1 cfa37a7b 2004-04-10 devnull .TH AUTHSRV 3
3 cfa37a7b 2004-04-10 devnull authdial, passtokey, nvcsum, readnvram, convT2M, convM2T, convTR2M, convM2TR, convA2M, convM2A, convPR2M, convM2PR, _asgetticket, _asrdresp \- routines for communicating with authentication servers
4 cfa37a7b 2004-04-10 devnull .SH SYNOPSIS
8 cfa37a7b 2004-04-10 devnull #include <u.h>
9 cfa37a7b 2004-04-10 devnull #include <libc.h>
10 cfa37a7b 2004-04-10 devnull #include <authsrv.h>
12 cfa37a7b 2004-04-10 devnull .ta 8n +4n +4n +4n +4n +4n +4n
15 cfa37a7b 2004-04-10 devnull int authdial(char *netroot, char *ad);
18 cfa37a7b 2004-04-10 devnull int passtokey(char key[DESKEYLEN], char *password)
21 cfa37a7b 2004-04-10 devnull uchar nvcsum(void *mem, int len)
24 cfa37a7b 2004-04-10 devnull int readnvram(Nvrsafe *nv, int flag);
27 cfa37a7b 2004-04-10 devnull int convT2M(Ticket *t, char *msg, char *key)
30 cfa37a7b 2004-04-10 devnull void convM2T(char *msg, Ticket *t, char *key)
33 cfa37a7b 2004-04-10 devnull int convA2M(Authenticator *a, char *msg, char *key)
36 cfa37a7b 2004-04-10 devnull void convM2A(char *msg, Authenticator *a, char *key)
39 cfa37a7b 2004-04-10 devnull int convTR2M(Ticketreq *tr, char *msg)
42 cfa37a7b 2004-04-10 devnull void convM2TR(char *msg, Ticketreq *tr)
45 cfa37a7b 2004-04-10 devnull int convPR2M(Passwordreq *pr, char *msg, char *key)
48 cfa37a7b 2004-04-10 devnull void convM2PR(char *msg, Passwordreq *pr, char *key)
51 cfa37a7b 2004-04-10 devnull int _asgetticket(int fd, char *trbuf, char *tbuf);
54 cfa37a7b 2004-04-10 devnull int _asrdresp(int fd, char *buf, int len);
55 cfa37a7b 2004-04-10 devnull .SH DESCRIPTION
57 cfa37a7b 2004-04-10 devnull .I Authdial
58 cfa37a7b 2004-04-10 devnull dials an authentication server over the
59 cfa37a7b 2004-04-10 devnull network rooted at
60 cfa37a7b 2004-04-10 devnull .IR net ,
62 cfa37a7b 2004-04-10 devnull .BR /net .
63 cfa37a7b 2004-04-10 devnull The authentication domain,
65 cfa37a7b 2004-04-10 devnull specifies which server to call.
68 cfa37a7b 2004-04-10 devnull is non-nil,
69 cfa37a7b 2004-04-10 devnull the connection server
72 cfa37a7b 2004-04-10 devnull .IR ndb (8))
73 cfa37a7b 2004-04-10 devnull is queried for an entry which contains
74 cfa37a7b 2004-04-10 devnull .B authdom=\fIad\fP
76 cfa37a7b 2004-04-10 devnull .BR dom=\fIad\fP ,
77 cfa37a7b 2004-04-10 devnull the former having precedence,
78 cfa37a7b 2004-04-10 devnull and which also contains an
80 cfa37a7b 2004-04-10 devnull attribute.
81 cfa37a7b 2004-04-10 devnull The string dialed is then
82 cfa37a7b 2004-04-10 devnull .I netroot\fP!\fIserver\fP!ticket
84 cfa37a7b 2004-04-10 devnull .I server
85 cfa37a7b 2004-04-10 devnull is the value of the
87 cfa37a7b 2004-04-10 devnull attribute.
