
`
`rp—>rq_clntcred;
`
`return cred—>aup_uid;
`
`int
`
`rgid(rp)
`SR rp;
`
`{
`
`}
`
`struct authunix_parms *cred;
`
`if (rp—>rq_cred.oa_flaVor != AUTH_UNIX)
`return -1;
`
`cred=(struct authunix_parms *)
`
`rp—>rq_clntcred;
`
`return cred—>aup_gid;
`
`/* this is ugly, since it duplicates much of the code
`
`above in lookup, but it does the job */
`diropres *
`
`rootlookup(s)
`char *s;
`
`{
`
`static diropres ret;
`
`nfs_fh *handle;
`
`handle = &ret.diropres_u.diropres.file;
`
`switch (fhrootlook(s,handle))
`case 0:
`/* found it */
`
`{
`
`/* now do a getattr — handle is an instance root, which
`
`is treated normally */
`switch (fhstat(geth(handle),
`
`&ret.diropres_u.diropres.attributes)) {
`
`case 0:
`
`ret.status=NFS_OK;
`/* stat is already in attributes field */
`break;
`
`/* couldn't open file for some reason */
`case -1:
`ret.status=cfsno(errno);
`break;
`
`/* shouldn't happen */
`default:
`ret.status=cfserrno;
`
`break;
`
`}
`break;
`
`/* some parent dir went away, probably */
`case -1:
`ret.status=cfsno(errno);
`break;
`
`-21-
`
`Petitioner Oracle-Apple — Exhibit 1009 — Page 116
`
`
`
`C:\cfs-1.3.3\cfs_nfs.c
`
`1135
`1136
`
`1137
`
`1138
`1139
`
`1140
`1141
`
`1142
`1143
`1144
`
`1145
`
`1146
`1147
`
`1148
`1149
`
`1150
`
`1151
`1152
`
`1153
`
`1154
`1155
`
`1156
`
`1157
`
`1158
`1159
`
`1160
`1161
`
`1162
`1163
`
`1164
`1165
`
`1166
`1167
`1168
`
`1169
`
`1170
`1171
`
`1172
`1173
`
`1174
`1175
`
`1176
`1177
`
`1178
`1179
`
`1180
`1181
`
`1182
`
`1183
`1184
`
`1185
`
`1186
`
`1187
`1188
`
`/* bad parent handle or notfound, probably */
`default:
`ret.status=cfserrno;
`
`break;
`
`}
`return (&ret);
`
`}
`
`/* ugly ugly ugly — duplicates fair bit of code from readdir, but at least
`it works */
`readdirres *
`
`rootreaddir(ap)
`
`readdirargs *ap;
`
`{
`
`static readdirres ret;
`
`static entry entrytab[MAXENTRIES];
`
`/* just deal w/ it staticaly */
`
`typedef char str[NFS_MAXNAMLEN+1];
`static str names[MAXENTRIES];
`
`entry **prev;
`
`long cookie;
`int eof;
`
`int ne;
`
`int bytes;
`
`cfs_fileid *h;
`struct dirent *dent;
`
`struct dirent *rootrd();
`
`bytes = ap->count
`ne=O;
`
`— MAXENTSIZE;
`
`prev: &ret.readdirres_u.reply.entries;
`*prev=NULL;
`
`bcopy(ap->cookie,&cookie,sizeof(long));
`eof=1;
`
`ret.status=NFS_OK;
`
`while ((dent=rootrd(cookie))!=NULL)
`eof=0;
`
`{
`
`if (((bytes -= dentsize(dent—>d_name))<0)||(ne >= MAXENTRIES)){
`break;
`
`}
`eof=1;
`
`strcpy(names[ne],dent—>d_name);
`entrytab[ne].name=names[ne];
`
`if (strcmp(dent->d_name,".")==0)
`entrytab[ne].fileid=1;
`
`/* me */
`
`else if (strcmp(dent->d_name,"..")==0)
`entrytab[ne].fileid=1;
`
`/* parent, also me */
`
`else entrytab[ne].fileid=dent->d_fileno;
`
`cookie=dent—>d_rec1en;
`*prev = &entrytab[ne];
`
`/* may not work everywhere */
`
`bcopy(&cookie,entrytab[ne].cookie,sizeof(long));
`
`prev = &entrytab[ne].nextentry;
`
`entrytab[ne].nextentry=NULL;
`ne++;
`
`-22-
`
`Petitioner Oracle-Apple — Exhibit 1009 — Page 117
`
`
`
`C:\cfs-1.3.3\cfs_nfs.c
`
`1189
`1190
`1191
`
`1192
`1193
`
`1194
`1195
`
`1196
`1197
`
`1198
`1199
`
`1200
`1201
`
`1202
`1203
`
`1204
`1205
`
`1206
`1207
`1208
`1209
`
`1210
`1211
`1212
`
`1213
`1214
`
`1215
`
`1216
`1217
`
`}
`ret.readdirres_u.rep1y.eof=eof;
`return (&ret);
`
`}
`
`extern struct in_addr validhost;
`
`goodsrc(rp)
`SR rp;
`
`{
`
`struct in_addr ia;
`
`struct in_addr *ip;
`
`if (svc_getca11er(rp—>rq_xprt)—>sin_addr.s_addr != va1idhost.s_addr)
