13e12c5d1SDavid du Colombier #pragma lib "libauth.a" 23e12c5d1SDavid du Colombier 3219b2ee8SDavid du Colombier typedef struct Ticket Ticket; 4219b2ee8SDavid du Colombier typedef struct Ticketreq Ticketreq; 5219b2ee8SDavid du Colombier typedef struct Authenticator Authenticator; 6219b2ee8SDavid du Colombier typedef struct Nvrsafe Nvrsafe; 7219b2ee8SDavid du Colombier typedef struct Passwordreq Passwordreq; 8219b2ee8SDavid du Colombier typedef struct Chalstate Chalstate; 9*7dd7cddfSDavid du Colombier typedef struct Apopchalstate Apopchalstate; 10*7dd7cddfSDavid du Colombier typedef struct Apopchalstate Cramchalstate; 11*7dd7cddfSDavid du Colombier typedef struct Chapreply Chapreply; 12*7dd7cddfSDavid du Colombier typedef struct MSchapreply MSchapreply; 133e12c5d1SDavid du Colombier 14219b2ee8SDavid du Colombier enum 15219b2ee8SDavid du Colombier { 16219b2ee8SDavid du Colombier DOMLEN= 48, /* length of an authentication domain name */ 17219b2ee8SDavid du Colombier DESKEYLEN= 7, /* length of a des key for encrypt/decrypt */ 18219b2ee8SDavid du Colombier CHALLEN= 8, /* length of a challenge */ 19219b2ee8SDavid du Colombier NETCHLEN= 16, /* max network challenge length */ 203e12c5d1SDavid du Colombier CONFIGLEN= 14, 21*7dd7cddfSDavid du Colombier SECRETLEN= 32, /* max length of a secret */ 22*7dd7cddfSDavid du Colombier APOPCHLEN= 256, 23*7dd7cddfSDavid du Colombier MD5LEN= 16, 243e12c5d1SDavid du Colombier 25*7dd7cddfSDavid du Colombier KEYDBOFF= 8, /* length of random data at the start of key file */ 26*7dd7cddfSDavid du Colombier OKEYDBLEN= NAMELEN+DESKEYLEN+4+2, /* length of an entry in old key file */ 27*7dd7cddfSDavid du Colombier KEYDBLEN= OKEYDBLEN+SECRETLEN, /* length of an entry in key file */ 283e12c5d1SDavid du Colombier }; 293e12c5d1SDavid du Colombier 30219b2ee8SDavid du Colombier /* encryption numberings (anti-replay) */ 31219b2ee8SDavid du Colombier enum 32219b2ee8SDavid du Colombier { 33219b2ee8SDavid du Colombier AuthTreq=1, /* ticket request */ 34219b2ee8SDavid du Colombier AuthChal=2, /* challenge box request */ 35219b2ee8SDavid du Colombier AuthPass=3, /* change password */ 36*7dd7cddfSDavid du Colombier AuthOK=4, /* fixed length reply follows */ 37219b2ee8SDavid du Colombier AuthErr=5, /* error follows */ 38*7dd7cddfSDavid du Colombier AuthMod=6, /* modify user */ 39*7dd7cddfSDavid du Colombier AuthApop=7, /* apop authentication for pop3 */ 40*7dd7cddfSDavid du Colombier AuthOKvar=9, /* variable length reply follows */ 41*7dd7cddfSDavid du Colombier AuthChap=10, /* chap authentication for ppp */ 42*7dd7cddfSDavid du Colombier AuthMSchap=11, /* MS chap authentication for ppp */ 43*7dd7cddfSDavid du Colombier AuthCram=12, /* CRAM verification for IMAP (RFC2195 & rfc2104) */ 44*7dd7cddfSDavid du Colombier AuthHttp=13, /* http domain login */ 45*7dd7cddfSDavid du Colombier 46219b2ee8SDavid du Colombier 47219b2ee8SDavid du Colombier AuthTs=64, /* ticket encrypted with server's key */ 48219b2ee8SDavid du Colombier AuthTc, /* ticket encrypted with client's key */ 49219b2ee8SDavid du Colombier AuthAs, /* server generated authenticator */ 50219b2ee8SDavid du Colombier AuthAc, /* client generated authenticator */ 51*7dd7cddfSDavid du Colombier AuthTp, /* ticket encrypted with client's key for password change */ 