mirror of
https://git.FreeBSD.org/src.git
synced 2025-01-11 14:10:34 +00:00
Resolve conflicts.
This commit is contained in:
parent
be04b6d190
commit
f4083b2413
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=92914
@ -1,7 +1,7 @@
|
||||
/* ftpcmd.y: yacc parser for the FTP daemon.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -9,6 +9,7 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use DOTITLE rather than SETPROCTITLE.
|
||||
Modified by cmetz for OPIE 2.3. Moved LS_COMMAND here.
|
||||
Modified by cmetz for OPIE 2.2. Fixed a *lot* of warnings.
|
||||
Use FUNCTION declaration et al. Removed useless strings.
|
||||
@ -964,10 +965,10 @@ int yylex FUNCTION_NOARGS
|
||||
dologout(0);
|
||||
}
|
||||
(void) alarm(0);
|
||||
#ifdef SETPROCTITLE
|
||||
#if DOTITLE
|
||||
if (strncasecmp(cbuf, "PASS", 4) != NULL)
|
||||
setproctitle("%s: %s", proctitle, cbuf);
|
||||
#endif /* SETPROCTITLE */
|
||||
#endif /* DOTITLE */
|
||||
if ((cp = strchr(cbuf, '\r'))) {
|
||||
*cp++ = '\n';
|
||||
*cp = '\0';
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* challenge.c: The opiechallenge() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -67,11 +67,11 @@ int opiechallenge FUNCTION((mp, name, ss), struct opie *mp AND char *name AND ch
|
||||
#endif /* DEBUG */
|
||||
}
|
||||
|
||||
if (rval) {
|
||||
if (rval ||
|
||||
(snprintf(ss, OPIE_CHALLENGE_MAX, "otp-%s %d %s ext", algids[MDX], mp->opie_n - 1, mp->opie_seed) >= OPIE_CHALLENGE_MAX)) {
|
||||
opierandomchallenge(ss);
|
||||
memset(mp, 0, sizeof(*mp));
|
||||
} else
|
||||
sprintf(ss, "otp-%s %d %s ext", algids[MDX], mp->opie_n - 1, mp->opie_seed);
|
||||
}
|
||||
|
||||
return rval;
|
||||
}
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* generator.c: The opiegenerator() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -9,6 +9,9 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Added opieauto code based on
|
||||
previously released test code. Renamed buffer to challenge.
|
||||
Use struct opie_otpkey for keys.
|
||||
Modified by cmetz for OPIE 2.32. If secret=NULL, always return
|
||||
as if opieauto returned "get the secret". Renamed
|
||||
_opieparsechallenge() to __opieparsechallenge(). Check
|
||||
@ -33,73 +36,362 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
#if HAVE_STRING_H
|
||||
#include <string.h>
|
||||
#endif /* HAVE_STRING_H */
|
||||
#if OPIEAUTO
|
||||
#include <errno.h>
|
||||
#if HAVE_STDLIB_H
|
||||
#include <stdlib.h>
|
||||
#endif /* HAVE_STDLIB_H */
|
||||
#include <sys/stat.h>
|
||||
|
||||
#include <sys/socket.h>
|
||||
#include <sys/un.h>
|
||||
#endif /* OPIEAUTO */
|
||||
#if DEBUG
|
||||
#include <syslog.h>
|
||||
#endif /* DEBUG */
|
||||
#include "opie.h"
|
||||
|
||||
static char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" };
|
||||
|
||||
int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *secret AND char *response)
|
||||
#if OPIEAUTO
|
||||
#ifndef max
|
||||
#define max(x, y) (((x) > (y)) ? (x) : (y))
|
||||
#endif /* max */
|
||||
|
||||
static int opieauto_connect FUNCTION_NOARGS
|
||||
{
|
||||
int s;
|
||||
struct sockaddr_un sun;
|
||||
char buffer[1024];
|
||||
char *c, *c2 ="/.opieauto";
|
||||
uid_t myuid = getuid(), myeuid = geteuid();
|
||||
|
||||
if (!myuid || !myeuid || (myuid != myeuid)) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opieauto_connect: superuser and/or setuid not allowed");
|
||||
#endif /* DEBUG */
|
||||
return -1;
|
||||
};
|
||||
|
||||
memset(&sun, 0, sizeof(struct sockaddr_un));
|
||||
sun.sun_family = AF_UNIX;
|
||||
|
||||
if (!(c = getenv("HOME"))) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opieauto_connect: no HOME variable?");
|
||||
#endif /* DEBUG */
|
||||
return -1;
|
||||
};
|
||||
|
||||
if (strlen(c) > (sizeof(sun.sun_path) - strlen(c2) - 1)) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opieauto_connect: HOME is too long: %s", c);
|
||||
#endif /* DEBUG */
|
||||
return -1;
|
||||
};
|
||||
|
||||
strcpy(sun.sun_path, c);
|
||||
strcat(sun.sun_path, c2);
|
||||
|
||||
if ((s = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opieauto_connect: socket: %s(%d)", strerror(errno), errno);
|
||||
#endif /* DEBUG */
|
||||
return -1;
|
||||
};
|
||||
|
||||
{
|
||||
struct stat st;
|
||||
|
||||
if (stat(sun.sun_path, &st) < 0) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opieauto_connect: stat: %s(%d)\n", strerror(errno), errno);
|
||||
#endif /* DEBUG */
|
||||
goto ret;
|
||||
};
|
||||
|
||||
if (connect(s, (struct sockaddr *)&sun, sizeof(struct sockaddr_un))) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opieauto_connect: connect: %s(%d)\n", strerror(errno), errno);
|
||||
#endif /* DEBUG */
|
||||
goto ret;
|
||||
};
|
||||
|
||||
if ((st.st_uid != myuid) || (!S_ISSOCK(st.st_mode)) || ((st.st_mode & 07777) != 0600)) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opieauto_connect: something's fishy about the socket\n");
|
||||
#endif /* DEBUG */
