1*8ccd4a63SDavid du Colombier #include <u.h>
2*8ccd4a63SDavid du Colombier #include <libc.h>
3*8ccd4a63SDavid du Colombier #include <auth.h>
4*8ccd4a63SDavid du Colombier #include <authsrv.h>
5*8ccd4a63SDavid du Colombier #include "authlocal.h"
6*8ccd4a63SDavid du Colombier
7*8ccd4a63SDavid du Colombier /*
8*8ccd4a63SDavid du Colombier * compute the proper response. We encrypt the ascii of
9*8ccd4a63SDavid du Colombier * challenge number, with trailing binary zero fill.
10*8ccd4a63SDavid du Colombier * This process was derived empirically.
11*8ccd4a63SDavid du Colombier * this was copied from inet's guard.
12*8ccd4a63SDavid du Colombier */
13*8ccd4a63SDavid du Colombier static void
netresp(char * key,long chal,char * answer)14*8ccd4a63SDavid du Colombier netresp(char *key, long chal, char *answer)
15*8ccd4a63SDavid du Colombier {
16*8ccd4a63SDavid du Colombier uchar buf[8];
17*8ccd4a63SDavid du Colombier
18*8ccd4a63SDavid du Colombier memset(buf, 0, 8);
19*8ccd4a63SDavid du Colombier sprint((char *)buf, "%lud", chal);
20*8ccd4a63SDavid du Colombier if(encrypt(key, buf, 8) < 0)
21*8ccd4a63SDavid du Colombier abort();
22*8ccd4a63SDavid du Colombier chal = (buf[0]<<24)+(buf[1]<<16)+(buf[2]<<8)+buf[3];
23*8ccd4a63SDavid du Colombier sprint(answer, "%.8lux", chal);
24*8ccd4a63SDavid du Colombier }
25*8ccd4a63SDavid du Colombier
26*8ccd4a63SDavid du Colombier AuthInfo*
auth_userpasswd(char * user,char * passwd)27*8ccd4a63SDavid du Colombier auth_userpasswd(char *user, char *passwd)
28*8ccd4a63SDavid du Colombier {
29*8ccd4a63SDavid du Colombier char key[DESKEYLEN], resp[16];
30*8ccd4a63SDavid du Colombier AuthInfo *ai;
31*8ccd4a63SDavid du Colombier Chalstate *ch;
32*8ccd4a63SDavid du Colombier
33*8ccd4a63SDavid du Colombier /*
34*8ccd4a63SDavid du Colombier * Probably we should have a factotum protocol
35*8ccd4a63SDavid du Colombier * to check a raw password. For now, we use
36*8ccd4a63SDavid du Colombier * p9cr, which is simplest to speak.
37*8ccd4a63SDavid du Colombier */
38*8ccd4a63SDavid du Colombier if((ch = auth_challenge("user=%q proto=p9cr role=server", user)) == nil)
39*8ccd4a63SDavid du Colombier return nil;
40*8ccd4a63SDavid du Colombier
41*8ccd4a63SDavid du Colombier passtokey(key, passwd);
42*8ccd4a63SDavid du Colombier netresp(key, atol(ch->chal), resp);
43*8ccd4a63SDavid du Colombier memset(key, 0, sizeof key);
44*8ccd4a63SDavid du Colombier
45*8ccd4a63SDavid du Colombier ch->resp = resp;
46*8ccd4a63SDavid du Colombier ch->nresp = strlen(resp);
47*8ccd4a63SDavid du Colombier ai = auth_response(ch);
48*8ccd4a63SDavid du Colombier auth_freechal(ch);
49*8ccd4a63SDavid du Colombier return ai;
50*8ccd4a63SDavid du Colombier }
51