52*7dd7cddfSDavid du Colombier AuthHr, /* http reply */ 53219b2ee8SDavid du Colombier }; 54219b2ee8SDavid du Colombier 55219b2ee8SDavid du Colombier struct Ticketreq 56219b2ee8SDavid du Colombier { 57219b2ee8SDavid du Colombier char type; 58219b2ee8SDavid du Colombier char authid[NAMELEN]; /* server's encryption id */ 59219b2ee8SDavid du Colombier char authdom[DOMLEN]; /* server's authentication domain */ 60219b2ee8SDavid du Colombier char chal[CHALLEN]; /* challenge from server */ 61219b2ee8SDavid du Colombier char hostid[NAMELEN]; /* host's encryption id */ 62219b2ee8SDavid du Colombier char uid[NAMELEN]; /* uid of requesting user on host */ 63219b2ee8SDavid du Colombier }; 64219b2ee8SDavid du Colombier #define TICKREQLEN (3*NAMELEN+CHALLEN+DOMLEN+1) 65219b2ee8SDavid du Colombier 66219b2ee8SDavid du Colombier struct Ticket 67219b2ee8SDavid du Colombier { 68219b2ee8SDavid du Colombier char num; /* replay protection */ 69219b2ee8SDavid du Colombier char chal[CHALLEN]; /* server challenge */ 70219b2ee8SDavid du Colombier char cuid[NAMELEN]; /* uid on client */ 71219b2ee8SDavid du Colombier char suid[NAMELEN]; /* uid on server */ 72219b2ee8SDavid du Colombier char key[DESKEYLEN]; /* nonce DES key */ 73219b2ee8SDavid du Colombier }; 74219b2ee8SDavid du Colombier #define TICKETLEN (CHALLEN+2*NAMELEN+DESKEYLEN+1) 75219b2ee8SDavid du Colombier 76219b2ee8SDavid du Colombier struct Authenticator 77219b2ee8SDavid du Colombier { 78219b2ee8SDavid du Colombier char num; /* replay protection */ 79219b2ee8SDavid du Colombier char chal[CHALLEN]; 80219b2ee8SDavid du Colombier ulong id; /* authenticator id, ++'d with each auth */ 81219b2ee8SDavid du Colombier }; 82219b2ee8SDavid du Colombier #define AUTHENTLEN (CHALLEN+4+1) 83219b2ee8SDavid du Colombier 84219b2ee8SDavid du Colombier struct Passwordreq 85219b2ee8SDavid du Colombier { 86219b2ee8SDavid du Colombier char num; 87219b2ee8SDavid du Colombier char old[NAMELEN]; 88219b2ee8SDavid du Colombier char new[NAMELEN]; 89*7dd7cddfSDavid du Colombier char changesecret; 90*7dd7cddfSDavid du Colombier char secret[SECRETLEN]; /* new secret */ 91219b2ee8SDavid du Colombier }; 92*7dd7cddfSDavid du Colombier #define PASSREQLEN (2*NAMELEN+1+1+SECRETLEN) 93219b2ee8SDavid du Colombier 943e12c5d1SDavid du Colombier struct Nvrsafe 953e12c5d1SDavid du Colombier { 96219b2ee8SDavid du Colombier char machkey[DESKEYLEN]; 973e12c5d1SDavid du Colombier uchar machsum; 98219b2ee8SDavid du Colombier char authkey[DESKEYLEN]; 993e12c5d1SDavid du Colombier uchar authsum; 1003e12c5d1SDavid du Colombier char config[CONFIGLEN]; 1013e12c5d1SDavid du Colombier uchar configsum; 102219b2ee8SDavid du Colombier char authid[NAMELEN]; 103219b2ee8SDavid du Colombier uchar authidsum; 104219b2ee8SDavid du Colombier char authdom[DOMLEN]; 105219b2ee8SDavid du Colombier uchar authdomsum; 1063e12c5d1SDavid du Colombier }; 1073e12c5d1SDavid du Colombier 108219b2ee8SDavid du Colombier struct Chalstate 109219b2ee8SDavid du Colombier { 110219b2ee8SDavid du Colombier int afd; /* /dev/authenticate */ 111219b2ee8SDavid du Colombier int asfd; /* authdial() */ 112219b2ee8SDavid du Colombier char chal[NETCHLEN]; /* challenge/response */ 113219b2ee8SDavid du Colombier }; 114219b2ee8SDavid du Colombier 115*7dd7cddfSDavid du Colombier struct