2 #include "../port/lib.h"
6 #include "../port/error.h"
17 * if a process knows cap->cap, it can change user
20 typedef struct Caphash Caphash;
42 /* caphash must be last */
45 ".", {Qdir,0,QTDIR}, 0, DMDIR|0500,
46 "capuse", {Quse}, 0, 0222,
47 "caphash", {Qhash}, 0, 0200,
49 int ncapdir = nelem(capdir);
54 return devattach(L'¤', spec);
58 capwalk(Chan *c, Chan *nc, char **name, int nname)
60 return devwalk(c, nc, name, nname, capdir, ncapdir, devgen);
66 if(iseve() && c->qid.path == Qhash)
67 ncapdir = nelem(capdir)-1;
74 capstat(Chan *c, uchar *db, int n)
76 return devstat(c, db, n, capdir, ncapdir, devgen);
80 * if the stream doesn't exist, create it
83 capopen(Chan *c, int omode)
85 if(c->qid.type & QTDIR){
94 switch((ulong)c->qid.path){
101 c->mode = openmode(omode);
111 static char buf[2*Hashlen+1];
114 for(i = 0; i < Hashlen; i++)
115 sprint(buf+2*i, "%2.2ux", hash[i]);
128 /* find the matching capability */
129 for(l = &capalloc.first; *l != nil;){
131 if(memcmp(hash, t->hash, Hashlen) == 0)
145 /* add a capability, throwing out any old ones */
151 p = smalloc(sizeof *p);
152 memmove(p->hash, hash, Hashlen);
159 while(capalloc.nhash >= Maxhash){
163 capalloc.first = t->next;
169 for(l = &capalloc.first; *l != nil; l = &(*l)->next)
183 capread(Chan *c, void *va, long n, vlong)
185 switch((ulong)c->qid.path){
187 return devdirread(c, va, n, capdir, ncapdir, devgen);
197 capwrite(Chan *c, void *va, long n, vlong)
202 char *key, *from, *to;
205 switch((ulong)c->qid.path){
211 memmove(hash, va, Hashlen);
216 /* copy key to avoid a fault in hmac_xx */
227 key = strrchr(cp, '@');
232 hmac_sha1((uchar*)from, strlen(from), (uchar*)key, strlen(key), hash, nil);
236 snprint(err, sizeof err, "invalid capability %s@%s", from, key);
240 /* if a from user is supplied, make sure it matches */
241 to = strchr(from, '@');
246 if(strcmp(from, up->user) != 0)
247 error("capability must match user");
251 kstrdup(&up->user, to);
252 up->basepri = PriNormal;