![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to f002505 CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Plan 9 NeXT] / lucent / sys / src / 9 / boot|
Return to f002505 CVS log | Up to [Plan 9 NeXT] / lucent / sys / src / 9 / boot |
1.1 ! root 1: #include <u.h> ! 2: #include <libc.h> ! 3: #include <auth.h> ! 4: #include <../boot/boot.h> ! 5: ! 6: static char *pbmsg = "AS protocol botch"; ! 7: static char *ccmsg = "can't connect to AS"; ! 8: ! 9: int ! 10: readn(int fd, char *buf, int len) ! 11: { ! 12: int m, n; ! 13: ! 14: for(n = 0; n < len; n += m){ ! 15: m = read(fd, buf+n, len-n); ! 16: if(m <= 0) ! 17: return -1; ! 18: } ! 19: return n; ! 20: } ! 21: ! 22: static char* ! 23: fromauth(Method *mp, char *trbuf, char *tbuf) ! 24: { ! 25: char t; ! 26: char *msg; ! 27: static char error[ERRLEN]; ! 28: ! 29: if(afd < 0){ ! 30: if(mp->auth == 0) ! 31: fatal("no method for accessing auth server"); ! 32: afd = (*mp->auth)(); ! 33: if(afd < 0) ! 34: return ccmsg; ! 35: } ! 36: if(write(afd, trbuf, TICKREQLEN) < 0 || read(afd, &t, 1) != 1){ ! 37: close(afd); ! 38: afd = -1; ! 39: return pbmsg; ! 40: } ! 41: switch(t){ ! 42: case AuthOK: ! 43: msg = 0; ! 44: if(readn(afd, tbuf, 2*TICKETLEN) < 0) ! 45: msg = pbmsg; ! 46: break; ! 47: case AuthErr: ! 48: if(readn(afd, error, ERRLEN) < 0) ! 49: msg = pbmsg; ! 50: else { ! 51: error[ERRLEN-1] = 0; ! 52: msg = error; ! 53: } ! 54: break; ! 55: default: ! 56: msg = pbmsg; ! 57: break; ! 58: } ! 59: return msg; ! 60: } ! 61: ! 62: void ! 63: doauthenticate(int fd, Method *mp) ! 64: { ! 65: char *msg; ! 66: char trbuf[TICKREQLEN]; ! 67: char tbuf[2*TICKETLEN]; ! 68: ! 69: print("session..."); ! 70: if(fsession(fd, trbuf) < 0) ! 71: fatal("session command failed"); ! 72: ! 73: /* no authentication required? */ ! 74: memset(tbuf, 0, 2*TICKETLEN); ! 75: if(trbuf[0] == 0) ! 76: return; ! 77: ! 78: /* try getting to an auth server */ ! 79: msg = fromauth(mp, trbuf, tbuf); ! 80: if(msg == 0) ! 81: if(fauth(fd, tbuf) >= 0) ! 82: return; ! 83: ! 84: /* didn't work, go for the security hole */ ! 85: fprint(2, "no authentication server (%s), using your key as server key\n", msg); ! 86: } ! 87: ! 88: char* ! 89: checkkey(Method *mp, char *name, char *key) ! 90: { ! 91: char *msg; ! 92: Ticketreq tr; ! 93: Ticket t; ! 94: char trbuf[TICKREQLEN]; ! 95: char tbuf[TICKETLEN]; ! 96: ! 97: memset(&tr, 0, sizeof tr); ! 98: tr.type = AuthTreq; ! 99: strcpy(tr.authid, name); ! 100: strcpy(tr.hostid, name); ! 101: strcpy(tr.uid, name); ! 102: convTR2M(&tr, trbuf); ! 103: msg = fromauth(mp, trbuf, tbuf); ! 104: if(msg == ccmsg){ ! 105: fprint(2, "boot: can't contact auth server, passwd unchecked\n"); ! 106: return 0; ! 107: } ! 108: if(msg) ! 109: return msg; ! 110: convM2T(tbuf, &t, key); ! 111: if(t.num == AuthTc && strcmp(name, t.cuid)==0) ! 112: return 0; ! 113: return "no match"; ! 114: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.