ref: 0594c6d178d64ccc70c3d781e869d126c32fb267
parent: 354d513a481471aed9458886ec942aa9c8bd1dc9
author: cinap_lenrek <[email protected]>
date: Sun Jul 31 16:47:43 EDT 2016
update libauthsrv, use common readcons() function
--- a/Makefile
+++ b/Makefile
@@ -6,7 +6,6 @@
main.$O\
cpu.$O\
aan.$O\
- readcons.$O\
secstore.$O\
latin1.$O\
$(OS)-factotum.$O\
--- a/cpu.c
+++ b/cpu.c
@@ -36,6 +36,15 @@
char *authserver;
char *secstore;
+char*
+estrdup(char *s)
+{
+ s = strdup(s);
+ if(s == nil)
+ sysfatal("out of memory");
+ return s;
+}
+
static void
ending(void)
{
--- a/drawterm.h
+++ b/drawterm.h
@@ -3,7 +3,6 @@
extern char secstorebuf[65536];
extern char *secstorefetch(char *addr, char *owner, char *passwd);
extern char *authserver;
-extern char *readcons(char *prompt, char *def, int secret);
extern int exportfs(int);
extern char *user;
extern int dialfactotum(void);
--- a/include/authsrv.h
+++ b/include/authsrv.h
@@ -23,6 +23,7 @@
NETCHLEN= 16, /* max network challenge length (used in AS protocol) */
CONFIGLEN= 14,
SECRETLEN= 32, /* secret max size */
+ PASSWDLEN= 28, /* password max size */
NONCELEN= 32,
@@ -99,8 +100,8 @@
struct Passwordreq
{
char num;
- char old[ANAMELEN];
- char new[ANAMELEN];
+ char old[PASSWDLEN];
+ char new[PASSWDLEN];
char changesecret;
char secret[SECRETLEN]; /* new secret */
};
@@ -184,6 +185,7 @@
extern uchar nvcsum(void*, int);
extern int readnvram(Nvrsafe*, int);
+extern char* readcons(char*, char*, int);
/*
* call up auth server
--- a/kern/devcons.c
+++ b/kern/devcons.c
@@ -487,7 +487,7 @@
}
static int
-readcons(Queue *q, char *buf, int n)
+qreadcons(Queue *q, char *buf, int n)
{
if(screenputs==0 && !qcanread(q))
return read(0, buf, n);
@@ -521,7 +521,7 @@
else {
/* read as much as possible */
do {
- i = readcons(kbdq, cbuf, n);
+ i = qreadcons(kbdq, cbuf, n);
cbuf += i;
n -= i;
} while (n>0 && qcanread(kbdq));
@@ -530,7 +530,7 @@
} else {
while(!qcanread(lineq)) {
eol = 1;
- if(readcons(kbdq, &kbd.line[kbd.x], 1) == 1){
+ if(qreadcons(kbdq, &kbd.line[kbd.x], 1) == 1){
eol = 0;
ch = kbd.line[kbd.x];
switch(ch){
--- a/libauthsrv/Makefile
+++ b/libauthsrv/Makefile
@@ -15,6 +15,7 @@
convTR2M.$O\
nvcsum.$O\
passtokey.$O\
+ readcons.$O\
_asgetpakkey.$O\
_asgetresp.$O\
_asrequest.$O\
--- a/libauthsrv/authdial.c
+++ b/libauthsrv/authdial.c
@@ -13,7 +13,7 @@
if(dom == nil)
/* look for one relative to my machine */
- return dial(netmkaddr("$auth", netroot, "ticket"), 0, 0, 0);
+ return dial(netmkaddr("$auth", nil, "ticket"), nil, nil, nil);
/* look up an auth server in an authentication domain */
p = csgetvalue(netroot, "authdom", dom, "auth", &t);
@@ -39,8 +39,7 @@
rv = -1;
for(nt = t; nt != nil; nt = nt->entry) {
if(strcmp(nt->attr, "auth") == 0) {
- p = netmkaddr(nt->val, netroot, "ticket");
- rv = dial(p, 0, 0, 0);
+ rv = dial(netmkaddr(nt->val, nil, "ticket"), nil, nil, nil);
if(rv >= 0)
break;
}
--- /dev/null
+++ b/libauthsrv/readcons.c
@@ -1,0 +1,82 @@
+#include <u.h>
+#include <libc.h>
+
+/*
+ * prompt for a string with a possible default response
+ */
+char*
+readcons(char *prompt, char *def, int raw)
+{
+ int fdin, fdout, ctl, n;
+ char *s, *p;
+
+ s = p = nil;
+ fdout = ctl = -1;
+
