void xfer(int from, int to) { uchar buf[4096]; int i, n, modified, ok, total, errs, dropped; if(fork() == 0) return; total = ok = errs = dropped = 0; for(;;){ n = read(from, buf, sizeof(buf)); if(n <= 0){ fprint(2, "%d -> %d EOF\n", from, to); exits(0); } modified = 0; if(errrate){ for(i = 0; i < n; i++){ if(lnrand(errrate) == 0){ buf[i] ^= 0xff; modified = 1; } } } if(droprate && lnrand(droprate) == 0){ fprint(2, "!!!!!!!!!!!!!!%d -> %d dropped %d (%d/%d)\n", from, to, ok, dropped, total); ok = 0; dropped++; total++; continue; } if(modified){ fprint(2, "!!!!!!!!!!!!!!%d -> %d %d (%d/%d)\n", from, to, ok, errs, total); ok = 0; errs++; } else ok++; total++; if(debug > 1){ fprint(2, "%d -> %d (%d)", from, to, n); printbuf(buf, n); } n = write(to, buf, n); if(n < 0){ fprint(2, "%d -> %d write err\n", from, to); exits(0); } } }
void main(int argc, char *argv[]) { int n; int32_t chal; char *err; char ukey[DESKEYLEN], resp[32], buf[NETCHLEN]; Ndb *db2; ARGBEGIN{ case 'd': debug = 1; break; }ARGEND; db = ndbopen("/lib/ndb/auth"); if(db == 0) syslog(0, AUTHLOG, "no /lib/ndb/auth"); db2 = ndbopen(0); if(db2 == 0) syslog(0, AUTHLOG, "no /lib/ndb/local"); db = ndbcat(db, db2); werrstr(""); strcpy(raddr, "unknown"); if(argc >= 1) getraddr(argv[argc-1]); argv0 = "guard"; srand((getpid()*1103515245)^time(0)); notify(catchalarm); /* * read the host and client and get their keys */ if(readarg(0, user, sizeof user) < 0) fail(0); /* * challenge-response */ chal = lnrand(MAXNETCHAL); snprint(buf, sizeof buf, "challenge: %lud\nresponse: ", chal); n = strlen(buf) + 1; if(write(1, buf, n) != n){ if(debug) syslog(0, AUTHLOG, "g-fail %s@%s: %r sending chal", user, raddr); exits("replying to server"); } alarm(3*60*1000); werrstr(""); if(readarg(0, resp, sizeof resp) < 0){ if(debug) syslog(0, AUTHLOG, "g-fail %s@%s: %r reading resp", user, raddr); fail(0); } alarm(0); /* remove password login from guard.research.bell-labs.com, sucre, etc. */ // if(!findkey(KEYDB, user, ukey) || !netcheck(ukey, chal, resp)) if(!findkey(NETKEYDB, user, ukey) || !netcheck(ukey, chal, resp)) if((err = secureidcheck(user, resp)) != nil){ print("NO %s", err); write(1, "NO", 2); if(debug) { char *r; /* * don't log the entire response, since the first * Pinlen digits may be the user's secure-id pin. */ if (strlen(resp) < Pinlen) r = strdup("<too short for pin>"); else if (strlen(resp) == Pinlen) r = strdup("<pin only>"); else r = smprint("%.*s%s", Pinlen, "******************", resp + Pinlen); syslog(0, AUTHLOG, "g-fail %s@%s: %s: resp %s to chal %lud", user, raddr, err, r, chal); free(r); } fail(user); } write(1, "OK", 2); if(debug) syslog(0, AUTHLOG, "g-ok %s@%s", user, raddr); succeed(user); exits(0); }
Source * sourceCreate(Source *r, int dsize, int dir, uint32_t offset) { int i, epb, psize; uint32_t bn, size; Block *b; Entry e; Source *rr; assert(sourceIsLocked(r)); if(!r->dir) { vtSetError(ENotDir); return nil; } epb = r->dsize/VtEntrySize; psize = (dsize/VtScoreSize)*VtScoreSize; size = sourceGetDirSize(r); if(offset == 0) { /* * look at a random block to see if we can find an empty entry */ offset = lnrand(size+1); offset -= offset % epb; } /* try the given block and then try the last block */ for(;;) { bn = offset/epb; b = sourceBlock(r, bn, OReadWrite); if(b == nil) return nil; for(i=offset%r->epb; i<epb; i++) { entryUnpack(&e, b->data, i); if((e.flags&VtEntryActive) == 0 && e.gen != ~0) goto