diff options
Diffstat (limited to 'src/cmd/auth/secstore')
| -rw-r--r-- | src/cmd/auth/secstore/SConn.c | 8 | ||||
| -rw-r--r-- | src/cmd/auth/secstore/SConn.h | 24 | ||||
| -rw-r--r-- | src/cmd/auth/secstore/aescbc.c | 8 | ||||
| -rw-r--r-- | src/cmd/auth/secstore/dirls.c | 2 | ||||
| -rw-r--r-- | src/cmd/auth/secstore/pak.c | 66 | ||||
| -rw-r--r-- | src/cmd/auth/secstore/password.c | 8 | ||||
| -rw-r--r-- | src/cmd/auth/secstore/secstore.c | 14 | ||||
| -rw-r--r-- | src/cmd/auth/secstore/secstore.h | 22 | ||||
| -rw-r--r-- | src/cmd/auth/secstore/secstored.c | 16 | ||||
| -rw-r--r-- | src/cmd/auth/secstore/secureidcheck.c | 30 |
10 files changed, 99 insertions, 99 deletions
diff --git a/src/cmd/auth/secstore/SConn.c b/src/cmd/auth/secstore/SConn.c index 7a8654ac..9ad9a7cc 100644 --- a/src/cmd/auth/secstore/SConn.c +++ b/src/cmd/auth/secstore/SConn.c @@ -13,8 +13,8 @@ typedef struct ConnState { } ConnState; typedef struct SS{ - int fd; // file descriptor for read/write of encrypted data - int alg; // if nonzero, "alg sha rc4_128" + int fd; /* file descriptor for read/write of encrypted data */ + int alg; /* if nonzero, "alg sha rc4_128" */ ConnState in, out; } SS; @@ -31,7 +31,7 @@ SC_secret(SConn *conn, uchar *sigma, int direction) hmac_sha1(sigma, nsigma, (uchar*)"two", 3, ss->out.secret, nil); hmac_sha1(sigma, nsigma, (uchar*)"one", 3, ss->in.secret, nil); } - setupRC4state(&ss->in.rc4, ss->in.secret, 16); // restrict to 128 bits + setupRC4state(&ss->in.rc4, ss->in.secret, 16); /* restrict to 128 bits */ setupRC4state(&ss->out.rc4, ss->out.secret, 16); ss->alg = 1; return 0; @@ -82,7 +82,7 @@ SC_read(SConn *conn, uchar *buf, int n) snprint((char*)buf,n,"!SC_read invalid count"); return -1; } - len = (count[0]&0x7f)<<8 | count[1]; // SSL-style count; no pad + len = (count[0]&0x7f)<<8 | count[1]; /* SSL-style count; no pad */ if(ss->alg){ len -= SHA1dlen; if(len <= 0 || readn(ss->fd, digest, SHA1dlen) != SHA1dlen){ diff --git a/src/cmd/auth/secstore/SConn.h b/src/cmd/auth/secstore/SConn.h index 9a428d83..31765f3e 100644 --- a/src/cmd/auth/secstore/SConn.h +++ b/src/cmd/auth/secstore/SConn.h @@ -1,24 +1,24 @@ -// delimited, authenticated, encrypted connection -enum{ Maxmsg=4096 }; // messages > Maxmsg bytes are truncated +/* delimited, authenticated, encrypted connection */ +enum{ Maxmsg=4096 }; /* messages > Maxmsg bytes are truncated */ typedef struct SConn SConn; -extern SConn* newSConn(int); // arg is open file descriptor +extern SConn* newSConn(int); /* arg is open file descriptor */ struct SConn{ void *chan; int secretlen; - int (*secret)(SConn*, uchar*, int);// - int (*read)(SConn*, uchar*, int); // <0 if error; errmess in buffer + int (*secret)(SConn*, uchar*, int);/* */ + int (*read)(SConn*, uchar*, int); /* <0 if error; errmess in buffer */ int (*write)(SConn*, uchar*, int); - void (*free)(SConn*); // also closes file descriptor + void (*free)(SConn*); /* also closes file descriptor */ }; -// secret(s,b,dir) sets secret for digest, encrypt, using the secretlen -// bytes in b to form keys for the two directions; -// set dir=0 in client, dir=1 in server +/* secret(s,b,dir) sets secret for digest, encrypt, using the secretlen */ +/* bytes in b to form keys for the two directions; */ +/* set dir=0 in client, dir=1 in server */ -// error convention: write !message in-band +/* error convention: write !message in-band */ extern void writerr(SConn*, char*); -extern int readstr(SConn*, char*); // call with buf of size Maxmsg+1 - // returns -1 upon error, with error message in buf +extern int readstr(SConn*, char*); /* call with buf of size Maxmsg+1 */ + /* returns -1 upon error, with error message in buf */ extern void *emalloc(ulong); /* dies on failure; clears memory */ extern void *erealloc(void *, ulong); diff --git a/src/cmd/auth/secstore/aescbc.c b/src/cmd/auth/secstore/aescbc.c index 56aeb00b..86cb1bff 100644 --- a/src/cmd/auth/secstore/aescbc.c +++ b/src/cmd/auth/secstore/aescbc.c @@ -100,7 +100,7 @@ main(int argc, char **argv) aesCBCencrypt(buf+AESbsize, AESbsize, &aes); /* use second AESbsize bytes as initial plaintext */ safewrite(buf, 2*AESbsize); dstate = hmac_sha1(buf+AESbsize, AESbsize, key2, MD5dlen, 0, 0); - while(1){ + for(;;){ n = Bread(&bin, buf, BUF); if(n < 0){ fprint(2,"read error\n"); @@ -134,9 +134,9 @@ main(int argc, char **argv) exits("decrypted file failed to authenticate"); } }else{ /* compatibility with past mistake */ - // if file was encrypted with bad aescbc use this: - // memset(key, 0, AESmaxkey); - // else assume we're decrypting secstore files + /* if file was encrypted with bad aescbc use this: */ + /* memset(key, 0, AESmaxkey); */ + /* else assume we're decrypting secstore files */ setupAESstate(&aes, key, AESbsize, buf); saferead(buf, CHK); aesCBCdecrypt(buf, CHK, &aes); diff --git a/src/cmd/auth/secstore/dirls.c b/src/cmd/auth/secstore/dirls.c index b4479413..eaae8cdc 100644 --- a/src/cmd/auth/secstore/dirls.c +++ b/src/cmd/auth/secstore/dirls.c @@ -74,7 +74,7 @@ dirls(char *path) } for(list=nil, len=0, i=0; i<ndir; i++){ date = ctime(dirbuf[i].mtime); - date[28] = 0; // trim newline + date[28] = 0; /* trim newline */ n = snprint(buf, sizeof buf, "%*ulld %s", lenwid, dirbuf[i].length, date+4); n += enc64(dig, sizeof dig, sha1file(path, dirbuf[i].name), SHA1dlen); n += nmwid+3+strlen(dirbuf[i].name); diff --git a/src/cmd/auth/secstore/pak.c b/src/cmd/auth/secstore/pak.c index fb008e0f..effc01d9 100644 --- a/src/cmd/auth/secstore/pak.c +++ b/src/cmd/auth/secstore/pak.c @@ -1,6 +1,6 @@ -// PAK is an encrypted key exchange protocol designed by Philip MacKenzie et al. -// It is patented and use outside Plan 9 requires you get a license. -// (All other EKE protocols are patented as well, by Lucent or others.) +/* PAK is an encrypted key exchange protocol designed by Philip MacKenzie et al. */ +/* It is patented and use outside Plan 9 requires you get a license. */ +/* (All other EKE protocols are patented as well, by Lucent or others.) */ #include <u.h> #include <libc.h> #include <mp.h> @@ -19,7 +19,7 @@ typedef struct PAKparams{ static PAKparams *pak; -// from seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E +/* from seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E */ static void initPAKparams(void) { @@ -43,8 +43,8 @@ initPAKparams(void) nil, 16, nil); } -// H = (sha(ver,C,sha(passphrase)))^r mod p, -// a hash function expensive to attack by brute force. +/* H = (sha(ver,C,sha(passphrase)))^r mod p, */ +/* a hash function expensive to attack by brute force. */ static void longhash(char *ver, char *C, uchar *passwd, mpint *H) { @@ -70,7 +70,7 @@ longhash(char *ver, char *C, uchar *passwd, mpint *H) mpexp(H, pak->r, pak->p, H); } -// Hi = H^-1 mod p +/* Hi = H^-1 mod p */ char * PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi) { @@ -83,8 +83,8 @@ PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi) return mptoa(Hi, 64, nil, 0); } -// another, faster, hash function for each party to -// confirm that the other has the right secrets. +/* another, faster, hash function for each party to */ +/* confirm that the other has the right secrets. */ static void shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi, uchar *digest) { @@ -106,12 +106,12 @@ shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi sha1((uchar*)Hi, strlen(Hi), digest, state); } -// On input, conn provides