From cbeb0b26e4c7caa8d1b47de791a7418dc20a4567 Mon Sep 17 00:00:00 2001 From: rsc Date: Sat, 1 Apr 2006 19:24:03 +0000 Subject: Use gcc -ansi -pedantic in 9c. Fix many non-C89-isms. --- src/cmd/auth/factotum/apop.c | 2 +- src/cmd/auth/factotum/attr.c | 2 +- src/cmd/auth/factotum/chap.c | 21 +++++----- src/cmd/auth/factotum/cpu.c | 6 +-- src/cmd/auth/factotum/ctl.c | 2 +- src/cmd/auth/factotum/dat.h | 2 +- src/cmd/auth/factotum/fs.c | 4 +- src/cmd/auth/factotum/main.c | 2 +- src/cmd/auth/factotum/p9any.c | 4 +- src/cmd/auth/factotum/p9cr.c | 10 ++--- src/cmd/auth/factotum/p9sk1.c | 4 +- src/cmd/auth/factotum/proto.c | 2 +- src/cmd/auth/factotum/rpc.c | 2 +- src/cmd/auth/factotum/secstore.c | 72 +++++++++++++++++------------------ src/cmd/auth/factotum/test.c | 2 +- src/cmd/auth/secstore/SConn.c | 8 ++-- src/cmd/auth/secstore/SConn.h | 24 ++++++------ src/cmd/auth/secstore/aescbc.c | 8 ++-- src/cmd/auth/secstore/dirls.c | 2 +- src/cmd/auth/secstore/pak.c | 66 ++++++++++++++++---------------- src/cmd/auth/secstore/password.c | 8 ++-- src/cmd/auth/secstore/secstore.c | 14 +++---- src/cmd/auth/secstore/secstore.h | 22 +++++------ src/cmd/auth/secstore/secstored.c | 16 ++++---- src/cmd/auth/secstore/secureidcheck.c | 30 +++++++-------- src/cmd/auth/ssh-agent.c | 2 +- 26 files changed, 169 insertions(+), 168 deletions(-) (limited to 'src/cmd/auth') diff --git a/src/cmd/auth/factotum/apop.c b/src/cmd/auth/factotum/apop.c index 5703571d..992cc0ad 100644 --- a/src/cmd/auth/factotum/apop.c +++ b/src/cmd/auth/factotum/apop.c @@ -148,7 +148,7 @@ struct ServerState enum { - APOPCHALLEN = 128, + APOPCHALLEN = 128 }; static int apopchal(ServerState*, int, char[APOPCHALLEN]); diff --git a/src/cmd/auth/factotum/attr.c b/src/cmd/auth/factotum/attr.c index 2f2511b9..1c037a53 100644 --- a/src/cmd/auth/factotum/attr.c +++ b/src/cmd/auth/factotum/attr.c @@ -143,7 +143,7 @@ hasqueries(Attr *a) char *ignored[] = { "role", - "disabled", + "disabled" }; static int diff --git a/src/cmd/auth/factotum/chap.c b/src/cmd/auth/factotum/chap.c index 2b258902..b27f64a7 100644 --- a/src/cmd/auth/factotum/chap.c +++ b/src/cmd/auth/factotum/chap.c @@ -33,7 +33,7 @@ enum { MShashlen = 16, MSchallen = 8, - MSresplen = 24, + MSresplen = 24 }; static int @@ -315,7 +315,7 @@ out: keyclose(s.k); free(user); free(resp); -// xioclose(s.asfd); +/* xioclose(s.asfd); */ return ret; } @@ -411,16 +411,17 @@ chaproles[] = }; Proto chap = { -.name= "chap", -.roles= chaproles, -.checkkey= chapcheck, -.keyprompt= "user? !password?", + "chap", + chaproles, + "user? !password?", + chapcheck }; Proto mschap = { -.name= "mschap", -.roles= chaproles, -.checkkey= chapcheck, -.keyprompt= "user? !password?", + "mschap", + chaproles, + "user? !password?", + chapcheck }; + diff --git a/src/cmd/auth/factotum/cpu.c b/src/cmd/auth/factotum/cpu.c index da8280ad..46399049 100644 --- a/src/cmd/auth/factotum/cpu.c +++ b/src/cmd/auth/factotum/cpu.c @@ -56,7 +56,7 @@ struct AuthMethod { { { "p9", p9auth, srvp9auth,}, { "netkey", netkeyauth, netkeysrvauth,}, -// { "none", noauth, srvnoauth,}, +/* { "none", noauth, srvnoauth,}, */ { nil, nil} }; AuthMethod *am = authmethod; /* default is p9 */ @@ -687,7 +687,7 @@ enum Qdir, Qcpunote, - Nfid = 32, + Nfid = 32 }; struct { @@ -697,7 +697,7 @@ struct { } fstab[] = { [Qdir] { ".", {Qdir, 0, QTDIR}, DMDIR|0555 }, - [Qcpunote] { "cpunote", {Qcpunote, 0}, 0444 }, + [Qcpunote] { "cpunote", {Qcpunote, 0}, 0444 } }; typedef struct Note Note; diff --git a/src/cmd/auth/factotum/ctl.c b/src/cmd/auth/factotum/ctl.c index d426f86f..6195bb84 100644 --- a/src/cmd/auth/factotum/ctl.c +++ b/src/cmd/auth/factotum/ctl.c @@ -17,7 +17,7 @@ static char *msg[] = { "key", "delkey", - "debug", + "debug" }; static int diff --git a/src/cmd/auth/factotum/dat.h b/src/cmd/auth/factotum/dat.h index eaf94caf..49377f40 100644 --- a/src/cmd/auth/factotum/dat.h +++ b/src/cmd/auth/factotum/dat.h @@ -13,7 +13,7 @@ enum RpcWriteHex, /* thread stack size - big buffers for printing */ - STACK = 65536, + STACK = 65536 }; typedef struct Conv Conv; diff --git a/src/cmd/auth/factotum/fs.c b/src/cmd/auth/factotum/fs.c index 68e86289..08894ae6 100644 --- a/src/cmd/auth/factotum/fs.c +++ b/src/cmd/auth/factotum/fs.c @@ -12,7 +12,7 @@ enum Qlog, Qctl, Qneedkey, - Qconv, + Qconv }; static int qtop; @@ -41,7 +41,7 @@ static struct "rpc", Qrpc, 0666, "proto", Qprotolist, 0444, "log", Qlog, 0600|DMEXCL, - "conv", Qconv, 0400, + "conv", Qconv, 0400 }; static void diff --git a/src/cmd/auth/factotum/main.c b/src/cmd/auth/factotum/main.c index b18cbf3d..010b5d51 100644 --- a/src/cmd/auth/factotum/main.c +++ b/src/cmd/auth/factotum/main.c @@ -26,7 +26,7 @@ threadmain(int argc, char *argv[]) char *mtpt; char err[ERRMAX]; -// mtpt = "/mnt"; +/* mtpt = "/mnt"; */ mtpt = nil; owner = getuser(); quotefmtinstall(); diff --git a/src/cmd/auth/factotum/p9any.c b/src/cmd/auth/factotum/p9any.c index 789d4d70..0267a616 100644 --- a/src/cmd/auth/factotum/p9any.c +++ b/src/cmd/auth/factotum/p9any.c @@ -15,7 +15,7 @@ extern Proto p9sk1, p9sk2, p9cr; static Proto* okproto[] = { &p9sk1, - nil, + nil }; static int @@ -267,6 +267,6 @@ p9anyroles[] = Proto p9any = { "p9any", - p9anyroles, + p9anyroles }; diff --git a/src/cmd/auth/factotum/p9cr.c b/src/cmd/auth/factotum/p9cr.c index abbad4c4..32cccb82 100644 --- a/src/cmd/auth/factotum/p9cr.c +++ b/src/cmd/auth/factotum/p9cr.c @@ -197,7 +197,7 @@ out: enum { - MAXCHAL = 64, + MAXCHAL = 64 }; typedef struct State State; @@ -222,7 +222,7 @@ enum SHaveChal, SNeedResp, - Maxphase, + Maxphase }; static char *phasenames[Maxphase] = @@ -231,7 +231,7 @@ static char *phasenames[Maxphase] = [CHaveResp] "CHaveResp", [SHaveChal] "SHaveChal", -[SNeedResp] "SNeedResp", +[SNeedResp] "SNeedResp" }; static void @@ -525,7 +525,7 @@ Proto p9cr = .write= p9crwrite, .read= p9crread, .close= p9crclose, -.keyprompt= "user? !password?", +.keyprompt= "user? !password?" }; Proto vnc = @@ -536,5 +536,5 @@ Proto vnc = .read= p9crread, .close= p9crclose, .keyprompt= "!password?", -.addkey= vncaddkey, +.addkey= vncaddkey }; diff --git a/src/cmd/auth/factotum/p9sk1.c b/src/cmd/auth/factotum/p9sk1.c index 04981e58..46156939 100644 --- a/src/cmd/auth/factotum/p9sk1.c +++ b/src/cmd/auth/factotum/p9sk1.c @@ -343,11 +343,11 @@ Proto p9sk1 = { p9sk1roles, "user? dom? !password?", p9sk1check, - p9sk1close, + p9sk1close }; Proto p9sk2 = { "p9sk2", - p9sk2roles, + p9sk2roles }; diff --git a/src/cmd/auth/factotum/proto.c b/src/cmd/auth/factotum/proto.c index 97da15ec..daf90cdd 100644 --- a/src/cmd/auth/factotum/proto.c +++ b/src/cmd/auth/factotum/proto.c @@ -23,7 +23,7 @@ Proto *prototab[] = { &p9sk2, &pass, &rsa, - nil, + nil }; Proto* diff --git a/src/cmd/auth/factotum/rpc.c b/src/cmd/auth/factotum/rpc.c index 350a0795..ad894330 100644 --- a/src/cmd/auth/factotum/rpc.c +++ b/src/cmd/auth/factotum/rpc.c @@ -41,7 +41,7 @@ char *rpcname[] = "start", "write", "readhex", - "writehex", + "writehex" }; static int diff --git a/src/cmd/auth/factotum/secstore.c b/src/cmd/auth/factotum/secstore.c index 0156e170..315de0eb 100644 --- a/src/cmd/auth/factotum/secstore.c +++ b/src/cmd/auth/factotum/secstore.c @@ -10,9 +10,9 @@ enum{ CHK = 16}; enum{ MAXFILESIZE = 10*1024*1024 }; -enum{// PW status bits +enum{/* PW status bits */ Enabled = (1<<0), - STA = (1<<1), // extra SecurID step + STA = (1<<1) /* extra SecurID step */ }; static char testmess[] = "__secstore\tPAK\nC=%s\nm=0\n"; @@ -75,28 +75,28 @@ havesecstore(void) return strcmp((char*)buf, "!account exists") == 0; } -// delimited, authenticated, encrypted connection -enum{ Maxmsg=4096 }; // messages > Maxmsg bytes are truncated +/* delimited, authenticated, encrypted connection */ +enum{ Maxmsg=4096 }; /* messages > Maxmsg bytes are truncated */ typedef struct SConn SConn; -extern SConn* newSConn(int); // arg is open file descriptor +extern SConn* newSConn(int); /* arg is open file descriptor */ struct SConn{ void *chan; int secretlen; - int (*secret)(SConn*, uchar*, int);// - int (*read)(SConn*, uchar*, int); // <0 if error; errmess in buffer + int (*secret)(SConn*, uchar*, int);/* */ + int (*read)(SConn*, uchar*, int); /* <0 