ref: ef6d7a8ab1f406b97f64011eecb84300ac33d0b8
parent: d8586354364b7fc1ccda174f33e1ab324c5e77e4
author: cinap_lenrek <[email protected]>
date: Sun Feb 21 23:22:53 EST 2016
provide secstore key separation for proto p9sk1 and dp9ik the passwords for p9sk1 and dp9ik might differ.
--- a/cpu.c
+++ b/cpu.c
@@ -197,13 +197,13 @@
usage();
if(system == nil)
- system = readcons("cpuserver", "cpu", 0);
+ system = readcons("cpu", "cpu", 0);
if(user == nil)
user = readcons("user", "glenda", 0);
if(authserver == nil)
- authserver = readcons("authserver", system, 0);
+ authserver = readcons("auth", system, 0);
if(mountfactotum() < 0){
if(secstoreserver == nil)
@@ -613,6 +613,7 @@
}
if(proto == nil)
fatal(1, "server did not offer p9sk1 or dp9ik");
+ proto = estrdup(proto);
sprint(buf2, "%s %s", proto, dom);
if(write(fd, buf2, strlen(buf2)+1) != strlen(buf2)+1)
fatal(1, "cannot write user/domain choice in p9any");
@@ -635,15 +636,16 @@
fatal(1, "cannot read ticket request in p9sk1");
u = user;
- pass = findkey(&u, tr.authdom);
+ pass = findkey(&u, tr.authdom, proto);
if(pass == nil)
again:
- pass = getkey(u, tr.authdom);
+ pass = getkey(u, tr.authdom, proto);
if(pass == nil)
fatal(1, "no password");
passtokey(&authkey, pass);
memset(pass, 0, strlen(pass));
+ free(pass);
strecpy(tr.hostid, tr.hostid+sizeof tr.hostid, u);
strecpy(tr.uid, tr.uid+sizeof tr.uid, u);
@@ -706,8 +708,8 @@
// print("i am %s there.\n", t.suid);
ai = mallocz(sizeof(AuthInfo), 1);
- ai->suid = strdup(t.suid);
- ai->cuid = strdup(t.cuid);
+ ai->suid = estrdup(t.suid);
+ ai->cuid = estrdup(t.cuid);
if(dp9ik){
static char info[] = "Plan 9 session secret";
ai->nsecret = 256;
@@ -728,6 +730,7 @@
memset(&authkey, 0, sizeof(authkey));
memset(cchal, 0, sizeof(cchal));
memset(crand, 0, sizeof(crand));
+ free(proto);
return ai;
}
--- a/drawterm.h
+++ b/drawterm.h
@@ -6,8 +6,9 @@
extern char *readcons(char *prompt, char *def, int secret);
extern int exportfs(int, int);
extern char *user;
-extern char *getkey(char*, char*);
-extern char *findkey(char**, char*);
+extern char *getkey(char*, char*, char*);
+extern char *findkey(char**, char*, char*);
extern int dialfactotum(void);
extern char *getuser(void);
extern void cpumain(int, char**);
+extern char *estrdup(char*);
--- a/main.c
+++ b/main.c
@@ -70,16 +70,16 @@
}
char*
-getkey(char *user, char *dom)
+getkey(char *user, char *dom, char *proto)
{
char buf[1024];
- snprint(buf, sizeof buf, "%s@%s password", user, dom);
+ snprint(buf, sizeof buf, "%s@%s %s password", user, dom, proto);
return readcons(buf, nil, 1);
}
char*
-findkey(char **puser, char *dom)
+findkey(char **puser, char *dom, char *proto)
{
char buf[1024], *f[50], *p, *ep, *nextp, *pass, *user;
int nf, haveproto, havedom, i;
@@ -111,13 +111,13 @@
pass = f[i]+10;
if(strncmp(f[i], "dom=", 4) == 0 && strcmp(f[i]+4, dom) == 0)
havedom = 1;
- if(strcmp(f[i], "proto=p9sk1") == 0 || strcmp(f[i], "proto=dp9ik") == 0)
+ if(strncmp(f[i], "proto=", 6) == 0 && strcmp(f[i]+6, proto) == 0)
haveproto = 1;
}
if(!haveproto || !havedom || !pass || !user)
continue;
- *puser = strdup(user);
- pass = strdup(pass);
+ *puser = estrdup(user);
+ pass = estrdup(pass);
memset(buf, 0, sizeof buf);
return pass;
}
--- a/readcons.c
+++ b/readcons.c
@@ -6,7 +6,7 @@
erealloc(void *v, ulong n)
{
v = realloc(v, n);
- if(v == nil)
+ if(v == nil && n != 0)
sysfatal("out of memory");
return v;
}
--- a/secstore.c
+++ b/secstore.c
@@ -560,7 +560,7 @@
}
*eol = 0;
if(pS)
- *pS = strdup(S);
+ *pS = estrdup(S);
strtomp(hexmu, nil, 64, mu);
mpexp(mu, x, pak->p, sigma);
hexsigma = mptoa(sigma, 64, nil, 0);
@@ -615,7 +615,7 @@
conn = nil;
rv = nil;
if(password != nil && *password)
- pass = strdup(password);
+ pass = estrdup(password);
else
pass = readcons("secstore password", nil, 1);
if(pass==nil || strlen(pass)==0){