20 years ago · 8224cecb79
--- a/dist/replica/plan9.db
+++ b/dist/replica/plan9.db
@@ -78,7 +78,7 @@
 
				 386/bin/auth/rsagen - 775 sys sys 1064598052 152733
			
 
				 386/bin/auth/secretpem - 775 sys sys 1045537944 118526
			
 
				 386/bin/auth/secstore - 775 sys sys 1064598053 187847
			
 
				-386/bin/auth/secstored - 775 sys sys 1064598055 193693
			
 
				+386/bin/auth/secstored - 775 sys sys 1064798342 194075
			
 
				 386/bin/auth/secuser - 775 sys sys 1064667524 151195
			
 
				 386/bin/auth/status - 775 sys sys 1020319060 738
			
 
				 386/bin/auth/uniq - 775 sys sys 1064598056 61525
			
@@ -4982,7 +4982,7 @@ sys/man/8/replica - 664 sys sys 1021579979 6239
 
				 sys/man/8/rsa - 664 sys sys 1057955511 4628
			
 
				 sys/man/8/scanmail - 664 sys sys 969499895 10803
			
 
				 sys/man/8/scuzz - 664 sys sys 984709640 7916
			
 
				-sys/man/8/secstore - 664 sys sys 1062291170 1159
			
 
				+sys/man/8/secstore - 664 sys sys 1064789017 1294
			
 
				 sys/man/8/securenet - 664 sys sys 954305552 3160
			
 
				 sys/man/8/send - 664 sys sys 1045501634 2168
			
 
				 sys/man/8/smtp - 664 sys sys 1049408388 4111
			
@@ -6746,7 +6746,7 @@ sys/src/cmd/auth/rsa2x509.c - 664 sys sys 1048614964 794
 
				 sys/src/cmd/auth/rsafill.c - 664 sys sys 1048614963 747
			
 
				 sys/src/cmd/auth/rsagen.c - 664 sys sys 1048614963 992
			
 
				 sys/src/cmd/auth/secstore - 20000000775 sys sys 1017337838 0
			
 
				-sys/src/cmd/auth/secstore/SConn.c - 664 sys sys 1041890053 4381
			
 
				+sys/src/cmd/auth/secstore/SConn.c - 664 sys sys 1064789003 4419
			
 
				 sys/src/cmd/auth/secstore/SConn.h - 664 sys sys 1015008431 955
			
 
				 sys/src/cmd/auth/secstore/aescbc.c - 664 sys sys 1045504879 3920
			
 
				 sys/src/cmd/auth/secstore/dirls.c - 664 sys sys 1062277640 1842
			
@@ -6757,7 +6757,7 @@ sys/src/cmd/auth/secstore/secacct.c - 644 sys sys 1015008431 755
 
				 sys/src/cmd/auth/secstore/secchk.c - 664 sys sys 1055698993 560
			
 
				 sys/src/cmd/auth/secstore/secstore.c - 664 sys sys 1062277640 12269
			
 
				 sys/src/cmd/auth/secstore/secstore.h - 664 sys sys 1041890053 841
			
 
				-sys/src/cmd/auth/secstore/secstored.c - 664 sys sys 1062525349 7978
			
 
				+sys/src/cmd/auth/secstore/secstored.c - 664 sys sys 1064789004 7955
			
 
				 sys/src/cmd/auth/secstore/secuser.c - 664 sys sys 1064667494 4971
			
 
				 sys/src/cmd/auth/secstore/util.c - 664 sys sys 1021579985 1498
			
 
				 sys/src/cmd/auth/secureidcheck.c - 664 sys sys 1045504896 8973
			
--- a/dist/replica/plan9.log
+++ b/dist/replica/plan9.log
@@ -13824,3 +13824,7 @@
 
				 1064667680 1 c sys/src/cmd/auth/secstore/secuser.c - 664 sys sys 1064667494 4971
			
 
				 1064680014 0 c sys/src/9/pc/vgas3.c - 664 sys sys 1064679984 12160
			
 
				 1064680014 1 c sys/src/9/pc/vgasavage.c - 664 sys sys 1064679984 16251
			
 
				+1064790103 0 c sys/man/8/secstore - 664 sys sys 1064789017 1294
			
 
				+1064790103 1 c sys/src/cmd/auth/secstore/SConn.c - 664 sys sys 1064789003 4419
			
 
				+1064790103 2 c sys/src/cmd/auth/secstore/secstored.c - 664 sys sys 1064789004 7955
			
