int ticketrequest(Ticketreq *tr) { char akey[DESKEYLEN]; char hkey[DESKEYLEN]; Ticket t; char tbuf[2*TICKETLEN+1]; if(findkey(KEYDB, tr->authid, akey) == 0){ /* make one up so caller doesn't know it was wrong */ mkkey(akey); if(debug) syslog(0, AUTHLOG, "tr-fail authid %s", raddr); } if(findkey(KEYDB, tr->hostid, hkey) == 0){ /* make one up so caller doesn't know it was wrong */ mkkey(hkey); if(debug) syslog(0, AUTHLOG, "tr-fail hostid %s(%s)", tr->hostid, raddr); } memset(&t, 0, sizeof(t)); memmove(t.chal, tr->chal, CHALLEN); strcpy(t.cuid, tr->uid); if(speaksfor(tr->hostid, tr->uid)) strcpy(t.suid, tr->uid); else { mkkey(akey); mkkey(hkey); if(debug) syslog(0, AUTHLOG, "tr-fail %s@%s(%s) -> %s@%s no speaks for", tr->uid, tr->hostid, raddr, tr->uid, tr->authid); } mkkey(t.key); tbuf[0] = AuthOK; t.num = AuthTc; convT2M(&t, tbuf+1, hkey); t.num = AuthTs; convT2M(&t, tbuf+1+TICKETLEN, akey); if(write(1, tbuf, 2*TICKETLEN+1) < 0){ if(debug) syslog(0, AUTHLOG, "tr-fail %s@%s(%s): hangup", tr->uid, tr->hostid, raddr); exits(0); } if(debug) syslog(0, AUTHLOG, "tr-ok %s@%s(%s) -> %s@%s", tr->uid, tr->hostid, raddr, tr->uid, tr->authid); return 0; }
SHELL void line_list() { uint i; lo_line("リスト"); for (i=0;i<varsize(stages->kind);++i) { prt(nps(mkkey(i,stages->kind),8),":",nps(getnvar(i,stages->kind),32) ," [",line_mptr(mkkey(i,stages->kind))>0?"●":" ","]\n",NULL); } lo_line1(); }
struct kb_item * kb_item_get_all(struct kb_item ** kb, char * name) { unsigned h = mkkey(name); struct kb_item * k; struct kb_item *ret = NULL; if ( kb == NULL || name == NULL) return NULL; k = kb[h]; while ( k != NULL ) { if( strcmp(k->name, name) == 0 ) { struct kb_item * p; p = emalloc(sizeof(struct kb_item)); memcpy(p, k, sizeof(struct kb_item)); p->next = ret; ret = p; } k = k->next; } return ret; }
void kb_item_rm_all(struct kb_item ** kb, char * name) { int h = mkkey(name); struct kb_item * k, * prev = NULL; if ( kb == NULL ) return; k = kb[h]; while ( k != NULL ) { if(strcmp(k->name, name) == 0) { struct kb_item * next; if(k->type == ARG_STRING) efree(&k->v.v_str); efree(&k->name); next = k->next; efree(&k); if(prev != NULL) prev->next = next; else kb[h] = next; k = next; } else { prev = k; k = k->next; } } }
static int sendbatch(struct hotspotread_state * C) { while (C->Nip < 4096) { /* Do we need to pick a new batch? */ if (C->Y == 65536) { C->X = (size_t)random() % C->Xmax; C->Y = 0; } /* Generate a key. */ mkkey(C->X, C->Y++, C->key->buf); /* Send the request. */ if (proto_kvlds_request_get(C->Q, C->key, callback_get, C)) goto err0; C->Nip += 1; } /* Success! */ return (0); err0: /* Failure! */ return (-1); }
SHELL void user_chk(uint u) { char i,f; char *p,*s; f=0; if (user.number==0) return; for (i=0;i<varsize(user.defs);++i) { p=mkkey(i,user.defs); if (p==NULL) break; if (toupper(*getvar(p,user.defs))!='T') s=getvar(p,user.var); else { if (u==0) continue; } if (s==NULL||*s=='\0'||u==1) { if (f==0) { f=1; msgout(""); msgout(IC_ok"二三、あなたについてお聞きしたい事が有ります。"); } user_def(p); } } /* varview(user.var); */ }