`fprintf(stderr,"bad addr! %x !- %x\n",
`
`{
`
`svc_getca11er(rp—>rq_xprt)—>sin_addr.s_addr,va1idhost.s_addr);
`return 0;
`
`}
`if (rp—>rq_cred.oa_f1aVor != AUTH_UNIX)
`return 0;
`/* bolster defense against portmap bug */
`#ifndef ANYPORT
`
`{
`> 1023)
`if (ntohs(sVc_getca11er(rp—>rq_xprt)—>sin_port)
`fprintf(stderr,"bad port! %d\n", ntohs(svc_getca11er(rp->rq_xprt)->sin_port));
`return 0;
`
`}
`#endif
`
`return 1;
`
`}
`
`-23-
`
`Petitioner Oracle-Apple — Exhibit 1009 — Page 118
`
`
`
`cfsd. 8
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 119
`
`
`
`C:\cfs-1.3.3\cfsd.8
`
`l
`
`2
`
`3
`4
`
`5
`6
`
`7
`
`8
`
`.TH CFSD 8 ""
`
`.SH NAME
`
`cfsd — cryptographic file system daemon
`.SH SYNOPSIS
`
`.B cfsd
`.SH DESCRIPTION
`
`\fBcfsd\fP is the user—level daemon for the Cryptographic File System
`
`(CFS).
`
`It is essentially an RPC server for the NFS protocol augmented
`
`It listens on the CFS port (ordinarily
`9 with the CFS_ADMIN protocol.
`10
`port 3049) on the \fBlocalhost\fP interface.
`11
`.LP
`
`12
`
`13
`
`14
`15
`
`16
`17
`
`18
`
`19
`
`20
`
`21
`22
`23
`
`24
`
`25
`
`26
`27
`
`28
`
`29
`30
`
`31
`
`32
`
`33
`34
`
`35
`
`36
`37
`
`38
`39
`
`40
`
`41
`
`42
`43
`44
`
`The main function of \fBcfsd\fP is to manage the keys for currently
`
`attached encrypted directories, presenting them in clear form under
`
`the CFS mount point (typically "/crypt").
`.LP
`
`time from /etc/rc
`\fBcfsd\fP should ordinarily be invoked at boot
`(or /etc/rc.local).
`The rc file should also start
`
`\fBmountd\fP(8) daemon with least one file system exported to
`
`localhost; note that cfsd itself does not handle the mount protocol.
`
`Once a mountd is running,
`
`the mount(8)
`
`command should be invoked to
`
`mount the exported file system from the localhost interface with
`port=3049.
`.SH EXAMPLES
`
`.TP
`
`/usr/local/etc/cfsd
`
`invokes cfs (in /etc/rc)
`.TP
`
`/etc/mount —o port=3049,intr localhost:/ /crypt
`
`mounts cfs on /crypt
`.SH FILES
`
`(in /etc/rc)
`
`.TP
`
`/crypt
`
`cfs mount point
`.TP
`
`/etc/exports
`
`exported file systems
`.SH SEE ALSO
`
`cattach(1), cdetach(1), mountd(8), mount(8)
`.SH BUGS
`
`\fBcfsd\fP is single threaded, which means it doesn't handle lots of
`
`simultanious operations very well.
`
`In particular, it is not possible
`
`to recursively attach encrypted directories, since that would lead to
`a deadlock.
`.SH AUTHOR
`
`45 Matt Blaze; for information on cfs, email to
`46
`cfs@research.att.com.
`47
`
`48
`
`'1'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 120
`
`
`
`cmkdir. 1
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 121
`
`
`
`C:\cfs-1.3.3\cmkdir.1
`
`1
`
`2
`
`3
`4
`
`5
`
`6
`
`7
`8
`
`9
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`16
`
`17
`
`18
`
`.TH CMKDIR l ""
`
`.SH NAME
`
`cmkdir — create encrypted directory for CFS
`.SH SYNOPSIS
`
`.B cmkdir
`
`[
`
`\-\fB123bdmosp\fP ]
`
`\fIdirectory\fP
`.SH DESCRIPTION
`
`\fBcmkdir\fP creates \fIdirectory\fP and assigns to it cryptographic
`keys for use by the Cryptographic File System (CFS). Operation is
`
`similar to the ordinary \fBmkdir\fP(1) command, with the addition that
`
`the user is prompted for a passphrase which is used to generate the
`
`DES keys used by cfsd(8)
`
`to transparently encrypt the files.
`
`The
`
`smartcard version of \fBcmkdir\fP initializes a key smartcard and
`
`requires that a blank smartcard be inserted into the smartcard reader.
