ref: 27485e62d195b688cfefbebaac82533f3510b570
parent: 9f2c7606ab35c3f70a93e7c59fbae833603906c6
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Sat Feb 25 20:34:42 EST 2017
authsrv: get rid of needreply parameter by changing vnc protocol handler
--- a/sys/src/cmd/auth/authsrv.c
+++ b/sys/src/cmd/auth/authsrv.c
@@ -167,7 +167,7 @@
}
int
-getkey(char *u, Keyslot *k, int canreply)
+getkey(char *u, Keyslot *k)
{/* empty user id is an error */
if(*u == 0)
@@ -182,7 +182,7 @@
if(ticketform != 0){syslog(0, AUTHLOG, "need DES key for %s, but DES is disabled", u);
- if(canreply) replyerror("DES is disabled");+ replyerror("DES is disabled");exits(0);
}
@@ -198,12 +198,12 @@
if(tr->uid[0] == 0)
exits(0);
- if(!getkey(tr->authid, &akey, 1)){+ if(!getkey(tr->authid, &akey)){/* make one up so caller doesn't know it was wrong */
mkkey(&akey);
syslog(0, AUTHLOG, "tr-fail authid %s", tr->authid);
}
- if(!getkey(tr->hostid, &hkey, 1)){+ if(!getkey(tr->hostid, &hkey)){/* make one up so caller doesn't know it was wrong */
mkkey(&hkey);
syslog(0, AUTHLOG, "tr-fail hostid %s(%s)", tr->hostid, raddr);
@@ -245,7 +245,7 @@
syslog(0, AUTHLOG, "cr-fail uid %s@%s", tr->uid, raddr);
}
- if(!getkey(tr->hostid, &hkey, 1)){+ if(!getkey(tr->hostid, &hkey)){/* make one up so caller doesn't know it was wrong */
mkkey(&hkey);
syslog(0, AUTHLOG, "cr-fail hostid %s %s@%s", tr->hostid, tr->uid, raddr);
@@ -288,7 +288,7 @@
Ticket t;
int n, m;
- if(!getkey(tr->uid, &ukey, 1)){+ if(!getkey(tr->uid, &ukey)){/* make one up so caller doesn't know it was wrong */
mkkey(&ukey);
syslog(0, AUTHLOG, "cp-fail uid %s@%s", tr->uid, raddr);
@@ -441,7 +441,7 @@
* lookup
*/
secret = findsecret(KEYDB, tr->uid, sbuf);
- if(!getkey(tr->hostid, &hkey, 1) || secret == nil){+ if(!getkey(tr->hostid, &hkey) || secret == nil){ replyerror("apop-fail bad response %s", raddr);logfail(tr->uid);
if(tries > 5)
@@ -530,11 +530,17 @@
exits(0);
/*
+ * get response
+ */
+ if(readn(0, reply, sizeof(reply)) != sizeof(reply))
+ exits(0);
+
+ /*
* lookup keys (and swizzle bits)
*/
memset(sbuf, 0, sizeof(sbuf));
secret = findsecret(KEYDB, tr->uid, sbuf);
- if(!getkey(tr->hostid, &hkey, 0) || secret == nil){+ if(!getkey(tr->hostid, &hkey) || secret == nil){mkkey(&hkey);
genrandom((uchar*)sbuf, sizeof(sbuf));
secret = sbuf;
@@ -543,12 +549,6 @@
secret[i] = swizzletab[(uchar)secret[i]];
/*
- * get response
- */
- if(readn(0, reply, sizeof(reply)) != sizeof(reply))
- exits(0);
-
- /*
* decrypt response and compare
*/
setupDESstate(&s, (uchar*)secret, nil);
@@ -598,7 +598,7 @@
* lookup
*/
secret = findsecret(KEYDB, tr->uid, sbuf);
- if(!getkey(tr->hostid, &hkey, 1) || secret == nil){+ if(!getkey(tr->hostid, &hkey) || secret == nil){ replyerror("chap-fail bad response %s", raddr);logfail(tr->uid);
return;
@@ -748,7 +748,7 @@
* lookup
*/
secret = findsecret(KEYDB, tr->uid, sbuf);
- if(!getkey(tr->hostid, &hkey, 1) || secret == nil){+ if(!getkey(tr->hostid, &hkey) || secret == nil){ replyerror("mschap-fail bad response %s/%s(%s)", tr->uid, tr->hostid, raddr);logfail(tr->uid);
return;