Found; } blockPut(b); if(offset == size) { fprint(2, "sourceCreate: cannot happen\n"); vtSetError("sourceCreate: cannot happen"); return nil; } offset = size; } Found: /* found an entry - gen already set */ e.psize = psize; e.dsize = dsize; assert(psize && dsize); e.flags = VtEntryActive; if(dir) e.flags |= VtEntryDir; e.depth = 0; e.size = 0; memmove(e.score, vtZeroScore, VtScoreSize); e.tag = 0; e.snap = 0; e.archive = 0; entryPack(&e, b->data, i); blockDirty(b); offset = bn*epb + i; if(offset+1 > size) { if(!sourceSetDirSize(r, offset+1)) { blockPut(b); return nil; } } rr = sourceAlloc(r->fs, b, r, offset, OReadWrite, 0); blockPut(b); return rr; }
VtFile* _vtfilecreate(VtFile *r, int o, int psize, int dsize, int type) { int i; VtBlock *b; u32int bn, size; VtEntry e; int epb; VtFile *rr; u32int offset; assert(ISLOCKED(r)); assert(psize <= VtMaxLumpSize); assert(dsize <= VtMaxLumpSize); assert(type == VtDirType || type == VtDataType); if(!r->dir){ werrstr(ENotDir); return nil; } epb = r->dsize/VtEntrySize; size = vtfilegetdirsize(r); /* * look at a random block to see if we can find an empty entry */ if(o == -1){ offset = lnrand(size+1); offset -= offset % epb; }else offset = o; /* try the given block and then try the last block */ for(;;){ bn = offset/epb; b = vtfileblock(r, bn, VtORDWR); if(b == nil) return nil; for(i=offset%r->epb; i<epb; i++){ if(vtentryunpack(&e, b->data, i) < 0) continue; if((e.flags&VtEntryActive) == 0 && e.gen != ~0) goto Found; } vtblockput(b); if(offset == size){ fprint(2, "vtfilecreate: cannot happen\n"); werrstr("vtfilecreate: cannot happen"); return nil; } offset = size; } Found: /* found an entry - gen already set */ e.psize = psize; e.dsize = dsize; e.flags = VtEntryActive; e.type = type; e.size = 0; memmove(e.score, vtzeroscore, VtScoreSize); vtentrypack(&e, b->data, i); offset = bn*epb + i; if(offset+1 > size){ if(vtfilesetdirsize(r, offset+1) < 0){ vtblockput(b); return nil; } } rr = vtfilealloc(r->c, b, r, offset, VtORDWR); vtblockput(b); return rr; }
void challengebox(Ticketreq *tr) { long chal; char *key, *netkey; char kbuf[DESKEYLEN], nkbuf[DESKEYLEN], hkey[DESKEYLEN]; char buf[NETCHLEN+1]; char *err; key = findkey(KEYDB, tr->uid, kbuf); netkey = findkey(NETKEYDB, tr->uid, nkbuf); if(key == 0 && netkey == 0){ /* make one up so caller doesn't know it was wrong */ mkkey(nkbuf); netkey = nkbuf; if(debug) syslog(0, AUTHLOG, "cr-fail uid %s@%s", tr->uid, raddr); } if(findkey(KEYDB, tr->hostid, hkey) == 0){ /* make one up so caller doesn't know it was wrong */ mkkey(hkey); if(debug) syslog(0, AUTHLOG, "cr-fail hostid %s %s@%s", tr->hostid, tr->uid, raddr); } /* * challenge-response */ memset(buf, 0, sizeof(buf)); buf[0] = AuthOK; chal = lnrand(MAXNETCHAL); snprint(buf+1, sizeof buf - 1, "%lud", chal); if(write(1, buf, NETCHLEN+1) < 0) exits(0); if(readn(0, buf, NETCHLEN) < 0) exits(0); if(!(key && netcheck(key, chal, buf)) && !(netkey && netcheck(netkey, chal, buf)) && (err = secureidcheck(tr->uid, buf)) != nil){ replyerror("cr-fail %s %s %s", err, tr->uid, raddr); logfail(tr->uid); if(debug) syslog(0, AUTHLOG, "cr-fail %s@%s(%s): bad resp", tr->uid, tr->hostid, raddr); return; } succeed(tr->uid); /* * reply with ticket & authenticator */ if(tickauthreply(tr, hkey) < 0){ if(debug) syslog(0, AUTHLOG, "cr-fail %s@%s(%s): hangup", tr->uid, tr->hostid, raddr); exits(0); } if(debug) syslog(0, AUTHLOG, "cr-ok %s@%s(%s)", tr->uid, tr->hostid, raddr); }