diff --git a/sys/include/authsrv.h b/sys/include/authsrv.h index b423992c1..5df6f0973 100644 --- a/sys/include/authsrv.h +++ b/sys/include/authsrv.h @@ -26,6 +26,7 @@ enum NETCHLEN= 16, /* max network challenge length (used in AS protocol) */ CONFIGLEN= 14, SECRETLEN= 32, /* secret max size */ + PASSWDLEN= 28, /* password max size */ NONCELEN= 32, @@ -102,8 +103,8 @@ struct Authenticator struct Passwordreq { char num; - char old[ANAMELEN]; - char new[ANAMELEN]; + char old[PASSWDLEN]; + char new[PASSWDLEN]; char changesecret; char secret[SECRETLEN]; /* new secret */ }; @@ -187,6 +188,7 @@ struct Nvrsafe extern uchar nvcsum(void*, int); extern int readnvram(Nvrsafe*, int); +extern char* readcons(char*, char*, int); /* * call up auth server diff --git a/sys/src/libauthsrv/mkfile b/sys/src/libauthsrv/mkfile index 799ed0607..80d4d8a34 100644 --- a/sys/src/libauthsrv/mkfile +++ b/sys/src/libauthsrv/mkfile @@ -21,6 +21,7 @@ OFILES=\ nvcsum.$O\ passtokey.$O\ readnvram.$O\ + readcons.$O\ HFILES=\ /sys/include/authsrv.h diff --git a/sys/src/libauthsrv/passtokey.c b/sys/src/libauthsrv/passtokey.c index 60742c49c..e6803427a 100644 --- a/sys/src/libauthsrv/passtokey.c +++ b/sys/src/libauthsrv/passtokey.c @@ -6,12 +6,12 @@ void passtodeskey(char key[DESKEYLEN], char *p) { - uchar buf[ANAMELEN], *t; + uchar buf[PASSWDLEN], *t; int i, n; n = strlen(p); - if(n >= ANAMELEN) - n = ANAMELEN-1; + if(n >= PASSWDLEN) + n = PASSWDLEN-1; memset(buf, ' ', 8); t = buf; strncpy((char*)t, p, n); diff --git a/sys/src/libauthsrv/readcons.c b/sys/src/libauthsrv/readcons.c new file mode 100644 index 000000000..d7f9b99ee --- /dev/null +++ b/sys/src/libauthsrv/readcons.c @@ -0,0 +1,82 @@ +#include +#include + +/* + * prompt for a string with a possible default response + */ +char* +readcons(char *prompt, char *def, int raw) +{ + int fdin, fdout, ctl, n; + char *s, *p; + + s = p = nil; + fdout = ctl = -1; + + if((fdin = open("/dev/cons", OREAD)) < 0) + goto Out; + if((fdout = open("/dev/cons", OWRITE)) < 0) + goto Out; + + if(raw){ + if((ctl = open("/dev/consctl", OWRITE)) < 0) + goto Out; + write(ctl, "rawon", 5); + } + + if(def != nil) + fprint(fdout, "%s[%s]: ", prompt, def); + else + fprint(fdout, "%s: ", prompt); + + for(;;){ + n = p - s; + if((n % 32) == 0){ + if((p = realloc(s, n+32)) == nil) + break; + s = p, p += n; + } + + if(read(fdin, p, 1) <= 0 || *p == 0x7f) + break; + + if(*p == '\n' || *p == '\r'){ + if(p == s && def != nil){ + free(s); + s = strdup(def); + } else + *p = 0; + if(raw) + write(fdout, "\n", 1); + goto Out; + } else if(*p == '\b') { + while(p > s && (p[-1] & 0xc0) == 0x80) + *p-- = 0; + if(p > s) + *p-- = 0; + } else if(*p == 0x15) { /* ^U: line kill */ + if(def != nil) + fprint(fdout, "\n%s[%s]: ", prompt, def); + else + fprint(fdout, "\n%s: ", prompt); + while(p > s) + *p-- = 0; + } else if(*p >= ' ') + p++; + } + free(s); + s = nil; + if(raw) + write(fdout, "\n", 1); +Out: + if(ctl >= 0){ + write(ctl, "rawoff", 6); + close(ctl); + } + if(fdin >= 0) + close(fdin); + if(fdout >= 0) + close(fdout); + + return s; +} diff --git a/sys/src/libauthsrv/readnvram.c b/sys/src/libauthsrv/readnvram.c index ae708acbc..1a00835cf 100644 --- a/sys/src/libauthsrv/readnvram.c +++ b/sys/src/libauthsrv/readnvram.c @@ -53,78 +53,6 @@ static struct { "debug", "/tmp/nvram", 0, sizeof(Nvrsafe), }; -static char* -readcons(char *prompt, char *def, int raw, char *buf, int nbuf) -{ - int fdin, fdout, ctl, n, m; - char line[10]; - - fdin = open("/dev/cons", OREAD); - if(fdin < 0) - fdin = 0; - fdout = open("/dev/cons", OWRITE); - if(fdout < 0) - fdout = 1; - if(def != nil) - fprint(fdout, "%s[%s]: ", prompt, def); - else - fprint(fdout, "%s: ", prompt); - if(raw){ - ctl = open("/dev/consctl", OWRITE); - if(ctl >= 0) - write(ctl, "rawon", 5); - } else - ctl = -1; - - m = 0; - for(;;){ - n = read(fdin, line, 1); - if(n == 0){ - close(ctl); - werrstr("readcons: EOF"); - return nil; - } - if(n < 0){ - close(ctl); - werrstr("can't read cons"); - return nil; - } - if(line[0] == 0x7f) - exits(0); - if(n == 0 || line[0] == '\n' || line[0] == '\r'){ - if(raw){ - write(ctl, "rawoff", 6); - write(fdout, "\n", 1); - close(ctl); - } - buf[m] = '\0'; - if(buf[0]=='\0' && def) - strcpy(buf, def); - return buf; - } - if(line[0] == '\b'){ - if(m > 0) - m--; - }else if(line[0] == 0x15){ /* ^U: line kill */ - m = 0; - if(def != nil) - fprint(fdout, "%s[%s]: ", prompt, def); - else - fprint(fdout, "%s: ", prompt); - }else{ - if(m >= nbuf-1){ - fprint(fdout, "line too long\n"); - m = 0; - if(def != nil) - fprint(fdout, "%s[%s]: ", prompt, def); - else - fprint(fdout, "%s: ", prompt); - }else - buf[m++] = line[0]; - } - } -} - typedef struct { int fd; int safelen; @@ -211,6 +139,29 @@ findnvram(Nvrwhere *locp) locp->safeoff = safeoff; } +static int +ask(char *prompt, char *buf, int len, int raw) +{ + char *s; + int n; + + memset(buf, 0, len); + for(;;){ + if((s = readcons(prompt, nil, raw)) == nil) + return -1; + if((n = strlen(s)) >= len) + fprint(2, "%s longer than %d characters; try again\n", prompt, len-1); + else { + memmove(buf, s, n); + memset(s, 0, n); + free(s); + return 0; + } + memset(s, 0, n); + free(s); + } +} + /* * get key info out of nvram. since there isn't room in the PC's nvram use * a disk partition there. @@ -219,7 +170,7 @@ int readnvram(Nvrsafe *safep, int flag) { int err; - char buf[512], in[128]; /* 512 for floppy i/o */ + char buf[512]; /* 512 for floppy i/o */ Nvrsafe *safe; Nvrwhere loc; @@ -294,22 +245,22 @@ readnvram(Nvrsafe *safep, int flag) if((flag&(NVwrite|NVwritemem)) || (err && (flag&NVwriteonerr))){ if (!(flag&NVwritemem)) { - readcons("authid", nil, 0, safe->authid, - sizeof safe->authid); - readcons("authdom", nil, 0, safe->authdom, - sizeof safe->authdom); - readcons("secstore key", nil, 1, safe->config, - sizeof safe->config); - for(;;){ - Authkey k; + char pass[PASSWDLEN]; + Authkey k; - if(readcons("password", nil, 1, in, sizeof in) == nil) - goto Out; - passtokey(&k, in); - memmove(safe->machkey, k.des, DESKEYLEN); - memmove(safe->aesmachkey, k.aes, AESKEYLEN); - break; - } + if(ask("authid", safe->authid, sizeof safe->authid, 0)) + goto Out; + if(ask("authdom", safe->authdom, sizeof safe->authdom, 0)) + goto Out; + if(ask("secstore key", safe->config, sizeof safe->config, 1)) + goto Out; + if(ask("password", pass, sizeof pass, 1)) + goto Out; + passtokey(&k, pass); + memset(pass, 0, sizeof pass); + memmove(safe->machkey, k.des, DESKEYLEN); + memmove(safe->aesmachkey, k.aes, AESKEYLEN); + memset(&k, 0, sizeof k); } safe->machsum = nvcsum(safe->machkey, DESKEYLEN);