`.LP
`
`Once created, encrypted directories can be made available for use with
`
`the \fBcattach\fP(1) command. Users should not ordinarily read and
`
`19 write directly to directories created with \fBcmkdir\fP, since these
`
`20
`21
`
`22
`
`23
`
`24
`
`25
`26
`
`27
`
`28
`29
`
`30
`
`31
`
`32
`33
`
`34
`35
`
`36
`37
`
`38
`
`39
`
`40
`
`41
`
`42
`43
`
`44
`
`45
`46
`
`47
`48
`
`49
`
`50
`
`51
`
`52
`
`53
`54
`
`files would not be stored in encrypted form.
`.LP
`
`By default,
`
`\fBcmkdir\fP creates directories for two-key hybrid mode
`
`triple DES.
`
`The \-\fB1\fP option specifies two-key hybrid mode single
`
`DES; this is faster, albiet at the expense of security. Three-key
`
`triple DES is specified with \—\fB3\fP; directories created for
`three—key triple DES cannot be read by versions of CFS earlier than
`
`1.3.2. Other ciphers may also be available, depending on the local
`
`configuration.
`.LP
`
`Use the —o option to create directories that can be read by versions
`
`of CFS before 1.3; directories created under this option can be read
`
`by
`.B cname
`
`and
`.B Ccat
`
`as well.
`.LP
`
`The —p
`
`("puny") option creates directories that use much less memory
`
`when attached under cfsd. This is useful on machines with very little
`
`(less than, say,
`
`8MBs with a window system and browser also running)
`
`memory. Files in directories created under —p may reveal slightly
`
`more about their structure than regular CFS files.
`.LP
`
`The —— option will read the key from standard input, and will not
`
`attempt to read from /dev/tty or change the terminal modes. This is
`useful for creating directories from other programs or scripts, and
`
`should not ordinarily be used.
`.LP
`
`Two new experimental block ciphers are included in the default
`
`distribution.
`
`The \-\fBm\fP option specifies Blaze and Schneier's
`
`"MacGuffin" cipher.
`
`It has 32 rounds, a 64 bit codebook size and a
`
`128 bit nominal keyspace. Use this cipher at your own risk; it may be
`
`much weaker than its keyspace suggests.
`.LP
`
`'1'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 122
`
`
`
`C:\cfs-1.3.3\cmkdir.1
`
`55
`
`56
`
`57
`
`58
`59
`
`60
`
`61
`
`62
`63
`
`64
`
`65
`66
`
`67
`68
`
`69
`
`70
`
`71
`72
`73
`
`74
`75
`7 6
`
`Another new cipher, James Massey's SAFER—SKl28,
`
`is also available in
`
`this release. Specify SAFER-SKl28 with the \—\fBs\fP option. Again,
`
`this cipher hasn't been around nearly as long as DES, so use it at
`
`your own risk.
`.SH FILES
`
`.TP
`
`SAFER is a little faster than triple DES.
`
`\fIdirectory\fP/...
`
`known—plaintext hash of the assigned keys.
`.TP
`
`\fIdirectory\fP/..c
`
`identifies the cipher algorithm.
`.SH SEE ALSO
`
`cfsd(8), cattach(l)
`.SH BUGS
`
`The MacGuffin, Blowfish and SAFER ciphers aren't nearly as
`
`well—studied as DES.
`
`They are included primarly as an example of how
`
`to add ciphers to CFS.
`with DES.
`.LP
`
`Some of the options (-2,
`versions.
`. SH AUTHOR
`
`The author's personal files remain protected
`
`-3) have different meanings from previous
`
`77 Matt Blaze; for information on cfs, email to cfs@research.att.com.
`7 8
`
`'2'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 123
`
`
`
`cmkdir.c
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 124
`
`
`
`C:\cfs-1.3.3\cmkdir.c
`
`/*
`* The author of this software is Matt Blaze.
`
`*
`
`Copyright
`
`(c) 1992, 1993, 1994, 1995 by AT&T.
`
`* Permission to use, Copy, and modify this software without fee
`
`* is hereby granted, provided that this entire notice is included in
`
`* all copies of any software which is or includes a copy or
`
`* modification of this software and in all copies of the supporting
`* documentation for such software.
`*
`
`* This software is subject to United States export controls.
`*
`
`* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
`
`IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
`* WARRANTY.
`* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
`
`* OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
`
`*/
`
`/*
`* client cfs mkdir - 1.3.2
`
`*/
`#include <stdio.h>
`
`#include <rpc/rpc.h>
`
`#include <sys/time.h>
`
`#include "nfsproto.h"
`
`#include "admproto.h"
`#include "cfs.h"
`
`#include "shs.h"
`
`1
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`8
`9
`
`10
`11
`
`12
`
`13
`14
`
`15
`
`16
`17
`
`18
`19
`
`20
`21
`
`22
`
`23
`
`24
`
`25
`26
`
`27
`28
`
`29 main(argc,argV)
`
`30
`
`31
`
`32
`33
`
`34
`
`35
`36
`
`37
`38
`
`39
`40
`
`41
`
`42
`43
`
`44
`45
`
`46
`47
`
`48
`
`49
`
`50
`
`51
`
`52
`53
`
`54
`
`int argc;
`
`char **argv;
`
`{
`
`char *pw;
`
`char pword[256];
`
`char *getpassword();
`int n;
`
`cfs_admkey k;
`cfskey kt;
`
`char path[1024];
`char str[8];
`
`FILE *fp;
`
`char *flg;
`struct timeval tv;
`
`u_long r;
`int i;
`
`int Ciph=CFS_THREE_DES;
`int cfmt=1;
`
`int smsize=LARGESMSIZE;
`
`unsigned char ekey[128];
`
`unsigned char ek1[128];
`
`unsigned int 1;
`
`int keycheck=1;
`
`while (--argc && (**++argv == '—'))
`
`{
`
`'1'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 125
`
`
`
`C:\cfs-1.3.3\cmkdir.c
`
`for (f1g= ++*argv; *f1g; ++f1g)
`
`switch (*f1g)
`case
`'1':
`
`{
`
`case 'd':
`
`Ciph=CFS_STD_DES;
`break;
`case '2':
`
`Ciph=CFS_THREE_DES;
`break;
`case '3':
`
`ciph=CFS_TRUE_THREE_DES;
`break;
`
`case 'b':
`
`Ciph=CFS_BLOWFISH;
`break;
`
`case 'm':
`
`ciph=CFS_MACGUFFIN;
`fprintf(stderr,
`
`#ifdef NOTDEF
`
`#endif
`
`"Warning: MacGuffin is a weak cipher\n");
`
`break;
`case 's':
`
`Ciph=CFS_SAFER_SKl28;
`fprintf(stderr,
`
`"Warning: SAFER is a new cipher.\n");
`
`break;
`case '0':
`
`cfmt=O;
`
`break;
`
`case 'p':
`/* puny memory option */
`smsize=SMALLSMSIZE;
`
`break;
`case '—':
`
`keycheck=O;
`break;
`default:
`
`fprintf(stderr,"usage: cmkdir
`eXit(1);
`
`[—123bdmosp—] dir\n");
`
`} i
`
`} i
`
`f (argc!=l)
`
`{
`fprintf(stderr,"Usage: cmkdir
`eXit(1);
`
`[—123bdmosp—] dir\n");
`
`f (keycheck)
`
`{
`
`{
`if ((pw=getpassword("Key:"))==NULL)
`fprintf(stderr,"Can't get key\n");
`eXit(1);
`
`} s
`
`trcpy(pword,pw);
`
`{
`if (str1en(pw)<l6)
`fprintf(stderr,"Key must be at least 16 chars.\n");
`exit(1);
`
`_g
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 126
`
`55
`
`56
`
`57
`
`58
`
`59
`
`60
`
`61
`
`62
`
`63
`
`64
`
`65
`
`66
`
`67
`
`68
`
`69
`
`70
`71
`
`72
`
`73
`74
`
`75
`
`76
`77
`
`78
`
`79
`
`80
`
`81
`
`82
`
`83
`
`84
`
`85
`
`86
`
`87
`
`88
`
`89
`
`90
`
`91
`
`92
`
`93
`
`94
`
`95
`
`96
`
`97
`
`98
`
`99
`
`100
`
`101
`
`102
`
`103
`
`104
`
`105
`
`106
`
`107
`
`108
`
`
`
`C:\cfs-1.3.3\cmkdir.c
`
`109
`
`110
`111
`112
`
`113
`
`114
`115
`
`116
`117
`
`118
`
`119
`
`120
`
`121
`122
`123
`
`124
`125
`
`126
`
`127
`
`128
`
`129
`
`130
`131
`
`132
`
`133
`
`134
`
`135
`136
`137
`
`138
`
`139
`140
`
`141
`142
`143
`
`144
`145
`
`146
`
`147
`148
`
`149
`150
`151
`
`152
`153
`
`154
`
`155
`156
`157
`
`158
`159
`
`160
`161
`162
`
`}
`
`if ((pw=getpassword("Again:"))==NULL)
`fprintf(stderr,"Can't get key\n");
`exit(1);
`
`{
`
`}
`
`if (strcmp(pword,pw !=O)
`fprintf(stderr,
`
`{
`
`"Keys don't match; drink some coffee and try again\n");
`exit(1);
`
`}
`
`}
`
`else {
`
`/* just accept key from stdio */
`
`if (fgets(pword,256,stdin) == NULL)
`perror("cmkdir");
`exit(1);
`
`{
`
`}
`pw=pword;
`
`pw[255]='\0';
`
`n=strlen(pw);
`
`if ((n>O) && (pw[n—1] == '\n'))
`
`pw[n—1]
`
`=
`
`'\O';
`
`}
`if (smsize != LARGESMSIZE)
`
`sprintf(pw,"%s%d",pword,smsize);
`
`k.cipher=ciph;
`
`if (cfmt==O)
`
`{
`
`{
`if (old_pwcrunch(pw,&k)!=O)
`fprintf(stderr,"InValid key\n");
`exit(1);
`
`}
`
`} else {
`/* this is very ugly and will be replaced but it works */
`
`{
`if (new_pwcrunch(pw,&k)!=O)
`fprintf(stderr,"InValid key\n");
`exit(1);
`
`}
`/* now we xor in some truerand bytes for good measure */
`