an open channel to the server; -// C is the name this client calls itself; -// pass is the user's passphrase -// On output, session secret has been set in conn -// (unless return code is negative, which means failure). -// If pS is not nil, it is set to the (alloc'd) name the server calls itself. +/* On input, conn provides an open channel to the server; */ +/* C is the name this client calls itself; */ +/* pass is the user's passphrase */ +/* On output, session secret has been set in conn */ +/* (unless return code is negative, which means failure). */ +/* If pS is not nil, it is set to the (alloc'd) name the server calls itself. */ int PAKclient(SConn *conn, char *C, char *pass, char **pS) { @@ -124,9 +124,9 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) hexHi = PAK_Hi(C, pass, H, Hi); if(verbose) - fprint(2,"%s\n", feedback[H->p[0]&0x7]); // provide a clue to catch typos + fprint(2,"%s\n", feedback[H->p[0]&0x7]); /* provide a clue to catch typos */ - // random 1<=x<=q-1; send C, m=g**x H + /* random 1<=x<=q-1; send C, m=g**x H */ x = mprand(240, genrandom, nil); mpmod(x, pak->q, x); if(mpcmp(x, mpzero) == 0) @@ -140,7 +140,7 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) snprint(mess, Maxmsg, "%s\tPAK\nC=%s\nm=%s\n", VERSION, C, hexm); conn->write(conn, (uchar*)mess, strlen(mess)); - // recv g**y, S, check hash1(g**xy) + /* recv g**y, S, check hash1(g**xy) */ if(readstr(conn, mess) < 0){ fprint(2, "error: %s\n", mess); writerr(conn, "couldn't read g**y"); @@ -179,13 +179,13 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) goto done; } - // send hash2(g**xy) + /* send hash2(g**xy) */ shorthash("client", C, S, hexm, hexmu, hexsigma, hexHi, digest); enc64(kc, sizeof kc, digest, SHA1dlen); snprint(mess2, Maxmsg, "k'=%s\n", kc); conn->write(conn, (uchar*)mess2, strlen(mess2)); - // set session key + /* set session key */ shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest); memset(hexsigma, 0, strlen(hexsigma)); n = conn->secret(conn, digest, 0); @@ -210,12 +210,12 @@ done: return rc; } -// On input, -// mess contains first message; -// name is name this server should call itself. -// On output, session secret has been set in conn; -// if pw!=nil, then *pw points to PW struct for authenticated user. -// returns -1 if error +/* On input, */ +/* mess contains first message; */ +/* name is name this server should call itself. */ +/* On output, session secret has been set in conn; */ +/* if pw!=nil, then *pw points to PW struct for authenticated user. */ +/* returns -1 if error */ int PAKserver(SConn *conn, char *S, char *mess, PW **pwp) { @@ -227,7 +227,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) mpint *y = nil, *m = mpnew(0), *mu = mpnew(0), *sigma = mpnew(0); PW *pw = nil; - // secstore version and algorithm + /* secstore version and algorithm */ snprint(mess2,Maxmsg,"%s\tPAK\n", VERSION); n = strlen(mess2); if(strncmp(mess,mess2,n) != 0){ @@ -237,7 +237,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) mess += n; initPAKparams(); - // parse first message into C, m + /* parse first message into C, m */ eol = strchr(mess, '\n'); if(strncmp("C=", mess, 2) != 0 || !eol){ fprint(2,"mess[1]=%s\n", mess); @@ -256,7 +256,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) strtomp(hexm, nil, 64, m); mpmod(m, pak->p, m); - // lookup client + /* lookup client */ if((pw = getPW(C,0)) == nil) { snprint(mess2, sizeof mess2, "%r"); writerr(conn, mess2); @@ -270,7 +270,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) } hexHi = mptoa(pw->Hi, 64, nil, 0); - // random y, mu=g**y, sigma=g**xy + /* random y, mu=g**y, sigma=g**xy */ y = mprand(240, genrandom, nil); mpmod(y, pak->q, y); if(mpcmp(y, mpzero) == 