summaryrefslogtreecommitdiffstats
path: root/contrib/opie/libopie
diff options
context:
space:
mode:
authorache <ache@FreeBSD.org>1997-09-29 08:53:38 +0000
committerache <ache@FreeBSD.org>1997-09-29 08:53:38 +0000
commit620a15402ca567d1bb9f3ff04408b31d5195a26d (patch)
treebad95c33ccd79344b37c342113b585dc03504240 /contrib/opie/libopie
parente1721b38212f929793aa901252e7ce3b6e495d69 (diff)
downloadFreeBSD-src-620a15402ca567d1bb9f3ff04408b31d5195a26d.zip
FreeBSD-src-620a15402ca567d1bb9f3ff04408b31d5195a26d.tar.gz
Upgrade to 2.31
Diffstat (limited to 'contrib/opie/libopie')
-rw-r--r--contrib/opie/libopie/Makefile.in11
-rw-r--r--contrib/opie/libopie/accessfile.c9
-rw-r--r--contrib/opie/libopie/atob8.c4
-rw-r--r--contrib/opie/libopie/btoa8.c4
-rw-r--r--contrib/opie/libopie/btoe.c4
-rw-r--r--contrib/opie/libopie/btoh.c4
-rw-r--r--contrib/opie/libopie/challenge.c4
-rw-r--r--contrib/opie/libopie/generator.c45
-rw-r--r--contrib/opie/libopie/getsequence.c4
-rw-r--r--contrib/opie/libopie/getutmpentry.c22
-rw-r--r--contrib/opie/libopie/hash.c37
-rw-r--r--contrib/opie/libopie/hashlen.c4
-rw-r--r--contrib/opie/libopie/insecure.c24
-rw-r--r--contrib/opie/libopie/keycrunch.c4
-rw-r--r--contrib/opie/libopie/lock.c87
-rw-r--r--contrib/opie/libopie/login.c50
-rw-r--r--contrib/opie/libopie/logwtmp.c170
-rw-r--r--contrib/opie/libopie/lookup.c4
-rw-r--r--contrib/opie/libopie/md4c.c4
-rw-r--r--contrib/opie/libopie/md5c.c4
-rw-r--r--contrib/opie/libopie/newseed.c8
-rw-r--r--contrib/opie/libopie/open.c4
-rw-r--r--contrib/opie/libopie/parsechallenge.c4
-rw-r--r--contrib/opie/libopie/passcheck.c4
-rw-r--r--contrib/opie/libopie/passwd.c19
-rw-r--r--contrib/opie/libopie/randomchallenge.c4
-rw-r--r--contrib/opie/libopie/readpass.c15
-rw-r--r--contrib/opie/libopie/readrec.c100
-rw-r--r--contrib/opie/libopie/unlock.c8
-rw-r--r--contrib/opie/libopie/verify.c62
-rw-r--r--contrib/opie/libopie/version.c4
-rw-r--r--contrib/opie/libopie/writerec.c25
32 files changed, 446 insertions, 310 deletions
diff --git a/contrib/opie/libopie/Makefile.in b/contrib/opie/libopie/Makefile.in
index 99ab4e7..17ca829 100644
--- a/contrib/opie/libopie/Makefile.in
+++ b/contrib/opie/libopie/Makefile.in
@@ -1,15 +1,18 @@
##
# Makefile.in/Makefile: Directions for building libopie.
#
-# This software is Copyright 1996 by Craig Metz, All Rights Reserved. The Inner
-# Net Copyright Notice and License Agreement version 2.00 applies to this
-# software.
+# %%% copyright-cmetz-96
+# This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
+# The Inner Net License Version 2 applies to this software.
+# You should have received a copy of the license with this software. If
+# you didn't get a copy, you may request one from <license@inner.net>.