+ if((fdin = open("/dev/cons", OREAD)) < 0)
+ goto Out;
+ if((fdout = open("/dev/cons", OWRITE)) < 0)
+ goto Out;
+
+ if(raw){
+ if((ctl = open("/dev/consctl", OWRITE)) < 0)
+ goto Out;
+ write(ctl, "rawon", 5);
+ }
+
+ if(def != nil)
+ fprint(fdout, "%s[%s]: ", prompt, def);
+ else
+ fprint(fdout, "%s: ", prompt);
+
+ for(;;){
+ n = p - s;
+ if((n % 32) == 0){
+ if((p = realloc(s, n+32)) == nil)
+ break;
+ s = p, p += n;
+ }
+
+ if(read(fdin, p, 1) <= 0 || *p == 0x7f)
+ break;
+
+ if(*p == '\n' || *p == '\r'){
+ if(p == s && def != nil){
+ free(s);
+ s = strdup(def);
+ } else
+ *p = 0;
+ if(raw)
+ write(fdout, "\n", 1);
+ goto Out;
+ } else if(*p == '\b') {
+ while(p > s && (p[-1] & 0xc0) == 0x80)
+ *p-- = 0;
+ if(p > s)
+ *p-- = 0;
+ } else if(*p == 0x15) { /* ^U: line kill */
+ if(def != nil)
+ fprint(fdout, "\n%s[%s]: ", prompt, def);
+ else
+ fprint(fdout, "\n%s: ", prompt);
+ while(p > s)
+ *p-- = 0;
+ } else if(*p >= ' ')
+ p++;
+ }
+ free(s);
+ s = nil;
+ if(raw)
+ write(fdout, "\n", 1);
+Out:
+ if(ctl >= 0){
+ write(ctl, "rawoff", 6);
+ close(ctl);
+ }
+ if(fdin >= 0)
+ close(fdin);
+ if(fdout >= 0)
+ close(fdout);
+
+ return s;
+}
--- a/libauthsrv/readnvram.c
+++ b/libauthsrv/readnvram.c
@@ -53,78 +53,6 @@
"debug", "/tmp/nvram", 0, sizeof(Nvrsafe),
};
-static char*
-readcons(char *prompt, char *def, int raw, char *buf, int nbuf)
-{
- int fdin, fdout, ctl, n, m;
- char line[10];
-
- fdin = open("/dev/cons", OREAD);
- if(fdin < 0)
- fdin = 0;
- fdout = open("/dev/cons", OWRITE);
- if(fdout < 0)
- fdout = 1;
- if(def != nil)
- fprint(fdout, "%s[%s]: ", prompt, def);
- else
- fprint(fdout, "%s: ", prompt);
- if(raw){
- ctl = open("/dev/consctl", OWRITE);
- if(ctl >= 0)
- write(ctl, "rawon", 5);
- } else
- ctl = -1;
-
- m = 0;
- for(;;){
- n = read(fdin, line, 1);
- if(n == 0){
- close(ctl);
- werrstr("readcons: EOF");
- return nil;
- }
- if(n < 0){
- close(ctl);
- werrstr("can't read cons");
- return nil;
- }
- if(line[0] == 0x7f)
- exits(0);
- if(n == 0 || line[0] == '\n' || line[0] == '\r'){
- if(raw){
- write(ctl, "rawoff", 6);
- write(fdout, "\n", 1);
- close(ctl);
- }
- buf[m] = '\0';
- if(buf[0]=='\0' && def)
- strcpy(buf, def);
- return buf;
- }
- if(line[0] == '\b'){
- if(m > 0)
- m--;
- }else if(line[0] == 0x15){ /* ^U: line kill */
- m = 0;
- if(def != nil)
- fprint(fdout, "%s[%s]: ", prompt, def);
- else
- fprint(fdout, "%s: ", prompt);
- }else{
- if(m >= nbuf-1){
- fprint(fdout, "line too long\n");
- m = 0;
- if(def != nil)
- fprint(fdout, "%s[%s]: ", prompt, def);
- else
- fprint(fdout, "%s: ", prompt);
- }else
- buf[m++] = line[0];
- }
- }
-}
-
typedef struct {
int fd;
int safelen;
@@ -211,6 +139,29 @@
locp->safeoff = safeoff;
}
+static int
+ask(char *prompt, char *buf, int len, int raw)
+{
+ char *s;
+ int n;
+
+ memset(buf, 0, len);
+ for(;;){
+ if((s = readcons(prompt, nil, raw)) == nil)
+ return -1;
+ if((n = strlen(s)) >= len)
+ fprint(2, "%s longer than %d characters; try again\n", prompt, len-1);
+ else {
+ memmove(buf, s, n);
+ memset(s, 0, n);
+ free(s);
+ return 0;
+ }
+ memset(s, 0, n);
+ free(s);
+ }
+}
+
/*
* get key info out of nvram. since there isn't room in the PC's nvram use
* a disk partition there.