0){ @@ -281,7 +281,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) mpmod(m, pak->p, m); mpexp(m, y, pak->p, sigma); - // send g**y, hash1(g**xy) + /* send g**y, hash1(g**xy) */ hexmu = mptoa(mu, 64, nil, 0); hexsigma = mptoa(sigma, 64, nil, 0); shorthash("server", C, S, hexm, hexmu, hexsigma, hexHi, digest); @@ -289,7 +289,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) snprint(mess2, sizeof mess2, "mu=%s\nk=%s\nS=%s\n", hexmu, ks, S); conn->write(conn, (uchar*)mess2, strlen(mess2)); - // recv hash2(g**xy) + /* recv hash2(g**xy) */ if(readstr(conn, mess2) < 0){ writerr(conn, "couldn't read verifier"); goto done; @@ -308,7 +308,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) goto done; } - // set session key + /* set session key */ shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest); n = conn->secret(conn, digest, 1); if(n < 0){ diff --git a/src/cmd/auth/secstore/password.c b/src/cmd/auth/secstore/password.c index aacadd9b..b2a00e72 100644 --- a/src/cmd/auth/secstore/password.c +++ b/src/cmd/auth/secstore/password.c @@ -42,7 +42,7 @@ getPW(char *id, int dead_or_alive) uint now = time(0); Biobuf *bin; PW *pw; - char *f1, *f2; // fields 1, 2 = attribute, value + char *f1, *f2; /* fields 1, 2 = attribute, value */ if((bin = openPW(id, OREAD)) == 0){ id = "FICTITIOUS"; @@ -75,7 +75,7 @@ getPW(char *id, int dead_or_alive) } Bterm(bin); if(dead_or_alive) - return pw; // return PW entry for editing, whether currently valid or not + return pw; /* return PW entry for editing, whether currently valid or not */ if(pw->expire <= now){ werrstr("account expired"); freePW(pw); @@ -87,14 +87,14 @@ getPW(char *id, int dead_or_alive) return nil; } if(pw->failed < 10) - return pw; // success + return pw; /* success */ if(now < mtimePW(id)+300){ werrstr("too many failures; try again in five minutes"); freePW(pw); return nil; } pw->failed = 0; - putPW(pw); // reset failed-login-counter after five minutes + putPW(pw); /* reset failed-login-counter after five minutes */ return pw; } diff --git a/src/cmd/auth/secstore/secstore.c b/src/cmd/auth/secstore/secstore.c index cb6e585e..571c6fae 100644 --- a/src/cmd/auth/secstore/secstore.c +++ b/src/cmd/auth/secstore/secstore.c @@ -142,8 +142,8 @@ getfile(SConn *conn, char *gf, uchar **buf, ulong *buflen, uchar *key, int nkey) return 0; } -// This sends a file to the secstore disk that can, in an emergency, be -// decrypted by the program aescbc.c. +/* This sends a file to the secstore disk that can, in an emergency, be */ +/* decrypted by the program aescbc.c. */ static int putfile(SConn *conn, char *pf, uchar *buf, ulong len, uchar *key, int nkey) { @@ -206,7 +206,7 @@ putfile(SConn *conn, char *pf, uchar *buf, ulong len, uchar *key, int nkey) ivo = 0; if(n < Maxmsg){ /* EOF on input; append XX... */ memset(b+n, 'X', CHK); - n += CHK; // might push n>Maxmsg + n += CHK; /* might push n>Maxmsg */ done = 1; } aesCBCencrypt(b, n, &aes); @@ -255,7 +255,7 @@ cmd(AuthConn *c, char **gf, int *Gflag, char **pf, char **rf) if(getfile(c->conn, *gf, *Gflag ? &memfile : nil, &len, (uchar*)c->pass, c->passlen) < 0) goto Out; if(*Gflag){ - // write one line at a time, as required by /mnt/factotum/ctl + /* write one line at a time, as required by /mnt/factotum/ctl */ memcur = memfile; while(len>0){ memnext = (uchar*)strchr((char*)memcur, '\n'); @@ -309,7 +309,7 @@ chpasswd(AuthConn *c, char *id) H = mpnew(0); Hi = mpnew(0); - // changing our password is vulnerable to connection failure + /* changing our password is vulnerable to connection failure */ for(;;){ snprint(prompt, sizeof(prompt), "new password for %s: ", id); newpass = readcons(prompt, nil, 1); @@ -392,7 +392,7 @@ login(char *id, char *dest, int pass_stdin, int pass_nvram) strecpy(c->pass, c->pass+sizeof c->pass, nvr.config); } if(pass_stdin){ - n = readn(0, s, Maxmsg-2); // so len(PINSTA)<Maxmsg-3 + n = readn(0, s, Maxmsg-2); /* so len(PINSTA)<Maxmsg-3 */ if(n < 1) exits("no password on standard input"); s[n] = 0; @@ -442,7 +442,7 @@ login(char *id, char *dest, int pass_stdin, int pass_nvram) exits("invalid password on standard input"); if(pass_nvram) exits("invalid password in nvram"); - // and let user try retyping the password + /* and let user try retyping the password */ if(ntry==3) fprint(2, "Enter an empty password to quit.\n"); } diff --git a/src/cmd/auth/secstore/secstore.h b/src/cmd/auth/secstore/secstore.h index dbd2ec9c..d9cb807d 100644 --- a/src/cmd/auth/secstore/secstore.h +++ b/src/cmd/auth/secstore/secstore.h @@ -1,26 +1,26 @@ enum{ MAXFILESIZE = 10*1024*1024 }; -enum{// PW status bits +enum{/* PW status bits */ Enabled = (1<<0), - STA = (1<<1), // extra SecurID step + STA = (1<<1) /* extra SecurID step */ }; typedef struct PW { - char *id; // user id - ulong expire; // expiration time (epoch seconds) - ushort status; // Enabled, STA, ... - ushort failed; // number of failed login attempts - char *other; // other information, e.g. sponsor - mpint *Hi; // H(passphrase)^-1 mod p + char *id; /* user id */ + ulong expire; /* expiration time (epoch seconds) */ + ushort status; /* Enabled, STA, ... */ + ushort failed; /* number of failed login attempts */ + char *other; /* other information, e.g. sponsor */ + mpint *Hi; /* H(passphrase)^-1 mod p */ } PW; PW *getPW(char *, int); int putPW(PW *); void freePW(PW *); -// *client: SConn, client name, passphrase -// *server: SConn, (partial) 1st msg, PW entry -// *setpass: Username, hashed passphrase, PW entry +/* *client: SConn, client name, passphrase */ +/* *server: SConn, (partial) 1st msg, PW entry */ +/* *setpass: Username, hashed passphrase, PW entry */ int PAKclient(SConn *, char *, char *, char **); int PAKserver(SConn *, char *, char *, PW **); char *PAK_Hi(char *, char *, mpint *, mpint *); diff --git a/src/cmd/auth/secstore/secstored.c b/src/cmd/auth/secstore/secstored.c index ecf59e2f..9a3c4b66 100644 --- a/src/cmd/auth/secstore/secstored.c +++ b/src/cmd/auth/secstore/secstored.c @@ -8,7 +8,7 @@ #include "secstore.h" char *SECSTORE_DIR; -char* secureidcheck(char *, char *); // from /sys/src/cmd/auth/ +char* secureidcheck(char *, char *); /* from /sys/src/cmd/auth/ */ extern char* dirls(char *path); int verbose; @@ -247,7 +247,7 @@ dologin(int fd, char *S, int forceSTA) pw = nil; rv = -1; - // collect the first message + /* collect the first message */ if((conn = newSConn(fd)) == nil) return -1; if(readstr(conn, msg) < 0){ @@ -256,7 +256,7 @@ dologin(int fd, char *S, int forceSTA) goto Out; } - // authenticate + /* authenticate */ if(PAKserver(conn, S, msg, &pw) < 0){ if(pw != nil) syslog(0, LOG, "secstore denied for %s", pw->id); @@ -277,7 +277,7 @@ dologin(int fd, char *S, int forceSTA) conn->write(conn, (uchar*)"OK", 2); syslog(0, LOG, "AUTH %s", pw->id); - // perform operations as asked + /* perform operations as asked */ while((n = readstr(conn, msg)) > 0){ syslog(0, LOG, "[%s] %s", pw->id, msg); @@ -346,7 +346,7 @@ main(int argc, char **argv) S = sysname(); SECSTORE_DIR = unsharp("#9/secstore"); -// setnetmtpt(net, sizeof(net), nil); +/* setnetmtpt(net, sizeof(net), nil); */ ARGBEGIN{ case 'R': forceSTA = 1; @@ -362,7 +362,7 @@ main(int argc, char **argv) if(p == nil) usage(); USED(p); - // setnetmtpt(net, sizeof(net), p); + /* setnetmtpt(net, sizeof(net), p); */ break; case 'v': verbose++; @@ -395,7 +395,7 @@ main(int argc, char **argv) close(lcfd); break; case 