1 #include <u.h>
2 #include <libc.h>
3 #include <auth.h>
4 #include <authsrv.h>
5 #include "authlocal.h"
6 
7 /*
8  * compute the proper response.  We encrypt the ascii of
9  * challenge number, with trailing binary zero fill.
10  * This process was derived empirically.
11  * this was copied from inet's guard.
12  */
13 static void
14 netresp(char *key, long chal, char *answer)
15 {
16 	uchar buf[8];
17 
18 	memset(buf, 0, 8);
19 	sprint((char *)buf, "%lud", chal);
20 	if(encrypt(key, buf, 8) < 0)
21 		abort();
22 	chal = (buf[0]<<24)+(buf[1]<<16)+(buf[2]<<8)+buf[3];
23 	sprint(answer, "%.8lux", chal);
24 }
25 
26 AuthInfo*
27 auth_userpasswd(char *user, char *passwd)
28 {
29 	char key[DESKEYLEN], resp[16];
30 	AuthInfo *ai;
31 	Chalstate *ch;
32 
33 	/*
34 	 * Probably we should have a factotum protocol
35 	 * to check a raw password.  For now, we use
36 	 * p9cr, which is simplest to speak.
37 	 */
38 	if((ch = auth_challenge("user=%q proto=p9cr role=server", user)) == nil)
39 		return nil;
40 
41 	passtokey(key, passwd);
42 	netresp(key, atol(ch->chal), resp);
43 	memset(key, 0, sizeof key);
44 
45 	ch->resp = resp;
46 	ch->nresp = strlen(resp);
47 	ai = auth_response(ch);
48 	auth_freechal(ch);
49 	return ai;
50 }