@@ -219,7 +170,7 @@
readnvram(Nvrsafe *safep, int flag)
{
int err;
- char buf[512], in[128]; /* 512 for floppy i/o */
+ char buf[512]; /* 512 for floppy i/o */
Nvrsafe *safe;
Nvrwhere loc;
@@ -294,22 +245,22 @@
if((flag&(NVwrite|NVwritemem)) || (err && (flag&NVwriteonerr))){
if (!(flag&NVwritemem)) {
- readcons("authid", nil, 0, safe->authid,
- sizeof safe->authid);
- readcons("authdom", nil, 0, safe->authdom,
- sizeof safe->authdom);
- readcons("secstore key", nil, 1, safe->config,
- sizeof safe->config);
- for(;;){
- Authkey k;
+ char pass[PASSWDLEN];
+ Authkey k;
- if(readcons("password", nil, 1, in, sizeof in) == nil)
- goto Out;
- passtokey(&k, in);
- memmove(safe->machkey, k.des, DESKEYLEN);
- memmove(safe->aesmachkey, k.aes, AESKEYLEN);
- break;
- }
+ if(ask("authid", safe->authid, sizeof safe->authid, 0))
+ goto Out;
+ if(ask("authdom", safe->authdom, sizeof safe->authdom, 0))
+ goto Out;
+ if(ask("secstore key", safe->config, sizeof safe->config, 1))
+ goto Out;
+ if(ask("password", pass, sizeof pass, 1))
+ goto Out;
+ passtokey(&k, pass);
+ memset(pass, 0, sizeof pass);
+ memmove(safe->machkey, k.des, DESKEYLEN);
+ memmove(safe->aesmachkey, k.aes, AESKEYLEN);
+ memset(&k, 0, sizeof k);
}
safe->machsum = nvcsum(safe->machkey, DESKEYLEN);
--- a/readcons.c
+++ /dev/null
@@ -1,110 +1,0 @@
-#include <u.h>
-#include <libc.h>
-#include "drawterm.h"
-
-void*
-erealloc(void *v, ulong n)
-{
- v = realloc(v, n);
- if(v == nil && n != 0)
- sysfatal("out of memory");
- return v;
-}
-
-char*
-estrdup(char *s)
-{
- s = strdup(s);
- if(s == nil)
- sysfatal("out of memory");
- return s;
-}
-
-char*
-estrappend(char *s, char *fmt, ...)
-{
- char *t;
- va_list arg;
-
- va_start(arg, fmt);
- t = vsmprint(fmt, arg);
- if(t == nil)
- sysfatal("out of memory");
- va_end(arg);
- s = erealloc(s, strlen(s)+strlen(t)+1);
- strcat(s, t);
- free(t);
- return s;
-}
-
-/*
- * prompt for a string with a possible default response
- */
-char*
-readcons(char *prompt, char *def, int raw)
-{
- int fdin, fdout, ctl, n;
- char line[10];
- char *s;
-
- fdin = open("/dev/cons", OREAD);
- if(fdin < 0)
- fdin = 0;
- fdout = open("/dev/cons", OWRITE);
- if(fdout < 0)
- fdout = 1;
- if(def != nil)
- fprint(fdout, "%s[%s]: ", prompt, def);
- else
- fprint(fdout, "%s: ", prompt);
- if(raw){
- ctl = open("/dev/consctl", OWRITE);
- if(ctl >= 0)
- write(ctl, "rawon", 5);
- } else
- ctl = -1;
- s = estrdup("");
- for(;;){
- n = read(fdin, line, 1);
- if(n == 0){
- Error:
- close(fdin);
- close(fdout);
- if(ctl >= 0)
- close(ctl);
- free(s);
- return nil;
- }
- if(n < 0)
- goto Error;
- if(line[0] == 0x7f)
- goto Error;
- if(n == 0 || line[0] == '\n' || line[0] == '\r'){
- if(raw){
- write(ctl, "rawoff", 6);
- write(fdout, "\n", 1);
- }
- close(ctl);
- close(fdin);
- close(fdout);
- if(*s == 0 && def != nil)
- s = estrappend(s, "%s", def);
- return s;
- }
- if(line[0] == '\b'){
- if(strlen(s) > 0)
- s[strlen(s)-1] = 0;
- } else if(line[0] == 0x15) { /* ^U: line kill */
- if(def != nil)
- fprint(fdout, "\n%s[%s]: ", prompt, def);
- else
- fprint(fdout, "\n%s: ", prompt);
-
- s[0] = 0;
- } else {
- s = estrappend(s, "%c", line[0]);
- }
- }
- return nil; /* not reached */
-}
-
--- a/secstore.c
+++ b/secstore.c
@@ -7,6 +7,7 @@
#include <libc.h>
#include <mp.h>
#include <libsec.h>
+#include <authsrv.h>
#include "drawterm.h"
static void*
@@ -185,7 +186,7 @@
sha1(secret, SHA1dlen, nil, &sha);
sha1(data, len, nil, &sha);
sha1(seq, 4, digest, &sha);
- return memcmp(d, digest, SHA1dlen);
+ return tsmemcmp(d, digest, SHA1dlen);
}
static int