`bcopy(&k,ekey,32);
`
`/* assumes key material < 32 bytes */
`
`{
`i++)
`i<32;
`for (i=0;
`ekey[i]
`“= randbyte();
`
`}
`encrypt_key(&k,ekey);
`bcopy(ekey,ek1,32);
`
`decrypt_key(&k,ek1);
`/* new &k is our real key */
`
`}
`
`if (mkdir(argV[O],O777)<O)
`perror("cmkdir");
`exit(1);
`
`{
`
`}
`sprintf(path,"%s/...",argv[O]);
`
`strcpy(str."qua!");
`/* now randomize the end of str.. */
`r = trand32();
`
`'3'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 127
`
`
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 128
`
`{
`
`{
`
`{
`
`for (i=0;
`
`i<4;
`
`i++)
`
`str[i+4]=(r<<(i*8))&O377;
`
`copykey(&k,&kt);
`
`cipher(&kt,str,O);
`
`mask_cipher(&kt,str,l);
`cipher(&kt,str,O);
`
`if ((fp=fopen(path,"w")) == NULL)
`perror("cmkdir");
`exit(1);
`
`} f
`
`write(str,8,1,fp);
`
`fc1ose(fp);
`
`sprintf(pat ,"%s/..c",argv[O]);
`
`if ((fp=fopen(path,"w")) == NULL)
`perror("cmkdir");
`exit(1);
`
`} f
`
`printf(fp,"%d",k.cipher);
`
`fc1ose(fp);
`
`sprintf(pat ,"%s/..s",argv[O]);
`
`if ((fp=fopen(path,"w")) == NULL)
`perror("cmkdir");
`exit(1);
`
`} f
`
`printf(fp,"%d\n",smsize);
`fc1ose(fp);
`
`{
`if (cfmt)
`sprintf(path,"%s/..k",argv[O]);
`
`if ((fp=fopen(path,"w")) == NULL)
`perror("cmkdir");
`exit(1);
`
`{
`
`} f
`
`write(ekey,32,l,fp);
`
`fc1ose(fp);
`
`} e
`
`xit(O);
`
`C:\cfs-1.3.3\cmkdir.c
`
`163
`
`164
`
`165
`
`166
`
`167
`
`168
`
`169
`
`170
`171
`
`172
`
`173
`174
`
`175
`
`176
`177
`
`178
`
`179
`
`180
`
`181
`
`182
`
`183
`
`184
`
`185
`
`186
`
`187
`
`188
`
`189
`
`190
`
`191
`
`192
`
`193
`
`194
`
`195
`
`196
`
`197
`
`198
`
`199
`
`200
`
`
`
`cname. 8
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 129
`
`
`
`C:\cfs-1.3.3\cname.8
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`8
`
`9
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`16
`17
`
`.TH CNAME 8 ""
`
`.SH NAME
`
`cname
`
`.SH SYNOPSIS
`
`.B cname
`
`[
`
`\-\fB3bms\fP ]
`
`[ \‘\fBv\fP ]
`.SH DESCRIPTION
`
`from standard input, a
`\fBcname\fP prompts for a passphrase and reads,
`list of CFS encrypted file names (e.g., "51051f97e31613b7").
`It
`
`produces, on standard output, a corresponding list of cleartext names.
`
`By default, names are decrypted using standard 2—key hybrid mode
`
`single-DES.
`
`The \-\fB3\fP option specifies 2—key hybrid mode triple
`
`DES.
`
`\-\fBm\fP specifies 1-key hybrid MacGuffin.
`
`\-\fBs\fP specifies
`
`SAFER—SK128.
`the output.
`.LP
`
`The \—\fBv\fP option includes the ciphertext names in
`
`18 All names must be specified one per input line, as individual path
`
`19
`
`20
`
`21
`22
`
`23
`
`24
`
`25
`26
`
`27
`28
`
`29
`30
`
`31
`
`32
`
`33
`34
`
`components (full path names are not accepted).
`
`If a name cannot be
`
`decrypted to printable characters, "???" is printed in its place.
`
`This is the only way to detect an incorrect passphrase.
`.LP
`
`\fBcname\fP is intended to assist in making sense of CFS directories
`
`when no CFS daemon is available.
`
`It is also useful
`
`in locating files
`
`from backups.
`.SH SEE ALSO
`
`ccat(8)
`.SH BUGS
`
`Does not work with new format
`.LP
`
`(1.3 and later) directories.
`
`The program is easily confused by slightly wrong input.
`
`It would be
`
`better if it could transparently translate the output from other
`
`programs such as ls(1),
`.SH AUTHOR
`
`tar(1) and dump(8).
`
`35 Matt Blaze; for information on cfs, email to cfs@research.att.com.
`36
`
`37
`
`'1'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 130
`
`
`
`cname . C
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 131
`
`
`
`C:\cfs-1.3.3\cname.c
`
`1
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`8
`9
`
`10
`11
`
`12
`
`l3
`14
`
`15
`
`16
`17
`
`18
`19
`
`20
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`27
`28
`
`29
`30
`
`31
`32
`33
`
`34
`35
`
`/*
`* The author of this software is Matt Blaze.
