From cbeb0b26e4c7caa8d1b47de791a7418dc20a4567 Mon Sep 17 00:00:00 2001 From: rsc Date: Sat, 1 Apr 2006 19:24:03 +0000 Subject: Use gcc -ansi -pedantic in 9c. Fix many non-C89-isms. --- src/cmd/auth/factotum/secstore.c | 72 ++++++++++++++++++++-------------------- 1 file changed, 36 insertions(+), 36 deletions(-) (limited to 'src/cmd/auth/factotum/secstore.c') diff --git a/src/cmd/auth/factotum/secstore.c b/src/cmd/auth/factotum/secstore.c index 0156e170..315de0eb 100644 --- a/src/cmd/auth/factotum/secstore.c +++ b/src/cmd/auth/factotum/secstore.c @@ -10,9 +10,9 @@ enum{ CHK = 16}; enum{ MAXFILESIZE = 10*1024*1024 }; -enum{// PW status bits +enum{/* PW status bits */ Enabled = (1<<0), - STA = (1<<1), // extra SecurID step + STA = (1<<1) /* extra SecurID step */ }; static char testmess[] = "__secstore\tPAK\nC=%s\nm=0\n"; @@ -75,28 +75,28 @@ havesecstore(void) return strcmp((char*)buf, "!account exists") == 0; } -// delimited, authenticated, encrypted connection -enum{ Maxmsg=4096 }; // messages > Maxmsg bytes are truncated +/* delimited, authenticated, encrypted connection */ +enum{ Maxmsg=4096 }; /* messages > Maxmsg bytes are truncated */ typedef struct SConn SConn; -extern SConn* newSConn(int); // arg is open file descriptor +extern SConn* newSConn(int); /* arg is open file descriptor */ struct SConn{ void *chan; int secretlen; - int (*secret)(SConn*, uchar*, int);// - int (*read)(SConn*, uchar*, int); // <0 if error; errmess in buffer + int (*secret)(SConn*, uchar*, int);/* */ + int (*read)(SConn*, uchar*, int); /* <0 if error; errmess in buffer */ int (*write)(SConn*, uchar*, int); - void (*free)(SConn*); // also closes file descriptor + void (*free)(SConn*); /* also closes file descriptor */ }; -// secret(s,b,dir) sets secret for digest, encrypt, using the secretlen -// bytes in b to form keys for the two directions; -// set dir=0 in client, dir=1 in server +/* secret(s,b,dir) sets secret for digest, encrypt, using the secretlen */ +/* bytes in b to form keys for the two directions; */ +/* set dir=0 in client, dir=1 in server */ -// error convention: write !message in-band +/* error convention: write !message in-band */ #define readstr secstore_readstr static void writerr(SConn*, char*); -static int readstr(SConn*, char*); // call with buf of size Maxmsg+1 - // returns -1 upon error, with error message in buf +static int readstr(SConn*, char*); /* call with buf of size Maxmsg+1 */ + /* returns -1 upon error, with error message in buf */ typedef struct ConnState { uchar secret[SHA1dlen]; @@ -105,8 +105,8 @@ typedef struct ConnState { } ConnState; typedef struct SS{ - int fd; // file descriptor for read/write of encrypted data - int alg; // if nonzero, "alg sha rc4_128" + int fd; /* file descriptor for read/write of encrypted data */ + int alg; /* if nonzero, "alg sha rc4_128" */ ConnState in, out; } SS; @@ -123,7 +123,7 @@ SC_secret(SConn *conn, uchar *sigma, int direction) hmac_sha1(sigma, nsigma, (uchar*)"two", 3, ss->out.secret, nil); hmac_sha1(sigma, nsigma, (uchar*)"one", 3, ss->in.secret, nil); } - setupRC4state(&ss->in.rc4, ss->in.secret, 16); // restrict to 128 bits + setupRC4state(&ss->in.rc4, ss->in.secret, 16); /* restrict to 128 bits */ setupRC4state(&ss->out.rc4, ss->out.secret, 16); ss->alg = 1; return 0; @@ -174,7 +174,7 @@ SC_read(SConn *conn, uchar *buf, int n) werrstr("!SC_read invalid count"); return -1; } - len = (count[0]&0x7f)<<8 | count[1]; // SSL-style count; no pad + len = (count[0]&0x7f)<<8 | count[1]; /* SSL-style count; no pad */ if(ss->alg){ len -= SHA1dlen; if(len <= 0 || readn(ss->fd, digest, SHA1dlen) != SHA1dlen){ @@ -328,7 +328,7 @@ getfile(SConn *conn, uchar *key, int nkey) if((len = atoi(s)) < 0){ werrstr("secstore: remote file %s does not exist", gf); return -1; - }else if(len > MAXFILESIZE){//assert + }else if(len > MAXFILESIZE){/*assert */ werrstr("secstore: implausible file size %d for %s", len, gf); return -1; } @@ -400,7 +400,7 @@ typedef struct PAKparams{ static PAKparams *pak; -// This group was generated by the seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E. +/* This group was generated by the seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E. */ static void initPAKparams(void) { @@ -422,8 +422,8 @@ initPAKparams(void) "2A6E0BAE08B14258F8C03CC1B30E0DDADFCF7CEDF0727684D3D255F1", nil, 16, nil); } -// H = (sha(ver,C,sha(passphrase)))^r mod p, -// a hash function expensive to attack by brute force. +/* H = (sha(ver,C,sha(passphrase)))^r mod p, */ +/* a hash function expensive to attack by brute force. */ static void longhash(char *ver, char *C, uchar *passwd, mpint *H) { @@ -449,7 +449,7 @@ longhash(char *ver, char *C, uchar *passwd, mpint *H) mpexp(H, pak->r, pak->p, H); } -// Hi = H^-1 mod p +/* Hi = H^-1 mod p */ static char * PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi) { @@ -462,8 +462,8 @@ PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi) return mptoa(Hi, 64, nil, 0); } -// another, faster, hash function for each party to -// confirm that the other has the right secrets. +/* another, faster, hash function for each party to */ +/* confirm that the other has the right secrets. */ static void shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi, uchar *digest) { @@ -485,12 +485,12 @@ shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi sha1((uchar*)Hi, strlen(Hi), digest, state); } -// On input, conn provides an open channel to the server; -// C is the name this client calls itself; -// pass is the user's passphrase -// On output, session secret has been set in conn -// (unless return code is negative, which means failure). -// If pS is not nil, it is set to the (alloc'd) name the server calls itself. +/* On input, conn provides an open channel to the server; */ +/* C is the name this client calls itself; */ +/* pass is the user's passphrase */ +/* On output, session secret has been set in conn */ +/* (unless return code is negative, which means failure). */ +/* If pS is not nil, it is set to the (alloc'd) name the server calls itself. */ static int PAKclient(SConn *conn, char *C, char *pass, char **pS) { @@ -503,7 +503,7 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) hexHi = PAK_Hi(C, pass, H, Hi); - // random 1<=x<=q-1; send C, m=g**x H + /* random 1<=x<=q-1; send C, m=g**x H */ x = mprand(164, genrandom, nil); mpmod(x, pak->q, x); if(mpcmp(x, mpzero) == 0) @@ -517,7 +517,7 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) snprint(mess, Maxmsg, "%s\tPAK\nC=%s\nm=%s\n", VERSION, C, hexm); conn->write(conn, (uchar*)mess, strlen(mess)); - // recv g**y, S, check hash1(g**xy) + /* recv g**y, S, check hash1(g**xy) */ if(readstr(conn, mess) < 0){ fprint(2, "error: %s\n", mess); writerr(conn, "couldn't read g**y"); @@ -556,18 +556,18 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) goto done; } - // send hash2(g**xy) + /* send hash2(g**xy) */ shorthash("client", C, S, hexm, hexmu, hexsigma, hexHi, digest); enc64(kc, sizeof kc, digest, SHA1dlen); snprint(mess2, Maxmsg, "k'=%s\n", kc); conn->write(conn, (uchar*)mess2, strlen(mess2)); - // set session key + /* set session key */ shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest); memset(hexsigma, 0, strlen(hexsigma)); n = conn->secret(conn, digest, 0); memset(digest, 0, SHA1dlen); - if(n < 0){//assert + if(n < 0){/*assert */ writerr(conn, "can't set secret"); goto done; } -- cgit v1.2.3