if error; errmess in buffer */ int (*write)(SConn*, uchar*, int); - void (*free)(SConn*); // also closes file descriptor + void (*free)(SConn*); /* also closes file descriptor */ }; -// secret(s,b,dir) sets secret for digest, encrypt, using the secretlen -// bytes in b to form keys for the two directions; -// set dir=0 in client, dir=1 in server +/* secret(s,b,dir) sets secret for digest, encrypt, using the secretlen */ +/* bytes in b to form keys for the two directions; */ +/* set dir=0 in client, dir=1 in server */ -// error convention: write !message in-band +/* error convention: write !message in-band */ #define readstr secstore_readstr static void writerr(SConn*, char*); -static int readstr(SConn*, char*); // call with buf of size Maxmsg+1 - // returns -1 upon error, with error message in buf +static int readstr(SConn*, char*); /* call with buf of size Maxmsg+1 */ + /* returns -1 upon error, with error message in buf */ typedef struct ConnState { uchar secret[SHA1dlen]; @@ -105,8 +105,8 @@ typedef struct ConnState { } ConnState; typedef struct SS{ - int fd; // file descriptor for read/write of encrypted data - int alg; // if nonzero, "alg sha rc4_128" + int fd; /* file descriptor for read/write of encrypted data */ + int alg; /* if nonzero, "alg sha rc4_128" */ ConnState in, out; } SS; @@ -123,7 +123,7 @@ SC_secret(SConn *conn, uchar *sigma, int direction) hmac_sha1(sigma, nsigma, (uchar*)"two", 3, ss->out.secret, nil); hmac_sha1(sigma, nsigma, (uchar*)"one", 3, ss->in.secret, nil); } - setupRC4state(&ss->in.rc4, ss->in.secret, 16); // restrict to 128 bits + setupRC4state(&ss->in.rc4, ss->in.secret, 16); /* restrict to 128 bits */ setupRC4state(&ss->out.rc4, ss->out.secret, 16); ss->alg = 1; return 0; @@ -174,7 +174,7 @@ SC_read(SConn *conn, uchar *buf, int n) werrstr("!SC_read invalid count"); return -1; } - len = (count[0]&0x7f)<<8 | count[1]; // SSL-style count; no pad + len = (count[0]&0x7f)<<8 | count[1]; /* SSL-style count; no pad */ if(ss->alg){ len -= SHA1dlen; if(len <= 0 || readn(ss->fd, digest, SHA1dlen) != SHA1dlen){ @@ -328,7 +328,7 @@ getfile(SConn *conn, uchar *key, int nkey) if((len = atoi(s)) < 0){ werrstr("secstore: remote file %s does not exist", gf); return -1; - }else if(len > MAXFILESIZE){//assert + }else if(len > MAXFILESIZE){/*assert */ werrstr("secstore: implausible file size %d for %s", len, gf); return -1; } @@ -400,7 +400,7 @@ typedef struct PAKparams{ static PAKparams *pak; -// This group was generated by the seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E. +/* This group was generated by the seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E. */ static void initPAKparams(void) { @@ -422,8 +422,8 @@ initPAKparams(void) "2A6E0BAE08B14258F8C03CC1B30E0DDADFCF7CEDF0727684D3D255F1", nil, 16, nil); } -// H = (sha(ver,C,sha(passphrase)))^r mod p, -// a hash function expensive to attack by brute force. +/* H = (sha(ver,C,sha(passphrase)))^r mod p, */ +/* a hash function expensive to attack by brute force. */ static void longhash(char *ver, char *C, uchar *passwd, mpint *H) { @@ -449,7 +449,7 @@ longhash(char *ver, char *C, uchar *passwd, mpint *H) mpexp(H, pak->r, pak->p, H); } -// Hi = H^-1 mod p +/* Hi = H^-1 mod p */ static char * PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi) { @@ -462,8 +462,8 @@ PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi) return mptoa(Hi, 64, nil, 0); } -// another, faster, hash function for each party to -// confirm that the other has the right secrets. +/* another, faster, hash function for each party to */ +/* confirm that the other has the right secrets. */ static void shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi, uchar *digest) { @@ -485,12 +485,12 @@ shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi sha1((uchar*)Hi, strlen(Hi), digest, state); } -// On input, conn provides an open channel to the server; -// C is the name this client calls itself; -// pass is the user's passphrase -// On output, session secret has been set in conn -// (unless return code is