Apopchalstate 116*7dd7cddfSDavid du Colombier { 117*7dd7cddfSDavid du Colombier int afd; /* /dev/authenticate */ 118*7dd7cddfSDavid du Colombier int asfd; /* authdial() */ 119*7dd7cddfSDavid du Colombier char chal[APOPCHLEN]; /* challenge/response */ 120*7dd7cddfSDavid du Colombier }; 121*7dd7cddfSDavid du Colombier 122*7dd7cddfSDavid du Colombier struct Chapreply 123*7dd7cddfSDavid du Colombier { 124*7dd7cddfSDavid du Colombier uchar id; 125*7dd7cddfSDavid du Colombier char uid[NAMELEN]; 126*7dd7cddfSDavid du Colombier char resp[MD5LEN]; 127*7dd7cddfSDavid du Colombier }; 128*7dd7cddfSDavid du Colombier 129*7dd7cddfSDavid du Colombier struct MSchapreply 130*7dd7cddfSDavid du Colombier { 131*7dd7cddfSDavid du Colombier char uid[NAMELEN]; 132*7dd7cddfSDavid du Colombier char LMresp[24]; /* Lan Manager response */ 133*7dd7cddfSDavid du Colombier char NTresp[24]; /* NT response */ 134*7dd7cddfSDavid du Colombier }; 135*7dd7cddfSDavid du Colombier 136219b2ee8SDavid du Colombier extern int convT2M(Ticket*, char*, char*); 137219b2ee8SDavid du Colombier extern void convM2T(char*, Ticket*, char*); 138*7dd7cddfSDavid du Colombier extern void convM2Tnoenc(char*, Ticket*); 139219b2ee8SDavid du Colombier extern int convA2M(Authenticator*, char*, char*); 140219b2ee8SDavid du Colombier extern void convM2A(char*, Authenticator*, char*); 141219b2ee8SDavid du Colombier extern int convTR2M(Ticketreq*, char*); 142219b2ee8SDavid du Colombier extern void convM2TR(char*, Ticketreq*); 143219b2ee8SDavid du Colombier extern int convPR2M(Passwordreq*, char*, char*); 144219b2ee8SDavid du Colombier extern void convM2PR(char*, Passwordreq*, char*); 1453e12c5d1SDavid du Colombier extern uchar nvcsum(void*, int); 146*7dd7cddfSDavid du Colombier extern int opasstokey(char*, char*); 147*7dd7cddfSDavid du Colombier extern int passtokey(char*, char*); 148219b2ee8SDavid du Colombier extern int authenticate(int, int); 149219b2ee8SDavid du Colombier extern int newns(char*, char*); 150*7dd7cddfSDavid du Colombier extern int addns(char*, char*); 151219b2ee8SDavid du Colombier extern int authdial(void); 152219b2ee8SDavid du Colombier extern int auth(int); 153219b2ee8SDavid du Colombier extern int srvauth(int, char*); 154*7dd7cddfSDavid du Colombier extern int nauth(int, Ticket*); 155*7dd7cddfSDavid du Colombier extern int nsrvauth(int, char*, Ticket*); 156219b2ee8SDavid du Colombier extern int getchal(Chalstate*, char*); 157219b2ee8SDavid du Colombier extern int chalreply(Chalstate*, char*); 158219b2ee8SDavid du Colombier extern int amount(int, char*, int, char*); 159*7dd7cddfSDavid du Colombier extern int apopchal(Apopchalstate*); 160*7dd7cddfSDavid du Colombier extern int apopreply(Apopchalstate*, char*, char*); 161*7dd7cddfSDavid du Colombier extern int cramchal(Cramchalstate*); 162*7dd7cddfSDavid du Colombier extern int cramreply(Cramchalstate*, char*, char*); 163*7dd7cddfSDavid du Colombier extern int login(char*, char*, char*); 164*7dd7cddfSDavid du Colombier extern int sslnegotiate(int, Ticket*, char**, char**); 165*7dd7cddfSDavid du Colombier extern int srvsslnegotiate(int, Ticket*, char**, char**); 166*7dd7cddfSDavid du Colombier extern int httpauth(char*, char*); 167*7dd7cddfSDavid du Colombier extern int noworld(char*); 168*7dd7cddfSDavid du Colombier 169