From f29279f1401cf558cce457cfb9e31981f651104c Mon Sep 17 00:00:00 2001
From: Jacob Moody <moody@posixcafe.org>
Date: Sat, 13 May 2023 17:50:51 +0000
Subject: libauthsrv: readnvram: prompt for use of p9sk1 in nvram, with a
 default of no

By default by writing the p9sk1 key out in to nvram, factotum would read it
and offer p9sk1 authentication for hostowner. This authentication will happen
regardless of the authsrv configuration. This change makes readnvram ask
if the user would like to use p9sk1 with a default of no.
---
 sys/src/libauthsrv/readnvram.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'sys')

diff --git a/sys/src/libauthsrv/readnvram.c b/sys/src/libauthsrv/readnvram.c
index e13641bd6..b46a17349 100644
--- a/sys/src/libauthsrv/readnvram.c
+++ b/sys/src/libauthsrv/readnvram.c
@@ -171,6 +171,7 @@ readnvram(Nvrsafe *safep, int flag)
 {
 	int err;
 	char buf[512];		/* 512 for floppy i/o */
+	char *dodes;
 	Nvrsafe *safe;
 	Nvrwhere loc;
 
@@ -256,11 +257,18 @@ readnvram(Nvrsafe *safep, int flag)
 				goto Out;
 			if(ask("password", pass, sizeof pass, 1))
 				goto Out;
+			if((dodes = readcons("enable legacy p9sk1", "no", 0)) == nil)
+				goto Out;
 			passtokey(&k, pass);
 			memset(pass, 0, sizeof pass);
-			memmove(safe->machkey, k.des, DESKEYLEN);
+			if(dodes[0] == 'y' || dodes[0] == 'Y')
+				memmove(safe->machkey, k.des, DESKEYLEN);
+			else
+				memset(safe->machkey, 0, DESKEYLEN);
 			memmove(safe->aesmachkey, k.aes, AESKEYLEN);
 			memset(&k, 0, sizeof k);
+			memset(dodes, 0, strlen(dodes));
+			free(dodes);
 		}
 
 		safe->machsum = nvcsum(safe->machkey, DESKEYLEN);
-- 
cgit v1.2.3