shithub: drawterm

Info  •  Files  •  Log  •  Branches

libauth: don't compile unneeded (for drawterm) units, update _attrfmt() and auth.h header

--- a/include/auth.h

+++ b/include/auth.h

@@ -17,7 +17,7 @@

 enum

 {

 	MAXCHLEN=	256,		/* max challenge length	*/

-	AMAXNAMELEN=	256,		/* maximum name length */

+	MAXNAMELEN=	256,		/* maximum name length */

 	MD5LEN=		16,

 	ARok = 0,			/* rpc return values */

@@ -37,7 +37,7 @@

 struct AuthRpc

 {

 	int afd;

-	char ibuf[AuthRpcMax];

+	char ibuf[AuthRpcMax+1];	/* +1 for NUL in auth_rpc.c */

 	char obuf[AuthRpcMax];

 	char *arg;

 	uint narg;

@@ -63,7 +63,7 @@

 /* for implementation only */

 	int	afd;			/* to factotum */

 	AuthRpc	*rpc;			/* to factotum */

-	char	userbuf[AMAXNAMELEN];	/* temp space if needed */

+	char	userbuf[MAXNAMELEN];	/* temp space if needed */

 	int	userinchal;		/* user was sent to obtain challenge */

 };

@@ -91,16 +91,13 @@

 extern	int	noworld(char*);

 extern	int	amount(int, char*, int, char*);

-/* these two may get generalized away -rsc */

 extern	int	login(char*, char*, char*);

-extern	int	httpauth(char*, char*);

 typedef struct Attr Attr;

-typedef struct String String;

 enum {

 	AttrNameval,		/* name=val -- when matching, must have name=val */

 	AttrQuery,		/* name? -- when matching, must be present */

-	AttrDefault,		/* name:=val -- when matching, if present must match INTERNAL */

+	AttrDefault,		/* name=val -- when matching, if present must match INTERNAL */

 };

 struct Attr

 {

@@ -141,11 +138,9 @@

 extern Attr*		auth_attr(AuthRpc *rpc);

 extern void		auth_freerpc(AuthRpc *rpc);

 extern uint		auth_rpc(AuthRpc *rpc, char *verb, void *a, int n);

-extern int		auth_wep(char*, char*, ...);

-

 #ifdef VARARGCK

 #pragma varargck argpos auth_proxy 3

 #pragma varargck argpos auth_challenge 1

-#pragma varargck argpos auth_respond 3

+#pragma varargck argpos auth_respond 8

 #pragma varargck argpos auth_getuserpasswd 2

 #endif

--- a/libauth/Makefile

+++ b/libauth/Makefile

@@ -5,12 +5,8 @@

 OFILES=\

 	attr.$O\

 	auth_attr.$O\

-	auth_challenge.$O\

-	auth_getuserpasswd.$O\

 	auth_proxy.$O\

-	auth_respond.$O\

 	auth_rpc.$O\

-	auth_userpasswd.$O\

 default: $(LIB)

 $(LIB): $(OFILES)

--- a/libauth/attr.c

+++ b/libauth/attr.c

@@ -5,28 +5,26 @@

 int

 _attrfmt(Fmt *fmt)

 {

-	char *b, buf[1024], *ebuf;

 	Attr *a;

+	int first = 1;

-	ebuf = buf+sizeof buf;

-	b = buf;

-	strcpy(buf, " ");

-	for(a=va_arg(fmt->args, Attr*); a; a=a->next){

+	for(a=va_arg(fmt->args, Attr*); a != nil; a=a->next){

 		if(a->name == nil)

 			continue;

 		switch(a->type){

+		default:

+			continue;

 		case AttrQuery:

-			b = seprint(b, ebuf, " %q?", a->name);

+			fmtprint(fmt, first+" %q?", a->name);

 			break;

 		case AttrNameval:

-			b = seprint(b, ebuf, " %q=%q", a->name, a->val);

-			break;

 		case AttrDefault:

-			b = seprint(b, ebuf, " %q:=%q", a->name, a->val);

+			fmtprint(fmt, first+" %q=%q", a->name, a->val);

 			break;

 		}

+		first = 0;

 	}

-	return fmtstrcpy(fmt, buf+1);

+	return 0;

 }

 Attr*

--- a/libauth/auth_challenge.c

+++ /dev/null

@@ -1,116 +1,0 @@

-#include <u.h>

-#include <libc.h>

-#include <auth.h>

-#include "authlocal.h"

-

-Chalstate*

-auth_challenge(char *fmt, ...)