|
||||
goto ret;
|
||||
};
|
||||
};
|
||||
|
||||
return s;
|
||||
|
||||
ret:
|
||||
close(s);
|
||||
return -1;
|
||||
};
|
||||
#endif /* OPIEAUTO */
|
||||
|
||||
int opiegenerator FUNCTION((challenge, secret, response), char *challenge AND char *secret AND char *response)
|
||||
{
|
||||
int algorithm;
|
||||
int sequence;
|
||||
char *seed;
|
||||
char key[8];
|
||||
struct opie_otpkey key;
|
||||
int i;
|
||||
int exts;
|
||||
#if OPIEAUTO
|
||||
int s;
|
||||
int window;
|
||||
char cmd[1+1+1+1+4+1+OPIE_SEED_MAX+1+4+1+4+1+4+1+4+1];
|
||||
char *c;
|
||||
#endif /* OPIEAUTO */
|
||||
|
||||
if (!(buffer = strstr(buffer, "otp-")))
|
||||
if (!(challenge = strstr(challenge, "otp-")))
|
||||
return 1;
|
||||
|
||||
buffer += 4;
|
||||
challenge += 4;
|
||||
|
||||
if (__opieparsechallenge(buffer, &algorithm, &sequence, &seed, &exts))
|
||||
if (__opieparsechallenge(challenge, &algorithm, &sequence, &seed, &exts))
|
||||
return 1;
|
||||
|
||||
if ((sequence < 2) || (sequence > 9999))
|
||||
return 1;
|
||||
|
||||
if (!secret[0])
|
||||
return 2;
|
||||
if (*secret) {
|
||||
if (opiepasscheck(secret))
|
||||
return -2;
|
||||
|
||||
if (opiepasscheck(secret))
|
||||
return -2;
|
||||
if (i = opiekeycrunch(algorithm, &key, seed, secret))
|
||||
return i;
|
||||
|
||||
if (i = opiekeycrunch(algorithm, key, seed, secret))
|
||||
return i;
|
||||
if (sequence <= OPIE_SEQUENCE_RESTRICT) {
|
||||
if (!(exts & 1))
|
||||
return 1;
|
||||
|
||||
if (sequence < 10) {
|
||||
if (!(exts & 1))
|
||||
return 1;
|
||||
{
|
||||
char newseed[OPIE_SEED_MAX + 1];
|
||||
struct opie_otpkey newkey;
|
||||
char *c;
|
||||
char buf[OPIE_SEED_MAX + 48 + 1];
|
||||
|
||||
while (sequence-- != 0)
|
||||
opiehash(&key, algorithm);
|
||||
|
||||
if (opienewseed(strcpy(newseed, seed)) < 0)
|
||||
return -1;
|
||||
|
||||
if (opiekeycrunch(algorithm, &newkey, newseed, secret))
|
||||
return -1;
|
||||
|
||||
for (i = 0; i < 499; i++)
|
||||
opiehash(&newkey, algorithm);
|
||||
|
||||
strcpy(response, "init-hex:");
|
||||
strcat(response, opiebtoh(buf, &key));
|
||||
if (snprintf(buf, sizeof(buf), ":%s 499 %s:", algids[algorithm],
|
||||
newseed) >= sizeof(buf)) {
|
||||
#ifdef DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: snprintf truncation at init-hex");
|
||||
#endif /* DEBUG */
|
||||
return -1;
|
||||
}
|
||||
strcat(response, buf);
|
||||
strcat(response, opiebtoh(buf, &newkey));
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
#if OPIEAUTO
|
||||
if ((s = opieauto_connect()) >= 0) {
|
||||
if ((i = read(s, cmd, sizeof(cmd)-1)) < 0) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: read: %s(%d)\n", strerror(errno), errno);
|
||||
#endif /* DEBUG */
|
||||
close(s);
|
||||
s = -1;
|
||||
goto l0;
|
||||
};
|
||||
cmd[i] = 0;
|
||||
if ((cmd[0] != 'C') || (cmd[1] != '+') || (cmd[2] != ' ')) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: got invalid/failing C+ response: %s\n", cmd);
|
||||
#endif /* DEBUG */
|
||||
close(s);
|
||||
s = -1;
|
||||
goto l0;
|
||||
};
|
||||
|
||||
window = strtoul(&cmd[3], &c, 10);
|
||||
if (!window || (window >= (OPIE_SEQUENCE_MAX - OPIE_SEQUENCE_RESTRICT)) || !isspace(*c)) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: got bogus option response: %s\n", cmd);
|
||||
#endif /* DEBUG */
|
||||
close(s);
|
||||
s = -1;
|
||||
goto l0;
|
||||
};
|
||||
};
|
||||
|
||||
l0:
|
||||
if (*secret) {
|
||||
int j;
|
||||
|
||||
if (s < 0) {
|
||||
j = 0;
|
||||
goto l1;
|
||||
};
|
||||
|
||||
j = max(sequence - window + 1, OPIE_SEQUENCE_RESTRICT);
|
||||
|
||||
for (i = j; i > 0; i--)
|
||||
opiehash(&key, algorithm);
|
||||
|
||||
{
|
||||
char newseed[OPIE_SEED_MAX + 1];
|
||||
char newkey[8];
|
||||
char *c;
|
||||
char buf[OPIE_SEED_MAX + 48 + 1];
|
||||
char buf[16+1];
|
||||
|
||||
while (sequence-- != 0)
|
||||
opiehash(key, algorithm);
|
||||
opiebtoa8(buf, &key);
|
||||
|
||||
if (opienewseed(strcpy(newseed, seed)) < 0)
|
||||
return -1;
|
||||
if (snprintf(cmd, sizeof(cmd), "S= %d %d %s %s\n", algorithm, sequence,
|
||||
seed, buf) >= sizeof(cmd)) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: snprintf truncation at S=\n");
|
||||
#endif /* DEBUG */
|
||||
goto l1;
|
||||
}
|
||||
}
|
||||
|
||||
if (opiekeycrunch(algorithm, newkey, newseed, secret))
|
||||
return -1;
|
||||
|
||||
for (i = 0; i < 499; i++)
|
||||
opiehash(newkey, algorithm);
|
||||
|
||||
strcpy(response, "init-hex:");
|
||||
strcat(response, opiebtoh(buf, key));
|
||||
sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed);
|
||||
strcat(response, buf);
|
||||
strcat(response, opiebtoh(buf, newkey));
|
||||
if (write(s, cmd, i = strlen(cmd)) != i) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: write: %s(%d)\n", strerror(errno), errno);
|
||||
#endif /* DEBUG */
|
||||
goto l1;
|
||||
};
|
||||
} else {
|
||||
while (sequence-- != 0)
|
||||
opiehash(key, algorithm);
|
||||
|
||||
opiebtoh(response, key);
|
||||
}
|
||||
