Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/boot/doauthenticate.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 #include <u.h> 2 #include <libc.h> 3 #include <auth.h> 4 #include "../boot/boot.h" 5 6 static char *pbmsg = "AS protocol botch"; 7 static char *ccmsg = "can't connect to AS"; 8 9 long 10 readn(int fd, void *buf, long len) 11 { 12 int m, n; 13 char *p; 14 15 p = buf; 16 for(n = 0; n < len; n += m){ 17 m = read(fd, p+n, len-n); 18 if(m <= 0) 19 return -1; 20 } 21 return n; 22 } 23 24 static char* 25 fromauth(Method *mp, char *trbuf, char *tbuf) 26 { 27 int afd; 28 char t; 29 char *msg; 30 static char error[2*ERRMAX]; 31 32 if(mp->auth == 0) 33 fatal("no method for accessing auth server"); 34 afd = (*mp->auth)(); 35 if(afd < 0) { 36 sprint(error, "%s: %r", ccmsg); 37 return error; 38 } 39 40 if(write(afd, trbuf, TICKREQLEN) < 0 || read(afd, &t, 1) != 1){ 41 close(afd); 42 sprint(error, "%s: %r", pbmsg); 43 return error; 44 } 45 switch(t){ 46 case AuthOK: 47 msg = 0; 48 if(readn(afd, tbuf, 2*TICKETLEN) < 0) { 49 sprint(error, "%s: %r", pbmsg); 50 msg = error; 51 } 52 break; 53 case AuthErr: 54 if(readn(afd, error, ERRMAX) < 0) { 55 sprint(error, "%s: %r", pbmsg); 56 msg = error; 57 } 58 else { 59 error[ERRMAX-1] = 0; 60 msg = error; 61 } 62 break; 63 default: 64 msg = pbmsg; 65 break; 66 } 67 68 close(afd); 69 return msg; 70 } 71 72 void 73 doauthenticate(int fd, Method *mp) 74 { 75 char *msg; 76 char trbuf[TICKREQLEN]; 77 char tbuf[2*TICKETLEN]; 78 79 print("session..."); 80 if(fsession(fd, trbuf, sizeof trbuf) < 0) 81 fatal("session command failed"); 82 83 /* no authentication required? */ 84 memset(tbuf, 0, 2*TICKETLEN); 85 if(trbuf[0] == 0) 86 return; 87 88 /* try getting to an auth server */ 89 print("getting ticket..."); 90 msg = fromauth(mp, trbuf, tbuf); 91 print("authenticating..."); 92 if(msg == 0) 93 if(fauth(fd, tbuf) >= 0) 94 return; 95 96 /* didn't work, go for the security hole */ 97 fprint(2, "no authentication server (%s), using your key as server key\n", msg); 98 } 99 100 char* 101 checkkey(Method *mp, char *name, char *key) 102 { 103 char *msg; 104 Ticketreq tr; 105 Ticket t; 106 char trbuf[TICKREQLEN]; 107 char tbuf[TICKETLEN]; 108 109 memset(&tr, 0, sizeof tr); 110 tr.type = AuthTreq; 111 strcpy(tr.authid, name); 112 strcpy(tr.hostid, name); 113 strcpy(tr.uid, name); 114 convTR2M(&tr, trbuf); 115 msg = fromauth(mp, trbuf, tbuf); 116 if(msg == ccmsg){ 117 fprint(2, "boot: can't contact auth server, passwd unchecked\n"); 118 return 0; 119 } 120 if(msg) 121 return msg; 122 convM2T(tbuf, &t, key); 123 if(t.num == AuthTc && strcmp(name, t.cuid)==0) 124 return 0; 125 return "no match"; 126 }
Cache object: 0d0e164c612771f4e021a3870d3b4589
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]