88 cfa37a7b 2004-04-10 devnull If no entry is found, the error string is
89 cfa37a7b 2004-04-10 devnull set to ``no authentication server found''
90 cfa37a7b 2004-04-10 devnull and -1 is returned.
92 cfa37a7b 2004-04-10 devnull .I authdom
93 cfa37a7b 2004-04-10 devnull is nil, the string
94 cfa37a7b 2004-04-10 devnull .IB netroot !$auth! ticket
95 cfa37a7b 2004-04-10 devnull is used to make the call.
97 cfa37a7b 2004-04-10 devnull .I Passtokey
99 cfa37a7b 2004-04-10 devnull .I password
100 cfa37a7b 2004-04-10 devnull into a DES key and stores the result in
101 cfa37a7b 2004-04-10 devnull .IR key .
102 cfa37a7b 2004-04-10 devnull It returns 0 if
103 cfa37a7b 2004-04-10 devnull .I password
104 cfa37a7b 2004-04-10 devnull could not be converted,
105 cfa37a7b 2004-04-10 devnull and 1 otherwise.
107 cfa37a7b 2004-04-10 devnull .I Readnvram
108 cfa37a7b 2004-04-10 devnull reads authentication information into the structure:
110 cfa37a7b 2004-04-10 devnull .ta 4n +4n +8n +4n +4n +4n +4n
111 cfa37a7b 2004-04-10 devnull struct Nvrsafe
113 cfa37a7b 2004-04-10 devnull char machkey[DESKEYLEN];
114 cfa37a7b 2004-04-10 devnull uchar machsum;
115 cfa37a7b 2004-04-10 devnull char authkey[DESKEYLEN];
116 cfa37a7b 2004-04-10 devnull uchar authsum;
117 cfa37a7b 2004-04-10 devnull char config[CONFIGLEN];
118 cfa37a7b 2004-04-10 devnull uchar configsum;
119 cfa37a7b 2004-04-10 devnull char authid[ANAMELEN];
120 cfa37a7b 2004-04-10 devnull uchar authidsum;
121 cfa37a7b 2004-04-10 devnull char authdom[DOMLEN];
122 cfa37a7b 2004-04-10 devnull uchar authdomsum;
126 cfa37a7b 2004-04-10 devnull On Sparc, MIPS, and SGI machines this information is
127 cfa37a7b 2004-04-10 devnull in non-volatile ram, accessible in the file
128 cfa37a7b 2004-04-10 devnull .BR #r/nvram .
129 cfa37a7b 2004-04-10 devnull On x86s and Alphas
130 cfa37a7b 2004-04-10 devnull .I readnvram
131 cfa37a7b 2004-04-10 devnull successively opens the following areas stopping with the
132 cfa37a7b 2004-04-10 devnull first to succeed:
134 cfa37a7b 2004-04-10 devnull \- the partition named by the
135 cfa37a7b 2004-04-10 devnull .B $nvram
136 cfa37a7b 2004-04-10 devnull environment variable
137 cfa37a7b 2004-04-10 devnull (commonly set via
138 cfa37a7b 2004-04-10 devnull .IR plan9.ini (8))
140 cfa37a7b 2004-04-10 devnull \- the partition
141 cfa37a7b 2004-04-10 devnull .B #S/sdC0/nvram
143 cfa37a7b 2004-04-10 devnull \- a file called
144 cfa37a7b 2004-04-10 devnull .B plan9.nvr
145 cfa37a7b 2004-04-10 devnull in the partition
146 cfa37a7b 2004-04-10 devnull .B #S/sdC0/9fat
148 cfa37a7b 2004-04-10 devnull \- the partition
149 cfa37a7b 2004-04-10 devnull .B #S/sd00/nvram
151 cfa37a7b 2004-04-10 devnull \- a file called
152 cfa37a7b 2004-04-10 devnull .B plan9.nvr
153 cfa37a7b 2004-04-10 devnull in the partition
154 cfa37a7b 2004-04-10 devnull .B #S/sd00/9fat
156 cfa37a7b 2004-04-10 devnull \- a file called
157 cfa37a7b 2004-04-10 devnull .B plan9.nvr
158 cfa37a7b 2004-04-10 devnull on a DOS floppy in drive 0
160 cfa37a7b 2004-04-10 devnull \- a file called
161 cfa37a7b 2004-04-10 devnull .B plan9.nvr
162 cfa37a7b 2004-04-10 devnull on a DOS floppy in drive 1
165 cfa37a7b 2004-04-10 devnull .IR nvcsum s
166 cfa37a7b 2004-04-10 devnull of the fields
167 cfa37a7b 2004-04-10 devnull .BR machkey ,
168 cfa37a7b 2004-04-10 devnull .BR authid ,
170 cfa37a7b 2004-04-10 devnull .B authdom
171 cfa37a7b 2004-04-10 devnull must match their respective checksum or that field is zeroed.