if ((i = read(s, cmd, sizeof(cmd))) < 0) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: read: %s(%d)\n", strerror(errno), errno);
|
||||
#endif /* DEBUG */
|
||||
};
|
||||
close(s);
|
||||
|
||||
cmd[i] = 0;
|
||||
i = strlen(seed);
|
||||
if ((cmd[0] != 'S') || (cmd[1] != '+') || (cmd[2] != ' ') || (strtoul(&cmd[3], &c, 10) != algorithm) || (strtoul(c + 1, &c, 10) != sequence) || strncmp(++c, seed, i) || (*(c + i) != '\n')) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: got invalid/failing S+ response: %s\n", cmd);
|
||||
#endif /* DEBUG */
|
||||
};
|
||||
|
||||
l1:
|
||||
for (i = sequence - j; i > 0; i--)
|
||||
opiehash(&key, algorithm);
|
||||
|
||||
opiebtoh(response, &key);
|
||||
} else {
|
||||
if (s < 0)
|
||||
goto l2;
|
||||
|
||||
if ((snprintf(cmd, sizeof(cmd), "s= %d %d %s\n", algorithm, sequence,
|
||||
seed) >= sizeof(cmd))) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: snprintf truncation at s=\n");
|
||||
#endif /* DEBUG */
|
||||
goto l2;
|
||||
}
|
||||
|
||||
if (write(s, cmd, i = strlen(cmd)) != i) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: write: %s(%d)\n", strerror(errno), errno);
|
||||
#endif /* DEBUG */
|
||||
goto l2;
|
||||
};
|
||||
|
||||
if ((i = read(s, cmd, sizeof(cmd))) < 0) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: read: %s(%d)\n", strerror(errno), errno);
|
||||
#endif /* DEBUG */
|
||||
goto l2;
|
||||
};
|
||||
close(s);
|
||||
|
||||
i = strlen(seed);
|
||||
|
||||
if ((cmd[0] != 's') || (cmd[2] != ' ') || (strtoul(&cmd[3], &c, 10) != algorithm) || (strtoul(c + 1, &c, 10) != sequence) || strncmp(++c, seed, i)) {
|
||||
#if DEBUG
|
||||
if (c)
|
||||
*c = 0;
|
||||
else
|
||||
cmd[3] = 0;
|
||||
|
||||
syslog(LOG_DEBUG, "opiegenerator: got bogus/invalid s response: %s\n", cmd);
|
||||
#endif /* DEBUG */
|
||||
goto l2;
|
||||
};
|
||||
|
||||
c += i;
|
||||
|
||||
if (cmd[1] == '-') {
|
||||
#if DEBUG
|
||||
if (*c != '\n') {
|
||||
*c = 0;
|
||||
syslog(LOG_DEBUG, "opiegenerator: got invalid s- response: %s\n", cmd);
|
||||
};
|
||||
#endif /* DEBUG */
|
||||
goto l2;
|
||||
};
|
||||
|
||||
if (cmd[1] != '+') {
|
||||
#if DEBUG
|
||||
*c = 0;
|
||||
syslog(LOG_DEBUG, "opiegenerator: got invalid s response: %s\n", cmd);
|
||||
#endif /* DEBUG */
|
||||
goto l2;
|
||||
};
|
||||
|
||||
{
|
||||
char *c2;
|
||||
|
||||
if (!(c2 = strchr(++c, '\n'))) {
|
||||
#if DEBUG
|
||||
*c = 0;
|
||||
syslog(LOG_DEBUG, "opiegenerator: got invalid s+ response: %s\n", cmd);
|
||||
#endif /* DEBUG */
|
||||
goto l2;
|
||||
};
|
||||
|
||||
*c2++ = 0;
|
||||
};
|
||||
|
||||
if (!opieatob8(&key, c))
|
||||
goto l2;
|
||||
|
||||
opiebtoh(response, &key);
|
||||
};
|
||||
|
||||
if (s >= 0)
|
||||
close(s);
|
||||
#else /* OPIEAUTO */
|
||||
if (*secret) {
|
||||
while (sequence-- != 0)
|
||||
opiehash(&key, algorithm);
|
||||
|
||||
opiebtoh(response, &key);
|
||||
} else
|
||||
return -2;
|
||||
#endif /* OPIEAUTO */
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if OPIEAUTO
|
||||
l2:
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opiegenerator: no opieauto response available.\n");
|
||||
#endif /* DEBUG */
|
||||
if (s >= 0)
|
||||
close(s);
|
||||
|
||||
return -2;
|
||||
#endif /* OPIEAUTO */
|
||||
};
|
||||
|
@ -1,14 +1,15 @@
|
||||
/* hash.c: The opiehash() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Updated by cmetz for OPIE 2.31. Added SHA support (which may
|
||||
Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg.
|
||||
Modified by cmetz for OPIE 2.31. Added SHA support (which may
|
||||
not be correct). Backed out previous optimizations as
|
||||
they killed thread-safety.
|
||||
Created by cmetz for OPIE 2.3 using the old hash.c as a guide.
|
||||
@ -23,7 +24,8 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
#include <md4.h>
|
||||
#include <md5.h>
|
||||
|
||||
VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm)
|
||||
VOIDRET opiehash FUNCTION((x, algorithm), struct opie_otpkey *x AND
|
||||
unsigned algorithm)
|
||||
{
|
||||
UINT4 *results = (UINT4 *)x;
|
||||
|
||||
|
@ -1,13 +1,14 @@
|
||||
/* hashlen.c: The opiehashlen() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use struct opie_otpkey, isolate variables.
|
||||
Created by cmetz for OPIE 2.3.
|
||||
|
||||
$FreeBSD$
|
||||
@ -20,7 +21,8 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
#include <md4.h>
|
||||
#include <md5.h>
|
||||
|
||||
VOIDRET opiehashlen FUNCTION((algorithm, in, out, n), int algorithm AND VOIDPTR in AND VOIDPTR out AND int n)
|
||||
VOIDRET opiehashlen FUNCTION((algorithm, in, out, n), int algorithm AND
|
||||
VOIDPTR in AND struct opie_otpkey *out AND int n)
|
||||
{
|
||||
UINT4 *results = (UINT4 *)out;
|
||||
UINT4 mdx_tmp[4];
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* insecure.c: The opieinsecure() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,8 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Do utmp checks on utmpx systems.
