| plan 9 kernel history: overview | file list | diff list |
1993/0731/port/auth.c (diff list | history)
| 1993/0501/sys/src/9/port/auth.c:15,23 – 1993/0731/sys/src/9/port/auth.c:15,25 (short | long | prev | next) | ||
| 1993/0330 | char tbuf[TICKETLEN]; /* remote ticket */ }; | |
| 1993/0731 | typedef struct Session Session; | |
| 1993/0330 | struct Session { Lock; | |
| 1993/0731 | Lock send; | |
| 1993/0330 | Crypt *cache; /* cache of tickets */ char cchal[CHALLEN]; /* client challenge */ char schal[CHALLEN]; /* server challenge */ | |
| 1993/0501/sys/src/9/port/auth.c:24,29 – 1993/0731/sys/src/9/port/auth.c:26,32 | ||
| 1993/0330 | char authid[NAMELEN]; /* server encryption uid */ char authdom[DOMLEN]; /* server encryption domain */ ulong cid; /* challenge id */ | |
| 1993/0731 | int valid; | |
| 1993/0330 | }; struct | |
| 1993/0501/sys/src/9/port/auth.c:108,128 – 1993/0731/sys/src/9/port/auth.c:111,134 | ||
| 1993/0330 | nexterror(); } | |
| 1993/0407 | ||
| 1993/0501 |
| |
| 1993/0731 | /* add a session structure to the channel if it has none */ lock(c); | |
| 1993/0330 | s = c->session; if(s == 0){ | |
| 1993/0501 |
| |
| 1993/0330 | s = malloc(sizeof(Session)); | |
| 1993/0501 |
| |
| 1993/0731 | if(s == 0){ unlock(c); | |
| 1993/0330 | error(Enomem); | |
| 1993/0501 |
| |
| 1993/0731 | } c->session = s; } unlock(c); | |
| 1993/0407 | ||
| 1993/0731 | /* back off if someone else is doing an fsession */ while(!canlock(&s->send)) sched(); if(s->valid == 0){ | |
| 1993/0407 | /* * Exchange a session message with the server. * If an error occurs reading or writing, | |
| 1993/0501/sys/src/9/port/auth.c:138,150 – 1993/0731/sys/src/9/port/auth.c:144,155 | ||
| 1993/0407 | n = convS2M(&f, buf); if((*devtab[c->type].write)(c, buf, n, 0) != n) error(Emountrpc); | |
| 1993/0501 |
| |
| 1993/0407 | n = (*devtab[c->type].read)(c, buf, sizeof buf, 0); if(n == 2 && buf[0] == 'O' && buf[1] == 'K') | |
| 1993/0501 |
| |
| 1993/0731 | n = (*devtab[c->type].read)(c, buf, sizeof buf, 0); | |
| 1993/0407 | poperror(); if(convM2S(buf, &f, n) == 0){ | |
| 1993/0501 |
| |
| 1993/0731 | unlock(&s->send); | |
| 1993/0407 | error(Emountrpc); } switch(f.type){ | |
| 1993/0501/sys/src/9/port/auth.c:154,168 – 1993/0731/sys/src/9/port/auth.c:159,174 | ||
| 1993/0407 | memmove(s->authdom, f.authdom, DOMLEN); break; case Rerror: | |
| 1993/0501 |
| |
| 1993/0731 | unlock(&s->send); | |
| 1993/0407 | error(f.ename); default: | |
| 1993/0501 |
| |
| 1993/0731 | unlock(&s->send); | |
| 1993/0407 | error(Emountrpc); } | |
| 1993/0330 | } | |
| 1993/0501 |
| |
| 1993/0731 | s->valid = 1; | |
| 1993/0330 | } | |
| 1993/0731 | unlock(&s->send); | |
| 1993/0330 | /* * If server requires no ticket, or user is "none", or a ticket | |
| 1993/0501/sys/src/9/port/auth.c:169,186 – 1993/0731/sys/src/9/port/auth.c:175,196 | ||
| 1993/0330 | * is already cached, zero the request type */ tr.type = AuthTreq; | |
| 1993/0501 |
| |
| 1993/0731 | if(strcmp(up->user, "none") == 0 || s->authid[0] == 0) | |
| 1993/0330 | tr.type = 0; | |
| 1993/0501 |
| |
| 1993/0731 | else{ lock(s); for(cp = s->cache; cp; cp = cp->next) if(strcmp(cp->t.cuid, up->user) == 0){ tr.type = 0; break; } unlock(s); } | |
| 1993/0330 | /* create ticket request */ | |
| 1993/0501 |
| |
| 1993/0731 | memmove(tr.chal, s->schal, CHALLEN); memmove(tr.authid, s->authid, NAMELEN); memmove(tr.authdom, s->authdom, DOMLEN); | |
| 1993/0501 | memmove(tr.uid, up->user, NAMELEN); | |
| 1993/0330 | memmove(tr.hostid, eve, NAMELEN); convTR2M(&tr, (char*)arg[1]); | |
| 1993/0501/sys/src/9/port/auth.c:351,358 – 1993/0731/sys/src/9/port/auth.c:361,368 | ||
| 1993/0330 | * * The protocol is * 1) read ticket request from #c/authenticate | |
| 1993/0501 |
| |
