2 #define __AUTHSRV_H__ 1
7 #pragma src "/sys/src/libauthsrv"
8 #pragma lib "libauthsrv.a"
12 * Interface for talking to authentication server.
14 typedef struct Ticket Ticket;
15 typedef struct Ticketreq Ticketreq;
16 typedef struct Authenticator Authenticator;
17 typedef struct Nvrsafe Nvrsafe;
18 typedef struct Passwordreq Passwordreq;
19 typedef struct OChapreply OChapreply;
20 typedef struct OMSchapreply OMSchapreply;
24 ANAMELEN= 28, /* maximum size of name in previous proto */
25 AERRLEN= 64, /* maximum size of errstr in previous proto */
26 DOMLEN= 48, /* length of an authentication domain name */
27 DESKEYLEN= 7, /* length of a des key for encrypt/decrypt */
28 CHALLEN= 8, /* length of a plan9 sk1 challenge */
29 NETCHLEN= 16, /* max network challenge length (used in AS protocol) */
31 SECRETLEN= 32, /* max length of a secret */
33 KEYDBOFF= 8, /* length of random data at the start of key file */
34 OKEYDBLEN= ANAMELEN+DESKEYLEN+4+2, /* length of an entry in old key file */
35 KEYDBLEN= OKEYDBLEN+SECRETLEN, /* length of an entry in key file */
39 /* encryption numberings (anti-replay) */
42 AuthTreq=1, /* ticket request */
43 AuthChal=2, /* challenge box request */
44 AuthPass=3, /* change password */
45 AuthOK=4, /* fixed length reply follows */
46 AuthErr=5, /* error follows */
47 AuthMod=6, /* modify user */
48 AuthApop=7, /* apop authentication for pop3 */
49 AuthOKvar=9, /* variable length reply follows */
50 AuthChap=10, /* chap authentication for ppp */
51 AuthMSchap=11, /* MS chap authentication for ppp */
52 AuthCram=12, /* CRAM verification for IMAP (RFC2195 & rfc2104) */
53 AuthHttp=13, /* http domain login */
54 AuthVNC=14, /* VNC server login (deprecated) */
57 AuthTs=64, /* ticket encrypted with server's key */
58 AuthTc, /* ticket encrypted with client's key */
59 AuthAs, /* server generated authenticator */
60 AuthAc, /* client generated authenticator */
61 AuthTp, /* ticket encrypted with client's key for password change */
62 AuthHr, /* http reply */
68 char authid[ANAMELEN]; /* server's encryption id */
69 char authdom[DOMLEN]; /* server's authentication domain */
70 char chal[CHALLEN]; /* challenge from server */
71 char hostid[ANAMELEN]; /* host's encryption id */
72 char uid[ANAMELEN]; /* uid of requesting user on host */
74 #define TICKREQLEN (3*ANAMELEN+CHALLEN+DOMLEN+1)
78 char num; /* replay protection */
79 char chal[CHALLEN]; /* server challenge */
80 char cuid[ANAMELEN]; /* uid on client */
81 char suid[ANAMELEN]; /* uid on server */
82 char key[DESKEYLEN]; /* nonce DES key */
84 #define TICKETLEN (CHALLEN+2*ANAMELEN+DESKEYLEN+1)
88 char num; /* replay protection */
90 ulong id; /* authenticator id, ++'d with each auth */
92 #define AUTHENTLEN (CHALLEN+4+1)
100 char secret[SECRETLEN]; /* new secret */
102 #define PASSREQLEN (2*ANAMELEN+1+1+SECRETLEN)
114 char LMresp[24]; /* Lan Manager response */
115 char NTresp[24]; /* NT response */
119 * convert to/from wire format
121 extern int convT2M(Ticket*, char*, char*);
122 extern void convM2T(char*, Ticket*, char*);
123 extern void convM2Tnoenc(char*, Ticket*);
124 extern int convA2M(Authenticator*, char*, char*);
125 extern void convM2A(char*, Authenticator*, char*);
126 extern int convTR2M(Ticketreq*, char*);
127 extern void convM2TR(char*, Ticketreq*);
128 extern int convPR2M(Passwordreq*, char*, char*);
129 extern void convM2PR(char*, Passwordreq*, char*);
132 * convert ascii password to DES key
134 extern int opasstokey(char*, char*);
135 extern int passtokey(char*, char*);
141 NVwrite = 1<<0, /* always prompt and rewrite nvram */
142 NVwriteonerr = 1<<1, /* prompt and rewrite nvram when corrupt */
147 char machkey[DESKEYLEN];
149 char authkey[DESKEYLEN];
151 char config[CONFIGLEN];
153 char authid[ANAMELEN];
155 char authdom[DOMLEN];
159 extern uchar nvcsum(void*, int);
160 extern int readnvram(Nvrsafe*, int);
163 * call up auth server
165 extern int authdial(char *netroot, char *authdom);
168 * exchange messages with auth server
170 extern int _asgetticket(int, char*, char*);
171 extern int _asrdresp(int, char*, int);
172 extern int sslnegotiate(int, Ticket*, char**, char**);
173 extern int srvsslnegotiate(int, Ticket*, char**, char**);