2 * p9cr, vnc - one-sided challenge/response authentication
11 * Note that this is the protocol between factotum and the local
12 * program, not between the two factotums. The information
13 * exchanged here is wrapped in other protocols by the local
23 if(!strfindattr(k->attr, "user") || !strfindattr(k->privattr, "!password")){
24 werrstr("need user and !password attributes");
33 char *chal, *pw, *res, *user;
34 int astype, nchal, npw, ntry, ret;
46 if(c->proto == &p9cr){
49 }else if(c->proto == &vnc){
57 c->state = "find key";
58 k = keyfetch(c, "%A %s", attr, c->proto->keyprompt);
65 c->attr = addattrs(copyattr(attr), k->attr);
66 if((pw = strfindattr(k->privattr, "!password")) == nil){
67 werrstr("key has no !password (cannot happen)");
72 if((user = strfindattr(k->attr, "user")) == nil){
73 werrstr("key has no user (cannot happen)");
77 if(convprint(c, "%s", user) < 0)
80 if(convreadm(c, &chal) < 0)
83 if((nresp = (*response)(chal, resp)) < 0)
86 if(convwrite(c, resp, nresp) < 0)
89 if(convreadm(c, &res) < 0)
92 if(strcmp(res, "ok") == 0)
95 if((k = keyreplace(c, k, "%s", res)) == nil){
96 c->state = "auth failed";
102 werrstr("succeeded");
116 char chal[APOPCHALLEN], *user, *resp;
124 memset(&s, 0, sizeof s);
127 if(c->proto == &apop)
129 else if(c->proto == &cram)
132 werrstr("bad proto");
136 c->state = "find key";
137 if((s.k = plan9authkey(c->attr)) == nil)
140 a = copyattr(s.k->attr);
141 a = delattr(a, "proto");
142 c->attr = addattrs(c->attr, a);
145 c->state = "authdial";
146 s.hostid = strfindattr(s.k->attr, "user");
147 s.dom = strfindattr(s.k->attr, "dom");
148 if((s.asfd = xioauthdial(nil, s.dom)) < 0){
149 werrstr("authdial %s: %r", s.dom);
153 c->state = "authchal";
154 if(p9crchal(&s, astype, chal) < 0)
157 c->state = "write challenge";
158 if(convprint(c, "%s", chal) < 0)
162 c->state = "read user";
163 if(convreadm(c, &user) < 0)
166 c->state = "read response";
167 if(convreadm(c, &resp) < 0)
170 c->state = "authwrite";
171 switch(apopresp(&s, user, resp)){
175 c->state = "write status";
176 if(convprint(c, "bad authentication failed") < 0)
180 c->state = "write status";
181 if(convprint(c, "ok") < 0)
193 c->attr = addcap(c->attr, c->sysuser, &s.t);
208 typedef struct State State;
233 static char *phasenames[Maxphase] =
235 [CNeedChal] "CNeedChal",
236 [CHaveResp] "CHaveResp",
238 [SHaveChal] "SHaveChal",
239 [SNeedResp] "SNeedResp",
243 p9crclose(Fsstate *fss)
255 static int getchal(State*, Fsstate*);
258 p9crinit(Proto *p, Fsstate *fss)
265 if((iscli = isclient(_str_findattr(fss->attr, "role"))) < 0)
266 return failure(fss, nil);
268 s = emalloc(sizeof(*s));
271 s->astype = AuthChal;
272 s->challen = NETCHLEN;
275 s->challen = Maxchal;
280 fss->phase = CNeedChal;
282 attr = setattr(_copyattr(fss->attr), "proto=p9sk1");
285 ret = findkey(&s->key, fss, Kuser, 0, attr ? attr : fss->attr,
286 "role=client %s", p->keyprompt);
294 if((ret = findp9authkey(&s->key, fss)) != RpcOk){
298 if((user = _str_findattr(fss->attr, "user")) == nil){
300 return failure(fss, "no user name specified in start msg");
302 if(strlen(user) >= sizeof s->tr.uid){
304 return failure(fss, "user name too long");
307 strcpy(s->tr.uid, user);
308 ret = getchal(s, fss);
310 p9crclose(fss); /* frees s */
314 fss->phasename = phasenames;
