]> git.lizzy.rs Git - plan9front.git/blob - sys/src/libauth/auth_proxy.c
projects / plan9front.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
ip/tftpd: use procsetuser() instead of writing #c/user
[plan9front.git] / sys / src / libauth / auth_proxy.c
1 #include <u.h>
2 #include <libc.h>
3 #include <fcall.h>
4 #include <auth.h>
5 #include "authlocal.h"
6
7 enum {
8         ARgiveup = 100,
9 };
10
11 static uchar*
12 gstring(uchar *p, uchar *ep, char **s)
13 {
14         uint n;
15
16         if(p == nil)
17                 return nil;
18         if(p+BIT16SZ > ep)
19                 return nil;
20         n = GBIT16(p);
21         p += BIT16SZ;
22         if(p+n > ep)
23                 return nil;
24         *s = malloc(n+1);
25         memmove((*s), p, n);
26         (*s)[n] = '\0';
27         p += n;
28         return p;
29 }
30
31 static uchar*
32 gcarray(uchar *p, uchar *ep, uchar **s, int *np)
33 {
34         uint n;
35
36         if(p == nil)
37                 return nil;
38         if(p+BIT16SZ > ep)
39                 return nil;
40         n = GBIT16(p);
41         p += BIT16SZ;
42         if(p+n > ep)
43                 return nil;
44         *s = malloc(n);
45         if(*s == nil)
46                 return nil;
47         memmove((*s), p, n);
48         *np = n;
49         p += n;
50         return p;
51 }
52
53 void
54 auth_freeAI(AuthInfo *ai)
55 {
56         if(ai == nil)
57                 return;
58         free(ai->cuid);
59         free(ai->suid);
60         free(ai->cap);
61         free(ai->secret);
62         free(ai);
63 }
64
65 static uchar*
66 convM2AI(uchar *p, int n, AuthInfo **aip)
67 {
68         uchar *e = p+n;
69         AuthInfo *ai;
70
71         ai = mallocz(sizeof(*ai), 1);
72         if(ai == nil)
73                 return nil;
74
75         p = gstring(p, e, &ai->cuid);
76         p = gstring(p, e, &ai->suid);
77         p = gstring(p, e, &ai->cap);
78         p = gcarray(p, e, &ai->secret, &ai->nsecret);
79         if(p == nil)
80                 auth_freeAI(ai);
81         else
82                 *aip = ai;
83         return p;
84 }
85
86 AuthInfo*
87 auth_getinfo(AuthRpc *rpc)
88 {
89         AuthInfo *a;
90
91         if(auth_rpc(rpc, "authinfo", nil, 0) != ARok)
92                 return nil;
93         if(convM2AI((uchar*)rpc->arg, rpc->narg, &a) == nil){
94                 werrstr("bad auth info from factotum");
95                 return nil;
96         }
97         return a;
98 }
99
100 static int
101 dorpc(AuthRpc *rpc, char *verb, char *val, int len, AuthGetkey *getkey)
102 {
103         int ret;
104
105         for(;;){
106                 if((ret = auth_rpc(rpc, verb, val, len)) != ARneedkey && ret != ARbadkey)
107                         return ret;
108                 if(getkey == nil)
109                         return ARgiveup;        /* don't know how */
110                 if((*getkey)(rpc->arg) < 0)
111                         return ARgiveup;        /* user punted */
112         }
113 }
114
115 /*
116  *  this just proxies what the factotum tells it to.
117  */
118 AuthInfo*
119 fauth_proxy(int fd, AuthRpc *rpc, AuthGetkey *getkey, char *params)
120 {
121         char *buf;
122         int m, n, ret;
123         AuthInfo *a;
124         char oerr[ERRMAX];
125
126         if(rpc == nil){
127                 werrstr("fauth_proxy - no factotum");
128                 return nil;
129         }
130
131         strcpy(oerr, "UNKNOWN AUTH ERROR");
132         errstr(oerr, sizeof oerr);
133
134         if(dorpc(rpc, "start", params, strlen(params), getkey) != ARok){
135                 werrstr("fauth_proxy start: %r");
136                 return nil;
137         }
138
139         buf = malloc(AuthRpcMax);
140         if(buf == nil)
141                 return nil;
142         for(;;){
143                 switch(dorpc(rpc, "read", nil, 0, getkey)){
144                 case ARdone:
145                         free(buf);
146                         a = auth_getinfo(rpc);
147                         /* no error, restore whatever was there */
148                         errstr(oerr, sizeof oerr);
149                         return a;
150                 case ARok:
151                         if(write(fd, rpc->arg, rpc->narg) != rpc->narg){
152                                 werrstr("auth_proxy write fd: %r");
153                                 goto Error;
154                         }
155                         break;
156                 case ARphase:
157                         n = 0;
158                         memset(buf, 0, AuthRpcMax);
159                         while((ret = dorpc(rpc, "write", buf, n, getkey)) == ARtoosmall){
160                                 m = atoi(rpc->arg);
161                                 if(m <= n || m > AuthRpcMax)
162                                         break;
163                                 m = read(fd, buf + n, m - n);
164                                 if(m <= 0){
165                                         if(m == 0)
166                                                 werrstr("auth_proxy short read");
167                                         else
168                                                 werrstr("auth_proxy read fd: %r");
169                                         goto Error;
170                                 }
171                                 n += m;
172                         }
173                         if(ret != ARok){
174                                 werrstr("auth_proxy rpc write: %r");
175                                 goto Error;
176                         }
177                         break;
178                 default:
179                         werrstr("auth_proxy rpc: %r");
180                         goto Error;
181                 }
182         }
183 Error:
184         free(buf);
185         return nil;
186 }
187
188 AuthInfo*
189 auth_proxy(int fd, AuthGetkey *getkey, char *fmt, ...)
190 {
191         int afd;
192         char *p;
193         va_list arg;
194         AuthInfo *ai;
195         AuthRpc *rpc;
196
197         quotefmtinstall();      /* just in case */
198         va_start(arg, fmt);
199         p = vsmprint(fmt, arg);
200         va_end(arg);
201
202         ai = nil;
203         afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC);
204         if(afd < 0){
205                 werrstr("opening /mnt/factotum/rpc: %r");
206                 free(p);
207                 return nil;
208         }
209
210         rpc = auth_allocrpc(afd);
211         if(rpc){
212                 ai = fauth_proxy(fd, rpc, getkey, p);
213                 auth_freerpc(rpc);
214         }
215         close(afd);
216         free(p);
217         return ai;
218 }
some kind of operating system. [Forked from http://git.9front.org/plan9front/plan9front/HEAD/info.html]