![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to auth.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Plan 9 NeXT] / lucent / sys / src / 9 / port|
Return to auth.c CVS log | Up to [Plan 9 NeXT] / lucent / sys / src / 9 / port |
1.1 ! root 1: #include "u.h" ! 2: #include "../port/lib.h" ! 3: #include "mem.h" ! 4: #include "dat.h" ! 5: #include "fns.h" ! 6: #include "io.h" ! 7: #include "../port/error.h" ! 8: ! 9: typedef struct Crypt Crypt; ! 10: struct Crypt ! 11: { ! 12: Crypt *next; ! 13: Ticket t; ! 14: Authenticator a; ! 15: char tbuf[TICKETLEN]; /* remote ticket */ ! 16: }; ! 17: ! 18: typedef struct Session Session; ! 19: struct Session ! 20: { ! 21: Lock; ! 22: QLock send; ! 23: Crypt *cache; /* cache of tickets */ ! 24: char cchal[CHALLEN]; /* client challenge */ ! 25: char schal[CHALLEN]; /* server challenge */ ! 26: char authid[NAMELEN]; /* server encryption uid */ ! 27: char authdom[DOMLEN]; /* server encryption domain */ ! 28: ulong cid; /* challenge id */ ! 29: int valid; ! 30: }; ! 31: ! 32: struct ! 33: { ! 34: Lock; ! 35: Crypt *free; ! 36: } cryptalloc; ! 37: ! 38: char eve[NAMELEN] = "bootes"; ! 39: char evekey[DESKEYLEN]; ! 40: char hostdomain[DOMLEN]; ! 41: ! 42: /* ! 43: * return true if current user is eve ! 44: */ ! 45: int ! 46: iseve(void) ! 47: { ! 48: return strcmp(eve, u->p->user) == 0; ! 49: } ! 50: ! 51: /* ! 52: * crypt entries are allocated from a pool rather than allocated using malloc so ! 53: * the memory can be protected from reading by devproc. The base and top of the ! 54: * crypt arena is stored in palloc for devproc. ! 55: */ ! 56: Crypt* ! 57: newcrypt(void) ! 58: { ! 59: Crypt *c; ! 60: ! 61: lock(&cryptalloc); ! 62: if(cryptalloc.free) { ! 63: c = cryptalloc.free; ! 64: cryptalloc.free = c->next; ! 65: unlock(&cryptalloc); ! 66: memset(c, 0, sizeof(Crypt)); ! 67: return c; ! 68: } ! 69: ! 70: cryptalloc.free = xalloc(sizeof(Crypt)*conf.nproc); ! 71: if(cryptalloc.free == 0) ! 72: panic("newcrypt"); ! 73: ! 74: for(c = cryptalloc.free; c < cryptalloc.free+conf.nproc-1; c++) ! 75: c->next = c+1; ! 76: ! 77: palloc.cmembase = (ulong)cryptalloc.free; ! 78: palloc.cmemtop = palloc.cmembase+(sizeof(Crypt)*conf.nproc); ! 79: unlock(&cryptalloc); ! 80: return newcrypt(); ! 81: } ! 82: ! 83: void ! 84: freecrypt(Crypt *c) ! 85: { ! 86: lock(&cryptalloc); ! 87: c->next = cryptalloc.free; ! 88: cryptalloc.free = c; ! 89: unlock(&cryptalloc); ! 90: } ! 91: ! 92: /* ! 93: * return the info received in the session message on this channel. ! 94: * if no session message has been exchanged, do it. ! 95: */ ! 96: long ! 97: sysfsession(ulong *arg) ! 98: { ! 99: int i, n; ! 100: Chan *c; ! 101: Crypt *cp; ! 