 
				+1064799112 0 c 386/bin/auth/secstored - 775 sys sys 1064798342 194075
			
--- a/sys/man/8/secstore
+++ b/sys/man/8/secstore
@@ -4,9 +4,10 @@ secstored, secuser \- secstore commands
 
				 .SH SYNOPSIS
			
 
				 .br
			
 
				 .B auth/secstored
			
 
				+[-R]
			
 
				 [-S servername]
			
 
				 [-s tcp!*!5356]
			
 
				-[-x]
			
 
				+[-x mountpoint]
			
 
				 .br
			
 
				 .B auth/secuser
			
 
				 [-v]
			
@@ -19,10 +20,13 @@ username
 
				 serves requests from
			
 
				 .IR secstore (1).
			
 
				 The
			
 
				-.B -x
			
 
				-option announces on
			
 
				-.B /net.alt/tcp!*!5356
			
 
				-instead of the default
			
 
				+.B -R
			
 
				+option supplements the password check with a
			
 
				+call to a RADIUS server, for checking hardware
			
 
				+tokens or other validation.
			
 
				+The
			
 
				+.BR -x mountpoint
			
 
				+option specifies an alternative to the default network
			
 
				 .BR /net .
			
 
				 .PP
			
 
				 .I Secuser
			
--- a/sys/src/cmd/auth/secstore/SConn.c
+++ b/sys/src/cmd/auth/secstore/SConn.c
@@ -117,7 +117,7 @@ static int
 
				 SC_write(SConn *conn, uchar *buf, int n)
			
 
				 {
			
 
				 	SS *ss = (SS*)(conn->chan);
			
 
				-	uchar count[2], digest[SHA1dlen];
			
 
				+	uchar count[2], digest[SHA1dlen], enc[Maxmsg+1];
			
 
				 	int len;
			
 
				 
			
 
				 	if(n <= 0 || n > Maxmsg+1){
			
@@ -136,9 +136,10 @@ SC_write(SConn *conn, uchar *buf, int n)
 
				 	if(ss->alg){
			
 
				 		hash(ss->out.secret, buf, n, ss->out.seqno, digest);
			
 
				 		rc4(&ss->out.rc4, digest, SHA1dlen);
			
 
				-		rc4(&ss->out.rc4, buf, n);
			
 
				+		memcpy(enc, buf, n);
			
 
				+		rc4(&ss->out.rc4, enc, n);
			
 
				 		if(write(ss->fd, digest, SHA1dlen) != SHA1dlen ||
			
 
				-				write(ss->fd, buf, n) != n){
			
 
				+				write(ss->fd, enc, n) != n){
			
 
				 			werrstr("!SC_write error on send");
			
 
				 			return -1;
			
 
				 		}
			
--- a/sys/src/cmd/auth/secstore/secstored.c
+++ b/sys/src/cmd/auth/secstore/secstored.c
@@ -16,7 +16,7 @@ Ndb *db;
 
				 static void
			
 
				 usage(void)
			
 
				 {
			
 
				-	fprint(2, "secstored: [-S servername] [-s tcp!*!5356] [-v] [-x netmtpt]\n");
			
 
				+	fprint(2, "usage: secstored [-R] [-S servername] [-s tcp!*!5356] [-v] [-x netmtpt]\n");
			
 
				 	exits("usage");
			
 
				 }
			
 
				 
			
@@ -327,6 +327,9 @@ main(int argc, char **argv)
 
				 
			
 
				 	setnetmtpt(net, sizeof(net), nil);
			
 
				 	ARGBEGIN{
			
 
				+	case 'R':
			
 
				+		forceSTA = 1;
			
 
				+		break;
			
 
				 	case 's':
			
 
				 		serve = EARGF(usage());
			
 
				 		break;
			
@@ -338,7 +341,6 @@ main(int argc, char **argv)
 
				 		if(p == nil)
			
 
				 			usage();
			
 
				 		setnetmtpt(net, sizeof(net), p);
			
 
				-		forceSTA = 1;  // for any non-standard network setting, be paranoid
			
 
				 		break;
			
 
				 	case 'v':
			
 
				 		verbose++;