factotum: cleanup getnvramkey()
- remove secstore password code, it is not used anymore. - zero the Nvrsafe structure on the stack before returning. - use smprint(), can't overflow.
This commit is contained in:
parent
0467b41972
commit
3f869a6894
|
@ -201,7 +201,7 @@ Keyinfo* mkkeyinfo(Keyinfo*, Fsstate*, Attr*);
|
|||
int findkey(Key**, Keyinfo*, char*, ...);
|
||||
int findp9authkey(Key**, Fsstate*);
|
||||
Proto *findproto(char*);
|
||||
char *getnvramkey(int, char**);
|
||||
char *getnvramkey(int);
|
||||
void initcap(void);
|
||||
int isclient(char*);
|
||||
int matchattr(Attr*, Attr*, Attr*);
|
||||
|
|
|
@ -148,7 +148,7 @@ main(int argc, char **argv)
|
|||
}
|
||||
|
||||
if(sflag){
|
||||
s = getnvramkey(kflag ? NVwrite : NVwriteonerr, nil);
|
||||
s = getnvramkey(kflag ? NVwrite : NVwriteonerr);
|
||||
if(s == nil)
|
||||
fprint(2, "factotum warning: cannot read nvram: %r\n");
|
||||
else if(ctlwrite(s, 0) < 0)
|
||||
|
|
|
@ -472,11 +472,10 @@ findproto(char *name)
|
|||
}
|
||||
|
||||
char*
|
||||
getnvramkey(int flag, char **secstorepw)
|
||||
getnvramkey(int flag)
|
||||
{
|
||||
char *s;
|
||||
Nvrsafe safe;
|
||||
char spw[CONFIGLEN+1];
|
||||
char *s;
|
||||
int i;
|
||||
|
||||
memset(&safe, 0, sizeof safe);
|
||||
|
@ -487,15 +486,6 @@ getnvramkey(int flag, char **secstorepw)
|
|||
if(readnvram(&safe, flag)<0 && safe.authid[0]==0)
|
||||
return nil;
|
||||
|
||||
/*
|
||||
* we're using the config area to hold the secstore
|
||||
* password. if there's anything there, return it.
|
||||
*/
|
||||
memmove(spw, safe.config, CONFIGLEN);
|
||||
spw[CONFIGLEN] = 0;
|
||||
if(spw[0] != 0 && secstorepw != nil)
|
||||
*secstorepw = estrdup(spw);
|
||||
|
||||
/*
|
||||
* only use nvram key if it is non-zero
|
||||
*/
|
||||
|
@ -505,11 +495,11 @@ getnvramkey(int flag, char **secstorepw)
|
|||
if(i == DESKEYLEN)
|
||||
return nil;
|
||||
|
||||
s = emalloc(512);
|
||||
fmtinstall('H', encodefmt);
|
||||
sprint(s, "key proto=p9sk1 user=%q dom=%q !hex=%.*H !password=______",
|
||||
s = smprint("key proto=p9sk1 user=%q dom=%q !hex=%.*H !password=______",
|
||||
safe.authid, safe.authdom, DESKEYLEN, safe.machkey);
|
||||
writehostowner(safe.authid);
|
||||
memset(&safe, 0, sizeof safe);
|
||||
|
||||
return s;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue