libauthsrv: readnvram: prompt for use of p9sk1 in nvram, with a default of no

By default by writing the p9sk1 key out in to nvram, factotum would read it and offer p9sk1 authentication for hostowner. This authentication will happen regardless of the authsrv configuration. This change makes readnvram ask if the user would like to use p9sk1 with a default of no.
author: Jacob Moody <moody@posixcafe.org> 2023-05-13 17:50:51 +0000
committer: Jacob Moody <moody@posixcafe.org> 2023-05-13 17:50:51 +0000
commit: f29279f1401cf558cce457cfb9e31981f651104c (patch)
tree: 6700f18d2f8d5426de870904bca0868e1fa7f5d7 /sys
parent: d4bda4fc679941d7bbc0fde1cd6af414273a70b8 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/sys/src/libauthsrv/readnvram.c b/sys/src/libauthsrv/readnvram.c
index e13641bd6..b46a17349 100644
--- a/sys/src/libauthsrv/readnvram.c
+++ b/sys/src/libauthsrv/readnvram.c
@@ -171,6 +171,7 @@ readnvram(Nvrsafe *safep, int flag)
 {
 	int err;
 	char buf[512];		/* 512 for floppy i/o */
+	char *dodes;
 	Nvrsafe *safe;
 	Nvrwhere loc;
 
@@ -256,11 +257,18 @@ readnvram(Nvrsafe *safep, int flag)
 				goto Out;
 			if(ask("password", pass, sizeof pass, 1))
 				goto Out;
+			if((dodes = readcons("enable legacy p9sk1", "no", 0)) == nil)
+				goto Out;
 			passtokey(&k, pass);
 			memset(pass, 0, sizeof pass);
-			memmove(safe->machkey, k.des, DESKEYLEN);
+			if(dodes[0] == 'y' || dodes[0] == 'Y')
+				memmove(safe->machkey, k.des, DESKEYLEN);
+			else
+				memset(safe->machkey, 0, DESKEYLEN);
 			memmove(safe->aesmachkey, k.aes, AESKEYLEN);
 			memset(&k, 0, sizeof k);
+			memset(dodes, 0, strlen(dodes));
+			free(dodes);
 		}
 
 		safe->machsum = nvcsum(safe->machkey, DESKEYLEN);
author	Jacob Moody <moody@posixcafe.org>	2023-05-13 17:50:51 +0000
committer	Jacob Moody <moody@posixcafe.org>	2023-05-13 17:50:51 +0000
commit	f29279f1401cf558cce457cfb9e31981f651104c (patch)
tree	6700f18d2f8d5426de870904bca0868e1fa7f5d7 /sys
parent	d4bda4fc679941d7bbc0fde1cd6af414273a70b8 (diff)