`
`*
`
`Copyright
`
`(c) 1992, 1994 by AT&T.
`
`* Permission to use, Copy, and modify this software without fee
`
`* is hereby granted, provided that this entire notice is included in
`
`* all copies of any software which is or includes a copy or
`
`* modification of this software and in all copies of the supporting
`* documentation for such software.
`*
`
`* This software is subject to United States export controls.
`*
`
`* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
`
`IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
`* WARRANTY.
`* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
`
`* OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
`
`*/
`
`/*
`* cfs cname — 1.3
`
`*/
`#include <stdio.h>
`
`#include <rpc/rpc.h>
`
`#include <sys/time.h>
`
`#include <ctype.h>
`
`#include "nfsproto.h"
`
`#include "admproto.h"
`#include "cfs.h"
`
`/* following are never used — just so i can re—use the library */
`int Validhost;
`
`char zerovect[]={0.0.0.0.0.0.0.0.0};
`int cursecs=O;
`
`char *gets();
`
`36 main(argc,argV)
`
`37
`38
`
`39
`40
`
`41
`
`42
`
`43
`44
`
`45
`46
`
`47
`
`48
`
`49
`50
`51
`
`52
`
`53
`54
`
`int argc;
`char **argv;
`
`{
`
`char *pw;
`
`char pword[256];
`
`char *getpassword();
`
`cfs_admkey k;
`cfskey kt;
`
`char *flg;
`char estr[1024];
`
`char *cstr;
`
`int i;
`
`int Ciph=CFS_THREE_DES;
`int Verb=O;
`
`fprintf(stderr,"WARNING: cname works only on old format CFS dirs\n");
`
`while (——argc && (**++argV == '-')) {
`for (flg= ++*argv; *flg; ++flg)
`
`'1'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 132
`
`
`
`C:\cfs-1.3.3\cname.c
`
`55
`56
`
`57
`
`58
`59
`
`60
`61
`62
`
`63
`64
`
`65
`66
`
`67
`68
`
`69
`70
`
`71
`72
`73
`
`74
`75
`76
`
`77
`78
`
`79
`
`so
`
`81
`82
`83
`
`84
`
`85
`86
`87
`
`88
`89
`
`90
`
`91
`92
`93
`
`94
`95
`96
`
`97
`
`98
`99
`100
`
`101
`102
`
`103
`104
`
`105
`
`106
`107
`
`108
`
`switch (*f1g)
`case ‘V’:
`
`{
`
`Verb++;
`
`break;
`case '1':
`
`#ifdef NOTDEF
`
`#endif
`
`ciph=CFS_STD_DES;
`break;
`case '3':
`
`Ciph=CFS_THREE_DES;
`break;
`
`case 'b':
`
`Ciph=CFS_BLOWFI SH;
`break;
`
`case 'm':
`
`Ciph=CFS_MACGUFFIN;
`break;
`case 's':
`
`Ciph=CFS_SAFER_SKl2 8 ;
`break;
`default:
`
`fprintf(stderr,"usage: cname [-3bmsv]\n");
`exit(l);
`
`}
`
`}
`
`{
`if (argc!=O)
`fprintf(stderr,"Usage: cname [—13bmsv]\n");
`exit(l);
`
`}
`
`{
`if ((pw=getpassword("Key:"))==NULL)
`fprintf(stderr,"Can't get key\n");
`exit(l);
`
`}
`strcpy(pword,pw);
`
`k.cipher=ciph;
`
`{
`if (o1d_pwcrunch(pw,&k)!=O)
`fprintf(stderr,"InVa1id key\n");
`exit(l);
`
`}
`copykey(&k.&kt);
`kt.smsize=LARGESMSIZE;
`
`if (((kt.primask=(char*) ma1loc(kt.smsize)) == NULL)
`
`((kt.secmask=(char*) ma11oc(kt.smsize)) == NULL))
`||
`fprintf(stderr,"No memory\n");
`exit(2);
`
`{
`
`}
`genmasks(&kt);
`
`while (fgets(estr, sizeof(estr), stdin)
`if (estr[str1en(estr)-1] == '\n')
`
`!= NULL)
`
`{
`
`estr[str1en(estr)—1]
`
`=
`
`'\0';
`
`cstr=decryptname(&kt,estr);
`if (verb)
`
`printf("%s —> ",estr);
`
`'2'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 133
`
`
`
`C:\cfs-1.3.3\cname.c
`
`if ((cstr!=NULL) && printab1e(cstr))
`
`puts(cstr);
`
`else
`
`puts("???");
`
`}
`
`}
`
`int printab1e(s)
`char *s;
`
`{
`
`}
`
`while (*S)
`
`if (!isprint(*s++))
`return 0;
`
`return 1;
`
`109
`
`110
`111
`
`112
`
`113
`114
`
`115
`116
`
`117
`118
`
`119
`120
`
`121
`122
`
`123
`
`124
`125
`
`126
`127
`
`'3'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 134
`
`
`
`cpasswd. 1
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 135
`
`
`
`C:\cfs-1.3.3\cpasswd.1
`
`1
`
`2
`
`3
`4
`
`5
`
`6
`7
`
`8
`
`9
`10
`
`11
`
`12
`13
`
`14
`
`15
`16
`
`17
`
`18
`
`19
`20
`
`21
`22
`23
`
`24
`
`25
`26
`
`27
`28
`
`29
`
`30
`31
`
`.TH CPASSWD l ""
`
`.SH NAME
`
`cpasswd — change passphrase on cfs directory
`.SH SYNOPSIS
`
`.B cpasswd
`
`\fIdirectory\fP
`.SH DESCRIPTION
`
`\fBcpasswd\fP changes the passphrase associated with a
`
`\fBcpasswd\fP prompts for
`Cryptographic File System (CFS) directory.