void test(const char *key, size_t keylen, const char *expected) { void *v = ipmapnearest(&root, mkkey(key), keylen); if (v != expected) { const char *exp = expected ? expected : "NULL"; printf("ipmapnearest(&root, \"%s\", %zu) != %s (%p -> %s)\n", key, keylen, exp, v, (v == NULL) ? "NULL" : (char *)v); } }
void http(Ticketreq *tr) { Ticket t; char tbuf[TICKETLEN+1]; char key[DESKEYLEN]; char *p; Biobuf *b; int n; n = strlen(tr->uid); b = Bopen("/sys/lib/httppasswords", OREAD); if(b == nil){ replyerror("no password file", raddr); return; } /* find key */ for(;;){ p = Brdline(b, '\n'); if(p == nil) break; p[Blinelen(b)-1] = 0; if(strncmp(p, tr->uid, n) == 0) if(p[n] == ' ' || p[n] == '\t'){ p += n; break; } } Bterm(b); if(p == nil) { randombytes((uchar*)key, DESKEYLEN); } else { while(*p == ' ' || *p == '\t') p++; passtokey(key, p); } /* send back a ticket encrypted with the key */ randombytes((uchar*)t.chal, CHALLEN); mkkey(t.key); tbuf[0] = AuthOK; t.num = AuthHr; safecpy(t.cuid, tr->uid, sizeof(t.cuid)); safecpy(t.suid, tr->uid, sizeof(t.suid)); convT2M(&t, tbuf+1, key); write(1, tbuf, sizeof(tbuf)); }
/* * READ the knowledge base */ struct kb_item * kb_item_get_single(struct kb_item ** kb, char * name, int type) { unsigned int h = mkkey(name); struct kb_item * ret; if ( kb == NULL || name == NULL ) return NULL; ret = kb[h]; while ( ret != NULL ) { if( (strcmp(ret->name, name) == 0) && (type == 0 || (ret->type == type)) ) return ret; ret = ret->next; } return ret; }
static int kb_item_addset_int(struct kb_item ** kb, char * name, int value, int replace) { /* * Before we write anything to the KB, we need to make sure that the same * (name,value) pair is not present already */ int h = mkkey(name); struct kb_item * item; if ( kb == NULL ) return -1; item = kb[h]; while ( item != NULL ) { if ( strcmp(item->name, name) == 0 ) { if(item->type == KB_TYPE_INT && item->v.v_int == value) return -1; if ( replace != 0 ) { if ( item->type == KB_TYPE_STR ) efree(&item->v.v_str); item->type = KB_TYPE_INT; item->v.v_int = value; return 0; } } item = item->next; } item = emalloc(sizeof(struct kb_item)); item->name = estrdup(name); item->v.v_int = value; item->type = KB_TYPE_INT; item->next = kb[h]; kb[h] = item; return 0; }
void setup(void) { memset(&root, 0, sizeof(root)); memset(&rroot, 0, sizeof(rroot)); memset(&a, 0, sizeof(a)); memset(&b, 0, sizeof(b)); memset(&c, 0, sizeof(c)); memset(&d, 0, sizeof(d)); root.key = 0; root.keylen = 0; root.datum = NULL; root.left = &rroot; root.right = NULL; rroot.key = revbits(mkkey("44.0.0.0")); rroot.keylen = 8; rroot.datum = (void *)rv; rroot.left = &a; rroot.right = &b; a.key = (revbits(mkkey("44.0.0.1")) >> 8); a.keylen = 24; a.datum = (void *)av; a.left = NULL; a.right = NULL; b.key = (revbits(mkkey("44.130.0.0")) >> 8); b.keylen = 8; b.datum = (void *)bv; b.left = &c; b.right = &d; c.key = (revbits(mkkey("44.130.24.0")) >> 16); c.keylen = 8; c.datum = (void *)cv; c.left = &e; c.right = NULL; d.key = (revbits(mkkey("44.130.130.0")) >> 16); d.keylen = 8; d.datum = (void *)dv; d.left = NULL; d.right = NULL; e.key = (revbits(mkkey("44.130.24.25")) >> 24); e.keylen = 8; e.datum = (void *)ev; e.left = NULL; e.right = NULL; }
