1 #include <u.h> 2 #include <libc.h> 3 #include <auth.h> 4 #include <fcall.h> 5 #include "authsrv.h" 6 7 /* 8 * c -> a client 9 * a -> c challenge prompt 10 * c -> a KC'{challenge} 11 * a -> c OK or NO 12 */ 13 14 void catchalarm(void*, char*); 15 void getraddr(char*); 16 17 char user[NAMELEN]; 18 char raddr[128]; 19 20 void 21 main(int argc, char *argv[]) 22 { 23 char ukey[DESKEYLEN], resp[32], buf[NETCHLEN]; 24 long chal; 25 int n; 26 27 ARGBEGIN{ 28 }ARGEND; 29 30 strcpy(raddr, "unknown"); 31 if(argc >= 1) 32 getraddr(argv[argc-1]); 33 34 argv0 = "guard"; 35 srand(getpid()*time(0)); 36 notify(catchalarm); 37 38 /* 39 * read the host and client and get their keys 40 */ 41 if(readarg(0, user, sizeof user) < 0) 42 fail(0); 43 44 /* 45 * challenge-response 46 */ 47 chal = lnrand(MAXNETCHAL); 48 sprint(buf, "challenge: %lud\nresponse: ", chal); 49 n = strlen(buf) + 1; 50 if(write(1, buf, n) != n){ 51 syslog(0, AUTHLOG, "g-fail %r replying to server"); 52 exits("replying to server"); 53 } 54 alarm(3*60*1000); 55 if(readarg(0, resp, sizeof resp) < 0) 56 fail(0); 57 alarm(0); 58 59 if(!findkey(NETKEYDB, user, ukey) || !netcheck(ukey, chal, resp)){ 60 if(!findkey(KEYDB, user, ukey) || !netcheck(ukey, chal, resp)){ 61 write(1, "NO", 2); 62 syslog(0, AUTHLOG, "g-fail bad response %s", raddr); 63 fail(user); 64 } 65 } 66 write(1, "OK", 2); 67 syslog(0, AUTHLOG, "g-ok %s %s", user, raddr); 68 succeed(user); 69 exits(0); 70 } 71 72 void 73 catchalarm(void *x, char *msg) 74 { 75 USED(x, msg); 76 syslog(0, AUTHLOG, "user response timed out"); 77 fail(0); 78 } 79 80 void 81 getraddr(char *dir) 82 { 83 int n, fd; 84 char *cp; 85 char file[3*NAMELEN]; 86 87 snprint(file, sizeof(file), "%s/remote", dir); 88 fd = open(file, OREAD); 89 if(fd < 0) 90 return; 91 n = read(fd, raddr, sizeof(raddr)-1); 92 close(fd); 93 if(n <= 0) 94 return; 95 raddr[n] = 0; 96 cp = strchr(raddr, '\n'); 97 if(cp) 98 *cp = 0; 99 cp = strchr(raddr, '!'); 100 if(cp) 101 *cp = 0; 102 } 103