`the old passphrase, and, if it is correct, a new passphrase, which
`
`must be entered twice. Passphrases must contain at least a minimum
`
`number of characters (currently 16).
`.LP
`
`Only new format
`
`(CFS 1.3 or later) directories can have their
`
`passphrases changed.
`.SH FILES
`
`.TP
`
`\fIdirectory\fP/...
`
`known—plaintext hash of the assigned keys.
`.TP
`
`\fIdirectory\fP/..c
`identifies the cipher algorithm.
`.TP
`
`\fIdirectory\fP/..k
`
`encrypted key file
`.SH SEE ALSO
`
`cfsd(8), cattach(1), cmkdir(1)
`.SH BUGS
`
`One passphrase per encrypted directory;
`
`there is no provision (yet)
`
`for individual users‘ passphrases.
`.SH AUTHOR
`
`32 Matt Blaze; for information on cfs, email to cfs@research.att.com.
`33
`
`'1'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 136
`
`
`
`cpasswd.c
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 137
`
`
`
`C:\cfs-1.3.3\cpasswd.c
`
`/*
`* The author of this software is Matt Blaze.
`
`*
`
`Copyright
`
`(c) 1995 by AT&T.
`
`* Permission to use, Copy, and modify this software without fee
`
`* is hereby granted, provided that this entire notice is included in
`
`* all copies of any software which is or includes a copy or
`
`* modification of this software and in all copies of the supporting
`* documentation for such software.
`*
`
`* This software is subject to United States export controls.
`*
`
`* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
`
`IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
`* WARRANTY.
`* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
`
`* OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
`
`*/
`
`/*
`
`* client cfs cpasswd — 1.3
`*/
`#include <stdio.h>
`
`#include <rpc/rpc.h>
`
`#include <sys/time.h>
`
`#include "nfsproto.h"
`
`#include "admproto.h"
`#include "cfs.h"
`
`#include "shs.h"
`
`1
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`8
`9
`
`10
`11
`
`12
`
`l3
`14
`
`15
`
`16
`17
`
`18
`
`19
`20
`21
`
`22
`
`23
`
`24
`
`25
`26
`
`27
`28
`
`29 main(argc,argV)
`
`30
`
`31
`
`32
`33
`
`34
`35
`
`36
`
`37
`
`38
`39
`
`40
`
`41
`
`42
`43
`
`44
`
`45
`
`46
`
`47
`
`48
`
`49
`
`50
`51
`
`52
`53
`
`54
`
`int argc;
`
`char **argv;
`
`{
`
`char *pw;
`
`char pword[256];
`char buf[1024];
`
`char *getpassword();
`
`cfs_admkey oldkey;
`
`cfs_admkey newkey;
`cfskey kt;
`
`char path[1024];
`
`char kpath[1024];
`
`char opath[1024];
`char cname[1024];
`
`char kname[1024];
`
`char sname[1024];
`
`char dir[1024];
`
`int smsize;
`
`FILE *fp;
`
`char *flg;
`
`int ciph=CFS_STD_DES;
`int cfmt=1;
`
`unsigned char ekey[128];
`
`while (--argc && (**++argv == '—'))
`
`{
`
`'1'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 138
`
`
`
`C:\cfs-1.3.3\cpasswd.c
`
`55
`
`56
`57
`
`58
`59
`
`60
`
`61
`
`62
`63
`64
`
`65
`
`66
`
`67
`68
`69
`
`70
`71
`
`72
`73
`
`74
`75
`76
`
`77
`78
`
`79
`
`80
`
`81
`
`82
`83
`84
`
`85
`86
`
`87
`
`88
`
`89
`90
`
`91
`92
`
`93
`94
`
`95
`96
`
`97
`98
`99
`
`100
`
`101
`102
`
`103
`104
`
`105
`
`106
`107
`108
`
`for (f1g= ++*argv; *f1g; ++f1g)
`
`switch (*f1g)
`default:
`
`{
`
`fprintf(stderr,"usage: cpasswd dir\n");
`exit(1);
`
`}
`
`}
`
`{
`if (argc!=l)
`fprintf(stderr,"Usage: cpasswd dir\n");
`exit(1);
`
`}
`
