[9fans] p9cr support in p9p's factotum?

[9fans] p9cr support in p9p's factotum?

[Ashwin Ganti]

Hello,

As part of a PAM module implementation in Linux I need to authenticate
against p9p's factotum. The code basically does an
"auth_userpasswd(user, passwd)" to achieve this. Apparently I get a
response from the factotum saying that it does not understand p9cr.

I noticed that in p9p's 'libauth' sources the auth_userpasswd
internally calls auth_challenge("user=%q proto=p9cr role=server",
user). When I grepped the sources I could not find p9cr implemented in
src/cmd/auth/factotum. Although I could notice a file "p9cr.c" which
seems to be a partial port as the code is not the same as that of its
Plan9 counterpart but looks more like the other p9p's code ( p9sk1.c
etc. ).

I was wondering if p9cr is supported in p9p's factotum. If yes then am
I missing something here? If not then is it on somebody's plate to
complete it? I am willing to complete it but I am a newbie in the
p9p's factotum's code and would appreciate any guidance/help from
someone who is aware of this stuff to help me get it done.

I would also like to know if there is any workaround for this like
using another protocol may be?

Any information would be very much useful.

Thanks and regards,
Ashwin Ganti

"Impossibility is a relative concept"
www.cs.uic.edu/~aganti

Re: [9fans] p9cr support in p9p's factotum?

[Enrico Weigelt]

* Ashwin Ganti <ashwin.ganti@gmail.com> wrote:

Hi,

> As part of a PAM module implementation in Linux I need to authenticate
> against p9p's factotum. The code basically does an

Cool :)

I actually don't know how factotum works yet, but maybe it's an
good replacement for the whole unioid authentication stuff
(ie. saslauthd, etc).

BTW: I've refactored libixp a bit, so it now should build quite
fine and provides pkg-config descriptor, etc. I'm not sue whether
it supports the authentication stuff, but it now it should be added.


cu
--
---------------------------------------------------------------------
 Enrico Weigelt    ==   metux IT service - http://www.metux.de/
---------------------------------------------------------------------
 Please visit the OpenSource QM Taskforce:
 	http://wiki.metux.de/public/OpenSource_QM_Taskforce
 Patches / Fixes for a lot dozens of packages in dozens of versions:
	http://patches.metux.de/
---------------------------------------------------------------------

Re: [9fans] p9cr support in p9p's factotum?

[Lyndon Nerenberg]

On 2007-Sep-6, at 09:02 , Enrico Weigelt wrote:

> I actually don't know how factotum works yet, but maybe it's an
> good replacement for the whole unioid authentication stuff
> (ie. saslauthd, etc).

Trust me, if I had been introduced to factotum at the time, saslauthd
would not exist.

Re: [9fans] p9cr support in p9p's factotum?

[Russ Cox]

> As part of a PAM module implementation in Linux I need to authenticate
> against p9p's factotum. The code basically does an
> "auth_userpasswd(user, passwd)" to achieve this. Apparently I get a
> response from the factotum saying that it does not understand p9cr.

P9cr doesn't establish a shared key between
the two sides, nor does it allow the client to
authenticate the server.  Much better would
be for the client to have a factotum that can
be given the password and run p9sk1 on the
client's behalf.

> I was wondering if p9cr is supported in p9p's factotum.

Not really, no.  I made it work just now, but it's
not really something you want to be using all
the time.

The same is true of auth_userpasswd.

Russ

Re: [9fans] p9cr support in p9p's factotum?

[erik quanstrom]

 and the name of crn is resolvable
>
> cpu% ndb/query ether `{cat /net/ether0/addr} sys
> crn

make sure that ndb/dnsquery can also resolve crn.mteege.de.

> ...
> \l!(.*)					alias		\1
> \lmteege\.de!(.*)		alias		\1
    ???
> \l\.mteege\.de!(.*)		alias		\1

what i have for a similar setup is

# append the local domain to addresses without a domain
local!(.*)			>>		/mail/box/\1/mbox
mteege\.de!(.*)		alias		\1

# local names
\l!(.*)			alias		\1
\l\.mteege.de!(.*)		alias		\1

- erik