315 fss->maxphase = Maxphase;
320 p9crread(Fsstate *fss, void *va, uint *n)
328 return phaseerror(fss, "read");
333 memmove(va, s->resp, *n);
334 fss->phase = Established;
338 if(s->astype == AuthChal)
339 m = strlen(s->chal); /* ascii string */
341 m = s->challen; /* fixed length binary */
343 return toosmall(fss, m);
345 memmove(va, s->chal, m);
346 fss->phase = SNeedResp;
352 p9response(Fsstate *fss, State *s)
359 pw = _str_findattr(s->key->privattr, "!password");
361 return failure(fss, "vncresponse cannot happen");
364 sprint((char*)buf, "%d", atoi(s->chal));
365 if(encrypt(key, buf, 8) < 0)
366 return failure(fss, "can't encrypt response");
367 chal = (buf[0]<<24)+(buf[1]<<16)+(buf[2]<<8)+buf[3];
368 s->resplen = snprint(s->resp, sizeof s->resp, "%.8lux", chal);
372 static uchar tab[256];
374 /* VNC reverses the bits of each byte before using as a des key */
385 for(i=0; i<256; i++) {
389 tab[i] = (tab[i]<<1) | (j&1);
401 k->priv = emalloc(8+1);
402 if(s = _str_findattr(k->privattr, "!password")){
404 memset(k->priv, 0, 8+1);
405 strncpy((char*)k->priv, s, 8);
406 for(p=k->priv; *p; p++)
409 werrstr("no key data");
412 return replacekey(k);
422 vncresponse(Fsstate*, State *s)
426 memmove(s->resp, s->chal, sizeof s->chal);
427 setupDESstate(&des, s->key->priv, nil);
428 desECBencrypt((uchar*)s->resp, s->challen, &des);
429 s->resplen = s->challen;
434 p9crwrite(Fsstate *fss, void *va, uint n)
436 char tbuf[TICKETLEN+AUTHENTLEN];
446 return phaseerror(fss, "write");
449 if(n >= sizeof(s->chal))
450 return failure(fss, Ebadarg);
451 memset(s->chal, 0, sizeof s->chal);
452 memmove(s->chal, data, n);
455 if(s->astype == AuthChal)
456 ret = p9response(fss, s);
458 ret = vncresponse(fss, s);
461 fss->phase = CHaveResp;
465 /* send response to auth server and get ticket */
467 return failure(fss, Ebadarg);
468 memset(resp, 0, sizeof resp);
469 memmove(resp, data, n);
470 if(write(s->asfd, resp, s->challen) != s->challen)
471 return failure(fss, Easproto);
473 /* get ticket plus authenticator from auth server */
474 if(_asrdresp(s->asfd, tbuf, TICKETLEN+AUTHENTLEN) < 0)
475 return failure(fss, nil);
478 convM2T(tbuf, &s->t, s->key->priv);
479 if(s->t.num != AuthTs
480 || memcmp(s->t.chal, s->tr.chal, sizeof(s->t.chal)) != 0)
481 return failure(fss, Easproto);
482 convM2A(tbuf+TICKETLEN, &a, s->t.key);
484 || memcmp(a.chal, s->tr.chal, sizeof(a.chal)) != 0
486 return failure(fss, Easproto);
489 fss->ai.cuid = s->t.cuid;
490 fss->ai.suid = s->t.suid;
492 fss->ai.secret = nil;
493 fss->phase = Established;
499 getchal(State *s, Fsstate *fss)
501 char trbuf[TICKREQLEN];
504 safecpy(s->tr.hostid, _str_findattr(s->key->attr, "user"), sizeof(s->tr.hostid));
505 safecpy(s->tr.authdom, _str_findattr(s->key->attr, "dom"), sizeof(s->tr.authdom));
506 s->tr.type = s->astype;
507 convTR2M(&s->tr, trbuf);
509 /* get challenge from auth server */
510 s->asfd = _authdial(nil, _str_findattr(s->key->attr, "dom"));
512 return failure(fss, Easproto);
513 if(write(s->asfd, trbuf, TICKREQLEN) != TICKREQLEN)
514 return failure(fss, Easproto);
515 n = _asrdresp(s->asfd, s->chal, s->challen);
518 werrstr("_asrdresp short read");
519 return failure(fss, nil);
522 fss->phase = SHaveChal;
533 .keyprompt= "user? !password?",
543 .keyprompt= "!password?",