Blame | Last modification | View Log | RSS feed
#ifndef P9AUTH_H
#define P9AUTH_H
#define U9AUTH_DOMLEN 48 /* length of an authentication domain name */
#define U9AUTH_DESKEYLEN 7 /* length of a des key for encrypt/decrypt */
#define U9AUTH_CHALLEN 8 /* length of a challenge */
#define U9AUTH_NETCHLEN 16 /* max network challenge length */
#define U9AUTH_CONFIGLEN 14
#define U9AUTH_SECRETLEN 32 /* max length of a secret */
#define U9AUTH_APOPCHLEN 256
#define U9AUTH_MD5LEN 16
#define U9AUTH_KEYDBOFF 8 /* length of random data at the start of key file */
#define U9AUTH_OKEYDBLEN U9FSNAMELEN+U9AUTH_DESKEYLEN+4+2, /* length of an entry in old key file */
#define U9AUTH_KEYDBLEN OKEYDBLENSECRETLEN, /* length of an entry in key file */
/* encryption numberings (anti-replay) */
enum
{
AuthTreq=1, /* ticket request */
AuthChal=2, /* challenge box request */
AuthPass=3, /* change password */
AuthOK=4, /* fixed length reply follows */
AuthErr=5, /* error follows */
AuthMod=6, /* modify user */
AuthApop=7, /* apop authentication for pop3 */
AuthOKvar=9, /* variable length reply follows */
AuthChap=10, /* chap authentication for ppp */
AuthMSchap=11, /* MS chap authentication for ppp */
AuthTs=64, /* ticket encrypted with server's key */
AuthTc, /* ticket encrypted with client's key */
AuthAs, /* server generated authenticator */
AuthAc, /* client generated authenticator */
AuthTp, /* ticket encrypted with clien's key for password change */
};
struct u9auth_ticketreq
{
char type;
char authid[U9FS_NAMELEN]; /* server's encryption id */
char authdom[U9AUTH_DOMLEN]; /* server's authentication domain */
char chal[U9AUTH_CHALLEN]; /* challenge from server */
char hostid[U9FS_NAMELEN]; /* host's encryption id */
char uid[U9FS_NAMELEN]; /* uid of requesting user on host */
};
#define U9AUTH_TICKREQLEN (3*U9FS_NAMELEN+U9AUTH_CHALLEN+U9AUTH_DOMLEN+1)
struct u9auth_ticket
{
char num; /* replay protection */
char chal[U9AUTH_CHALLEN]; /* server challenge */
char cuid[U9FS_NAMELEN]; /* uid on client */
char suid[U9FS_NAMELEN]; /* uid on server */
char key[U9AUTH_DESKEYLEN]; /* nonce DES key */
};
#define U9AUTH_TICKETLEN (U9AUTH_CHALLEN+2*U9FS_NAMELEN+U9AUTH_DESKEYLEN+1)
struct u9auth_authenticator
{
char num; /* replay protection */
char chal[U9AUTH_CHALLEN];
u_long id; /* authenticator id, ++'d with each auth */
};
#define U9AUTH_AUTHENTLEN (U9AUTH_CHALLEN+4+1)
struct u9auth_passwordreq
{
char num;
char old[U9FS_NAMELEN];
char new[U9FS_NAMELEN];
char changesecret;
char secret[U9AUTH_SECRETLEN]; /* new secret */
};
#define U9AUTH_PASSREQLEN (2*U9FS_NAMELEN+1+1+U9AUTH_SECRETLEN)
struct u9auth_nvrsafe
{
char machkey[U9AUTH_DESKEYLEN];
u_char machsum;
char authkey[U9AUTH_DESKEYLEN];
u_char authsum;
char config[U9AUTH_CONFIGLEN];
u_char configsum;
char authid[U9FS_NAMELEN];
u_char authidsum;
char authdom[U9AUTH_DOMLEN];
u_char authdomsum;
};
struct u9auth_chalstate
{
int afd; /* /dev/authenticate */
int asfd; /* authdial() */
char chal[U9AUTH_NETCHLEN]; /* challenge/response */
};
struct u9auth_apopchalstate
{
int afd; /* /dev/authenticate */
int asfd; /* authdial() */
char chal[U9AUTH_APOPCHLEN]; /* challenge/response */
};
struct u9auth_chapreply
{
u_char id;
char uid[U9FS_NAMELEN];
char resp[U9AUTH_MD5LEN];
};
struct u9auth_mSchapreply
{
char uid[U9FS_NAMELEN];
char LMresp[24]; /* Lan Manager response */
char NTresp[24]; /* NT response */
};
#ifdef KERNEL
void u9auth_genchal __P((char *));
int u9auth_gettickets __P((struct socket * so, struct u9fsreq * rep,
char * user, char * ckey, char * ts, char * authc,
struct proc * p));
int encrypt9 __P((void *key, void * vbuf, int n));
int decrypt9 __P((void *key, void * vbuf, int n));
#endif
#endif