102: Session *s; ! 103: Ticketreq tr; ! 104: Fcall f; ! 105: char buf[MAXMSG]; ! 106: ! 107: validaddr(arg[1], TICKREQLEN, 1); ! 108: c = fdtochan(arg[0], OWRITE, 0, 1); ! 109: if(waserror()){ ! 110: close(c); ! 111: nexterror(); ! 112: } ! 113: ! 114: /* add a session structure to the channel if it has none */ ! 115: lock(c); ! 116: s = c->session; ! 117: if(s == 0){ ! 118: s = malloc(sizeof(Session)); ! 119: if(s == 0){ ! 120: unlock(c); ! 121: error(Enomem); ! 122: } ! 123: c->session = s; ! 124: } ! 125: unlock(c); ! 126: ! 127: qlock(&s->send); ! 128: if(s->valid == 0){ ! 129: /* ! 130: * Exchange a session message with the server. ! 131: */ ! 132: for(i = 0; i < CHALLEN; i++) ! 133: s->cchal[i] = nrand(256); ! 134: ! 135: f.tag = NOTAG; ! 136: f.type = Tsession; ! 137: memmove(f.chal, s->cchal, CHALLEN); ! 138: n = convS2M(&f, buf); ! 139: ! 140: /* ! 141: * If an error occurs reading or writing, ! 142: * this probably is a mount of a mount so turn off ! 143: * authentication. ! 144: */ ! 145: if(waserror()) ! 146: goto noauth; ! 147: ! 148: if((*devtab[c->type].write)(c, buf, n, 0) != n) ! 149: error(Esession); ! 150: n = (*devtab[c->type].read)(c, buf, sizeof buf, 0); ! 151: /* OK is sometimes sent as a Datakit sign-on */ ! 152: if(n == 2 && buf[0] == 'O' && buf[1] == 'K') ! 153: n = (*devtab[c->type].read)(c, buf, sizeof buf, 0); ! 154: ! 155: poperror(); ! 156: ! 157: if(convM2S(buf, &f, n) == 0){ ! 158: qunlock(&s->send); ! 159: error(Esession); ! 160: } ! 161: switch(f.type){ ! 162: case Rsession: ! 163: memmove(s->schal, f.chal, CHALLEN); ! 164: memmove(s->authid, f.authid, NAMELEN); ! 165: memmove(s->authdom, f.authdom, DOMLEN); ! 166: break; ! 167: case Rerror: ! 168: qunlock(&s->send); ! 169: error(f.ename); ! 170: default: ! 171: qunlock(&s->send); ! 172: error(Esession); ! 173: } ! 174: noauth: ! 175: s->valid = 1; ! 176: } ! 177: qunlock(&s->send); ! 178: ! 179: /* ! 180: * If server requires no ticket, or user is "none", or a ticket ! 181: * is already cached, zero the request type ! 182: */ ! 183: tr.type = AuthTreq; ! 184: if(strcmp(u->p->user, "none") == 0 || s->authid[0] == 0) ! 185: tr.type = 0; ! 186: else{ ! 187: lock(s); ! 188: for(cp = s->cache; cp; cp = cp->next) ! 189: if(strcmp(cp->t.cuid, u->p->user) == 0){ ! 190: tr.type = 0; ! 191: break; ! 192: } ! 193: unlock(s); ! 194: } ! 195: ! 196: /* create ticket request */ ! 197: memmove(tr.chal, s->schal, CHALLEN); ! 198: memmove(tr.authid, s->authid, NAMELEN); ! 199: memmove(tr.authdom, s->authdom, DOMLEN); ! 200: memmove(tr.uid, u->p->user, NAMELEN); ! 201: memmove(tr.hostid, eve, NAMELEN); ! 202: convTR2M(&tr, (char*)arg[1]); ! 203: ! 204: close(c); ! 