negative, which means failure). -// If pS is not nil, it is set to the (alloc'd) name the server calls itself. +/* On input, conn provides an open channel to the server; */ +/* C is the name this client calls itself; */ +/* pass is the user's passphrase */ +/* On output, session secret has been set in conn */ +/* (unless return code is negative, which means failure). */ +/* If pS is not nil, it is set to the (alloc'd) name the server calls itself. */ static int PAKclient(SConn *conn, char *C, char *pass, char **pS) { @@ -503,7 +503,7 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) hexHi = PAK_Hi(C, pass, H, Hi); - // random 1<=x<=q-1; send C, m=g**x H + /* random 1<=x<=q-1; send C, m=g**x H */ x = mprand(164, genrandom, nil); mpmod(x, pak->q, x); if(mpcmp(x, mpzero) == 0) @@ -517,7 +517,7 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) snprint(mess, Maxmsg, "%s\tPAK\nC=%s\nm=%s\n", VERSION, C, hexm); conn->write(conn, (uchar*)mess, strlen(mess)); - // recv g**y, S, check hash1(g**xy) + /* recv g**y, S, check hash1(g**xy) */ if(readstr(conn, mess) < 0){ fprint(2, "error: %s\n", mess); writerr(conn, "couldn't read g**y"); @@ -556,18 +556,18 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) goto done; } - // send hash2(g**xy) + /* send hash2(g**xy) */ shorthash("client", C, S, hexm, hexmu, hexsigma, hexHi, digest); enc64(kc, sizeof kc, digest, SHA1dlen); snprint(mess2, Maxmsg, "k'=%s\n", kc); conn->write(conn, (uchar*)mess2, strlen(mess2)); - // set session key + /* set session key */ shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest); memset(hexsigma, 0, strlen(hexsigma)); n = conn->secret(conn, digest, 0); memset(digest, 0, SHA1dlen); - if(n < 0){//assert + if(n < 0){/*assert */ writerr(conn, "can't set secret"); goto done; } diff --git a/src/cmd/auth/factotum/test.c b/src/cmd/auth/factotum/test.c index b4104898..c9403c0b 100644 --- a/src/cmd/auth/factotum/test.c +++ b/src/cmd/auth/factotum/test.c @@ -41,7 +41,7 @@ Test test[] = "cram", proxyserver, proxyclient, "p9sk1", proxyserver, proxyclient, "p9sk2", proxyserver, proxyclient, - "p9any", proxyserver, proxyclient, + "p9any", proxyserver, proxyclient }; void diff --git a/src/cmd/auth/secstore/SConn.c b/src/cmd/auth/secstore/SConn.c index 7a8654ac..9ad9a7cc 100644 --- a/src/cmd/auth/secstore/SConn.c +++ b/src/cmd/auth/secstore/SConn.c @@ -13,8 +13,8 @@ typedef struct ConnState { } ConnState; typedef struct SS{ - int fd; // file descriptor for read/write of encrypted data - int alg; // if nonzero, "alg sha rc4_128" + int fd; /* file descriptor for read/write of encrypted data */ + int alg; /* if nonzero, "alg sha rc4_128" */ ConnState in, out; } SS; @@ -31,7 +31,7 @@ SC_secret(SConn *conn, uchar *sigma, int direction) hmac_sha1(sigma, nsigma, (uchar*)"two", 3, ss->out.secret, nil); hmac_sha1(sigma, nsigma, (uchar*)"one", 3, ss->in.secret, nil); } - setupRC4state(&ss->in.rc4, ss->in.secret, 16); // restrict to 128 bits + setupRC4state(&ss->in.rc4, ss->in.secret, 16); /* restrict to 128 bits */ setupRC4state(&ss->out.rc4, ss->out.secret, 16); ss->alg = 1; return 0; @@ -82,7 +82,7 @@ SC_read(SConn *conn, uchar *buf, int n) snprint((char*)buf,n,"!SC_read invalid count"); return -1; } - len = (count[0]&0x7f)<<8 | count[1]; // SSL-style count; no pad + len = (count[0]&0x7f)<<8 | count[1]; /* SSL-style count; no pad */ if(ss->alg){ len -= SHA1dlen; if(len <= 0 || readn(ss->fd, digest, SHA1dlen) != SHA1dlen){ diff --git a/src/cmd/auth/secstore/SConn.h b/src/cmd/auth/secstore/SConn.h index 9a428d83..31765f3e 100644 --- a/src/cmd/auth/secstore/SConn.h +++ b/src/cmd/auth/secstore/SConn.h @@ -1,24 +1,24 @@ -// delimited, authenticated, encrypted connection -enum{ Maxmsg=4096 }; // messages > Maxmsg bytes are truncated +/* delimited, authenticated, encrypted connection */ +enum{ Maxmsg=4096 }; /* messages > Maxmsg bytes are truncated */ typedef struct SConn SConn; -extern SConn* newSConn(int); // arg is open file descriptor +extern SConn* newSConn(int); /* arg is open file descriptor */ struct SConn{ void *chan; int secretlen; - int (*secret)(SConn*, uchar*, int);// - int (*read)(SConn*, uchar*, int); // <0 if error; errmess in buffer + int (*secret)(SConn*, uchar*, int);/* */ + int (*read)(SConn*, uchar*, int); /* <0 if error; errmess in buffer */ int (*write)(SConn*, uchar*, int); - void (*free)(SConn*); // also closes file descriptor + void (*free)(SConn*); /* also closes file descriptor */ }; -// secret(s,b,dir) sets secret for digest, encrypt, using the secretlen -// bytes in b to form keys for the two directions; -// set dir=0 in client, dir=1 in server +/* secret(s,b,dir) sets secret for digest, encrypt, using the secretlen */ +/* bytes in b to form keys for the two directions; */ +/* set dir=0 in client, dir=1 in server */ -// error convention: write !message in-band +/* error convention: write !message in-band */ extern void writerr(SConn*, char*); -extern int readstr(SConn*, char*); // call with buf of size Maxmsg+1 - // returns -1 upon error, with error message in buf +extern int readstr(SConn*, char*); /* call with buf of size Maxmsg+1 */ + /* returns -1 upon error, with error message in buf */ extern void *emalloc(ulong); /* dies on failure; clears memory */ extern void *erealloc(void *, ulong); diff --git a/src/cmd/auth/secstore/aescbc.c b/src/cmd/auth/secstore/aescbc.c index 56aeb00b..86cb1bff 100644 --- a/src/cmd/auth/secstore/aescbc.c +++ b/src/cmd/auth/secstore/aescbc.c @@ -100,7 +100,7 @@ main(int argc, char **argv) aesCBCencrypt(buf+AESbsize, AESbsize, &aes); /* use second AESbsize bytes as initial plaintext */ safewrite(buf, 2*AESbsize); dstate = hmac_sha1(buf+AESbsize, AESbsize, key2, MD5dlen, 0, 0); - while(1){ + for(;;){ n = Bread(&bin, buf, BUF); if(n < 0){ fprint(2,"read error\n"); @@ -134,9 +134,9 @@ main(int argc, char **argv) exits("decrypted file failed to authenticate"); } }else{ /* compatibility with past mistake */ - // if file was encrypted with bad aescbc use this: - // memset(key, 0, AESmaxkey); - // else assume we're decrypting secstore files + /* if file was encrypted with bad aescbc use this: */ + /* memset(key, 0, AESmaxkey); */ + /* else assume we're decrypting secstore files */ setupAESstate(&aes, key, AESbsize, buf); saferead(buf, CHK); aesCBCdecrypt(buf, CHK, &aes); diff --git a/src/cmd/auth/secstore/dirls.c b/src/cmd/auth/secstore/dirls.c index b4479413..eaae8cdc 100644 --- a/src/cmd/auth/secstore/dirls.c +++ b/src/cmd/auth/secstore/dirls.c @@ -74,7 +74,7 @@ dirls(char *path) } for(list=nil, len=0, i=0; i #include #include @@ -19,7 +19,7 @@ typedef struct PAKparams{ static PAKparams *pak; -// from seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E +/* from seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E */ static void initPAKparams(void) { @@ -43,8 +43,8 @@ initPAKparams(void) nil, 16, nil); } -// H = (sha(ver,C,sha(passphrase)))^r mod p, -// a hash function expensive to attack by brute force. +/* H = (sha(ver,C,sha(passphrase)))^r mod p, */ +/* a hash function expensive to attack by brute force. */ static void longhash(char *ver, char *C, uchar *passwd, mpint *H) { @@ -70,7 +70,7 @@ longhash(char *ver, char *C, uchar *passwd, mpint *H) mpexp(H, pak->r, pak->p, H); } -// Hi = H^-1 mod p +/* Hi = H^-1 mod p */ char * PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi) { @@ -83,8 +83,8 @@ PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi) return mptoa(Hi, 64, nil, 0); } -// another, faster, hash function for each party to -// confirm that the other has the right secrets. +/* another, faster, hash function for each party to */ +/* confirm that the other has the right secrets. */ static void shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi, uchar *digest) { @@ -106,12 +106,12 @@ shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi sha1((uchar*)Hi, strlen(Hi), digest, state); } -// On input, conn provides an open channel to the server; -// C is the name this client calls itself; -// pass is the user's passphrase -// On output, session secret has been set in conn -// (unless return code is negative, which means