175 cfa37a7b 2004-04-10 devnull .B NVwrite
176 cfa37a7b 2004-04-10 devnull or at least one checksum fails and
179 cfa37a7b 2004-04-10 devnull .BR NVwriteonerr ,
180 cfa37a7b 2004-04-10 devnull .I readnvram
181 cfa37a7b 2004-04-10 devnull will prompt for new values on
182 cfa37a7b 2004-04-10 devnull .B #c/cons
183 cfa37a7b 2004-04-10 devnull and then write them back to the storage area.
185 cfa37a7b 2004-04-10 devnull .IR ConvT2M ,
186 cfa37a7b 2004-04-10 devnull .IR convA2M ,
187 cfa37a7b 2004-04-10 devnull .IR convTR2M ,
189 cfa37a7b 2004-04-10 devnull .I convPR2M
190 cfa37a7b 2004-04-10 devnull convert tickets, authenticators, ticket requests, and password change request
191 cfa37a7b 2004-04-10 devnull structures into transmittable messages.
192 cfa37a7b 2004-04-10 devnull .IR ConvM2T ,
193 cfa37a7b 2004-04-10 devnull .IR convM2A ,
194 cfa37a7b 2004-04-10 devnull .IR convM2TR ,
196 cfa37a7b 2004-04-10 devnull .I convM2PR
197 cfa37a7b 2004-04-10 devnull are used to convert them back.
199 cfa37a7b 2004-04-10 devnull is used for encrypting the message before transmission and decrypting
200 cfa37a7b 2004-04-10 devnull after reception.
202 cfa37a7b 2004-04-10 devnull The routine
203 cfa37a7b 2004-04-10 devnull .I _asgetresp
204 cfa37a7b 2004-04-10 devnull receives either a character array or an error string.
205 cfa37a7b 2004-04-10 devnull On error, it sets errstr and returns -1. If successful,
206 cfa37a7b 2004-04-10 devnull it returns the number of bytes received.
208 cfa37a7b 2004-04-10 devnull The routine
209 cfa37a7b 2004-04-10 devnull .I _asgetticket
210 cfa37a7b 2004-04-10 devnull sends a ticket request message and then uses
211 cfa37a7b 2004-04-10 devnull .I _asgetresp
212 cfa37a7b 2004-04-10 devnull to recieve an answer.
213 cfa37a7b 2004-04-10 devnull .SH SOURCE
214 b5fdffee 2004-04-19 devnull .B /usr/local/plan9/src/libauthsrv
215 cfa37a7b 2004-04-10 devnull .SH SEE ALSO
216 cfa37a7b 2004-04-10 devnull .IR passwd (1),
217 cfa37a7b 2004-04-10 devnull .IR cons (3),
218 bf8a59fa 2004-04-11 devnull .IR dial (3),
219 cfa37a7b 2004-04-10 devnull .IR authsrv (6),
220 cfa37a7b 2004-04-10 devnull .SH DIAGNOSTICS
221 cfa37a7b 2004-04-10 devnull These routines set
222 cfa37a7b 2004-04-10 devnull .IR errstr .
223 cfa37a7b 2004-04-10 devnull Integer-valued functions return -1 on error.