glenda.party
term% ls -F
term% cat index.txt
AUTHSRV(2)                    System Calls Manual                   AUTHSRV(2)



NAME
       authdial,  passtokey,  nvcsum,  readnvram,  convT2M, convM2T, convTR2M,
       convM2TR, convA2M, convM2A, convPR2M, convM2PR, _asgetticket, _asrdresp
       - routines for communicating with authentication servers

SYNOPSIS
       #include <u.h>
       #include <libc.h>
       #include <authsrv.h>

       int     authdial(char *netroot, char *ad);

       int     passtokey(char key[DESKEYLEN], char *password)

       uchar   nvcsum(void *mem, int len)

       int     readnvram(Nvrsafe  *nv,  int  flag); int     convT2M(Ticket *t,
       char *msg, char *key)

       void    convM2T(char *msg, Ticket *t, char *key)

       int     convA2M(Authenticator *a, char *msg, char *key)

       void    convM2A(char *msg, Authenticator *a, char *key)

       int     convTR2M(Ticketreq *tr, char *msg)

       void    convM2TR(char *msg, Ticketreq *tr)

       int     convPR2M(Passwordreq *pr, char *msg, char *key)

       void    convM2PR(char *msg, Passwordreq *pr, char *key)

       int     _asgetticket(int fd, char *trbuf, char *tbuf);

       int     _asrdresp(int fd, char *buf, int len);

DESCRIPTION
       Authdial dials an authentication server over the network rooted at net,
       default /net.  The authentication domain, ad, specifies which server to
       call.  If ad is non-nil, the  connection  server  cs  (see  ndb(8))  is
       queried  for  an  entry which contains authdom=ad or dom=ad, the former
       having precedence, and which also contains an auth  attribute.   If  it
       finds  neither, it tries p9auth.ad in DNS as the authentication server.
       The string dialed is then netroot!server!ticket  where  server  is  the
       value of the auth attribute.  If no entry is found, the error string is
       set to ``no authentication server found'' and -1 is returned.  If auth‐
       dom is nil, the string netroot!$auth!ticket is used to make the call.

       Passtokey  converts  password  into  a DES key and stores the result in
       key.  It returns 0 if password could not be converted, and 1 otherwise.

       Readnvram reads authentication information into the structure:

       struct Nvrsafe
       {
           char        machkey[DESKEYLEN];/* was file server's authid's des key */
           uchar       machsum;
           char        authkey[DESKEYLEN];/* authid's des key from password */
           uchar       authsum;
           /*
            * file server config string of device holding full configuration;
            * secstore key on non-file-servers.
            */
           char        config[CONFIGLEN];
           uchar       configsum;
           char        authid[ANAMELEN];/* auth userid, e.g., bootes */
           uchar       authidsum;
           char        authdom[DOMLEN]; /* auth domain, e.g., cs.bell-labs.com */
           uchar       authdomsum;
       };

       On Sparc, MIPS, and SGI machines this information  is  in  non-volatile
       ram,  accessible  in  the  file #r/nvram.  On x86s and Alphas readnvram
       successively opens the following areas stopping with the first to  suc‐
       ceed:

       -  the partition named by the $nvram environment variable (commonly set
       via plan9.ini(8))
       - the partition #S/sdC0/nvram
       - a file called plan9.nvr in the partition #S/sdC0/9fat
       - the partition #S/sd00/nvram
       - a file called plan9.nvr in the partition #S/sd00/9fat
       - a file called plan9.nvr on a DOS floppy in drive 0
       - a file called plan9.nvr on a DOS floppy in drive 1

       The nvcsums of the fields machkey, authid, and authdom must match their
       respective  checksum or that field is zeroed.  If flag is NVwrite or at
       least one checksum fails  and  flag  is  NVwriteonerr,  readnvram  will
       prompt  for new values on #c/cons and then write them back to the stor‐
       age area.  If flag is NVwritemem, readnvram will write  the  values  in
       *nv back to the storage area.

       ConvT2M,  convA2M,  convTR2M, and convPR2M convert tickets, authentica‐
       tors, ticket requests, and  password  change  request  structures  into
       transmittable  messages.   ConvM2T, convM2A, convM2TR, and convM2PR are
       used to convert them back.  Key is used for encrypting the message  be‐
       fore transmission and decrypting after reception.

       The  routine  _asgetresp  receives either a character array or an error
       string.  On error, it sets errstr and returns -1.   If  successful,  it
       returns the number of bytes received.

       The  routine  _asgetticket sends a ticket request message and then uses
       _asgetresp to recieve an answer.

SOURCE
       /sys/src/libauthsrv

SEE ALSO
       passwd(1), cons(3), dial(2), authsrv(6),

DIAGNOSTICS
       These routines set errstr.  Integer-valued functions return -1  on  er‐
       ror.



                                                                    AUTHSRV(2)