205: poperror(); ! 206: return 0; ! 207: } ! 208: ! 209: /* ! 210: * attach tickets to a session ! 211: */ ! 212: long ! 213: sysfauth(ulong *arg) ! 214: { ! 215: Chan *c; ! 216: char *ta; ! 217: Session *s; ! 218: Crypt *cp, *ncp, **l; ! 219: char tbuf[2*TICKETLEN]; ! 220: ! 221: validaddr(arg[1], 2*TICKETLEN, 0); ! 222: c = fdtochan(arg[0], OWRITE, 0, 1); ! 223: s = c->session; ! 224: if(s == 0) ! 225: error("fauth must follow fsession"); ! 226: cp = newcrypt(); ! 227: if(waserror()){ ! 228: freecrypt(cp); ! 229: nexterror(); ! 230: } ! 231: ! 232: /* ticket supplied, use it */ ! 233: ta = (char*)arg[1]; ! 234: memmove(tbuf, ta, 2*TICKETLEN); ! 235: convM2T(tbuf, &cp->t, evekey); ! 236: if(cp->t.num != AuthTc) ! 237: error("bad AuthTc in ticket"); ! 238: if(strncmp(u->p->user, cp->t.cuid, NAMELEN) != 0) ! 239: error("bad uid in ticket"); ! 240: if(memcmp(cp->t.chal, s->schal, CHALLEN) != 0) ! 241: error("bad chal in ticket"); ! 242: memmove(cp->tbuf, tbuf+TICKETLEN, TICKETLEN); ! 243: ! 244: /* string onto local list, replace old version */ ! 245: lock(s); ! 246: l = &s->cache; ! 247: for(ncp = s->cache; ncp; ncp = *l){ ! 248: if(strcmp(ncp->t.cuid, u->p->user) == 0){ ! 249: *l = ncp->next; ! 250: freecrypt(ncp); ! 251: break; ! 252: } ! 253: l = &ncp->next; ! 254: } ! 255: cp->next = s->cache; ! 256: s->cache = cp; ! 257: unlock(s); ! 258: poperror(); ! 259: return 0; ! 260: } ! 261: ! 262: /* ! 263: * free a session created by fsession ! 264: */ ! 265: void ! 266: freesession(Session *s) ! 267: { ! 268: Crypt *cp, *next; ! 269: ! 270: for(cp = s->cache; cp; cp = next) { ! 271: next = cp->next; ! 272: freecrypt(cp); ! 273: } ! 274: free(s); ! 275: } ! 276: ! 277: /* ! 278: * called by mattach() to fill in the Tattach message ! 279: */ ! 280: ulong ! 281: authrequest(Session *s, Fcall *f) ! 282: { ! 283: Crypt *cp; ! 284: ulong id, dofree; ! 285: ! 286: /* no authentication if user is "none" or if no ticket required by remote */ ! 287: if(s == 0 || s->authid[0] == 0 || strcmp(u->p->user, "none") == 0){ ! 288: memset(f->ticket, 0, TICKETLEN); ! 289: memset(f->auth, 0, AUTHENTLEN); ! 290: return 0; ! 291: } ! 292: ! 293: /* look for ticket in cache */ ! 294: dofree = 0; ! 295: lock(s); ! 296: for(cp = s->cache; cp; cp = cp->next) ! 297: if(strcmp(cp->t.cuid, u->p->user) == 0) ! 298: break; ! 299: ! 300: id = s->cid++; ! 301: unlock(s); ! 302: ! 303: if(cp == 0){ ! 304: /* ! 305: * create a ticket using hostkey, this solves the ! 306: * chicken and egg problem ! 307: */ ! 308: cp = newcrypt(); ! 309: cp->t.num = AuthTs; ! 310: memmove(cp->t.chal, s->schal, CHALLEN); ! 311: memmove(cp->t.cuid, u->p->user, NAMELEN); ! 312: memmove(cp->t.suid, u->p->user, NAMELEN); ! 