| 1993/0731 | * 2) write ticket+authenticator to #c/authenticate. if it matches * the challenge the user is changed to the suid field of the ticket | |
| 1993/0330 | * 3) read authenticator (to confirm this is the server advertised) */ long | |
| 1993/0501/sys/src/9/port/auth.c:370,375 – 1993/0731/sys/src/9/port/auth.c:380,386 | ||
| 1993/0330 | error(Ebadarg); c->aux = newcrypt(); cp = c->aux; | |
| 1993/0731 | ||
| 1993/0330 | memset(&tr, 0, sizeof(tr)); tr.type = AuthTreq; strcpy(tr.hostid, eve); | |
| 1993/0501/sys/src/9/port/auth.c:387,396 – 1993/0731/sys/src/9/port/auth.c:398,410 | ||
| 1993/0330 | if(n != AUTHENTLEN) error(Ebadarg); cp = c->aux; | |
| 1993/0731 | ||
| 1993/0330 | cp->a.num = AuthAs; memmove(cp->a.chal, cp->t.chal, CHALLEN); cp->a.id = 0; | |
| 1993/0501 |
| |
| 1993/0731 | convA2M(&cp->a, cp->tbuf, cp->t.key); memmove(a, cp->tbuf, AUTHENTLEN); | |
| 1993/0330 | freecrypt(cp); c->aux = 0; } | |
| 1993/0501/sys/src/9/port/auth.c:402,415 – 1993/0731/sys/src/9/port/auth.c:416,437 | ||
| 1993/0330 | { Crypt *cp; | |
| 1993/0501 |
| |
| 1993/0731 | if(n != TICKETLEN+AUTHENTLEN) | |
| 1993/0330 | error(Ebadarg); if(c->aux == 0) error(Ebadarg); cp = c->aux; | |
| 1993/0501 |
| |
| 1993/0731 | memmove(cp->tbuf, a, TICKETLEN); convM2T(cp->tbuf, &cp->t, evekey); | |
| 1993/0330 | if(cp->t.num != AuthTs || memcmp(cp->a.chal, cp->t.chal, CHALLEN)) error(Eperm); | |
| 1993/0731 | memmove(cp->tbuf, a+TICKETLEN, AUTHENTLEN); convM2A(cp->tbuf, &cp->a, cp->t.key); if(cp->a.num != AuthAc || memcmp(cp->a.chal, cp->t.chal, CHALLEN)) error(Eperm); | |
| 1993/0501 | memmove(up->user, cp->t.suid, NAMELEN); | |
| 1993/0330 | return n; } | |
| 1993/0501/sys/src/9/port/auth.c:417,442 – 1993/0731/sys/src/9/port/auth.c:439,529 | ||
| 1993/0330 | /* * called by devcons() for #c/authcheck * | |
| 1993/0731 | * a write of a ticket+authenticator [+challenge+id] succeeds if they match | |
| 1993/0330 | */ long authcheck(Chan *c, char *a, int n) { Crypt *cp; | |
| 1993/0731 | char *chal; ulong id; | |
| 1993/0330 |
| |
| 1993/0731 | if(n != TICKETLEN+AUTHENTLEN && n != TICKETLEN+AUTHENTLEN+CHALLEN+4) | |
| 1993/0330 | error(Ebadarg); if(c->aux == 0) c->aux = newcrypt(); cp = c->aux; | |
| 1993/0501 |
| |
| 1993/0731 | memmove(cp->tbuf, a, TICKETLEN); convM2T(cp->tbuf, &cp->t, evekey); | |
| 1993/0402 | if(cp->t.num != AuthTc) | |
| 1993/0330 | error(Ebadarg); | |
| 1993/0501 | if(strcmp(up->user, cp->t.cuid)) | |
| 1993/0402 | error(cp->t.cuid); | |
| 1993/0501 |
| |
| 1993/0330 |
| |
| 1993/0731 | memmove(cp->tbuf, a+TICKETLEN, AUTHENTLEN); convM2A(cp->tbuf, &cp->a, cp->t.key); if(n == TICKETLEN+AUTHENTLEN+CHALLEN+4){ uchar *p = (uchar *)&a[TICKETLEN+AUTHENTLEN+CHALLEN]; id = p[0] | (p[1]<<8) | (p[2]<<16) | (p[3]<<24); chal = &a[TICKETLEN+AUTHENTLEN]; }else{ id = 0; chal = cp->t.chal; } if(cp->a.num != AuthAs || memcmp(chal, cp->a.chal, CHALLEN) || cp->a.id != id) | |
| 1993/0330 | error(Eperm); | |
| 1993/0731 | return n; } /* * called by devcons() for #c/authenticator * * a read after a write of a ticket (or ticket+id) returns an authenticator * for that ticket. */ long authentwrite(Chan *c, char *a, int n) { Crypt *cp; if(n != TICKETLEN && n != TICKETLEN+4) error(Ebadarg); if(c->aux == 0) c->aux = newcrypt(); cp = c->aux; memmove(cp->tbuf, a, TICKETLEN); convM2T(cp->tbuf, &cp->t, evekey); if(cp->t.num != AuthTc || strcmp(cp->t.cuid, up->user)){ freecrypt(cp); c->aux = 0; error(Ebadarg); } if(n == TICKETLEN+4){ uchar *p = (uchar *)&a[TICKETLEN]; cp->a.id = p[0] | (p[1]<<8) | (p[2]<<16) | (p[3]<<24); }else cp->a.id = 0; return n; } long authentread(Chan *c, char *a, int n) { Crypt *cp; cp = c->aux; if(cp == 0) error("authenticator read must follow a write"); cp->a.num = AuthAc; memmove(cp->a.chal, cp->t.chal, CHALLEN); convA2M(&cp->a, cp->tbuf, cp->t.key); memmove(a, cp->tbuf, AUTHENTLEN); | |
| 1993/0428 | return n; } | |