`if (*argV[O]!='/')
`
`{
`
`{
`if (getcwd(buf,lO24) == NULL)
`fprintf(stderr,"Can't stat current directory\n");
`exit(1);
`
`}
`sprintf(dir,"%s/%s",buf,argv[O]);
`
`} else
`strcpy(dir,argv[O]);
`
`if (chdir(dir)<O)
`perror(dir);
`exit(1);
`
`{
`
`}
`
`sprintf(cname,"%s/..c",dir);
`
`sprintf(kname,"%s/..k",dir);
`
`sprintf(sname,"%s/..s",dir);
`
`{
`if ((fp=fopen(cname,"r")) == NULL)
`fprintf(stderr,"Can only change passphrase on new format CFS directories\n");
`exit(1);
`
`} else {
`fscanf(fp,"%d",&ciph);
`
`fc1ose(fp);
`
`}
`
`if (((fp=fopen(kname,"r")) == NULL)
`perror(dir);
`
`||
`
`(fread(ekey,1,32,fp)<16))
`
`{
`
`fprintf(stderr,"Can only change passphrase on new format CFS directories\n");
`exit(1);
`
`}
`fc1ose(fp);
`
`if ((fp=fopen(sname,"r")) == NULL)
`smsize=LARGESMSIZE;
`
`{
`
`} else {
`if (fscanf(fp,"%d",&smsize)
`SmSiZe=LARGESMSIZE;
`
`!= 1)
`
`fc1ose(fp);
`
`if ((smsize < CFSBLOCK)
`SmSiZe=LARGESMSIZE;
`
`}
`
`o1dkey.cipher=ciph;
`
`||
`
`(smsize >
`
`(LARGESMSIZE*2)))
`
`if ((pw=getpassword("Old passphrase:"))==NULL)
`fprintf(stderr,"Can't get key\n");
`exit(1);
`
`{
`
`'2'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 139
`
`
`
`C:\cfs-1.3.3\cpasswd.c
`
`109
`110
`
`111
`
`112
`113
`114
`
`115
`116
`
`117
`118
`119
`
`120
`121
`
`122
`
`123
`124
`125
`
`126
`127
`
`128
`129
`130
`
`131
`
`132
`133
`134
`
`135
`
`136
`137
`
`138
`139
`
`140
`141
`
`142
`
`143
`144
`145
`
`146
`147
`148
`
`149
`
`150
`151
`152
`
`153
`
`154
`155
`156
`
`157
`158
`
`159
`
`160
`
`161
`162
`
`}
`if (smsize != LARGESMSIZE)
`
`sprintf(pw,"%s%d",pw.smsize);
`
`{
`if (new_pwcrunch(pw,&oldkey)!=O)
`fprintf(stderr,"InValid key\n");
`exit(1);
`
`}
`decrypt_key(&oldkey,ekey);
`
`{
`if (!checkkey(dir,&oldkey))
`fprintf(stderr,"Incorrect passphrase\n");
`exit(1);
`
`}
`
`newkey.cipher=ciph;
`
`if ((pw=getpassword("New passphrase:"))==NULL)
`fprintf(stderr,"Can't get key\n");
`exit(1);
`
`{
`
`}
`strcpy(pword,pw);
`
`{
`if (strlen(pw)<16)
`fprintf(stderr,"Key must be at least 16 chars.\n");
`exit(1);
`
`}
`
`if ((pw=getpassword("Again:"))==NULL)
`fprintf(stderr,"Can't get key\n");
`exit(1);
`
`{
`
`}
`
`if (strcmp(pword,pw)!=O)
`fprintf(stderr,
`
`{
`
`"Keys don't match; drink some coffee and try again\n");
`exit(1);
`
`}
`if (smsize != LARGESMSIZE)
`
`sprintf(pw,"%s%d",pw.smsize);
`
`{
`if (new_pwcrunch(pw,&newkey !=O)
`fprintf(stderr,"InValid key\n");
`exit(1);
`
`}
`encrypt_key(&newkey,ekey);
`sprintf(path,"%s/..n",dir);
`
`sprintf(opat ,"%s/..o",dir);
`
`if ((fp=fopen(path,"w")) == NULL)
`perror("cmkdir");
`exit(1);
`
`{
`
`}
`
`{
`!= 32)
`if (fwrite(ekey.1.32.fp)
`perror("can't create new key file");
`exit(1);
`
`}
`fclose(fp);
`
`sprintf(kpath,"%s/..k",dir);
`
`/* do this in 3 phases, ultra paranoid */
`
`{
`< O)
`if (rename(kpath,opath)
`perror("can't rename old key file");
`
`'3'
`
`Petitioner Oracle-Apple - Exhibit 1009 - Page 140
`
`
`
`C:\cfs-1.3.3\cpasswd.c
`
`163
`
`164
`
`165
`166
`167
`
`168
`169
`
`170
`171
`
`172
`173
`174
`
`175
`176
`
`177
`
`178
`179
`180
`
`181
`
`182
`183
`
`184
`
`185
`
`186
`187
`
`188
`189
`190
`
`191
`192
`
`193
`
`194
`195
`196
`197
`
`198
`
`1
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
