292 		char *bufs[PRIVSEP_NBUF_MAX];
308 			bufs[i] = (char *)data;
309 			data += combuf->bufs.buflen[i];
310 			totallen += combuf->bufs.buflen[i];
315 			    "corrupted privsep message (bufs too big)\n");
345 			bufs[0][combuf->bufs.buflen[0] - 1] = '\0';
347 			if (unsafe_path(bufs[0], LC_PATHTYPE_CERT) != 0) {
350 				    "unsafe cert \"%s\"\n", bufs[0]);
354 			    "eay_get_pkcs1privkey(\"%s\")\n", bufs[0]);
356 			if ((privkey = eay_get_pkcs1privkey(bufs[0])) == NULL){
361 			reply->bufs.buflen[0] = privkey->l;
385 			 * First count the bufs, and make sure strings
392 			bufs[0][combuf->bufs.buflen[0] - 1] = '\0';
398 				if (combuf->bufs.buflen[count] == 0)
400 				bufs[count]
401 				    [combuf->bufs.buflen[count] - 1] = '\0';
431 			script = bufs[count++];
433 			if (combuf->bufs.buflen[count] != sizeof(name)) {
438 			memcpy((char *)&name, bufs[count++], sizeof(name));
440 			for (i = 0; combuf->bufs.buflen[count]; count++)
441 				envp[i++] = bufs[count];
474 			bufs[0][combuf->bufs.buflen[0] - 1] = '\0';
476 			if (combuf->bufs.buflen[1] != sizeof(keylen)) {
481 			memcpy(&keylen, bufs[1], sizeof(keylen));
484 			    "getpsk(\"%s\", %d)\n", bufs[0], keylen);
486 			if ((psk = getpsk(bufs[0], keylen)) == NULL) {
491 			reply->bufs.buflen[0] = psk->l;
522 			memcpy(&port, bufs[0], sizeof(port));
523 			raddr = (struct sockaddr *)bufs[1];
525 			bufs[2][combuf->bufs.buflen[2] - 1] = '\0';
526 			memcpy(&inout, bufs[3], sizeof(port));
533 			    port, saddr2str(raddr), bufs[2]); 
537 			    raddr, bufs[2], inout) != 0) {
548 			bufs[0][combuf->bufs.buflen[0] - 1] = '\0';
552 			bufs[1][combuf->bufs.buflen[1] - 1] = '\0';
556 			    bufs[0]);
559 			if (xauth_login_system(bufs[0], bufs[1]) != 0) {
580 			memcpy(&port, bufs[0], sizeof(port));
581 			memcpy(&inout, bufs[1], sizeof(inout));
582 			memcpy(&pool_size, bufs[2], sizeof(pool_size));
621 			memcpy(&port, bufs[0], sizeof(port));
622 			memcpy(&pool_size, bufs[1], sizeof(pool_size));
623 			raddr = (struct sockaddr *)bufs[2];
625 			bufs[3][combuf->bufs.buflen[3] - 1] = '\0';
626 			bufs[4][combuf->bufs.buflen[4] - 1] = '\0';
637 			    port, saddr2str(raddr), bufs[3]); 
641 			    raddr, bufs[3], bufs[4]) != 0) {
659 			memcpy(&port, bufs[0], sizeof(port));
660 			memcpy(&pool_size, bufs[1], sizeof(pool_size));
722 	msg->bufs.buflen[0] = len - sizeof(*msg);
723 	memcpy(msg + 1, path, msg->bufs.buflen[0]);
831 	msg->bufs.buflen[count] = strlen(script) + 1;	/* script */
832 	msg->hdr.ac_len += msg->bufs.buflen[count++];
834 	msg->bufs.buflen[count] = sizeof(name);		/* name */
835 	msg->hdr.ac_len += msg->bufs.buflen[count++];
838 		msg->bufs.buflen[count] = strlen(*c) + 1;
839 		msg->hdr.ac_len += msg->bufs.buflen[count++];
842 	msg->bufs.buflen[count] = 0; 			/* void */
843 	msg->hdr.ac_len += msg->bufs.buflen[count++];
857 	memcpy(data, (char *)script, msg->bufs.buflen[count]);	/* script */
858 	data += msg->bufs.buflen[count++];
860 	memcpy(data, (char *)&name, msg->bufs.buflen[count]);	/* name */
861 	data += msg->bufs.buflen[count++];
864 		memcpy(data, *c, msg->bufs.buflen[count]); 
865 		data += msg->bufs.buflen[count++];
914 	msg->bufs.buflen[0] = strlen(str) + 1;
915 	memcpy(data, str, msg->bufs.buflen[0]);
917 	data += msg->bufs.buflen[0];
918 	msg->bufs.buflen[1] = sizeof(keylen);
968 	msg->bufs.buflen[0] = strlen(usr) + 1;
969 	memcpy(data, usr, msg->bufs.buflen[0]);
970 	data += msg->bufs.buflen[0];
972 	msg->bufs.buflen[1] = strlen(pwd) + 1;
973 	memcpy(data, pwd, msg->bufs.buflen[1]);
1020 	msg->bufs.buflen[0] = sizeof(port);
1021 	msg->bufs.buflen[1] = sysdep_sa_len(raddr);
1022 	msg->bufs.buflen[2] = strlen(usr) + 1;
1023 	msg->bufs.buflen[3] = sizeof(inout);
1026 	memcpy(data, &port, msg->bufs.buflen[0]);
1028 	data += msg->bufs.buflen[0];
1029 	memcpy(data, raddr, msg->bufs.buflen[1]);
1031 	data += msg->bufs.buflen[1];
1032 	memcpy(data, usr, msg->bufs.buflen[2]);
1034 	data += msg->bufs.buflen[2];
1035 	memcpy(data, &inout, msg->bufs.buflen[3]);
1082 	if (msg->bufs.buflen[index] == 0) {
1193 	msg->bufs.buflen[0] = sizeof(port);
1194 	msg->bufs.buflen[1] = sizeof(inout);
1195 	msg->bufs.buflen[2] = sizeof(isakmp_cfg_config.pool_size);
1254 	msg->bufs.buflen[0] = sizeof(port);
1255 	msg->bufs.buflen[1] = sizeof(isakmp_cfg_config.pool_size);
1256 	msg->bufs.buflen[2] = sysdep_sa_len(raddr);
1257 	msg->bufs.buflen[3] = strlen(usr) + 1;
1258 	msg->bufs.buflen[4] = strlen(pwd) + 1;
1261 	memcpy(data, &port, msg->bufs.buflen[0]);
1263 	data += msg->bufs.buflen[0];
1264 	memcpy(data, &isakmp_cfg_config.pool_size, msg->bufs.buflen[1]);
1266 	data += msg->bufs.buflen[1];
1267 	memcpy(data, raddr, msg->bufs.buflen[2]);
1269 	data += msg->bufs.buflen[2];
1270 	memcpy(data, usr, msg->bufs.buflen[3]);
1272 	data += msg->bufs.buflen[3];
1273 	memcpy(data, pwd, msg->bufs.buflen[4]);
1318 	msg->bufs.buflen[0] = sizeof(port);
1319 	msg->bufs.buflen[1] = sizeof(isakmp_cfg_config.pool_size);
1322 	memcpy(data, &port, msg->bufs.buflen[0]);
1324 	data += msg->bufs.buflen[0];
1325 	memcpy(data, &isakmp_cfg_config.pool_size, msg->bufs.buflen[1]);

Indexes created Fri Mar 13 02:32:08 CET 2015