313: memmove(cp->t.key, evekey, DESKEYLEN); ! 314: convT2M(&cp->t, f->ticket, evekey); ! 315: dofree = 1; ! 316: } else ! 317: memmove(f->ticket, cp->tbuf, TICKETLEN); ! 318: ! 319: /* create an authenticator */ ! 320: memmove(cp->a.chal, s->schal, CHALLEN); ! 321: cp->a.num = AuthAc; ! 322: cp->a.id = id; ! 323: convA2M(&cp->a, f->auth, cp->t.key); ! 324: if(dofree) ! 325: freecrypt(cp); ! 326: return id; ! 327: } ! 328: ! 329: /* ! 330: * called by mattach() to check the Rattach message ! 331: */ ! 332: void ! 333: authreply(Session *s, ulong id, Fcall *f) ! 334: { ! 335: Crypt *cp; ! 336: ! 337: if(s == 0) ! 338: return; ! 339: ! 340: lock(s); ! 341: for(cp = s->cache; cp; cp = cp->next) ! 342: if(strcmp(cp->t.cuid, u->p->user) == 0) ! 343: break; ! 344: unlock(s); ! 345: ! 346: /* we're getting around authentication */ ! 347: if(s == 0 || cp == 0 || s->authid[0] == 0 || strcmp(u->p->user, "none") == 0) ! 348: return; ! 349: ! 350: convM2A(f->rauth, &cp->a, cp->t.key); ! 351: if(cp->a.num != AuthAs){ ! 352: print("bad encryption type\n"); ! 353: error("server lies"); ! 354: } ! 355: if(memcmp(cp->a.chal, s->cchal, sizeof(cp->a.chal))){ ! 356: print("bad returned challenge\n"); ! 357: error("server lies"); ! 358: } ! 359: if(cp->a.id != id){ ! 360: print("bad returned id\n"); ! 361: error("server lies"); ! 362: } ! 363: } ! 364: ! 365: /* ! 366: * called by devcons() for #c/authenticate ! 367: * ! 368: * The protocol is ! 369: * 1) read ticket request from #c/authenticate ! 370: * 2) write ticket+authenticator to #c/authenticate. if it matches ! 371: * the challenge the user is changed to the suid field of the ticket ! 372: * 3) read authenticator (to confirm this is the server advertised) ! 373: */ ! 374: long ! 375: authread(Chan *c, char *a, int n) ! 376: { ! 377: Crypt *cp; ! 378: int i; ! 379: Ticketreq tr; ! 380: ! 381: if(c->aux == 0){ ! 382: /* ! 383: * first read returns a ticket request ! 384: */ ! 385: if(n != TICKREQLEN) ! 386: error(Ebadarg); ! 387: c->aux = newcrypt(); ! 388: cp = c->aux; ! 389: ! 390: memset(&tr, 0, sizeof(tr)); ! 391: tr.type = AuthTreq; ! 392: strcpy(tr.hostid, eve); ! 393: strcpy(tr.authid, eve); ! 394: strcpy(tr.authdom, hostdomain); ! 395: strcpy(tr.uid, u->p->user); ! 396: for(i = 0; i < CHALLEN; i++) ! 397: tr.chal[i] = nrand(256); ! 398: memmove(cp->a.chal, tr.chal, CHALLEN); ! 399: convTR2M(&tr, a); ! 400: } else { ! 401: /* ! 402: * subsequent read returns an authenticator ! 403: */ ! 404: if(n != AUTHENTLEN) ! 405: error(Ebadarg); ! 406: cp = c->aux; ! 407: ! 408: cp->a.num = AuthAs; ! 409: memmove(cp->a.chal, cp->t.chal, CHALLEN); ! 410: cp->a.id = 0; ! 411: convA2M(&cp->a, cp->tbuf, cp->t.key); ! 