Subversion Repositories planix.SVN

Rev

Rev 2 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
2 - 1 
#include <u.h>
2 
#include <libc.h>
3 
#include <auth.h>
4 
#include "../boot/boot.h"
5 
 
6 
static char *pbmsg = "AS protocol botch";
7 
static char *ccmsg = "can't connect to AS";
8 
 
9 
long
10 
readn(int fd, void *buf, long len)
11 
{
12 
	int m, n;
13 
	char *p;
14 
 
15 
	p = buf;
16 
	for(n = 0; n < len; n += m){
17 
		m = read(fd, p+n, len-n);
18 
		if(m <= 0)
19 
			return -1;
20 
	}
21 
	return n;
22 
}
23 
 
24 
static char*
25 
fromauth(Method *mp, char *trbuf, char *tbuf)
26 
{
27 
	int afd;
28 
	char t;
29 
	char *msg;
30 
	static char error[2*ERRMAX];
31 
 
32 
	if(mp->auth == 0)
33 
		fatal("no method for accessing auth server");
34 
	afd = (*mp->auth)();
35 
	if(afd < 0) {
36 
		sprint(error, "%s: %r", ccmsg);
37 
		return error;
38 
	}
39 
 
40 
	if(write(afd, trbuf, TICKREQLEN) < 0 || read(afd, &t, 1) != 1){
41 
		close(afd);
42 
		sprint(error, "%s: %r", pbmsg);
43 
		return error;
44 
	}
45 
	switch(t){
46 
	case AuthOK:
47 
		msg = 0;
48 
		if(readn(afd, tbuf, 2*TICKETLEN) < 0) {
49 
			sprint(error, "%s: %r", pbmsg);
50 
			msg = error;
51 
		}
52 
		break;
53 
	case AuthErr:
54 
		if(readn(afd, error, ERRMAX) < 0) {
55 
			sprint(error, "%s: %r", pbmsg);
56 
			msg = error;
57 
		}
58 
		else {
59 
			error[ERRMAX-1] = 0;
60 
			msg = error;
61 
		}
62 
		break;
63 
	default:
64 
		msg = pbmsg;
65 
		break;
66 
	}
67 
 
68 
	close(afd);
69 
	return msg;
70 
}
71 
 
72 
void
73 
doauthenticate(int fd, Method *mp)
74 
{
75 
	char *msg;
76 
	char trbuf[TICKREQLEN];
77 
	char tbuf[2*TICKETLEN];
78 
 
79 
	print("session...");
80 
	if(fsession(fd, trbuf, sizeof trbuf) < 0)
81 
		fatal("session command failed");
82 
 
83 
	/* no authentication required? */
84 
	memset(tbuf, 0, 2*TICKETLEN);
85 
	if(trbuf[0] == 0)
86 
		return;
87 
 
88 
	/* try getting to an auth server */
89 
	print("getting ticket...");
90 
	msg = fromauth(mp, trbuf, tbuf);
91 
	print("authenticating...");
92 
	if(msg == 0)
93 
		if(fauth(fd, tbuf) >= 0)
94 
			return;
95 
 
96 
	/* didn't work, go for the security hole */
97 
	fprint(2, "no authentication server (%s), using your key as server key\n", msg);
98 
}
99 
 
100 
char*
101 
checkkey(Method *mp, char *name, char *key)
102 
{
103 
	char *msg;
104 
	Ticketreq tr;
105 
	Ticket t;
106 
	char trbuf[TICKREQLEN];
107 
	char tbuf[TICKETLEN];
108 
 
109 
	memset(&tr, 0, sizeof tr);
110 
	tr.type = AuthTreq;
111 
	strcpy(tr.authid, name);
112 
	strcpy(tr.hostid, name);
113 
	strcpy(tr.uid, name);
114 
	convTR2M(&tr, trbuf);
115 
	msg = fromauth(mp, trbuf, tbuf);
116 
	if(msg == ccmsg){
117 
		fprint(2, "boot: can't contact auth server, passwd unchecked\n");
118 
		return 0;
119 
	}
120 
	if(msg)
121 
		return msg;
122 
	convM2T(tbuf, &t, key);
123 
	if(t.num == AuthTc && strcmp(name, t.cuid)==0)
124 
		return 0;
125 
	return "no match";
126 
}