2 * APOP, CRAM - MD5 challenge/response authentication
4 * The client does not authenticate the server, hence no CAI.
8 * S -> C: random@domain
9 * C -> S: user hex-response
12 * Note that this is the protocol between factotum and the local
13 * program, not between the two factotums. The information
14 * exchanged here is wrapped in the APOP protocol by the local
17 * If S sends "bad [msg]" instead of "ok", that is a hint that the key is bad.
18 * The protocol goes back to "C -> S: user hex-response".
24 extern Proto apop, cram;
29 if(!strfindattr(k->attr, "user") || !strfindattr(k->privattr, "!password")){
30 werrstr("need user and !password attributes");
39 char *chal, *pw, *res;
40 int astype, nchal, npw, ntry, ret;
54 else if(c->proto == &cram)
61 c->state = "find key";
62 k = keyfetch(c, "%A %s", attr, c->proto->keyprompt);
66 c->state = "read challenge";
67 if((nchal = convreadm(c, &chal)) < 0)
73 c->attr = addattrs(copyattr(attr), k->attr);
74 if((pw = strfindattr(k->privattr, "!password")) == nil){
75 werrstr("key has no password (cannot happen?)");
82 ds = md5((uchar*)chal, nchal, nil, nil);
83 md5((uchar*)pw, npw, resp, ds);
86 hmac_md5((uchar*)chal, nchal, (uchar*)pw, npw, resp, nil);
90 /* C->S: APOP user hex-response\n */
92 c->state = "write user";
94 sprint(c->statebuf, "write user (auth attempt #%d)", ntry);
95 c->state = c->statebuf;
97 if(convprint(c, "%s", strfindattr(k->attr, "user")) < 0)
100 c->state = "write response";
101 if(convprint(c, "%.*H", sizeof resp, resp) < 0)
104 c->state = "read result";
105 if(convreadm(c, &res) < 0)
108 if(strcmp(res, "ok") == 0)
111 if(strncmp(res, "bad ", 4) != 0){
112 werrstr("bad result: %s", res);
116 c->state = "replace key";
117 if((k = keyreplace(c, k, "%s", res+4)) == nil){
118 c->state = "auth failed";
119 werrstr("%s", res+4);
126 werrstr("succeeded");
137 /* shared with auth dialing routines */
138 typedef struct ServerState ServerState;
154 static int apopchal(ServerState*, int, char[APOPCHALLEN]);
155 static int apopresp(ServerState*, char*, char*);
160 char chal[APOPCHALLEN], *user, *resp;
168 memset(&s, 0, sizeof s);
171 if(c->proto == &apop)
173 else if(c->proto == &cram)
176 werrstr("bad proto");
180 c->state = "find key";
181 if((s.k = plan9authkey(c->attr)) == nil)
184 a = copyattr(s.k->attr);
185 a = delattr(a, "proto");
186 c->attr = addattrs(c->attr, a);
189 c->state = "authdial";
190 s.hostid = strfindattr(s.k->attr, "user");
191 s.dom = strfindattr(s.k->attr, "dom");
192 if((s.asfd = xioauthdial(nil, s.dom)) < 0){
193 werrstr("authdial %s: %r", s.dom);
197 c->state = "authchal";
198 if(apopchal(&s, astype, chal) < 0)
201 c->state = "write challenge";
202 if(convprint(c, "%s", chal) < 0)
206 c->state = "read user";
207 if(convreadm(c, &user) < 0)
210 c->state = "read response";
211 if(convreadm(c, &resp) < 0)
214 c->state = "authwrite";
215 switch(apopresp(&s, user, resp)){
219 c->state = "write status";
220 if(convprint(c, "bad authentication failed") < 0)
224 c->state = "write status";
225 if(convprint(c, "ok") < 0)
237 c->attr = addcap(c->attr, c->sysuser, &s.t);
248 apopchal(ServerState *s, int astype, char chal[APOPCHALLEN])
250 char trbuf[TICKREQLEN];
253 memset(&tr, 0, sizeof tr);
257 if(strlen(s->hostid) >= sizeof tr.hostid){
258 werrstr("hostid too long");
261 strcpy(tr.hostid, s->hostid);
263 if(strlen(s->dom) >= sizeof tr.authdom){
264 werrstr("domain too long");
267 strcpy(tr.authdom, s->dom);
269 convTR2M(&tr, trbuf);
270 if(xiowrite(s->asfd, trbuf, TICKREQLEN) != TICKREQLEN)
273 if(xioasrdresp(s->asfd, chal, APOPCHALLEN) <= 5)
281 apopresp(ServerState *s, char *user, char *resp)
283 char tabuf[TICKETLEN+AUTHENTLEN];
284 char trbuf[TICKREQLEN];
291 if(memrandom(tr.chal, CHALLEN) < 0)
294 if(strlen(user) >= sizeof tr.uid){
295 werrstr("uid too long");
298 strcpy(tr.uid, user);
300 convTR2M(&tr, trbuf);
301 if(xiowrite(s->asfd, trbuf, TICKREQLEN) != TICKREQLEN)
305 if(xiowrite(s->asfd, resp, len) != len)
308 if(xioasrdresp(s->asfd, tabuf, TICKETLEN+AUTHENTLEN) != TICKETLEN+AUTHENTLEN)
311 convM2T(tabuf, &t, s->k->priv);
313 || memcmp(t.chal, tr.chal, sizeof tr.chal) != 0){
314 werrstr("key mismatch with auth server");
318 convM2A(tabuf+TICKETLEN, &a, t.key);
320 || memcmp(a.chal, tr.chal, sizeof a.chal) != 0
322 werrstr("key2 mismatch with auth server");
333 "client", apopclient,
334 "server", apopserver,