|
||||
Handle unterminated ut_host.
|
||||
Modified by cmetz for OPIE 2.31. Fixed a logic bug. Call endut[x]ent().
|
||||
Modified by cmetz for OPIE 2.3. Added result caching. Use
|
||||
__opiegetutmpentry(). Ifdef around ut_host check. Eliminate
|
||||
@ -59,9 +61,9 @@ int opieinsecure FUNCTION_NOARGS
|
||||
char *s;
|
||||
char *term_name;
|
||||
int insecure = 0;
|
||||
#if HAVE_UT_HOST
|
||||
#if HAVE_UT_HOST || DOUTMPX
|
||||
struct utmp utmp;
|
||||
#endif /* HAVE_UT_HOST */
|
||||
#endif /* HAVE_UT_HOST || DOUTMPX */
|
||||
static int result = -1;
|
||||
|
||||
if (result != -1)
|
||||
@ -122,30 +124,34 @@ int opieinsecure FUNCTION_NOARGS
|
||||
return (result = 1);
|
||||
};
|
||||
|
||||
#if HAVE_UT_HOST
|
||||
#if HAVE_UT_HOST || DOUTMPX
|
||||
if (isatty(0)) {
|
||||
memset(&utmp, 0, sizeof(struct utmp));
|
||||
{
|
||||
int i = __opiegetutmpentry(ttyname(0), &utmp);
|
||||
endutent();
|
||||
if (!i && utmp.ut_host[0]) {
|
||||
char host[sizeof(utmp.ut_host) + 1];
|
||||
insecure = 1;
|
||||
|
||||
if (s = strchr(utmp.ut_host, ':')) {
|
||||
int n = s - utmp.ut_host;
|
||||
strncpy(host, utmp.ut_host, sizeof(utmp.ut_host));
|
||||
host[sizeof(utmp.ut_host)] = 0;
|
||||
|
||||
if (s = strchr(host, ':')) {
|
||||
int n = s - host;
|
||||
if (!n)
|
||||
insecure = 0;
|
||||
else
|
||||
if (display_name) {
|
||||
if (!strncmp(utmp.ut_host, display_name, n))
|
||||
if (!strncmp(host, display_name, n))
|
||||
insecure = 0;
|
||||
#ifdef SOLARIS
|
||||
#if 1 /* def SOLARIS */
|
||||
else
|
||||
if (s = strchr(utmp.ut_host, ' ')) {
|
||||
if (s = strchr(host, ' ')) {
|
||||
*s = ':';
|
||||
if (s = strchr(s + 1, ' '))
|
||||
*s = '.';
|
||||
if (!strncmp(utmp.ut_host, display_name, n))
|
||||
if (!strncmp(host, display_name, n))
|
||||
insecure = 0;
|
||||
}
|
||||
#endif /* SOLARIS */
|
||||
@ -154,7 +160,7 @@ int opieinsecure FUNCTION_NOARGS
|
||||
}
|
||||
};
|
||||
};
|
||||
#endif /* HAVE_UT_HOST */
|
||||
#endif /* HAVE_UT_HOST || DOUTMPX */
|
||||
if (insecure)
|
||||
return (result = 1);
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* lock.c: The opielock() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,7 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use snprintf.
|
||||
Modified by cmetz for OPIE 2.31. Put locks in a separate dir.
|
||||
Bug fixes.
|
||||
Modified by cmetz for OPIE 2.3. Do refcounts whether or not we
|
||||
@ -201,7 +202,9 @@ int opielock FUNCTION((principal), char *principal)
|
||||
if (!S_ISREG(statbuf[0].st_mode) || (statbuf[0].st_mode != statbuf[1].st_mode) || (statbuf[0].st_ino != statbuf[1].st_ino))
|
||||
goto lockret;
|
||||
|
||||
sprintf(buffer, "%d\n%d\n", getpid(), time(0));
|
||||
if (snprintf(buffer, sizeof(buffer), "%d\n%d\n", getpid(), time(0)) >= sizeof(buffer))
|
||||
goto lockret;
|
||||
|
||||
i = strlen(buffer) + 1;
|
||||
if (lseek(fh, 0, SEEK_SET)) {
|
||||
close(fh);
|
||||
|
@ -1,13 +1,15 @@
|
||||
/* newseed.c: The opienewseed() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Greatly simplified increment. Now does
|
||||
not add digits. Reformatted the code.
|
||||
Modified by cmetz for OPIE 2.32. Added syslog.h if DEBUG.
|
||||
Modified by cmetz for OPIE 2.31. Added time.h.
|
||||
Created by cmetz for OPIE 2.22.