/* * reply with ticket and authenticator */ int tickauthreply(Ticketreq *tr, char *hkey) { Ticket t; Authenticator a; char buf[TICKETLEN+AUTHENTLEN+1]; memset(&t, 0, sizeof(t)); memmove(t.chal, tr->chal, CHALLEN); safecpy(t.cuid, tr->uid, sizeof t.cuid); safecpy(t.suid, tr->uid, sizeof t.suid); mkkey(t.key); buf[0] = AuthOK; t.num = AuthTs; convT2M(&t, buf+1, hkey); memmove(a.chal, t.chal, CHALLEN); a.num = AuthAc; a.id = 0; convA2M(&a, buf+TICKETLEN+1, t.key); if(write(1, buf, TICKETLEN+AUTHENTLEN+1) < 0) return -1; return 0; }
void __franken_fdinit_create() { int fd, ret, flags; int root = 0; char key[16], rkey[16], num[16]; int n_reg = 0, n_block = 0; struct ufs_args ufs; if (__franken_fd[0].valid) { mkkey(key, num, "/dev/vfile", n_reg++, 0); rump_pub_etfs_register(key, num, RUMP_ETFS_REG); fd = rump___sysimpl_open(key, O_RDONLY); if (fd != -1) { rump___sysimpl_dup2(fd, 0); rump___sysimpl_close(fd); } } if (__franken_fd[1].valid) { mkkey(key, num, "/dev/vfile", n_reg++, 1); rump_pub_etfs_register(key, num, RUMP_ETFS_REG); fd = rump___sysimpl_open(key, O_WRONLY); if (fd != -1) { rump___sysimpl_dup2(fd, 1); rump___sysimpl_close(fd); } } if (__franken_fd[2].valid) { mkkey(key, num, "/dev/vfile", n_reg++, 2); rump_pub_etfs_register(key, num, RUMP_ETFS_REG); fd = rump___sysimpl_open(key, O_WRONLY); if (fd != -1) { rump___sysimpl_dup2(fd, 2); rump___sysimpl_close(fd); } } for (fd = 3; fd < MAXFD; fd++) { if (__franken_fd[fd].valid == 0) break; switch (__franken_fd[fd].st.st_mode & S_IFMT) { case S_IFREG: mkkey(key, num, "/dev/vfile", n_reg++, fd); rump_pub_etfs_register(key, num, RUMP_ETFS_REG); flags = __franken_fd[fd].flags & O_ACCMODE; rump___sysimpl_open(key, flags); break; case S_IFBLK: mkkey(key, num, "/dev/block", n_block, fd); mkkey(rkey, num, "/dev/rblock", n_block, fd); n_block++; rump_pub_etfs_register_withsize(key, num, RUMP_ETFS_BLK, 0, __franken_fd[fd].st.st_size); rump_pub_etfs_register_withsize(rkey, num, RUMP_ETFS_CHR, 0, __franken_fd[fd].st.st_size); if (root == 0) { ufs.fspec = key; flags = __franken_fd[fd].flags & O_ACCMODE; if (flags == O_RDWR) flags = MNT_LOG; else flags = MNT_RDONLY; ret = rump___sysimpl_mount50("ffs", "/", flags, &ufs, sizeof(struct ufs_args)); if (ret == 0) { root = 1; } else { if (flags == MNT_LOG) flags = 0; ret = rump___sysimpl_mount50("ext2fs", "/", flags, &ufs, sizeof(struct ufs_args)); if (ret == 0) { root = 1; } } if (root == 1) atexit(unmount_atexit); } break; case S_IFSOCK: mkkey(key, num, "virt", fd, fd); ret = rump_pub_netconfig_ifcreate(key); if (ret == 0) { ret = rump___sysimpl_socket30(AF_INET6, SOCK_STREAM, 0); if (ret != -1) { rump_pub_netconfig_auto_ipv6(key); rump___sysimpl_close(ret); } ret = rump___sysimpl_socket30(AF_INET, SOCK_STREAM, 0); if (ret != -1) { rump_pub_netconfig_dhcp_ipv4_oneshot(key); rump___sysimpl_close(ret); } } break; } } }