0: - // "/lib/ndb/common.radius does not exist" if db set before fork + /* "/lib/ndb/common.radius does not exist" if db set before fork */ db = ndbopen(dbpath=unsharp("#9/ndb/auth")); if(db == 0) syslog(0, LOG, "no ndb/auth"); @@ -405,7 +405,7 @@ main(int argc, char **argv) db = ndbcat(db, db2); if((dfd = accept(lcfd, ldir)) < 0) exits("can't accept"); - alarm(30*60*1000); // 30 min + alarm(30*60*1000); /* 30 min */ remote = remoteIP(ldir); syslog(0, LOG, "secstore from %s", remote); free(remote); diff --git a/src/cmd/auth/secstore/secureidcheck.c b/src/cmd/auth/secstore/secureidcheck.c index 95adb385..8ef6f6aa 100644 --- a/src/cmd/auth/secstore/secureidcheck.c +++ b/src/cmd/auth/secstore/secureidcheck.c @@ -29,7 +29,7 @@ typedef struct Secret{ typedef struct Attribute{ struct Attribute *next; uchar type; - uchar len; // number of bytes in value + uchar len; /* number of bytes in value */ uchar val[256]; } Attribute; @@ -39,7 +39,7 @@ typedef struct Packet{ Attribute first; } Packet; -// assumes pass is at most 16 chars +/* assumes pass is at most 16 chars */ void hide(Secret *shared, uchar *auth, Secret *pass, uchar *x) { @@ -60,9 +60,9 @@ authcmp(Secret *shared, uchar *buf, int m, uchar *auth) DigestState *M; uchar x[16]; - M = md5(buf, 4, nil, nil); // Code+ID+Length - M = md5(auth, 16, nil, M); // RequestAuth - M = md5(buf+20, m-20, nil, M); // Attributes + M = md5(buf, 4, nil, nil); /* Code+ID+Length */ + M = md5(auth, 16, nil, M); /* RequestAuth */ + M = md5(buf+20, m-20, nil, M); /* Attributes */ md5(shared->s, shared->len, x, M); return memcmp(x, buf+4, 16); } @@ -118,7 +118,7 @@ rpc(char *dest, Secret *shared, Packet *req) Attribute *a; int m, n, fd, try; - // marshal request + /* marshal request */ e = buf + sizeof buf; buf[0] = req->code; buf[1] = req->ID; @@ -136,7 +136,7 @@ rpc(char *dest, Secret *shared, Packet *req) buf[2] = n>>8; buf[3] = n; - // send request, wait for reply + /* send request, wait for reply */ fd = dial(dest, 0, 0, 0); if(fd < 0){ syslog(0, AUTHLOG, "%s: rpc can't get udp channel", dest); @@ -156,9 +156,9 @@ rpc(char *dest, Secret *shared, Packet *req) alarm(0); if(m < 0){ syslog(0, AUTHLOG, "%s rpc read err %d: %r", dest, m); - break; // failure + break; /* failure */ } - if(m == 0 || buf2[1] != buf[1]){ // need matching ID + if(m == 0 || buf2[1] != buf[1]){ /* need matching ID */ syslog(0, AUTHLOG, "%s unmatched reply %d", dest, m); continue; } @@ -170,7 +170,7 @@ rpc(char *dest, Secret *shared, Packet *req) if(m <= 0) return nil; - // unmarshal reply + /* unmarshal reply */ b = buf2; e = buf2+m; resp = (Packet*)malloc(sizeof(*resp)); @@ -192,18 +192,18 @@ rpc(char *dest, Secret *shared, Packet *req) while(1){ if(b >= e){ a->next = nil; - break; // exit loop + break; /* exit loop */ } a->type = *b++; a->len = (*b++) - 2; - if(b + a->len > e){ // corrupt packet + if(b + a->len > e){ /* corrupt packet */ a->next = nil; freePacket(resp); return nil; } memmove(a->val, b, a->len); b += a->len; - if(b < e){ // any more attributes? + if(b < e){ /* any more attributes? */ a->next = (Attribute*)malloc(sizeof(*a)); if(a->next == nil){ free(req); @@ -230,7 +230,7 @@ setAttribute(Packet *p, uchar type, uchar *s, int n) } a->type = type; a->len = n; - if(a->len > 253 ) // RFC2138, section 5 + if(a->len > 253 ) /* RFC2138, section 5 */ a->len = 253; memmove(a->val, s, a->len); return 0; @@ -435,7 +435,7 @@ secureidcheck(char *user, char *response) syslog(0, AUTHLOG, "%s code=%d ruser=%s %s", dest, resp->code, ruser, replymsg(resp)); break; } - break; // we have a proper reply, no need to ask again + break; /* we have a proper reply, no need to ask again */ } ndbfree(t); free(radiussecret); |