-{

-	char *p;

-	va_list arg;

-	Chalstate *c;

-

-	quotefmtinstall();	/* just in case */

-	va_start(arg, fmt);

-	p = vsmprint(fmt, arg);

-	va_end(arg);

-	if(p == nil)

-		return nil;

-

-	c = mallocz(sizeof(*c), 1);

-	if(c == nil){

-		free(p);

-		return nil;

-	}

-

-	if((c->afd = open("/mnt/factotum/rpc", ORDWR)) < 0){

-	Error:

-		auth_freechal(c);

-		free(p);

-		return nil;

-	}

-

-	if((c->rpc=auth_allocrpc(c->afd)) == nil

-	|| auth_rpc(c->rpc, "start", p, strlen(p)) != ARok

-	|| auth_rpc(c->rpc, "read", nil, 0) != ARok)

-		goto Error;

-

-	if(c->rpc->narg > sizeof(c->chal)-1){

-		werrstr("buffer too small for challenge");

-		goto Error;

-	}

-	memmove(c->chal, c->rpc->arg, c->rpc->narg);

-	c->nchal = c->rpc->narg;

-	free(p);

-	return c;

-}

-

-AuthInfo*

-auth_response(Chalstate *c)

-{

-	int ret;

-	AuthInfo *ai;

-

-	ai = nil;

-	if(c->afd < 0){

-		werrstr("auth_response: connection not open");

-		return nil;

-	}

-	if(c->resp == nil){

-		werrstr("auth_response: nil response");

-		return nil;

-	}

-	if(c->nresp == 0){

-		werrstr("auth_response: unspecified response length");

-		return nil;

-	}

-

-	if(c->user){

-		if(auth_rpc(c->rpc, "write", c->user, strlen(c->user)) != ARok){

-			/*

-			 * if this fails we're out of phase with factotum.

-			 * give up.

-			 */

-			goto Out;

-		}

-	}

-

-	if(auth_rpc(c->rpc, "write", c->resp, c->nresp) != ARok){

-		/*

-		 * don't close the connection -- maybe we'll try again.

-		 */

-		return nil;

-	}

-

-	switch(ret = auth_rpc(c->rpc, "read", nil, 0)){

-	case ARok:

-	default:

-		werrstr("factotum protocol botch %d %s", ret, c->rpc->ibuf);

-		break;

-	case ARdone:

-		ai = auth_getinfo(c->rpc);

-		break;

-	}

-

-Out:

-	close(c->afd);

-	auth_freerpc(c->rpc);

-	c->afd = -1;

-	c->rpc = nil;

-	return ai;

-}

-

-void

-auth_freechal(Chalstate *c)

-{

-	if(c == nil)

-		return;

-

-	if(c->afd >= 0)

-		close(c->afd);

-	if(c->rpc != nil)

-		auth_freerpc(c->rpc);

-

-	memset(c, 0xBB, sizeof(*c));

-	free(c);

-}

--- a/libauth/auth_getuserpasswd.c

+++ /dev/null

@@ -1,75 +1,0 @@

-#include <u.h>

-#include <libc.h>

-#include <auth.h>

-#include "authlocal.h"

-

-enum {

-	ARgiveup = 100,

-};

-

-static int

-dorpc(AuthRpc *rpc, char *verb, char *val, int len, AuthGetkey *getkey)

-{

-	int ret;

-

-	for(;;){

-		if((ret = auth_rpc(rpc, verb, val, len)) != ARneedkey && ret != ARbadkey)

-			return ret;

-		if(getkey == nil)

-			return ARgiveup;	/* don't know how */

-		if((*getkey)(rpc->arg) < 0)

-			return ARgiveup;	/* user punted */

-	}

-}

-

-UserPasswd*

-auth_getuserpasswd(AuthGetkey *getkey, char *fmt, ...)

-{

-	AuthRpc *rpc;

-	char *f[3], *p, *params;

-	int fd;

-	va_list arg;

-	UserPasswd *up;

-

-	up = nil;

-	rpc = nil;

-	params = nil;

-

-	fd = open("/mnt/factotum/rpc", ORDWR);

-	if(fd < 0)

-		goto out;

-	rpc = auth_allocrpc(fd);

-	if(rpc == nil)

-		goto out;

-	quotefmtinstall();	/* just in case */

-	va_start(arg, fmt);

-	params = vsmprint(fmt, arg);

-	va_end(arg);

-	if(params == nil)

-		goto out;

-

-	if(dorpc(rpc, "start", params, strlen(params), getkey) != ARok

-	|| dorpc(rpc, "read", nil, 0, getkey) != ARok)

-		goto out;

-

-	rpc->arg[rpc->narg] = '\0';

-	if(tokenize(rpc->arg, f, 2) != 2){

-		werrstr("bad answer from factotum");

-		goto out;

-	}

-	up = malloc(sizeof(*up)+rpc->narg+1);

-	if(up == nil)

-		goto out;

-	p = (char*)&up[1];

-	strcpy(p, f[0]);

-	up->user = p;

-	p += strlen(p)+1;

-	strcpy(p, f[1]);

-	up->passwd = p;

-

-out:

-	free(params);

-	auth_freerpc(rpc);

-	close(fd);

-	return up;

-}

--- a/libauth/auth_respond.c

+++ /dev/null

@@ -1,72 +1,0 @@

-#include <u.h>

-#include <libc.h>

-#include <auth.h>

-#include "authlocal.h"

-

-enum {

-	ARgiveup = 100,

-};

-

-static int

-dorpc(AuthRpc *rpc, char *verb, char *val, int len, AuthGetkey *getkey)

-{

-	int ret;

-

-	for(;;){

-		if((ret = auth_rpc(rpc, verb, val, len)) != ARneedkey && ret != ARbadkey)

-			return ret;

-		if(getkey == nil)

-			return ARgiveup;	/* don't know how */

-		if((*getkey)(rpc->arg) < 0)

-			return ARgiveup;	/* user punted */

-	}

-}

-

-int

-auth_respond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp, AuthGetkey *getkey, char *fmt, ...)