void changepasswd(Ticketreq *tr) { Ticket t; char tbuf[TICKETLEN+1]; char prbuf[PASSREQLEN]; Passwordreq pr; char okey[DESKEYLEN], nkey[DESKEYLEN]; char *err; if(findkey(KEYDB, tr->uid, okey) == 0){ /* make one up so caller doesn't know it was wrong */ mkkey(okey); syslog(0, AUTHLOG, "cp-fail uid %s", raddr); } /* send back a ticket with a new key */ memmove(t.chal, tr->chal, CHALLEN); mkkey(t.key); tbuf[0] = AuthOK; t.num = AuthTp; safecpy(t.cuid, tr->uid, sizeof(t.cuid)); safecpy(t.suid, tr->uid, sizeof(t.suid)); convT2M(&t, tbuf+1, okey); write(1, tbuf, sizeof(tbuf)); /* loop trying passwords out */ for(;;){ if(readn(0, prbuf, PASSREQLEN) < 0) exits(0); convM2PR(prbuf, &pr, t.key); if(pr.num != AuthPass){ replyerror("protocol botch1: %s", raddr); exits(0); } passtokey(nkey, pr.old); if(memcmp(nkey, okey, DESKEYLEN)){ replyerror("protocol botch2: %s", raddr); continue; } if(*pr.new){ err = okpasswd(pr.new); if(err){ replyerror("%s %s", err, raddr); continue; } passtokey(nkey, pr.new); } if(pr.changesecret && setsecret(KEYDB, tr->uid, pr.secret) == 0){ replyerror("can't write secret %s", raddr); continue; } if(*pr.new && setkey(KEYDB, tr->uid, nkey) == 0){ replyerror("can't write key %s", raddr); continue; } break; } prbuf[0] = AuthOK; write(1, prbuf, 1); succeed(tr->uid); return; }
void challengebox(Ticketreq *tr) { long chal; char *key, *netkey; char kbuf[DESKEYLEN], nkbuf[DESKEYLEN], hkey[DESKEYLEN]; char buf[NETCHLEN+1]; char *err; key = findkey(KEYDB, tr->uid, kbuf); netkey = findkey(NETKEYDB, tr->uid, nkbuf); if(key == 0 && netkey == 0){ /* make one up so caller doesn't know it was wrong */ mkkey(nkbuf); netkey = nkbuf; if(debug) syslog(0, AUTHLOG, "cr-fail uid %s@%s", tr->uid, raddr); } if(findkey(KEYDB, tr->hostid, hkey) == 0){ /* make one up so caller doesn't know it was wrong */ mkkey(hkey); if(debug) syslog(0, AUTHLOG, "cr-fail hostid %s %s@%s", tr->hostid, tr->uid, raddr); } /* * challenge-response */ memset(buf, 0, sizeof(buf)); buf[0] = AuthOK; chal = lnrand(MAXNETCHAL); snprint(buf+1, sizeof buf - 1, "%lud", chal); if(write(1, buf, NETCHLEN+1) < 0) exits(0); if(readn(0, buf, NETCHLEN) < 0) exits(0); if(!(key && netcheck(key, chal, buf)) && !(netkey && netcheck(netkey, chal, buf)) && (err = secureidcheck(tr->uid, buf)) != nil){ replyerror("cr-fail %s %s %s", err, tr->uid, raddr); logfail(tr->uid); if(debug) syslog(0, AUTHLOG, "cr-fail %s@%s(%s): bad resp", tr->uid, tr->hostid, raddr); return; } succeed(tr->uid); /* * reply with ticket & authenticator */ if(tickauthreply(tr, hkey) < 0){ if(debug) syslog(0, AUTHLOG, "cr-fail %s@%s(%s): hangup", tr->uid, tr->hostid, raddr); exits(0); } if(debug) syslog(0, AUTHLOG, "cr-ok %s@%s(%s)", tr->uid, tr->hostid, raddr); }