The original intention was to put devskel in to the
kernel to detach what it provides from devsrv.
That is not a good reason, just move it to userspace.
auth/box has been changed to exec skelfs instead
of relying on '#z'.
Changing the user to none doesn't do much for us
here. For kernel drivers that check the user of the
current proc we'll be none, but anything from devmnt
will still be accessed using creds from the original
attachment. Instead, running with none can be done
by chaining with auth/none:
auth/none auth/box ...
We need a way to parse a rsa certificate request and return the public
key and subject names. The new function X509reqtoRSApub() works the
same way as X509toRSApub() but on a certificate request.
We also need to support certificates that are valid for multiple domain
names (as tlshand does not support certificate selection). For this
reason, a comma separated list is returned as the certificate subject,
making it symmetric to X509rsareq() handling.
A little helper is provided with this change (auth/x5092pub) that takes
a certificate (or a certificate request when -r flag is provided) and
outputs the RSA public key in plan 9 format appended with the subject
attribute.
Passwd used to produce a very confusing error
about DES not being enabled whenever the password
was mistyped. This happened because we attempted
to guess what authentication method to use, and
preseneted the error from the wrong one on failure.
This puts the legacy mode behind a flag, so that
we don't even try the old method unless it's
explicitly requested.
version(5) says:
If the server does not understand the client's version
string, it should respond with an Rversion message (not
Rerror) with the version string the 7 characters
``unknown''.
Pre-lib9p file servers -- all except cwfs(4) -- do return Rerror.
lib9p(2) follows the above spec, although ignoring the next part
concerning comparison after period-stripping. It assumes an
Fcall.version starting with "9P" is correctly formed and returns
the only supported version of the protocol, which seems alright.
This patch brings pre-lib9p servers in accordance with the spec.
The mount() and bind() syscalls return -1 on error,
and the mountid sequence number on success.
The manpage states that the mountid sequence number
is a positive integer, but the kernels implementation
currently uses a unsigned 32-bit integer and does not
guarantee that the mountid will not become negative.
Most code just cares about the error, so test for
the -1 error value only.
Fix inconsistencies between programs and their usage
messages, correct instances where information seems
to be missing or lost. This includes missing arguments,
making usage consistent with manuals, and so on.
kvik writes:
I needed to convert the RSA private key that was laying around in
secstore into a format understood by UNIX® tools like SSH.
With asn12rsa(8) we can go from the ASN.1/DER to Plan 9 format, but not
back - so I wrote the libsec function asn1encodeRSApriv(2) and used it in
rsa2asn1(8) by adding the -a flag which causes the full private key to be
encoded and output.
due to linux omiting the final Z(4) in the NTLMv2 reply, and
the need for the windom for LMv2 authentication, here is a new
AuthNTLM ticket request now with length and dom fields.
in ntlmv2, the client will retry the challenge response trying a bunch
of different domain names assuming the same server challenge. so we have
to make retries work with factotum and the auth server.
also, windows 7 with compatlevel=4 sends all zeros LM response.
this implements the server part of mschapv2 with the new
authserver changes.
we also provide AuthInfo for the client now with the
MPPE secret and the authenticator.
this adds new rpc for mschapv2 authentication (21)
deliver the MPPE secret not after the ticket/authenticator
response as cheartext, but include it in the first 128 bit
of the ticket key. and the authenticator in the first 160 bit
of the authenticator random field.
use OCHAPREPLYLEN instead of sizeof(reply) (no padding).
exit after sending ticket response to force eof as factotum
unconditionally reads tailing secret hash (as of mschap).
the role=login protocol is ment to replace proto=p9cr in
auth_userpasswd() from libauth to authenticate a user
given a username and a password. in contrast to p9cr, it
does not require an authentication server when user is the
hostowner and its key is present in factotum.
this makes implementing ssh-rsa authentication easier, as we
then can convert the public key directly to ssh format and check
if the server will accept that public key.
tlshand just needs the modulus to see if the public key matches
the one it has from the certificate.
aiju → i don't like it, it's more bullshit ways to expose the key :)
aiju → if someone can grab /adm/keyseed, they can also grab /adm/users and /adm/keys