412: memmove(a, cp->tbuf, AUTHENTLEN); ! 413: ! 414: freecrypt(cp); ! 415: c->aux = 0; ! 416: } ! 417: return n; ! 418: } ! 419: ! 420: long ! 421: authwrite(Chan *c, char *a, int n) ! 422: { ! 423: Crypt *cp; ! 424: ! 425: if(n != TICKETLEN+AUTHENTLEN) ! 426: error(Ebadarg); ! 427: if(c->aux == 0) ! 428: error(Ebadarg); ! 429: cp = c->aux; ! 430: ! 431: memmove(cp->tbuf, a, TICKETLEN); ! 432: convM2T(cp->tbuf, &cp->t, evekey); ! 433: if(cp->t.num != AuthTs || memcmp(cp->a.chal, cp->t.chal, CHALLEN)) ! 434: error(Eperm); ! 435: ! 436: memmove(cp->tbuf, a+TICKETLEN, AUTHENTLEN); ! 437: convM2A(cp->tbuf, &cp->a, cp->t.key); ! 438: if(cp->a.num != AuthAc || memcmp(cp->a.chal, cp->t.chal, CHALLEN)) ! 439: error(Eperm); ! 440: ! 441: memmove(u->p->user, cp->t.suid, NAMELEN); ! 442: return n; ! 443: } ! 444: ! 445: /* ! 446: * called by devcons() for #c/authcheck ! 447: * ! 448: * a write of a ticket+authenticator [+challenge+id] succeeds if they match ! 449: */ ! 450: long ! 451: authcheck(Chan *c, char *a, int n) ! 452: { ! 453: Crypt *cp; ! 454: char *chal; ! 455: ulong id; ! 456: ! 457: if(n != TICKETLEN+AUTHENTLEN && n != TICKETLEN+AUTHENTLEN+CHALLEN+4) ! 458: error(Ebadarg); ! 459: if(c->aux == 0) ! 460: c->aux = newcrypt(); ! 461: cp = c->aux; ! 462: ! 463: memmove(cp->tbuf, a, TICKETLEN); ! 464: convM2T(cp->tbuf, &cp->t, evekey); ! 465: if(cp->t.num != AuthTc) ! 466: error(Ebadarg); ! 467: if(strcmp(u->p->user, cp->t.cuid)) ! 468: error(cp->t.cuid); ! 469: ! 470: memmove(cp->tbuf, a+TICKETLEN, AUTHENTLEN); ! 471: convM2A(cp->tbuf, &cp->a, cp->t.key); ! 472: if(n == TICKETLEN+AUTHENTLEN+CHALLEN+4){ ! 473: uchar *p = (uchar *)&a[TICKETLEN+AUTHENTLEN+CHALLEN]; ! 474: id = p[0] | (p[1]<<8) | (p[2]<<16) | (p[3]<<24); ! 475: chal = &a[TICKETLEN+AUTHENTLEN]; ! 476: }else{ ! 477: id = 0; ! 478: chal = cp->t.chal; ! 479: } ! 480: if(cp->a.num != AuthAs || memcmp(chal, cp->a.chal, CHALLEN) || cp->a.id != id) ! 481: error(Eperm); ! 482: ! 483: return n; ! 484: } ! 485: ! 486: /* ! 487: * called by devcons() for #c/authenticator ! 488: * ! 489: * a read after a write of a ticket (or ticket+id) returns an authenticator ! 490: * for that ticket. ! 491: */ ! 492: long ! 493: authentwrite(Chan *c, char *a, int n) ! 494: { ! 495: Crypt *cp; ! 496: ! 497: if(n != TICKETLEN && n != TICKETLEN+4) ! 498: error(Ebadarg); ! 499: if(c->aux == 0) ! 500: c->aux = newcrypt(); ! 501: cp = c->aux; ! 502: ! 503: memmove(cp->tbuf, a, TICKETLEN); ! 504: convM2T(cp->tbuf, &cp->t, evekey); ! 505: if(cp->t.num != AuthTc || strcmp(cp->t.cuid, u->p->user)){ ! 506: freecrypt(cp); ! 507: c->aux = 0; ! 508: error(Ebadarg); ! 509: } ! 510: if(n == TICKETLEN+4){ ! 