xref: /plan9/sys/src/cmd/unix/drawterm/libauth/auth_userpasswd.c (revision 8ccd4a6360d974db7bd7bbd4f37e7018419ea908)
1*8ccd4a63SDavid du Colombier #include <u.h>
2*8ccd4a63SDavid du Colombier #include <libc.h>
3*8ccd4a63SDavid du Colombier #include <auth.h>
4*8ccd4a63SDavid du Colombier #include <authsrv.h>
5*8ccd4a63SDavid du Colombier #include "authlocal.h"
6*8ccd4a63SDavid du Colombier 
7*8ccd4a63SDavid du Colombier /*
8*8ccd4a63SDavid du Colombier  * compute the proper response.  We encrypt the ascii of
9*8ccd4a63SDavid du Colombier  * challenge number, with trailing binary zero fill.
10*8ccd4a63SDavid du Colombier  * This process was derived empirically.
11*8ccd4a63SDavid du Colombier  * this was copied from inet's guard.
12*8ccd4a63SDavid du Colombier  */
13*8ccd4a63SDavid du Colombier static void
netresp(char * key,long chal,char * answer)14*8ccd4a63SDavid du Colombier netresp(char *key, long chal, char *answer)
15*8ccd4a63SDavid du Colombier {
16*8ccd4a63SDavid du Colombier 	uchar buf[8];
17*8ccd4a63SDavid du Colombier 
18*8ccd4a63SDavid du Colombier 	memset(buf, 0, 8);
19*8ccd4a63SDavid du Colombier 	sprint((char *)buf, "%lud", chal);
20*8ccd4a63SDavid du Colombier 	if(encrypt(key, buf, 8) < 0)
21*8ccd4a63SDavid du Colombier 		abort();
22*8ccd4a63SDavid du Colombier 	chal = (buf[0]<<24)+(buf[1]<<16)+(buf[2]<<8)+buf[3];
23*8ccd4a63SDavid du Colombier 	sprint(answer, "%.8lux", chal);
24*8ccd4a63SDavid du Colombier }
25*8ccd4a63SDavid du Colombier 
26*8ccd4a63SDavid du Colombier AuthInfo*
auth_userpasswd(char * user,char * passwd)27*8ccd4a63SDavid du Colombier auth_userpasswd(char *user, char *passwd)
28*8ccd4a63SDavid du Colombier {
29*8ccd4a63SDavid du Colombier 	char key[DESKEYLEN], resp[16];
30*8ccd4a63SDavid du Colombier 	AuthInfo *ai;
31*8ccd4a63SDavid du Colombier 	Chalstate *ch;
32*8ccd4a63SDavid du Colombier 
33*8ccd4a63SDavid du Colombier 	/*
34*8ccd4a63SDavid du Colombier 	 * Probably we should have a factotum protocol
35*8ccd4a63SDavid du Colombier 	 * to check a raw password.  For now, we use
36*8ccd4a63SDavid du Colombier 	 * p9cr, which is simplest to speak.
37*8ccd4a63SDavid du Colombier 	 */
38*8ccd4a63SDavid du Colombier 	if((ch = auth_challenge("user=%q proto=p9cr role=server", user)) == nil)
39*8ccd4a63SDavid du Colombier 		return nil;
40*8ccd4a63SDavid du Colombier 
41*8ccd4a63SDavid du Colombier 	passtokey(key, passwd);
42*8ccd4a63SDavid du Colombier 	netresp(key, atol(ch->chal), resp);
43*8ccd4a63SDavid du Colombier 	memset(key, 0, sizeof key);
44*8ccd4a63SDavid du Colombier 
45*8ccd4a63SDavid du Colombier 	ch->resp = resp;
46*8ccd4a63SDavid du Colombier 	ch->nresp = strlen(resp);
47*8ccd4a63SDavid du Colombier 	ai = auth_response(ch);
48*8ccd4a63SDavid du Colombier 	auth_freechal(ch);
49*8ccd4a63SDavid du Colombier 	return ai;
50*8ccd4a63SDavid du Colombier }
51