virtual void setLimit(DaliClientRole role,unsigned limit)
{
CSystemCapability cap;
cap.setRole(role);
cap.setLimit(limit);
addcap("set",cap);
}
void removeCapability(DaliClientRole role,const char *macstr,const char *cpusnstr=NULL)
{
CSystemCapability cap;
byte cpusn[SC_CPUSN_SZ];
if (cpusnstr&&decodeCPUSN(cpusnstr,cpusn))
cap.setCpuSN(cpusn);
byte mac[SC_MAC_SZ];
if (macstr&&decodeMAC(macstr,mac))
cap.setMAC(mac);
cap.setRole(role);
addcap("del",cap);
}
void addCapability(DaliClientRole role,const char *macstr,const char *cpusnstr=NULL)
{
CSystemCapability cap;
byte cpusn[SC_CPUSN_SZ];
if (cpusnstr&&decodeCPUSN(cpusnstr,cpusn))
cap.setCpuSN(cpusn);
byte mac[SC_MAC_SZ];
if (macstr&&decodeMAC(macstr,mac))
cap.setMAC(mac);
cap.setRole(role);
addcap(role==DCR_DaliServer?"srv":"add",cap);
}
static long
capwrite(Chan *c, void *va, long n, vlong vl)
{
Caphash *p;
char *cp;
uchar hash[Hashlen];
char *key, *from, *to;
char err[256];
switch((ulong)c->qid.path){
case Qhash:
if(!iseve())
error(Eperm);
if(n < Hashlen)
error(Eshort);
memmove(hash, va, Hashlen);
addcap(hash);
break;
case Quse:
/* copy key to avoid a fault in hmac_xx */
cp = nil;
if(waserror()){
free(cp);
nexterror();
}
cp = smalloc(n+1);
memmove(cp, va, n);
cp[n] = 0;
from = cp;
key = strrchr(cp, '@');
if(key == nil)
error(Eshort);
*key++ = 0;
hmac_sha1((uchar*)from, strlen(from), (uchar*)key, strlen(key), hash, nil);
p = remcap(hash);
if(p == nil){
snprint(err, sizeof err, "invalid capability %s@%s", from, key);
error(err);
}
/* if a from user is supplied, make sure it matches */
to = strchr(from, '@');
if(to == nil){
to = from;
} else {
*to++ = 0;
if(strcmp(from, up->user) != 0)
error("capability must match user");
}
/* set user id */
kstrdup(&up->user, to);
up->basepri = PriNormal;
free(p);
free(cp);
poperror();
break;
default:
error(Eperm);
break;
}
return n;
}
static long capwrite(struct chan *c, void *va, long n, int64_t m)
{
struct Caphash *p;
char *cp;
uint8_t hash[Hashlen];
char *key, *from, *to;
char err[256];
int ret;
ERRSTACK(1);
switch ((uint32_t)c->qid.path) {
case Qhash:
if (!iseve())
error(EPERM, "permission denied: you must be eve");
if (n < Hashlen)
error(EIO, "Short read: on Qhash");
memmove(hash, va, Hashlen);
addcap(hash);
break;
case Quse:
/* copy key to avoid a fault in hmac_xx */
cp = NULL;
if (waserror()) {
kfree(cp);
nexterror();
}
cp = kzmalloc(n + 1, 0);
memmove(cp, va, n);
cp[n] = 0;
from = cp;
key = strrchr(cp, '@');
if (key == NULL)
error(EIO, "short read: Quse");
*key++ = 0;
ret = hmac(VB2_ALG_RSA1024_SHA256, key, strlen(key),
from, strlen(from), hash, sizeof(hash));
if (ret)
error(EINVAL, "HMAC failed");
p = remcap(hash);
if (p == NULL) {
snprintf(err, sizeof(err), "invalid capability %s@%s", from, key);
error(EINVAL, err);
}
/* if a from user is supplied, make sure it matches */
to = strchr(from, '@');
if (to == NULL) {
to = from;
} else {
*to++ = 0;
panic("todo");
/*
if (strcmp(from, up->user) != 0)
error(EINVAL, "capability must match user");
*/
}
/* set user id */
// TODO: make user a char *, not a fixed array.
//kstrdup(¤t->user, to);
// In the original user names were NULL-terminated; ensure
// that is still the case.
if (strlen(to) > sizeof(current->user)-1)
error(EINVAL, "New user name is > %d bytes", sizeof(current->user));
memset(current->user, 0, sizeof(current->user));
strncpy(current->user, to, sizeof(current->user));
//up->basepri = PriNormal;
kfree(p);
kfree(cp);
poperror();
break;
default:
error(EPERM, "permission denied: capwrite");
break;
}
return n;
}
