From: Jacob Moody <moody@posixcafe.org>
To: 9front@9front.org
Subject: Re: [9front] Password confirmation in auth/wrkey
Date: Thu, 24 Aug 2023 15:09:05 -0500 [thread overview]
Message-ID: <95e976ac-9c24-b30d-c5fd-022f6f1e6ba8@posixcafe.org> (raw)
In-Reply-To: <04b4b109-72e6-639d-cc37-71b5e286f3ac@posixcafe.org>
On 8/23/23 17:42, Jacob Moody wrote:
> On 8/23/23 17:10, Vadim Kotov wrote:
>> Hey folks,
>>
>> I was wondering if there is a reason there is no password confirmation prompt when writing to nvram using auth/wrkey?
>>
>> Cheers,
>> Vadím
>
>
> I see no real reason other then that no one has bothered.
> Looking at the code it calls in libauthsrv, you could get away with
> just calling readcons() a second time and making sure they match.
>
Tested this out. I asked around on the grid and the general consensus
was in favor.
diff 483ff27f9d5067fd597dae09161d07a3857293b6 uncommitted
--- a//sys/src/libauthsrv/readnvram.c
+++ b//sys/src/libauthsrv/readnvram.c
@@ -247,6 +247,7 @@
if((flag&(NVwrite|NVwritemem)) || (err && (flag&NVwriteonerr))){
if (!(flag&NVwritemem)) {
char pass[PASSWDLEN];
+ char pass2[PASSWDLEN];
Authkey k;
if(ask("authid", safe->authid, sizeof safe->authid, 0))
@@ -255,12 +256,20 @@
goto Out;
if(ask("secstore key", safe->config, sizeof safe->config, 1))
goto Out;
+Again:
if(ask("password", pass, sizeof pass, 1))
goto Out;
+ if(ask("confirm password", pass2, sizeof pass2, 1))
+ goto Out;
+ if(memcmp(pass, pass2, sizeof pass) != 0){
+ fprint(2, "password mismatch\n");
+ goto Again;
+ }
if((dodes = readcons("enable legacy p9sk1", "no", 0)) == nil)
goto Out;
passtokey(&k, pass);
memset(pass, 0, sizeof pass);
+ memset(pass2, 0, sizeof pass2);
if(dodes[0] == 'y' || dodes[0] == 'Y')
memmove(safe->machkey, k.des, DESKEYLEN);
else
next prev parent reply other threads:[~2023-08-24 20:10 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-23 22:10 Vadim Kotov
2023-08-23 22:42 ` Jacob Moody
2023-08-24 20:09 ` Jacob Moody [this message]
2023-08-25 2:58 ` ieliedonge
2023-08-25 3:12 ` Jacob Moody
2023-08-25 3:27 ` ieliedonge
2023-08-27 19:42 ` cinap_lenrek
2023-08-28 15:59 ` Jacob Moody
2023-08-25 2:59 ` Vadim Kotov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=95e976ac-9c24-b30d-c5fd-022f6f1e6ba8@posixcafe.org \
--to=moody@posixcafe.org \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).