|
||||
@ -37,73 +39,54 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
int opienewseed FUNCTION((seed), char *seed)
|
||||
{
|
||||
if (!seed)
|
||||
return -1;
|
||||
if (!seed)
|
||||
return -1;
|
||||
|
||||
if (seed[0]) {
|
||||
int i;
|
||||
|
||||
if ((i = strlen(seed)) >= OPIE_SEED_MIN) {
|
||||
long j;
|
||||
char *c;
|
||||
|
||||
if (i > OPIE_SEED_MAX)
|
||||
i = OPIE_SEED_MAX;
|
||||
if (seed[0]) {
|
||||
char *c, *end;
|
||||
unsigned int i, max;
|
||||
|
||||
c = seed + i - 1;
|
||||
if ((i = strlen(seed)) > OPIE_SEED_MAX)
|
||||
i = OPIE_SEED_MAX;
|
||||
|
||||
while(c != seed) {
|
||||
if (!isdigit(*c))
|
||||
break;
|
||||
c--;
|
||||
}
|
||||
for (c = end = seed + i - 1, max = 1;
|
||||
(c > seed) && isdigit(*c); c--)
|
||||
max *= 10;
|
||||
|
||||
c++;
|
||||
if ((i = strtoul(++c, (char **)0, 10)) < max) {
|
||||
if (++i >= max)
|
||||
i = 1;
|
||||
|
||||
if (j = strtol(c, (char **)0, 10)) {
|
||||
char buf[OPIE_SEED_MAX];
|
||||
|
||||
*c = 0;
|
||||
strcpy(buf, seed);
|
||||
|
||||
if (errno == ERANGE) {
|
||||
j = 1;
|
||||
} else {
|
||||
int k = 1, l = OPIE_SEED_MAX - strlen(buf);
|
||||
while(l--) k *= 10;
|
||||
|
||||
if (++j >= k)
|
||||
j = 1;
|
||||
snprintf(c, end - c, "%d", i);
|
||||
seed[OPIE_SEED_MAX] = 0;
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
sprintf(seed, "%s%04ld", buf, j);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
{
|
||||
time_t now;
|
||||
|
||||
{
|
||||
{
|
||||
time_t now;
|
||||
time(&now);
|
||||
srand(now);
|
||||
}
|
||||
time(&now);
|
||||
srand(now);
|
||||
}
|
||||
|
||||
{
|
||||
struct utsname utsname;
|
||||
{
|
||||
struct utsname utsname;
|
||||
|
||||
if (uname(&utsname) < 0) {
|
||||
if (uname(&utsname) < 0) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "uname: %s(%d)", strerror(errno), errno);
|
||||
syslog(LOG_DEBUG, "uname: %s(%d)", strerror(errno),
|
||||
errno);
|
||||
#endif /* DEBUG */
|
||||
utsname.nodename[0] = 'k';
|
||||
utsname.nodename[1] = 'e';
|
||||
}
|
||||
utsname.nodename[2] = 0;
|
||||
utsname.nodename[0] = 'k';
|
||||
utsname.nodename[1] = 'e';
|
||||
}
|
||||
utsname.nodename[2] = 0;
|
||||
|
||||
sprintf(seed, "%s%04d", utsname.nodename, (rand() % 9999) + 1);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
if (snprintf(seed, OPIE_SEED_MAX+1, "%s%04d", utsname.nodename,
|
||||
(rand() % 9999) + 1) >= OPIE_SEED_MAX+1)
|
||||
return -1;
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
.\" opie.4: Overview of the OPIE software.
|
||||
.\"
|
||||
.\" %%% portions-copyright-cmetz-96
|
||||
.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
.\" Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
.\" the software.
|
||||
.\" You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,7 @@
|
||||
.\"
|
||||
.\" History:
|
||||
.\"
|
||||
.\" Modified by cmetz for OPIE 2.4. Spelling fixes.
|
||||
.\" Modified by cmetz for OPIE 2.2. Removed MJR DES documentation. Removed
|
||||
.\" references to the old square brackets challenge delimiters.
|
||||
.\" Modified at NRL for OPIE 2.01. Updated UNIX trademark credit.
|
||||
@ -87,7 +88,7 @@ the calculator given the challenge and the secret password. For example,
|
||||
.TP
|
||||
.I seed
|
||||
A piece of information that is used in conjunction with the secret password
|
||||
and sequence numer to compute the response. Its purpose is to allow the same
|
||||
and sequence number to compute the response. Its purpose is to allow the same
|
||||
secret password to be used for multiple sequences, by changing the seed, or
|
||||
for authentication to multiple machines by using different seeds.
|
||||
.TP
|
||||
@ -143,7 +144,7 @@ technique was implemented by Haller, Karn, and Walden at Bellcore. They
|
||||
created a free software package called "S/Key" that used an algorithm
|
||||
called a cryptographic checksum. A cryptographic checksum is a strong one-way
|
||||
function such that, knowing the result of such a function, an attacker still
|
||||
cannot feasably determine the input. Further, unlike cyclic redundancy
|
||||
cannot feasibly determine the input. Further, unlike cyclic redundancy
|
||||
checksums (CRCs), cryptographic checksums have few inputs that result in the
|
||||
same output.
|
||||
.LP
|
||||
|
@ -2,7 +2,7 @@
|
||||
system that a program might need.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -15,6 +15,9 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Added sequence number limits. Added
|
||||
struct opie_otpkey and made many functions use it. Added
|
||||
opiestrncpy(). Include header with libmissing prototypes.
|
||||
Modified by cmetz for OPIE 2.32. Added symbolic flag names for
|
||||
opiepasswd(). Added __opieparsechallenge() prototype.
|
||||
Modified by cmetz for OPIE 2.31. Removed active attack protection.
|
||||
@ -53,7 +56,9 @@ struct opie {
|
||||
#define __OPIE_FLAGS_READ 2
|
||||
|
||||
/* Minimum length of a secret password */
|
||||
#ifndef OPIE_SECRET_MIN
|
||||
#define OPIE_SECRET_MIN 10
|
||||
#endif /* OPIE_SECRET_MIN */
|
||||
|
||||
/* Maximum length of a secret password */
|
||||
#define OPIE_SECRET_MAX 127
|
||||
@ -76,25 +81,47 @@ struct opie {
|
