#include #include #include #include #include "authsrv.h" /* * c -> a client * a -> c challenge prompt * c -> a KC'{challenge} * a -> c OK or NO */ void catchalarm(void*, char*); char user[NAMELEN]; void main(int argc, char *argv[]) { char *ukey, resp[32], buf[NETCHLEN]; long chal; int n; USED(argc, argv); argv0 = "guard"; srand(getpid()*time(0)); notify(catchalarm); /* * read the host and client and get their keys */ if(readarg(0, user, sizeof user) < 0) fail(0); /* * challenge-response */ chal = lnrand(MAXNETCHAL); sprint(buf, "challenge: %lud\nresponse: ", chal); n = strlen(buf) + 1; if(write(1, buf, n) != n){ syslog(0, AUTHLOG, "error: %r replying to server"); exits("replying to server"); } alarm(3*60*1000); if(readarg(0, resp, sizeof resp) < 0) fail(0); alarm(0); ukey = findnetkey(user); if(!ukey){ write(1, "NO", 2); syslog(0, AUTHLOG, "user not found"); fail(0); } if(!netcheck(ukey, chal, resp)){ ukey = findkey(user); if(!ukey || !netcheck(ukey, chal, resp)){ write(1, "NO", 2); syslog(0, AUTHLOG, "user %s: bad response", user); fail(user); } } write(1, "OK", 2); syslog(0, AUTHLOG, "user %s ok", user); succeed(user); exits(0); } void catchalarm(void *x, char *msg) { USED(x, msg); syslog(0, AUTHLOG, "user response timed out"); fail(0); }