Home Explore Help
Register Sign In
RISCI_ATOM
/
harvey
mirror of https://github.com/Harvey-OS/harvey.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: a41256def3
Branches Tags
harvey
/
sys
/
src
/
cmd
/
auth
/
guard.srv.c

guard.srv.c 2.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130 
  1. #include <u.h>
    2. 

  2. #include <libc.h>
    3. 

  3. #include <fcall.h>
    4. 

  4. #include <bio.h>
    5. 

  5. #include <ndb.h>
    6. 

  6. #include <authsrv.h>
    7. 

  7. #include "authcmdlib.h"
    8. 

  8. 

  9. /*
    10. 

  10.  * c -> a	client
    11. 

  11.  * a -> c	challenge prompt
    12. 

  12.  * c -> a	KC'{challenge}
    13. 

  13.  * a -> c	OK or NO
    14. 

  14.  */
    15. 

  15. 

  16. void	catchalarm(void*, char*);
    17. 

  17. void	getraddr(char*);
    18. 

  18. 

  19. char	user[ANAMELEN];
    20. 

  20. char	raddr[128];
    21. 

  21. int	debug;
    22. 

  22. Ndb	*db;
    23. 

  23. 

  24. void
    25. 

  25. main(int argc, char *argv[])
    26. 

  26. {
    27. 

  27. 	char ukey[DESKEYLEN], resp[32], buf[NETCHLEN];
    28. 

  28. 	long chal;
    29. 

  29. 	int n;
    30. 

  30. 	Ndb *db2;
    31. 

  31. 	char *err;
    32. 

  32. 

  33. 	ARGBEGIN{
    34. 

  34. 	case 'd':
    35. 

  35. 		debug = 1;
    36. 

  36. 		break;
    37. 

  37. 	}ARGEND;
    38. 

  38. 

  39. 	db = ndbopen("/lib/ndb/auth");
    40. 

  40. 	if(db == 0)
    41. 

  41. 		syslog(0, AUTHLOG, "no /lib/ndb/auth");
    42. 

  42. 	db2 = ndbopen(0);
    43. 

  43. 	if(db2 == 0)
    44. 

  44. 		syslog(0, AUTHLOG, "no /lib/ndb/local");
    45. 

  45. 	db = ndbcat(db, db2);
    46. 

  46. 

  47. 	strcpy(raddr, "unknown");
    48. 

  48. 	if(argc >= 1)
    49. 

  49. 		getraddr(argv[argc-1]);
    50. 

  50. 

  51. 	argv0 = "guard";
    52. 

  52. 	srand((getpid()*1103515245)^time(0));
    53. 

  53. 	notify(catchalarm);
    54. 

  54. 

  55. 	/*
    56. 

  56. 	 * read the host and client and get their keys
    57. 

  57. 	 */
    58. 

  58. 	if(readarg(0, user, sizeof user) < 0)
    59. 

  59. 		fail(0);
    60. 

  60. 

  61. 	/*
    62. 

  62. 	 * challenge-response
    63. 

  63. 	 */
    64. 

  64. 	chal = lnrand(MAXNETCHAL);
    65. 

  65. 	sprint(buf, "challenge: %lud\nresponse: ", chal);
    66. 

  66. 	n = strlen(buf) + 1;
    67. 

  67. 	if(write(1, buf, n) != n){
    68. 

  68. 		if(debug)
    69. 

  69. 			syslog(0, AUTHLOG, "g-fail %s@%s :%r sending chal",
    70. 

  70. 				user, raddr);
    71. 

  71. 		exits("replying to server");
    72. 

  72. 	}
    73. 

  73. 	alarm(3*60*1000);
    74. 

  74. 	if(readarg(0, resp, sizeof resp) < 0){
    75. 

  75. 		if(debug)
    76. 

  76. 			syslog(0, AUTHLOG, "g-fail %s@%s :%r reading resp",
    77. 

  77. 				user, raddr);
    78. 

  78. 		fail(0);
    79. 

  79. 	}
    80. 

  80. 	alarm(0);
    81. 

  81. 

  82. 	if(!findkey(NETKEYDB, user, ukey) || !netcheck(ukey, chal, resp))
    83. 

  83. 	if(!findkey(KEYDB, user, ukey) || !netcheck(ukey, chal, resp))
    84. 

  84. 	if((err = secureidcheck(user, resp)) != nil){
    85. 

  85. 		print("NO %s", err);
    86. 

  86. 		write(1, "NO", 2);
    87. 

  87. 		if(debug)
    88. 

  88. 			syslog(0, AUTHLOG, "g-fail %s@%s: %s %s to %lud",
    89. 

  89. 				err, user, raddr, resp, chal);
    90. 

  90. 		fail(user);
    91. 

  91. 	}
    92. 

  92. 	write(1, "OK", 2);
    93. 

  93. 	if(debug)
    94. 

  94. 		syslog(0, AUTHLOG, "g-ok %s@%s", user, raddr);
    95. 

  95. 	succeed(user);
    96. 

  96. 	exits(0);
    97. 

  97. }
    98. 

  98. 

  99. void
    100. 

  100. catchalarm(void *x, char *msg)
    101. 

  101. {
    102. 

  102. 	USED(x, msg);
    103. 

  103. 	if(debug)
    104. 

  104. 		syslog(0, AUTHLOG, "g-timed out %s", raddr);
    105. 

  105. 	fail(0);
    106. 

  106. }
    107. 

  107. 

  108. void
    109. 

  109. getraddr(char *dir)
    110. 

  110. {
    111. 

  111. 	int n, fd;
    112. 

  112. 	char *cp;
    113. 

  113. 	char file[128];
    114. 

  114. 

  115. 	snprint(file, sizeof(file), "%s/remote", dir);
    116. 

  116. 	fd = open(file, OREAD);
    117. 

  117. 	if(fd < 0)
    118. 

  118. 		return;
    119. 

  119. 	n = read(fd, raddr, sizeof(raddr)-1);
    120. 

  120. 	close(fd);
    121. 

  121. 	if(n <= 0)
    122. 

  122. 		return;
    123. 

  123. 	raddr[n] = 0;
    124. 

  124. 	cp = strchr(raddr, '\n');
    125. 

  125. 	if(cp)
    126. 

  126. 		*cp = 0;
    127. 

  127. 	cp = strchr(raddr, '!');
    128. 

  128. 	if(cp)
    129. 

  129. 		*cp = 0;
    130. 

  130. }
    131.