2 #include "../port/lib.h"
6 #include "../port/error.h"
14 Timeout= 60, /* seconds */
18 * if a process knows cap->cap, it can change user
21 typedef struct Caphash Caphash;
43 /* caphash must be last */
46 ".", {Qdir,0,QTDIR}, 0, DMDIR|0500,
47 "capuse", {Quse}, 0, 0222,
48 "caphash", {Qhash}, 0, 0200,
50 int ncapdir = nelem(capdir);
55 return devattach(L'¤', spec);
59 capwalk(Chan *c, Chan *nc, char **name, int nname)
61 return devwalk(c, nc, name, nname, capdir, ncapdir, devgen);
67 if(iseve() && c->qid.path == Qhash)
68 ncapdir = nelem(capdir)-1;
75 capstat(Chan *c, uchar *db, int n)
77 return devstat(c, db, n, capdir, ncapdir, devgen);
81 * if the stream doesn't exist, create it
84 capopen(Chan *c, int omode)
86 if(c->qid.type & QTDIR){
95 switch((ulong)c->qid.path){
102 c->mode = openmode(omode);
113 while((t = capalloc.first) != nil){
114 if(capalloc.nhash < Maxhash && TK2SEC(MACHP(0)->ticks - t->ticks) < Timeout)
117 capalloc.first = t->next;
129 /* timeout old caps */
132 /* find the matching capability */
133 for(l = &capalloc.first; *l != nil;){
135 if(tsmemcmp(hash, t->hash, Hashlen) == 0)
149 /* add a capability, throwing out any old ones */
155 p = secalloc(sizeof *p);
156 memmove(p->hash, hash, Hashlen);
158 p->ticks = MACHP(0)->ticks;
162 /* make room for one extra */
166 for(l = &capalloc.first; *l != nil; l = &(*l)->next)
180 capread(Chan *c, void *va, long n, vlong)
182 switch((ulong)c->qid.path){
184 return devdirread(c, va, n, capdir, ncapdir, devgen);
194 capwrite(Chan *c, void *va, long n, vlong)
199 char *key, *from, *to;
202 switch((ulong)c->qid.path){
208 memmove(hash, va, Hashlen);
215 /* copy key to avoid a fault in hmac_xx */
225 key = strrchr(cp, '@');
230 hmac_sha1((uchar*)from, strlen(from), (uchar*)key, strlen(key), hash, nil);
232 /* if a from user is supplied, make sure it matches */
233 to = strchr(from, '@');
238 if(strcmp(from, up->user) != 0)
239 error("capability must match user");
244 snprint(err, sizeof err, "invalid capability %s@%s", from, key);
250 kstrdup(&up->user, to);
251 up->basepri = PriNormal;
261 memset(hash, 0, Hashlen);