dochal(State *s)
{
char *dom, *user, trbuf[TICKREQLEN];
+ int n;
s->asfd = -1;
safecpy(s->tr.hostid, user, sizeof(s->tr.hostid));
convTR2M(&s->tr, trbuf);
- if(write(s->asfd, trbuf, TICKREQLEN) != TICKREQLEN)
+ alarm(30*1000);
+ if(write(s->asfd, trbuf, TICKREQLEN) != TICKREQLEN){
+ alarm(0);
goto err;
- if(_asrdresp(s->asfd, s->chal, sizeof s->chal) <= 5)
+ }
+ n = _asrdresp(s->asfd, s->chal, sizeof s->chal);
+ alarm(0);
+ if(n <= 5)
goto err;
return 0;
int n;
Authenticator a;
+ /* send response to auth server */
+ if(strlen(response) != MD5dlen*2){
+ werrstr("response not MD5 digest");
+ goto err;
+ }
+
memrandom(s->tr.chal, CHALLEN);
safecpy(s->tr.uid, user, sizeof(s->tr.uid));
convTR2M(&s->tr, trbuf);
+ alarm(30*1000);
if((n=write(s->asfd, trbuf, TICKREQLEN)) != TICKREQLEN){
+ alarm(0);
if(n >= 0)
werrstr("short write to auth server");
goto err;
}
- /* send response to auth server */
- if(strlen(response) != MD5dlen*2){
- werrstr("response not MD5 digest");
- goto err;
- }
if((n=write(s->asfd, response, MD5dlen*2)) != MD5dlen*2){
+ alarm(0);
if(n >= 0)
werrstr("short write to auth server");
goto err;
}
- if(_asrdresp(s->asfd, ticket, TICKETLEN+AUTHENTLEN) < 0){
+ n = _asrdresp(s->asfd, ticket, TICKETLEN+AUTHENTLEN);
+ alarm(0);
+ if(n < 0){
/* leave connection open so we can try again */
return -1;
}
{
char *dom, *user;
char trbuf[TICKREQLEN];
+ int ret;
s->asfd = -1;
safecpy(s->tr.hostid, user, sizeof(s->tr.hostid));
convTR2M(&s->tr, trbuf);
- if(write(s->asfd, trbuf, TICKREQLEN) != TICKREQLEN)
+ alarm(30*1000);
+ if(write(s->asfd, trbuf, TICKREQLEN) != TICKREQLEN){
+ alarm(0);
goto err;
-
+ }
/* readn, not _asrdresp. needs to match auth.srv.c. */
- if(readn(s->asfd, s->chal, sizeof s->chal) != sizeof s->chal)
+ ret = readn(s->asfd, s->chal, sizeof s->chal);
+ alarm(0);
+ if(ret != sizeof s->chal)
goto err;
+
return 0;
err:
int n;
Authenticator a;
+ alarm(30*1000);
if((n=write(s->asfd, reply, nreply)) != nreply){
+ alarm(0);
if(n >= 0)
werrstr("short write to auth server");
goto err;
}
-
if(_asrdresp(s->asfd, ticket, TICKETLEN+AUTHENTLEN) < 0){
+ alarm(0);
/* leave connection open so we can try again */
return -1;
}
s->nsecret = readn(s->asfd, s->secret, sizeof s->secret);
+ alarm(0);
if(s->nsecret < 0)
s->nsecret = 0;
close(s->asfd);
return failure(fss, Ebadarg);
memset(resp, 0, sizeof resp);
memmove(resp, data, n);
- if(write(s->asfd, resp, s->challen) != s->challen)
- return failure(fss, Easproto);
+ alarm(30*1000);
+ if(write(s->asfd, resp, s->challen) != s->challen){
+ alarm(0);
+ return failure(fss, Easproto);
+ }
/* get ticket plus authenticator from auth server */
- if(_asrdresp(s->asfd, tbuf, TICKETLEN+AUTHENTLEN) < 0)
+ ret = _asrdresp(s->asfd, tbuf, TICKETLEN+AUTHENTLEN);
+ alarm(0);
+
+ if(ret < 0)
return failure(fss, nil);
/* check ticket */
s->asfd = _authdial(nil, _strfindattr(s->key->attr, "dom"));
if(s->asfd < 0)
return failure(fss, Easproto);
- if(write(s->asfd, trbuf, TICKREQLEN) != TICKREQLEN)
+ alarm(30*1000);
+ if(write(s->asfd, trbuf, TICKREQLEN) != TICKREQLEN){
+ alarm(0);
return failure(fss, Easproto);
+ }
n = _asrdresp(s->asfd, s->chal, s->challen);
+ alarm(0);
if(n <= 0){
if(n == 0)
werrstr("_asrdresp short read");
asfd = _authdial(nil, dom);
if(asfd < 0)
return -1;
+ alarm(30*1000);
rv = _asgetticket(asfd, trbuf, tbuf);
+ alarm(0);
close(asfd);
return rv;
}
_asgetticket(int fd, char *trbuf, char *tbuf)
{
if(write(fd, trbuf, TICKREQLEN) < 0){
- close(fd);
werrstr(pbmsg);
return -1;
}