shithub: drawterm

Download patch

ref: ef6d7a8ab1f406b97f64011eecb84300ac33d0b8
parent: d8586354364b7fc1ccda174f33e1ab324c5e77e4
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Sun Feb 21 23:22:53 EST 2016

provide secstore key separation for proto p9sk1 and dp9ik

the passwords for p9sk1 and dp9ik might differ.

--- a/cpu.c
+++ b/cpu.c
@@ -197,13 +197,13 @@
 		usage();
 
 	if(system == nil)
-		system = readcons("cpuserver", "cpu", 0);
+		system = readcons("cpu", "cpu", 0);
 
 	if(user == nil)
 		user = readcons("user", "glenda", 0);
 
 	if(authserver == nil)
-		authserver = readcons("authserver", system, 0);
+		authserver = readcons("auth", system, 0);
 
 	if(mountfactotum() < 0){
 		if(secstoreserver == nil)
@@ -613,6 +613,7 @@
 	}
 	if(proto == nil)
 		fatal(1, "server did not offer p9sk1 or dp9ik");
+	proto = estrdup(proto);
 	sprint(buf2, "%s %s", proto, dom);
 	if(write(fd, buf2, strlen(buf2)+1) != strlen(buf2)+1)
 		fatal(1, "cannot write user/domain choice in p9any");
@@ -635,15 +636,16 @@
 		fatal(1, "cannot read ticket request in p9sk1");
 
 	u = user;
-	pass = findkey(&u, tr.authdom);
+	pass = findkey(&u, tr.authdom, proto);
 	if(pass == nil)
 	again:
-		pass = getkey(u, tr.authdom);
+		pass = getkey(u, tr.authdom, proto);
 	if(pass == nil)
 		fatal(1, "no password");
 
 	passtokey(&authkey, pass);
 	memset(pass, 0, strlen(pass));
+	free(pass);
 
 	strecpy(tr.hostid, tr.hostid+sizeof tr.hostid, u);
 	strecpy(tr.uid, tr.uid+sizeof tr.uid, u);
@@ -706,8 +708,8 @@
 	// print("i am %s there.\n", t.suid);
 
 	ai = mallocz(sizeof(AuthInfo), 1);
-	ai->suid = strdup(t.suid);
-	ai->cuid = strdup(t.cuid);
+	ai->suid = estrdup(t.suid);
+	ai->cuid = estrdup(t.cuid);
 	if(dp9ik){
 		static char info[] = "Plan 9 session secret";
 		ai->nsecret = 256;
@@ -728,6 +730,7 @@
 	memset(&authkey, 0, sizeof(authkey));
 	memset(cchal, 0, sizeof(cchal));
 	memset(crand, 0, sizeof(crand));
+	free(proto);
 
 	return ai;
 }
--- a/drawterm.h
+++ b/drawterm.h
@@ -6,8 +6,9 @@
 extern char *readcons(char *prompt, char *def, int secret);
 extern int exportfs(int, int);
 extern char *user;
-extern char *getkey(char*, char*);
-extern char *findkey(char**, char*);
+extern char *getkey(char*, char*, char*);
+extern char *findkey(char**, char*, char*);
 extern int dialfactotum(void);
 extern char *getuser(void);
 extern void cpumain(int, char**);
+extern char *estrdup(char*);
--- a/main.c
+++ b/main.c
@@ -70,16 +70,16 @@
 }
 
 char*
-getkey(char *user, char *dom)
+getkey(char *user, char *dom, char *proto)
 {
 	char buf[1024];
 
-	snprint(buf, sizeof buf, "%s@%s password", user, dom);
+	snprint(buf, sizeof buf, "%s@%s %s password", user, dom, proto);
 	return readcons(buf, nil, 1);
 }
 
 char*
-findkey(char **puser, char *dom)
+findkey(char **puser, char *dom, char *proto)
 {
 	char buf[1024], *f[50], *p, *ep, *nextp, *pass, *user;
 	int nf, haveproto,  havedom, i;
@@ -111,13 +111,13 @@
 				pass = f[i]+10;
 			if(strncmp(f[i], "dom=", 4) == 0 && strcmp(f[i]+4, dom) == 0)
 				havedom = 1;
-			if(strcmp(f[i], "proto=p9sk1") == 0 || strcmp(f[i], "proto=dp9ik") == 0)
+			if(strncmp(f[i], "proto=", 6) == 0 && strcmp(f[i]+6, proto) == 0)
 				haveproto = 1;
 		}
 		if(!haveproto || !havedom || !pass || !user)
 			continue;
-		*puser = strdup(user);
-		pass = strdup(pass);
+		*puser = estrdup(user);
+		pass = estrdup(pass);
 		memset(buf, 0, sizeof buf);
 		return pass;
 	}
--- a/readcons.c
+++ b/readcons.c
@@ -6,7 +6,7 @@
 erealloc(void *v, ulong n)
 {
 	v = realloc(v, n);
-	if(v == nil)
+	if(v == nil && n != 0)
 		sysfatal("out of memory");
 	return v;
 }
--- a/secstore.c
+++ b/secstore.c
@@ -560,7 +560,7 @@
 	}
 	*eol = 0;
 	if(pS)
-		*pS = strdup(S);
+		*pS = estrdup(S);
 	strtomp(hexmu, nil, 64, mu);
 	mpexp(mu, x, pak->p, sigma);
 	hexsigma = mptoa(sigma, 64, nil, 0);
@@ -615,7 +615,7 @@
 	conn = nil;
 	rv = nil;
 	if(password != nil && *password)
-		pass = strdup(password);
+		pass = estrdup(password);
 	else
 		pass = readcons("secstore password", nil, 1);
 	if(pass==nil || strlen(pass)==0){