int opendatabase(void) { char netdbnm[256]; Ndb *xdb, *netdb; if (db) return 0; xdb = ndbopen(dbfile); /* /lib/ndb */ snprint(netdbnm, sizeof netdbnm, "%s/ndb", mntpt); for(netdb = xdb; netdb; netdb = netdb->next) if(strcmp(netdb->file, netdbnm) == 0){ db = xdb; return 0; } netdb = ndbopen(netdbnm); /* /net/ndb */ if(netdb) netdb->nohash = 1; db = ndbcat(netdb, xdb); /* both */ return db? 0: -1; }
static void ndbinit(void) { db = ndbopen(dbfile); if (db == NULL) error(1, 0, "%s: %r", "can't open network database"); netdb = ndbopen(netndb); if (netdb != NULL) { netdb->nohash = 1; db = ndbcat(netdb, db); } }
void main(int argc, char **argv) { Ndb *db2; if(argc!=2){ fprint(2, "usage: %s pinsecurid\n", argv[0]); exits("usage"); } db = ndbopen("/lib/ndb/auth"); if(db == 0) syslog(0, "secstore", "no /lib/ndb/auth"); db2 = ndbopen(0); if(db2 == 0) syslog(0, "secstore", "no /lib/ndb/local"); db = ndbcat(db, db2); print("user=%s\n", getenv("user")); print("%s\n", secureidcheck(getenv("user"), argv[1])); exits(0); }
void main(int argc, char *argv[]) { int n; int32_t chal; char *err; char ukey[DESKEYLEN], resp[32], buf[NETCHLEN]; Ndb *db2; ARGBEGIN{ case 'd': debug = 1; break; }ARGEND; db = ndbopen("/lib/ndb/auth"); if(db == 0) syslog(0, AUTHLOG, "no /lib/ndb/auth"); db2 = ndbopen(0); if(db2 == 0) syslog(0, AUTHLOG, "no /lib/ndb/local"); db = ndbcat(db, db2); werrstr(""); strcpy(raddr, "unknown"); if(argc >= 1) getraddr(argv[argc-1]); argv0 = "guard"; srand((getpid()*1103515245)^time(0)); notify(catchalarm); /* * read the host and client and get their keys */ if(readarg(0, user, sizeof user) < 0) fail(0); /* * challenge-response */ chal = lnrand(MAXNETCHAL); snprint(buf, sizeof buf, "challenge: %lud\nresponse: ", chal); n = strlen(buf) + 1; if(write(1, buf, n) != n){ if(debug) syslog(0, AUTHLOG, "g-fail %s@%s: %r sending chal", user, raddr); exits("replying to server"); } alarm(3*60*1000); werrstr(""); if(readarg(0, resp, sizeof resp) < 0){ if(debug) syslog(0, AUTHLOG, "g-fail %s@%s: %r reading resp", user, raddr); fail(0); } alarm(0); /* remove password login from guard.research.bell-labs.com, sucre, etc. */ // if(!findkey(KEYDB, user, ukey) || !netcheck(ukey, chal, resp)) if(!findkey(NETKEYDB, user, ukey) || !netcheck(ukey, chal, resp)) if((err = secureidcheck(user, resp)) != nil){ print("NO %s", err); write(1, "NO", 2); if(debug) { char *r; /* * don't log the entire response, since the first * Pinlen digits may be the user's secure-id pin. */ if (strlen(resp) < Pinlen) r = strdup("<too short for pin>"); else if (strlen(resp) == Pinlen) r = strdup("<pin only>"); else r = smprint("%.*s%s", Pinlen, "******************", resp + Pinlen); syslog(0, AUTHLOG, "g-fail %s@%s: %s: resp %s to chal %lud", user, raddr, err, r, chal); free(r); } fail(user); } write(1, "OK", 2); if(debug) syslog(0, AUTHLOG, "g-ok %s@%s", user, raddr); succeed(user); exits(0); }
void main(int argc, char **argv) { int afd, dfd, lcfd, forceSTA = 0; char aserve[128], net[128], adir[40], ldir[40]; char *remote, *serve = "tcp!*!5356", *S = "secstore"; Ndb *db2; setnetmtpt(net, sizeof(net), nil); ARGBEGIN{ case 'R': forceSTA = 1; break; case 's': serve = EARGF(usage()); break; case 'S': S = EARGF(usage()); break; case 'x': setnetmtpt(net, sizeof(net), EARGF(usage())); break; case 'v': verbose++; break; default: usage(); }ARGEND; if(!verbose) switch(rfork(RFNOTEG|RFPROC|RFFDG)) { case -1: sysfatal("fork: %r"); case 0: break; default: exits(0); } snprint(aserve, sizeof aserve, "%s/%s", net, serve); afd = announce(aserve, adir); if(afd < 0) sysfatal("%s: %r", aserve); syslog(0, LOG, "ANNOUNCE %s", aserve); for(;;){ if((lcfd = listen(adir, ldir)) < 0) exits("can't listen"); switch(fork()){ case -1: fprint(2, "secstore forking: %r\n"); close(lcfd); break; case 0: /* * "/lib/ndb/common.radius does not exist" * if db set before fork. */ db = ndbopen("/lib/ndb/auth"); if(db == 0) syslog(0, LOG, "no /lib/ndb/auth"); db2 = ndbopen(0); if(db2 == 0) syslog(0, LOG, "no /lib/ndb/local"); db = ndbcat(db, db2); if((dfd = accept(lcfd, ldir)) < 0) exits("can't accept"); alarm(30*60*1000); /* 30 min */ remote = remoteIP(ldir); syslog(0, LOG, "secstore from %s", remote); free(remote); dologin(dfd, S, forceSTA); exits(nil); default: close(lcfd); break; } } }