||||
/* Maximum length of a principal (read: user name) */
|
||||
#define OPIE_PRINCIPAL_MAX 32
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
/* Maximum sequence number */
|
||||
#ifndef OPIE_SEQUENCE_MAX
|
||||
#define OPIE_SEQUENCE_MAX 9999
|
||||
#endif /* OPIE_SEQUENCE_MAX */
|
||||
|
||||
/* Restricted sequence number */
|
||||
#ifndef OPIE_SEQUENCE_RESTRICT
|
||||
#define OPIE_SEQUENCE_RESTRICT 9
|
||||
#endif /* OPIE_SEQUENCE_RESTRICT */
|
||||
|
||||
#define UINT4 u_int32_t
|
||||
|
||||
struct opie_otpkey {
|
||||
UINT4 words[2];
|
||||
};
|
||||
|
||||
#ifndef SEEK_SET
|
||||
#define SEEK_SET 0
|
||||
#endif /* SEEK_SET */
|
||||
|
||||
#ifndef SEEK_END
|
||||
#define SEEK_END 2
|
||||
#endif /* SEEK_END */
|
||||
|
||||
__BEGIN_DECLS
|
||||
int opieaccessfile __P((char *));
|
||||
int rdnets __P((long));
|
||||
int isaddr __P((register char *));
|
||||
int opiealways __P((char *));
|
||||
char *opieatob8 __P((char *,char *));
|
||||
char *opieatob8 __P((struct opie_otpkey *, char *));
|
||||
void opiebackspace __P((char *));
|
||||
char *opiebtoa8 __P((char *,char *));
|
||||
char *opiebtoe __P((char *,char *));
|
||||
char *opiebtoh __P((char *,char *));
|
||||
int opieetob __P((char *,char *));
|
||||
char *opiebtoa8 __P((char *, struct opie_otpkey *));
|
||||
char *opiebtoe __P((char *, struct opie_otpkey *));
|
||||
char *opiebtoh __P((char *, struct opie_otpkey *));
|
||||
int opieetob __P((struct opie_otpkey *, char *));
|
||||
int opiechallenge __P((struct opie *,char *,char *));
|
||||
int opiegenerator __P((char *,char *,char *));
|
||||
int opiegetsequence __P((struct opie *));
|
||||
void opiehash __P((void *, unsigned));
|
||||
void opiehash __P((struct opie_otpkey *, unsigned));
|
||||
int opiehtoi __P((register char));
|
||||
int opiekeycrunch __P((int, char *, char *, char *));
|
||||
int opiekeycrunch __P((int, struct opie_otpkey *, char *, char *));
|
||||
int opielock __P((char *));
|
||||
int opieunlock __P((void));
|
||||
void opieunlockaeh __P((void));
|
||||
@ -121,7 +148,6 @@ __END_DECLS
|
||||
#define FUNCTION(arglist, args) (args)
|
||||
#define AND ,
|
||||
#define FUNCTION_NOARGS ()
|
||||
#define UINT4 u_int32_t
|
||||
|
||||
__BEGIN_DECLS
|
||||
struct utmp;
|
||||
@ -133,6 +159,14 @@ int __opiereadrec __P((struct opie *));
|
||||
int __opiewriterec __P((struct opie *));
|
||||
int __opieparsechallenge __P((char *buffer, int *algorithm, int *sequence, char **seed, int *exts));
|
||||
__END_DECLS
|
||||
|
||||
#define opiestrncpy(dst, src, n) \
|
||||
do { \
|
||||
strncpy(dst, src, n-1); \
|
||||
dst[n-1] = 0; \
|
||||
} while(0)
|
||||
|
||||
/* #include "missing.h" */
|
||||
#endif /* _OPIE */
|
||||
|
||||
#define OPIEPASSWD_CONSOLE 1
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* opie_cfg.h: Various configuration-type pieces of information for OPIE.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,7 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Removed NBBY definition.
|
||||
Modified by cmetz for OPIE 2.32. Include <sys/types.h> before
|
||||
<dirent.h> to make *BSD happy.
|
||||
Modified by cmetz for OPIE 2.31. Added 4.4BSD-Lite pathnames.h
|
||||
@ -53,8 +54,8 @@ License Agreement applies to this software.
|
||||
#ifndef _OPIE_CFG_H
|
||||
#define _OPIE_CFG_H 1
|
||||
|
||||
#define VERSION "2.32"
|
||||
#define DATE "Thursday, January 1, 1998"
|
||||
#define VERSION "2.4"
|
||||
#define DATE "Friday, January 19, 2001"
|
||||
|
||||
#ifndef unix
|
||||
#define unix 1
|
||||
@ -165,10 +166,6 @@ License Agreement applies to this software.
|
||||
#define MOTD_FILE "/etc/motd"
|
||||
#endif
|
||||
|
||||
#ifndef NBBY
|
||||
#define NBBY 8 /* Reasonable for modern systems */
|
||||
#endif /* NBBY */
|
||||
|
||||
#ifndef LOGIN_PATH
|
||||
#define LOGIN_PATH "/usr/ucb:/bin:/usr/bin"
|
||||
#endif /* LOGIN_PATH */
|
||||
|
@ -7,11 +7,13 @@
|
||||
.\"
|
||||
.\" History:
|
||||
.\"
|
||||
.\" Modified by cmetz for OPIE 2.4. Fixed "0PIE" typo.
|
||||
.\" Written at NRL for OPIE 2.0.
|
||||
.\"
|
||||
.ll 6i
|
||||
.pl 10.5i
|
||||
.\" @(#)opieaccess.5 2.0 (NRL) 1/10/95
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.lt 6.0i
|
||||
.TH OPIEACCESS 5 "January 10, 1995"
|
||||
@ -61,7 +63,7 @@ mask Mask of the network to match
|
||||
|
||||
Subnets can be controlled by using the appropriate address and mask. Individual
|
||||
hosts can be controlled by using the appropriate address and a mask of
|
||||
255.255.255.255. If no rules are matched, the default is to deny non-0PIE
|
||||
255.255.255.255. If no rules are matched, the default is to deny non-OPIE
|
||||
logins.
|
||||
|
||||
.SH SEE ALSO
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* opieftpd.c: Main program for an FTP daemon.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,8 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Add id parameter to opielogwtmp. Use
|
||||
opiestrncpy(). Fix incorrect use of setproctitle().
|
||||
Modified by cmetz for OPIE 2.32. Remove include of dirent.h here; it's
|
||||
done already (and conditionally) in opie_cfg.h.
|
||||
Modified by cmetz for OPIE 2.31. Merged in some 4.4BSD-Lite changes.