-{

-	char *p, *s;

-	va_list arg;

-	int afd;

-	AuthRpc *rpc;

-	Attr *a;

-

-	if((afd = open("/mnt/factotum/rpc", ORDWR)) < 0)

-		return -1;

-	

-	if((rpc = auth_allocrpc(afd)) == nil){

-		close(afd);

-		return -1;

-	}

-

-	quotefmtinstall();	/* just in case */

-	va_start(arg, fmt);

-	p = vsmprint(fmt, arg);

-	va_end(arg);

-

-	if(p==nil

-	|| dorpc(rpc, "start", p, strlen(p), getkey) != ARok

-	|| dorpc(rpc, "write", chal, nchal, getkey) != ARok

-	|| dorpc(rpc, "read", nil, 0, getkey) != ARok){

-		free(p);

-		close(afd);

-		auth_freerpc(rpc);

-		return -1;

-	}

-	free(p);

-

-	if(rpc->narg < nresp)

-		nresp = rpc->narg;

-	memmove(resp, rpc->arg, nresp);

-

-	if((a = auth_attr(rpc)) != nil

-	&& (s = _strfindattr(a, "user")) != nil && strlen(s) < nuser)

-		strcpy(user, s);

-	else if(nuser > 0)

-		user[0] = '\0';

-

-	_freeattr(a);

-	close(afd);

-	auth_freerpc(rpc);

-	return nresp;	

-}

--- a/libauth/auth_userpasswd.c

+++ /dev/null

@@ -1,49 +1,0 @@

-#include <u.h>

-#include <libc.h>

-#include <auth.h>

-#include <authsrv.h>

-#include "authlocal.h"

-

-/*

- * compute the proper response.  We encrypt the ascii of

- * challenge number, with trailing binary zero fill.

- * This process was derived empirically.

- * this was copied from inet's guard.

- */

-static void

-netresp(char key[DESKEYLEN], long chal, char *answer)

-{

-	uchar buf[8];

-

-	memset(buf, 0, sizeof buf);

-	snprint((char *)buf, sizeof buf, "%lud", chal);

-	if(encrypt(key, buf, 8) < 0)

-		abort();

-	sprint(answer, "%.8ux", buf[0]<<24 | buf[1]<<16 | buf[2]<<8 | buf[3]);

-}

-

-AuthInfo*

-auth_userpasswd(char *user, char *passwd)

-{

-	char resp[16], key[DESKEYLEN];

-	AuthInfo *ai;

-	Chalstate *ch;

-

-	/*

-	 * Probably we should have a factotum protocol

-	 * to check a raw password.  For now, we use

-	 * p9cr, which is simplest to speak.

-	 */

-	if((ch = auth_challenge("user=%q proto=p9cr role=server", user)) == nil)

-		return nil;

-

-	passtodeskey(key, passwd);

-	netresp(key, atol(ch->chal), resp);

-	memset(key, 0, sizeof(key));

-

-	ch->resp = resp;

-	ch->nresp = strlen(resp);

-	ai = auth_response(ch);

-	auth_freechal(ch);

-	return ai;

-}

--- a/libauth/httpauth.c

+++ /dev/null

@@ -1,51 +1,0 @@

-#include <u.h>

-#include <libc.h>

-#include <auth.h>

-#include <authsrv.h>

-

-/* deprecated.

-	This is the mechanism that put entries in /sys/lib/httpd.rewrite

-	and passwords on the authserver in /sys/lib/httppasswords, which

-	was awkward to administer.  Instead, use local .httplogin files,

-	which are implemented in sys/src/cmd/ip/httpd/authorize.c */

-

-int

-httpauth(char *name, char *password)

-{

-	int afd;

-	Ticketreq tr;

-	Ticket	t;

-	char key[DESKEYLEN];

-	char buf[512];

-

-	afd = authdial(nil, nil);

-	if(afd < 0)

-		return -1;

-

-	/* send ticket request to AS */

-	memset(&tr, 0, sizeof(tr));

-	strcpy(tr.uid, name);

-	tr.type = AuthHttp;

-	convTR2M(&tr, buf);

-	if(write(afd, buf, TICKREQLEN) != TICKREQLEN){

-		close(afd);

-		return -1;

-	}

-	if(_asrdresp(afd, buf, TICKETLEN) < 0){

-		close(afd);

-		return -1;

-	}

-	close(afd);

-

-	/*

-	 *  use password and try to decrypt the

-	 *  ticket.  If it doesn't work we've got a bad password,

-	 *  give up.

-	 */

-	passtokey(key, password);

-	convM2T(buf, &t, key);

-	if(t.num != AuthHr || strcmp(t.cuid, tr.uid))

-		return -1;

-

-	return 0;

-}