libauth: replace proto=p9cr with new proto=dp9ik/p9sk1 role=login for auth_userpasswd()
This commit is contained in:
parent
3ef51c16d4
commit
554fb43df5
1 changed files with 23 additions and 36 deletions
|
@ -1,49 +1,36 @@
|
|||
#include <u.h>
|
||||
#include <libc.h>
|
||||
#include <auth.h>
|
||||
#include <authsrv.h>
|
||||
#include "authlocal.h"
|
||||
|
||||
/*
|
||||
* compute the proper response. We encrypt the ascii of
|
||||
* challenge number, with trailing binary zero fill.
|
||||
* This process was derived empirically.
|
||||
* this was copied from inet's guard.
|
||||
*/
|
||||
static void
|
||||
netresp(char key[DESKEYLEN], long chal, char *answer)
|
||||
{
|
||||
uchar buf[8];
|
||||
|
||||
memset(buf, 0, sizeof buf);
|
||||
snprint((char *)buf, sizeof buf, "%lud", chal);
|
||||
if(encrypt(key, buf, 8) < 0)
|
||||
abort();
|
||||
sprint(answer, "%.8ux", buf[0]<<24 | buf[1]<<16 | buf[2]<<8 | buf[3]);
|
||||
}
|
||||
|
||||
AuthInfo*
|
||||
auth_userpasswd(char *user, char *passwd)
|
||||
{
|
||||
char resp[16], key[DESKEYLEN];
|
||||
AuthRpc *rpc;
|
||||
AuthInfo *ai;
|
||||
Chalstate *ch;
|
||||
char *s;
|
||||
int afd;
|
||||
|
||||
/*
|
||||
* Probably we should have a factotum protocol
|
||||
* to check a raw password. For now, we use
|
||||
* p9cr, which is simplest to speak.
|
||||
*/
|
||||
if((ch = auth_challenge("user=%q proto=p9cr role=server", user)) == nil)
|
||||
afd = open("/mnt/factotum/rpc", ORDWR);
|
||||
if(afd < 0)
|
||||
return nil;
|
||||
|
||||
passtodeskey(key, passwd);
|
||||
netresp(key, atol(ch->chal), resp);
|
||||
memset(key, 0, sizeof(key));
|
||||
|
||||
ch->resp = resp;
|
||||
ch->nresp = strlen(resp);
|
||||
ai = auth_response(ch);
|
||||
auth_freechal(ch);
|
||||
ai = nil;
|
||||
rpc = auth_allocrpc(afd);
|
||||
if(rpc == nil)
|
||||
goto Out;
|
||||
s = "proto=dp9ik role=login";
|
||||
if(auth_rpc(rpc, "start", s, strlen(s)) != ARok){
|
||||
s = "proto=p9sk1 role=login";
|
||||
if(auth_rpc(rpc, "start", s, strlen(s)) != ARok)
|
||||
goto Out;
|
||||
}
|
||||
if(auth_rpc(rpc, "write", user, strlen(user)) != ARok
|
||||
|| auth_rpc(rpc, "write", passwd, strlen(passwd)) != ARok)
|
||||
goto Out;
|
||||
ai = auth_getinfo(rpc);
|
||||
Out:
|
||||
if(rpc != nil)
|
||||
auth_freerpc(rpc);
|
||||
close(afd);
|
||||
return ai;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue