authsrv: more aes key stuff

author: cinap_lenrek <cinap_lenrek@felloff.net> 2015-08-21 03:16:50 +0200
committer: cinap_lenrek <cinap_lenrek@felloff.net> 2015-08-21 03:16:50 +0200
commit: c3487a4b49b6988aad0e340ad9e986e4549b9317 (patch)
tree: 7c0c17cef490f751d305e1689038ddc529ffe021 /sys/src/cmd/auth/authsrv.c
parent: 63b18e79252845d09abbad44672eabd9233a911b (diff)
1 files changed, 6 insertions, 8 deletions
diff --git a/sys/src/cmd/auth/authsrv.c b/sys/src/cmd/auth/authsrv.c
index e6dd65867..ac2ce6392 100644
--- a/sys/src/cmd/auth/authsrv.c
+++ b/sys/src/cmd/auth/authsrv.c
@@ -11,6 +11,7 @@
 int debug;
 Ndb *db;
 char raddr[128];
+uchar zeros[16];
 
 /* Microsoft auth constants */
 enum {
@@ -31,7 +32,6 @@ int	speaksfor(char*, char*);
 void	replyerror(char*, ...);
 void	getraddr(char*);
 void	mkkey(Authkey*);
-int	samekey(Authkey*, Authkey*);
 void	mkticket(Ticketreq*, Ticket*);
 void	randombytes(uchar*, int);
 void	nthash(uchar hash[MShashlen], char *passwd);
@@ -254,10 +254,14 @@ changepasswd(Ticketreq *tr)
 			exits(0);
 		}
 		passtokey(&nkey, pr.old);
-		if(!samekey(&nkey, &okey)){
+		if(memcmp(nkey.des, okey.des, DESKEYLEN) != 0){
 			replyerror("protocol botch2: %s", raddr);
 			continue;
 		}
+		if(memcmp(okey.aes, zeros, AESKEYLEN) != 0 && memcmp(okey.aes, nkey.aes, AESKEYLEN) != 0){
+			replyerror("protocol botch3: %s", raddr);
+			continue;
+		}
 		if(*pr.new){
 			err = okpasswd(pr.new);
 			if(err){
@@ -1000,12 +1004,6 @@ mkkey(Authkey *k)
 	randombytes((uchar*)k->des, DESKEYLEN);
 }
 
-int
-samekey(Authkey *a, Authkey *b)
-{
-	return memcmp(a->des, b->des, DESKEYLEN) == 0;
-}
-
 void
 mkticket(Ticketreq *tr, Ticket *t)
 {
author	cinap_lenrek <cinap_lenrek@felloff.net>	2015-08-21 03:16:50 +0200
committer	cinap_lenrek <cinap_lenrek@felloff.net>	2015-08-21 03:16:50 +0200
commit	c3487a4b49b6988aad0e340ad9e986e4549b9317 (patch)
tree	7c0c17cef490f751d305e1689038ddc529ffe021 /sys/src/cmd/auth/authsrv.c
parent	63b18e79252845d09abbad44672eabd9233a911b (diff)