511: uchar *p = (uchar *)&a[TICKETLEN]; ! 512: cp->a.id = p[0] | (p[1]<<8) | (p[2]<<16) | (p[3]<<24); ! 513: }else ! 514: cp->a.id = 0; ! 515: ! 516: return n; ! 517: } ! 518: long ! 519: authentread(Chan *c, char *a, int n) ! 520: { ! 521: Crypt *cp; ! 522: ! 523: cp = c->aux; ! 524: if(cp == 0) ! 525: error("authenticator read must follow a write"); ! 526: ! 527: cp->a.num = AuthAc; ! 528: memmove(cp->a.chal, cp->t.chal, CHALLEN); ! 529: convA2M(&cp->a, cp->tbuf, cp->t.key); ! 530: memmove(a, cp->tbuf, AUTHENTLEN); ! 531: ! 532: return n; ! 533: } ! 534: ! 535: void ! 536: authclose(Chan *c) ! 537: { ! 538: if(c->aux) ! 539: freecrypt(c->aux); ! 540: c->aux = 0; ! 541: } ! 542: ! 543: /* ! 544: * called by devcons() for key device ! 545: */ ! 546: long ! 547: keyread(char *a, int n, long offset) ! 548: { ! 549: if(n<DESKEYLEN || offset != 0) ! 550: error(Ebadarg); ! 551: if(!cpuserver || !iseve()) ! 552: error(Eperm); ! 553: memmove(a, evekey, DESKEYLEN); ! 554: return DESKEYLEN; ! 555: } ! 556: ! 557: long ! 558: keywrite(char *a, int n) ! 559: { ! 560: if(n != DESKEYLEN) ! 561: error(Ebadarg); ! 562: if(!iseve()) ! 563: error(Eperm); ! 564: memmove(evekey, a, DESKEYLEN); ! 565: return DESKEYLEN; ! 566: } ! 567: ! 568: /* ! 569: * called by devcons() for user device ! 570: * ! 571: * anyone can become none ! 572: */ ! 573: long ! 574: userwrite(char *a, int n) ! 575: { ! 576: if(n >= NAMELEN) ! 577: error(Ebadarg); ! 578: if(strcmp(a, "none") != 0) ! 579: error(Eperm); ! 580: memset(u->p->user, 0, NAMELEN); ! 581: strcpy(u->p->user, "none"); ! 582: return n; ! 583: } ! 584: ! 585: /* ! 586: * called by devcons() for host owner/domain ! 587: * ! 588: * writing hostowner also sets user ! 589: */ ! 590: long ! 591: hostownerwrite(char *a, int n) ! 592: { ! 593: char buf[NAMELEN]; ! 594: ! 595: if(!iseve()) ! 596: error(Eperm); ! 597: if(n >= NAMELEN) ! 598: error(Ebadarg); ! 599: memset(buf, 0, NAMELEN); ! 600: strncpy(buf, a, n); ! 601: if(buf[0] == 0) ! 602: error(Ebadarg); ! 603: memmove(eve, buf, NAMELEN); ! 604: memmove(u->p->user, buf, NAMELEN); ! 605: return n; ! 606: } ! 607: ! 608: long ! 609: hostdomainwrite(char *a, int n) ! 610: { ! 611: char buf[DOMLEN]; ! 612: ! 613: if(!iseve()) ! 614: error(Eperm); ! 615: if(n >= DOMLEN) ! 616: error(Ebadarg); ! 617: memset(buf, 0, DOMLEN); ! 618: strncpy(buf, a, n); ! 619: if(buf[0] == 0) ! 620: error(Ebadarg); ! 621: memmove(hostdomain, buf, DOMLEN); ! 622: return n; ! 623: } ! 624: ! 625: void ! 626: wipekeys(void) ! 627: { ! 628: memset(evekey, 0, sizeof(evekey)); ! 629: memset((void*)palloc.cmembase, 0, palloc.cmemtop - palloc.cmembase); ! 630: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.