From: Richard Miller <miller@hamnavoe.demon.co.uk>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] some thoughts about auth*
Date: Thu, 7 Nov 2002 19:47:36 +0000 [thread overview]
Message-ID: <5997b562ef90863c347d5fa609d088da@hamnavoe.demon.co.uk> (raw)
"Roman V. Shaposhnick" <vugluskr@unicorn.math.spbu.ru>said:
> 2. I'm not exactly sure that I understand why Nvrsafe has
> this .authkey member in it. The only place where it is
> being used by the regular Plan9, not a dedicated Plan9
> FS is in cmd/disk/kfs/auth.c which doesn't seem to make
> much sense, when nobody sets it up.
and presotto@plan9.bell-labs.com replied:
> There used to be a key for connecting to other resources and
> one for letting people log onto the console so that they could
> use it (for cpu and file servers). The latter was the authkey
> and we eventually gave up on the function altogether. The naming
> is hokey, I'm to blame.
However, I'm to blame for using authkey as the place to stash the
authentication key in kfs. In the 3rd edition kfs it was
read in from #c/key. In 4th edition there's no #c/key, so the
whole Nvrsafe structure is read from nvram (or simulated nvram on
a disk partition or floppy), and therefore kfs should now be
using machkey. (authkey will be empty unless your nvram is left
over from a 3rd edition ugrade.)
While looking into this, I found another error in the 3e->4e
transition of the kfs network support. If you want 3e clients
to be able to mount a kfs exported by a 4e cpu server, the following
changes appear to be necessary:
/sys/src/cmd/disk/kfs/9p1.c:72 d ./9p1.c:71
< memmove(ou->chal, cp->chal, sizeof(ou->chal));
/sys/src/cmd/disk/kfs/9p1.c:73 a ./9p1.c:73
> memset(ou->chal, 0, sizeof(ou->chal));
/sys/src/cmd/disk/kfs/9p1.c:76 a ./9p1.c:77
> memmove(ou->chal, cp->chal, sizeof(ou->chal));
/sys/src/cmd/disk/kfs/auth.c:61 c ./auth.c:61
< convM2T(in->ticket, &t, nvr.authkey);
---
> convM2T(in->ticket, &t, nvr.machkey);
next reply other threads:[~2002-11-07 19:47 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-11-07 19:47 Richard Miller [this message]
2002-11-08 2:56 ` Roman V. Shaposhnick
[not found] <fce4571861a826ddf4677ec3cecbe995@plan9.bell-labs.com>
2002-11-12 17:37 ` Roman V. Shaposhnick
-- strict thread matches above, loose matches on Subject: below --
2002-11-07 2:42 presotto
2002-11-07 0:25 Roman V. Shaposhnick
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5997b562ef90863c347d5fa609d088da@hamnavoe.demon.co.uk \
--to=miller@hamnavoe.demon.co.uk \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).