|
||||
@ -243,7 +245,7 @@ static int receive_data __P((FILE *, FILE *));
|
||||
static char *gunique __P((char *));
|
||||
static char *sgetsave __P((char *));
|
||||
|
||||
int opielogwtmp __P((char *, char *, char *));
|
||||
int opielogwtmp __P((char *, char *, char *, char *));
|
||||
|
||||
int fclose __P((FILE *));
|
||||
|
||||
@ -510,7 +512,7 @@ static VOIDRET end_login FUNCTION_NOARGS
|
||||
if (seteuid((uid_t) 0))
|
||||
syslog(LOG_ERR, "Can't set euid");
|
||||
if (logged_in)
|
||||
opielogwtmp(ttyline, "", "");
|
||||
opielogwtmp(ttyline, "", "", "ftp");
|
||||
pw = NULL;
|
||||
logged_in = 0;
|
||||
#if DOANONYMOUS
|
||||
@ -564,7 +566,7 @@ VOIDRET pass FUNCTION((passwd), char *passwd)
|
||||
|
||||
/* open wtmp before chroot */
|
||||
sprintf(ttyline, "ftp%d", getpid());
|
||||
opielogwtmp(ttyline, pw->pw_name, remotehost);
|
||||
opielogwtmp(ttyline, pw->pw_name, remotehost, "ftp");
|
||||
logged_in = 1;
|
||||
|
||||
#if DOANONYMOUS
|
||||
@ -631,10 +633,10 @@ VOIDRET pass FUNCTION((passwd), char *passwd)
|
||||
if (guest) {
|
||||
reply(230, "Guest login ok, access restrictions apply.");
|
||||
#if DOTITLE
|
||||
snprintf(proctitle, sizeof(proctitle), "%s: anonymous/%s", remotehost,
|
||||
passwd);
|
||||
setproctitle("%s", proctitle);
|
||||
#endif /* DOTITLE */
|
||||
setproctitle("%s: anonymous/%.*s", remotehost,
|
||||
sizeof(proctitle) - sizeof(remotehost) - sizeof(": anonymous/"),
|
||||
passwd);
|
||||
#endif /* DOTITLE */
|
||||
syslog(LOG_NOTICE, "ANONYMOUS FTP login from %s with ID %s",
|
||||
remotehost, passwd);
|
||||
} else
|
||||
@ -643,9 +645,8 @@ VOIDRET pass FUNCTION((passwd), char *passwd)
|
||||
reply(230, "User %s logged in.", pw->pw_name);
|
||||
|
||||
#if DOTITLE
|
||||
snprintf(proctitle, sizeof(proctitle), "%s: %s", remotehost, pw->pw_name);
|
||||
setproctitle("%s", proctitle);
|
||||
#endif /* DOTITLE */
|
||||
setproctitle("%s: %s", remotehost, pw->pw_name);
|
||||
#endif /* DOTITLE */
|
||||
syslog(LOG_INFO, "FTP login from %s with user name %s", remotehost, pw->pw_name);
|
||||
}
|
||||
home = pw->pw_dir; /* home dir for globbing */
|
||||
@ -1256,13 +1257,11 @@ static VOIDRET dolog FUNCTION((sin), struct sockaddr_in *sin)
|
||||
time_t t, time();
|
||||
|
||||
if (hp)
|
||||
strncpy(remotehost, hp->h_name, sizeof(remotehost));
|
||||
opiestrncpy(remotehost, hp->h_name, sizeof(remotehost));
|
||||
else
|
||||
strncpy(remotehost, inet_ntoa(sin->sin_addr), sizeof(remotehost));
|
||||
remotehost[sizeof(remotehost) - 1] = '\0';
|
||||
opiestrncpy(remotehost, inet_ntoa(sin->sin_addr), sizeof(remotehost));
|
||||
#if DOTITLE
|
||||
snprintf(proctitle, sizeof(proctitle), "%s: connected", remotehost);
|
||||
setproctitle("%s", proctitle);
|
||||
setproctitle("%s: connected", remotehost);
|
||||
#endif /* DOTITLE */
|
||||
|
||||
t = time((time_t *) 0);
|
||||
@ -1280,7 +1279,7 @@ VOIDRET dologout FUNCTION((status), int status)
|
||||
if (logged_in) {
|
||||
if (seteuid((uid_t) 0))
|
||||
syslog(LOG_ERR, "Can't set euid");
|
||||
opielogwtmp(ttyline, "", "");
|
||||
opielogwtmp(ttyline, "", "", "ftp");
|
||||
}
|
||||
/* beware of flushing buffers after a SIGPIPE */
|
||||
_exit(status);
|
||||
|
@ -1,7 +1,7 @@
|
||||
.\" opieinfo.1: Manual page for the opieinfo(1) program.
|
||||
.\"
|
||||
.\" %%% portions-copyright-cmetz-96
|
||||
.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
.\" Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
.\" the software.
|
||||
.\" You should have received a copy of the license with this software. If
|
||||
|
@ -2,7 +2,7 @@
|
||||
opieinfo: Print a user's current OPIE sequence number and seed
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,7 +1,7 @@
|
||||
.\" opiekey.1: Manual page for the opiekey(1) program.
|
||||
.\"
|
||||
.\" %%% portions-copyright-cmetz-96
|
||||
.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
.\" Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
.\" the software.
|
||||
.\" You should have received a copy of the license with this software. If
|
||||
|
@ -5,7 +5,7 @@
|
||||
and outputs a response.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -18,6 +18,7 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use struct opie_key for key blocks.
|
||||
Modified by cmetz for OPIE 2.31. Renamed "init" and RESPONSE_INIT
|
||||
to "init-hex" and RESPONSE_INIT_HEX. Removed active attack
|
||||
protection support.
|
||||
@ -135,7 +136,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
int i;
|
||||
int count = 1;
|
||||
char secret[OPIE_SECRET_MAX + 1], newsecret[OPIE_SECRET_MAX + 1];
|
||||
char key[8], newkey[8];
|
||||
struct opie_otpkey key, newkey;
|
||||
char *seed, newseed[OPIE_SEED_MAX + 1];
|
||||
char response[OPIE_RESPONSE_MAX + 1];
|
||||
char *slash;
|
||||
@ -266,13 +267,13 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
goto error;
|
||||
}
|
||||
|
||||
if (opiekeycrunch(algorithm, newkey, newseed, newsecret)) {
|
||||
if (opiekeycrunch(algorithm, &newkey, newseed, newsecret)) {
|
||||
fprintf(stderr, "%s: key crunch failed (1)\n", argv[0]);
|
||||
goto error;
|
||||
}
|
||||
|
||||
for (i = 0; i < 499; i++)
|
||||
opiehash(newkey, algorithm);
|
||||
opiehash(&newkey, algorithm);
|
||||
} else
|
||||
#if RETYPE
|
||||
getsecret(secret, "", 1);
|
||||
@ -281,13 +282,13 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
#endif /* RETYPE */
|
||||
|
||||
/* Crunch seed and secret password into starting key normally */
|
||||
if (opiekeycrunch(algorithm, key, seed, secret)) {
|
||||
if (opiekeycrunch(algorithm, &key, seed, secret)) {
|
||||
fprintf(stderr, "%s: key crunch failed\n", argv[0]);
|
||||
goto error;
|
||||
}
|
||||
|
||||
for (i = 0; i <= (keynum - count); i++)
|
||||
opiehash(key, algorithm);
|
||||
opiehash(&key, algorithm);
|
||||
|
||||
{
|
||||
char buf[OPIE_SEED_MAX + 48 + 1];
|
||||
@ -300,37 +301,37 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
switch(type) {
|
||||
case RESPONSE_STANDARD:
|
||||
if (hex)
|
||||
opiebtoh(response, key);
|
||||
opiebtoh(response, &key);
|
||||
else
|
||||
opiebtoe(response, key);
|
||||
opiebtoe(response, &key);
|
||||
break;
|
||||
case RESPONSE_WORD:
|
||||
strcpy(response, "word:");
|
||||
strcat(response, opiebtoe(buf, key));
|
||||
strcat(response, opiebtoe(buf, &key));
|
||||
break;
|
||||
case RESPONSE_HEX:
|
||||
strcpy(response, "hex:");
|
||||
strcat(response, opiebtoh(buf, key));
|
||||
strcat(response, opiebtoh(buf, &key));
|
||||
break;
|
||||
case RESPONSE_INIT_HEX:
|
||||
case RESPONSE_INIT_WORD:
|
||||
if (type == RESPONSE_INIT_HEX) {
|
||||
strcpy(response, "init-hex:");
|
||||
strcat(response, opiebtoh(buf, key));
|
||||
strcat(response, opiebtoh(buf, &key));
|
||||
sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed);
|
||||
strcat(response, buf);
|
||||
strcat(response, opiebtoh(buf, newkey));
|
||||
strcat(response, opiebtoh(buf, &newkey));
|
||||
} else {
|
||||
strcpy(response, "init-word:");
|
||||
strcat(response, opiebtoe(buf, key));
|
||||
strcat(response, opiebtoe(buf, &key));
|
||||
sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed);
|
||||
strcat(response, buf);
|
||||
strcat(response, opiebtoe(buf, newkey));
|
||||
strcat(response, opiebtoe(buf, &newkey));
|
||||
}
|
||||
break;
|
||||
}
|
||||
puts(response);
|
||||
opiehash(key, algorithm);
|
||||
opiehash(&key, algorithm);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
.\" opiepasswd.1: Manual page for the opiepasswd(1) program.
|
||||
.\"
|
||||
.\" %%% portions-copyright-cmetz-96
|
||||
.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
.\" Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
.\" the software.
|
||||
.\" You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,7 @@
|
||||
.\"
|
||||
.\" History:
|
||||
.\"
|
||||
.\" Modified by cmetz for OPIE 2.4. Fixed spelling bug.
|
||||
.\" Modified by cmetz for OPIE 2.3. Added -f flag documentation.
|
||||
.\" Updated console example.
|
||||
.\" Modified by cmetz for OPIE 2.2. Removed MJR DES documentation.
|
||||
@ -36,7 +37,7 @@ system.
|
||||
[\-v] [\-h] [\-c|\-d] [\-f]
|
||||
.sp 0
|
||||
[\-n
|
||||
.I inital_sequence_number
|
||||
.I initial_sequence_number
|
||||
]
|
||||
[\-s
|
||||
.I seed
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* opiepasswd.c: Add/change an OTP password in the key database.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,8 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use struct opie_key for key blocks.
|
||||
Use opiestrncpy().
|
||||
Modified by cmetz for OPIE 2.32. Use OPIE_SEED_MAX instead of
|
||||
hard coding the length. Unlock user on failed lookup.
|
||||
Modified by cmetz for OPIE 2.3. Got of some variables and made some
|
||||
@ -97,12 +99,13 @@ static VOIDRET finish FUNCTION((name), char *name)
|
||||
}
|
||||
printf("OTP key is %d %s\n", opie.opie_n, opie.opie_seed);
|
||||
{
|
||||
char key[8];
|
||||
if (!opieatob8(key, opie.opie_val)) {
|
||||
struct opie_otpkey key;
|
||||
|
||||
if (!opieatob8(&key, opie.opie_val)) {
|
||||
fprintf(stderr, "Error verifying key -- possible database corruption.\n");
|
||||
finish(NULL);
|
||||
}
|
||||
printf("%s\n", opiebtoe(buf, key));
|
||||
printf("%s\n", opiebtoe(buf, &key));
|
||||
}
|
||||
}
|
||||
|
||||
@ -156,8 +159,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
OPIE_SEED_MIN, OPIE_SEED_MAX);
|
||||
finish(NULL);
|
||||
}
|
||||
strncpy(seed, optarg, sizeof(seed));
|
||||
seed[sizeof(seed) - 1] = 0;
|
||||
opiestrncpy(seed, optarg, sizeof(seed));
|
||||
break;
|
||||
default:
|
||||
usage(argv[0]);
|
||||
@ -242,7 +244,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
{
|
||||
char *c;
|
||||
if (c = strrchr(tmp, ' '))
|
||||
strncpy(oseed, c + 1, sizeof(oseed));
|
||||
opiestrncpy(oseed, c + 1, sizeof(oseed));
|
||||
else {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "opiepasswd: bogus challenge\n");
|
||||
@ -278,7 +280,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
{
|
||||
char *c;
|
||||
if (c = strrchr(tmp, ' '))
|
||||
strncpy(nseed, c + 1, sizeof(nseed));
|
||||
opiestrncpy(nseed, c + 1, sizeof(nseed));
|
||||
else {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "opiepasswd: bogus challenge\n");
|
||||
@ -349,18 +351,18 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
finish(NULL);
|
||||
}
|
||||
{
|
||||
char key[8];
|
||||
struct opie_otpkey key;
|
||||
char tbuf[OPIE_RESPONSE_MAX + 1];
|
||||
|
||||
if (opiekeycrunch(MDX, key, opie.opie_seed, passwd) != 0) {
|
||||
if (opiekeycrunch(MDX, &key, opie.opie_seed, passwd) != 0) {
|
||||
fprintf(stderr, "%s: key crunch failed. Secret pass phrase unchanged\n", argv[0]);
|
||||
finish(NULL);
|
||||
}
|
||||
memset(passwd, 0, sizeof(passwd));
|
||||
i = opie.opie_n - 1;
|
||||
while (i-- != 0)
|
||||
opiehash(key, MDX);
|
||||
opiebtoe(tbuf, key);
|
||||
opiehash(&key, MDX);
|
||||
opiebtoe(tbuf, &key);
|
||||
if (opieverify(&opie, tbuf)) {
|
||||
fprintf(stderr, "Sorry.\n");
|
||||
finish(NULL);
|
||||
|
Loading…
Reference in New Issue
Block a user