failure). -// If pS is not nil, it is set to the (alloc'd) name the server calls itself. +/* On input, conn provides an open channel to the server; */ +/* C is the name this client calls itself; */ +/* pass is the user's passphrase */ +/* On output, session secret has been set in conn */ +/* (unless return code is negative, which means failure). */ +/* If pS is not nil, it is set to the (alloc'd) name the server calls itself. */ int PAKclient(SConn *conn, char *C, char *pass, char **pS) { @@ -124,9 +124,9 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) hexHi = PAK_Hi(C, pass, H, Hi); if(verbose) - fprint(2,"%s\n", feedback[H->p[0]&0x7]); // provide a clue to catch typos + fprint(2,"%s\n", feedback[H->p[0]&0x7]); /* provide a clue to catch typos */ - // random 1<=x<=q-1; send C, m=g**x H + /* random 1<=x<=q-1; send C, m=g**x H */ x = mprand(240, genrandom, nil); mpmod(x, pak->q, x); if(mpcmp(x, mpzero) == 0) @@ -140,7 +140,7 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) snprint(mess, Maxmsg, "%s\tPAK\nC=%s\nm=%s\n", VERSION, C, hexm); conn->write(conn, (uchar*)mess, strlen(mess)); - // recv g**y, S, check hash1(g**xy) + /* recv g**y, S, check hash1(g**xy) */ if(readstr(conn, mess) < 0){ fprint(2, "error: %s\n", mess); writerr(conn, "couldn't read g**y"); @@ -179,13 +179,13 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS) goto done; } - // send hash2(g**xy) + /* send hash2(g**xy) */ shorthash("client", C, S, hexm, hexmu, hexsigma, hexHi, digest); enc64(kc, sizeof kc, digest, SHA1dlen); snprint(mess2, Maxmsg, "k'=%s\n", kc); conn->write(conn, (uchar*)mess2, strlen(mess2)); - // set session key + /* set session key */ shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest); memset(hexsigma, 0, strlen(hexsigma)); n = conn->secret(conn, digest, 0); @@ -210,12 +210,12 @@ done: return rc; } -// On input, -// mess contains first message; -// name is name this server should call itself. -// On output, session secret has been set in conn; -// if pw!=nil, then *pw points to PW struct for authenticated user. -// returns -1 if error +/* On input, */ +/* mess contains first message; */ +/* name is name this server should call itself. */ +/* On output, session secret has been set in conn; */ +/* if pw!=nil, then *pw points to PW struct for authenticated user. */ +/* returns -1 if error */ int PAKserver(SConn *conn, char *S, char *mess, PW **pwp) { @@ -227,7 +227,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) mpint *y = nil, *m = mpnew(0), *mu = mpnew(0), *sigma = mpnew(0); PW *pw = nil; - // secstore version and algorithm + /* secstore version and algorithm */ snprint(mess2,Maxmsg,"%s\tPAK\n", VERSION); n = strlen(mess2); if(strncmp(mess,mess2,n) != 0){ @@ -237,7 +237,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) mess += n; initPAKparams(); - // parse first message into C, m + /* parse first message into C, m */ eol = strchr(mess, '\n'); if(strncmp("C=", mess, 2) != 0 || !eol){ fprint(2,"mess[1]=%s\n", mess); @@ -256,7 +256,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) strtomp(hexm, nil, 64, m); mpmod(m, pak->p, m); - // lookup client + /* lookup client */ if((pw = getPW(C,0)) == nil) { snprint(mess2, sizeof mess2, "%r"); writerr(conn, mess2); @@ -270,7 +270,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) } hexHi = mptoa(pw->Hi, 64, nil, 0); - // random y, mu=g**y, sigma=g**xy + /* random y, mu=g**y, sigma=g**xy */ y = mprand(240, genrandom, nil); mpmod(y, pak->q, y); if(mpcmp(y, mpzero) == 0){ @@ -281,7 +281,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) mpmod(m, pak->p, m); mpexp(m, y, pak->p, sigma); - // send g**y, hash1(g**xy) + /* send g**y, hash1(g**xy) */ hexmu = mptoa(mu, 64, nil, 0); hexsigma = mptoa(sigma, 64, nil, 0); shorthash("server", C, S, hexm, hexmu, hexsigma, hexHi, digest); @@ -289,7 +289,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) snprint(mess2, sizeof mess2, "mu=%s\nk=%s\nS=%s\n", hexmu, ks, S); conn->write(conn, (uchar*)mess2, strlen(mess2)); - // recv hash2(g**xy) + /* recv hash2(g**xy) */ if(readstr(conn, mess2) < 0){ writerr(conn, "couldn't read verifier"); goto done; @@ -308,7 +308,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp) goto done; } - // set session key + /* set session key */ shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest); n = conn->secret(conn, digest, 1); if(n < 0){ diff --git a/src/cmd/auth/secstore/password.c b/src/cmd/auth/secstore/password.c index aacadd9b..b2a00e72 100644 --- a/src/cmd/auth/secstore/password.c +++ b/src/cmd/auth/secstore/password.c @@ -42,7 +42,7 @@ getPW(char *id, int dead_or_alive) uint now = time(0); Biobuf *bin; PW *pw; - char *f1, *f2; // fields 1, 2 = attribute, value + char *f1, *f2; /* fields 1, 2 = attribute, value */ if((bin = openPW(id, OREAD)) == 0){ id = "FICTITIOUS"; @@ -75,7 +75,7 @@ getPW(char *id, int dead_or_alive) } Bterm(bin); if(dead_or_alive) - return pw; // return PW entry for editing, whether currently valid or not + return pw; /* return PW entry for editing, whether currently valid or not */ if(pw->expire <= now){ werrstr("account expired"); freePW(pw); @@ -87,14 +87,14 @@ getPW(char *id, int dead_or_alive) return nil; } if(pw->failed < 10) - return pw; // success + return pw; /* success */ if(now < mtimePW(id)+300){ werrstr("too many failures; try again in five minutes"); freePW(pw); return nil; } pw->failed = 0; - putPW(pw); // reset failed-login-counter after five minutes + putPW(pw); /* reset failed-login-counter after five minutes */ return pw; } diff --git a/src/cmd/auth/secstore/secstore.c b/src/cmd/auth/secstore/secstore.c index cb6e585e..571c6fae 100644 --- a/src/cmd/auth/secstore/secstore.c +++ b/src/cmd/auth/secstore/secstore.c @@ -142,8 +142,8 @@ getfile(SConn *conn, char *gf, uchar **buf, ulong *buflen, uchar *key, int nkey) return 0; } -// This sends a file to the secstore disk that can, in an emergency, be -// decrypted by the program aescbc.c. +/* This sends a file to the secstore disk that can, in an emergency, be */ +/* decrypted by the program aescbc.c. */ static int putfile(SConn *conn, char *pf, uchar *buf, ulong len, uchar *key, int nkey) { @@ -206,7 +206,7 @@ putfile(SConn *conn, char *pf, uchar *buf, ulong len, uchar *key, int nkey) ivo = 0; if(n < Maxmsg){ /* EOF on input; append XX... */ memset(b+n, 'X', CHK); - n += CHK; // might push n>Maxmsg + n += CHK; /* might push n>Maxmsg */ done = 1; } aesCBCencrypt(b, n, &aes); @@ -255,7 +255,7 @@ cmd(AuthConn *c, char **gf, int *Gflag, char **pf, char **rf) if(getfile(c->conn, *gf, *Gflag ? &memfile : nil, &len, (uchar*)c->pass, c->passlen) < 0) goto Out; if(*Gflag){ - // write one line at a time, as required by /mnt/factotum/ctl + /* write one line at a time, as required by /mnt/factotum/ctl */ memcur = memfile; while(len>0){ memnext = (uchar*)strchr((char*)memcur, '\n'); @@ -309,7 +309,7 @@ chpasswd(AuthConn *c, char *id) H = mpnew(0); Hi = mpnew(0); - // changing our password is vulnerable to connection failure + /* changing our password is vulnerable to connection failure */ for(;;){ snprint(prompt, sizeof(prompt), "new password for %s: ", id); newpass = readcons(prompt, nil, 1); @@ -392,7 +392,7 @@ login(char *id, char *dest, int pass_stdin, int pass_nvram) strecpy(c->pass, c->pass+sizeof c->pass, nvr.config); } if(pass_stdin){ - n = readn(0, s, Maxmsg-2); // so len(PINSTA)id); @@ -277,7 +277,7 @@ dologin(int fd, char *S, int forceSTA) conn->write(conn, (uchar*)"OK", 2); syslog(0, LOG, "AUTH %s", pw->id); - // perform operations as asked + /* perform operations as asked */ while((n = readstr(conn, msg)) > 0){ syslog(0, LOG, "[%s] %s", pw->id, msg); @@ -346,7 +346,7 @@ main(int argc, char **argv) S = sysname(); SECSTORE_DIR = unsharp("#9/secstore"); -// setnetmtpt(net, sizeof(net), nil); +/* setnetmtpt(net, sizeof(net), nil); */ ARGBEGIN{ case 'R': forceSTA = 1; @@ -362,7 +362,7 @@ main(int argc, char **argv) if(p == nil) usage(); USED(p); - // setnetmtpt(net, sizeof(net), p); + /* setnetmtpt(net, sizeof(net), p); */ break; case 'v': verbose++; @@ -395,7 +395,7 @@ main(int argc, char **argv) close(lcfd); break; case 0: - // "/lib/ndb/common.radius does not exist" if db set before fork + /* "/lib/ndb/common.radius does not exist" if db set before fork */ db = ndbopen(dbpath=unsharp("#9/ndb/auth")); if(db == 0) syslog(0, LOG, "no ndb/auth"); @@ -405,7 +405,7 @@ main(int argc, char **argv) db = ndbcat(db, db2); if((dfd = accept(lcfd, ldir)) < 0) exits("can't accept"); - alarm(30*60*1000); // 30 min + alarm(30*60*1000); /* 30 min */ remote = remoteIP(ldir); syslog(0, LOG, "secstore from %s", remote); free(remote); diff --git a/src/cmd/auth/secstore/secureidcheck.c b/src/cmd/auth/secstore/secureidcheck.c index 95adb385..8ef6f6aa 100644 --- a/src/cmd/auth/secstore/secureidcheck.c +++ b/src/cmd/auth/secstore/secureidcheck.c @@ -29,7 +29,7 @@ typedef struct Secret{ typedef struct Attribute{ struct Attribute *next; uchar type; - uchar len; // number of bytes in value + uchar len; /* number of bytes in value */ uchar val[256]; } Attribute; @@ -39,7 +39,7 @@ typedef struct Packet{ Attribute first; } Packet; -// assumes pass is at most 16 chars +/* assumes pass is at most 16 chars */ void hide(Secret *shared, uchar *auth, Secret *pass, uchar *x) { @@ -60,9 +60,9 @@ authcmp(Secret *shared, uchar *buf, int m, uchar *auth) DigestState *M; uchar x[16]; - M = md5(buf, 4, nil, nil); // Code+ID+Length - M = md5(auth, 16, nil, M); // RequestAuth - M = md5(buf+20, m-20, nil, M); // Attributes + M = md5(buf, 4, nil, nil); /* Code+ID+Length */ + M = md5(auth, 16, nil, M); /* RequestAuth */ + M = md5(buf+20, m-20, nil, M); /* Attributes */ md5(shared->s, shared->len, x, M); return memcmp(x, buf+4, 16); } @@ -118,7 +118,7 @@ rpc(char *dest, Secret *shared, Packet *req) Attribute *a; int m, n, fd, try; - // marshal request + /* marshal request */ e = buf + sizeof buf; buf[0] = req->code; buf[1] = req->ID; @@ -136,7 +136,7 @@ rpc(char *dest, Secret *shared, Packet *req) buf[2] = n>>8; buf[3] = n; - // send request, wait for reply + /* send request, wait for reply */ fd = dial(dest, 0, 0, 0); if(fd < 0){ syslog(0, AUTHLOG, "%s: rpc can't get udp channel", dest); @@ -156,9 +156,9 @@ rpc(char *dest, Secret *shared, Packet *req) alarm(0); if(m < 0){ syslog(0, AUTHLOG, "%s rpc read err %d: %r", dest, m); - break; // failure + break; /* failure */ } - if(m == 0 || buf2[1] != buf[1]){ // need matching ID + if(m == 0 || buf2[1] != buf[1]){ /* need matching ID */ syslog(0, AUTHLOG, "%s unmatched reply %d", dest, m); continue; } @@ -170,7 +170,7 @@ rpc(char *dest, Secret *shared, Packet *req) if(m <= 0) return nil; - // unmarshal reply + /* unmarshal reply */ b = buf2; e = buf2+m; resp = (Packet*)malloc(sizeof(*resp)); @@ -192,18 +192,18 @@ rpc(char *dest, Secret *shared, Packet *req) while(1){ if(b >= e){ a->next = nil; - break; // exit loop + break; /* exit loop */ } a->type = *b++; a->len = (*b++) - 2; - if(b + a->len > e){ // corrupt packet + if(b + a->len > e){ /* corrupt packet */ a->next = nil; freePacket(resp); return nil; } memmove(a->val, b, a->len); b += a->len; - if(b < e){ // any more attributes? + if(b < e){ /* any more attributes? */ a->next = (Attribute*)malloc(sizeof(*a)); if(a->next == nil){ free(req); @@ -230,7 +230,7 @@ setAttribute(Packet *p, uchar type, uchar *s, int n) } a->type = type; a->len = n; - if(a->len > 253 ) // RFC2138, section 5 + if(a->len > 253 ) /* RFC2138, section 5 */ a->len = 253; memmove(a->val, s, a->len); return 0; @@ -435,7 +435,7 @@ secureidcheck(char *user, char *response) syslog(0, AUTHLOG, "%s code=%d ruser=%s %s", dest, resp->code, ruser, replymsg(resp)); break; } - break; // we have a proper reply, no need to ask again + break; /* we have a proper reply, no need to ask again */ } ndbfree(t); free(radiussecret); diff --git a/src/cmd/auth/ssh-agent.c b/src/cmd/auth/ssh-agent.c index 00e24af8..eee98675 100644 --- a/src/cmd/auth/ssh-agent.c +++ b/src/cmd/auth/ssh-agent.c @@ -49,7 +49,7 @@ enum /* agent protocol packet types */ SSH2_AGENT_FAILURE = 30, SSH_COM_AGENT2_FAILURE = 102, - SSH_AGENT_OLD_SIGNATURE = 0x01, + SSH_AGENT_OLD_SIGNATURE = 0x01 }; typedef struct Aconn Aconn; -- cgit v1.2.3