Google Git
Sign in
plan9port / plan9 / 24f4e66b12cf0501d0f239ade10b2963f46e6755 / . / man / man3 / authsrv.3
blob: c8f3330dc15f37cc4361d4d0877b1ac1134a6488 [file] [log] [blame]
rsccfa37a72004-04-10 18:53:55 +0000[diff] [blame]1.TH AUTHSRV 3
2.SH NAME
3authdial, passtokey, nvcsum, readnvram, convT2M, convM2T, convTR2M, convM2TR, convA2M, convM2A, convPR2M, convM2PR, _asgetticket, _asrdresp \- routines for communicating with authentication servers
4.SH SYNOPSIS
5.nf
6.PP
7.ft L
8#include <u.h>
9#include <libc.h>
10#include <authsrv.h>
11.fi
12.ta 8n +4n +4n +4n +4n +4n +4n
13.PP
14.B
15int authdial(char *netroot, char *ad);
16.PP
17.B
18int passtokey(char key[DESKEYLEN], char *password)
19.PP
20.B
21uchar nvcsum(void *mem, int len)
22.PP
23.B
24int readnvram(Nvrsafe *nv, int flag);
25.PPP
26.B
27int convT2M(Ticket *t, char *msg, char *key)
28.PP
29.B
30void convM2T(char *msg, Ticket *t, char *key)
31.PP
32.B
33int convA2M(Authenticator *a, char *msg, char *key)
34.PP
35.B
36void convM2A(char *msg, Authenticator *a, char *key)
37.PP
38.B
39int convTR2M(Ticketreq *tr, char *msg)
40.PP
41.B
42void convM2TR(char *msg, Ticketreq *tr)
43.PP
44.B
45int convPR2M(Passwordreq *pr, char *msg, char *key)
46.PP
47.B
48void convM2PR(char *msg, Passwordreq *pr, char *key)
49.PP
50.B
51int _asgetticket(int fd, char *trbuf, char *tbuf);
52.PP
53.B
54int _asrdresp(int fd, char *buf, int len);
55.SH DESCRIPTION
56.PP
57.I Authdial
58dials an authentication server over the
59network rooted at
60.IR net ,
61default
62.BR /net .
63The authentication domain,
64.IR ad ,
65specifies which server to call.
66If
67.I ad
68is non-nil,
69the connection server
70.B cs
71(see
72.IR ndb (8))
73is queried for an entry which contains
74.B authdom=\fIad\fP
75or
76.BR dom=\fIad\fP ,
77the former having precedence,
78and which also contains an
79.B auth
80attribute.
81The string dialed is then
82.I netroot\fP!\fIserver\fP!ticket
83where
84.I server
85is the value of the
86.B auth
87attribute.
88If no entry is found, the error string is
89set to ``no authentication server found''
90and -1 is returned.
91If
92.I authdom
93is nil, the string
94.IB netroot !$auth! ticket
95is used to make the call.
96.PP
97.I Passtokey
98converts
99.I password
100into a DES key and stores the result in
101.IR key .
102It returns 0 if
103.I password
104could not be converted,
105and 1 otherwise.
106.PP
107.I Readnvram
108reads authentication information into the structure:
109.EX
110.ta 4n +4n +8n +4n +4n +4n +4n
111 struct Nvrsafe
112 {
113 char machkey[DESKEYLEN];
114 uchar machsum;
115 char authkey[DESKEYLEN];
116 uchar authsum;
117 char config[CONFIGLEN];
118 uchar configsum;
119 char authid[ANAMELEN];
120 uchar authidsum;
121 char authdom[DOMLEN];
122 uchar authdomsum;
123 };
124.EE
125.PP
126On Sparc, MIPS, and SGI machines this information is
127in non-volatile ram, accessible in the file
128.BR #r/nvram .
129On x86s and Alphas
130.I readnvram
131successively opens the following areas stopping with the
132first to succeed:
133.PP
134\- the partition named by the
135.B $nvram
136environment variable
137(commonly set via
138.IR plan9.ini (8))
139.br
140\- the partition
141.B #S/sdC0/nvram
142.br
143\- a file called
144.B plan9.nvr
145in the partition
146.B #S/sdC0/9fat
147.br
148\- the partition
149.B #S/sd00/nvram
150.br
151\- a file called
152.B plan9.nvr
153in the partition
154.B #S/sd00/9fat
155.br
156\- a file called
157.B plan9.nvr
158on a DOS floppy in drive 0
159.br
160\- a file called
161.B plan9.nvr
162on a DOS floppy in drive 1
163.PP
164The
165.IR nvcsum s
166of the fields
167.BR machkey ,
168.BR authid ,
169and
170.B authdom
171must match their respective checksum or that field is zeroed.
172If
173.I flag
174is
175.B NVwrite
176or at least one checksum fails and
177.I flag
178is
179.BR NVwriteonerr ,
180.I readnvram
181will prompt for new values on
182.B #c/cons
183and then write them back to the storage area.
184.PP
185.IR ConvT2M ,
186.IR convA2M ,
187.IR convTR2M ,
188and
189.I convPR2M
190convert tickets, authenticators, ticket requests, and password change request
191structures into transmittable messages.
192.IR ConvM2T ,
193.IR convM2A ,
194.IR convM2TR ,
195and
196.I convM2PR
197are used to convert them back.
198.I Key
199is used for encrypting the message before transmission and decrypting
200after reception.
201.PP
202The routine
203.I _asgetresp
204receives either a character array or an error string.
205On error, it sets errstr and returns -1. If successful,
206it returns the number of bytes received.
207.PP
208The routine
209.I _asgetticket
210sends a ticket request message and then uses
211.I _asgetresp
212to recieve an answer.
213.SH SOURCE
rscb5fdffe2004-04-19 19:22:56 +0000[diff] [blame]214.B /usr/local/plan9/src/libauthsrv
rsccfa37a72004-04-10 18:53:55 +0000[diff] [blame]215.SH SEE ALSO
216.IR passwd (1),
217.IR cons (3),
rscbf8a59f2004-04-11 03:42:27 +0000[diff] [blame]218.IR dial (3),
rsccfa37a72004-04-10 18:53:55 +0000[diff] [blame]219.IR authsrv (6),
220.SH DIAGNOSTICS
221These routines set
222.IR errstr .
223Integer-valued functions return -1 on error.