#
# History:
#
+# Modified by cmetz for OPIE 2.31. Added logwtmp.o
# Created by cmetz for OPIE 2.3 using old Makefiles as a guide.
-OBJS=md4c.o md5c.o atob8.o btoa8.o btoh.o challenge.o getsequence.o hash.o hashlen.o keycrunch.o lock.o lookup.o newseed.o parsechallenge.o passcheck.o passwd.o randomchallenge.o readpass.o unlock.o verify.o version.o btoe.o accessfile.o generator.o insecure.o getutmpentry.o readrec.o writerec.o login.o open.o
+OBJS=md4c.o md5c.o atob8.o btoa8.o btoh.o challenge.o getsequence.o hash.o hashlen.o keycrunch.o lock.o lookup.o newseed.o parsechallenge.o passcheck.o passwd.o randomchallenge.o readpass.o unlock.o verify.o version.o btoe.o accessfile.o generator.o insecure.o getutmpentry.o readrec.o writerec.o login.o open.o logwtmp.o # sha.o
CC=@CC@
CFLAGS=$(CFL) -I..
diff --git a/contrib/opie/libopie/accessfile.c b/contrib/opie/libopie/accessfile.c
index 7b1866e..39e3d82 100644
--- a/contrib/opie/libopie/accessfile.c
+++ b/contrib/opie/libopie/accessfile.c
@@ -1,8 +1,8 @@
/* accessfile.c: Handle trusted network access file and per-user
overrides.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -15,6 +15,7 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.31. Include syslog.h on debug.
Modified by cmetz for OPIE 2.3. Send debug info to syslog.
Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
Ifdef around some headers. Remove extra semicolon.
@@ -42,6 +43,10 @@ License Agreement applies to this software.
#include <stdlib.h>
#endif /* HAVE_STDLIB_H */
+#ifdef DEBUG
+#include <syslog.h>
+#endif /* DEBUG */
+
#include "opie.h"
int opieaccessfile FUNCTION((host), char *host)
diff --git a/contrib/opie/libopie/atob8.c b/contrib/opie/libopie/atob8.c
index 2c23478..d548ef9 100644
--- a/contrib/opie/libopie/atob8.c
+++ b/contrib/opie/libopie/atob8.c
@@ -1,7 +1,7 @@
/* atob8.c: The opieatob8() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/btoa8.c b/contrib/opie/libopie/btoa8.c
index 8696a74..7e53d40 100644
--- a/contrib/opie/libopie/btoa8.c
+++ b/contrib/opie/libopie/btoa8.c
@@ -1,7 +1,7 @@
/* btoa8.c: The opiebtoa8() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
diff --git a/contrib/opie/libopie/btoe.c b/contrib/opie/libopie/btoe.c
index e402e69..7cd7c29 100644
--- a/contrib/opie/libopie/btoe.c
+++ b/contrib/opie/libopie/btoe.c
@@ -2,8 +2,8 @@
Conversion to/from the six-English-word representation of a
64 bit OTP.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/btoh.c b/contrib/opie/libopie/btoh.c
index 68cf75f..11e3c5d 100644
--- a/contrib/opie/libopie/btoh.c
+++ b/contrib/opie/libopie/btoh.c
@@ -1,7 +1,7 @@
/* btoh.c: The opiebtoh() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
diff --git a/contrib/opie/libopie/challenge.c b/contrib/opie/libopie/challenge.c
index d67d495..a52e5fa 100644
--- a/contrib/opie/libopie/challenge.c
+++ b/contrib/opie/libopie/challenge.c
@@ -1,7 +1,7 @@
/* challenge.c: The opiechallenge() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/generator.c b/contrib/opie/libopie/generator.c
index ccd67c7..02167bf 100644
--- a/contrib/opie/libopie/generator.c
+++ b/contrib/opie/libopie/generator.c
@@ -1,7 +1,7 @@
/* generator.c: The opiegenerator() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -9,6 +9,9 @@ you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.31. Renamed "init" to "init-hex".
+ Removed active attack protection support. Fixed fairly
+ bug in how init response was computed (i.e., dead wrong).
Modified by cmetz for OPIE 2.3. Use _opieparsechallenge(). ifdef
around string.h. Output hex responses by default, output
OTP re-init extended responses (same secret) if sequence
@@ -51,12 +54,16 @@ int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *se
if (i = opiekeycrunch(algorithm, key, seed, secret))
return i;
+
if (sequence < 10) {
char newseed[OPIE_SEED_MAX + 1];
- char newkey[8], cko[8], ckn[8], ckxor[8], cv[8];
+ char newkey[8];
char *c;
char buf[OPIE_SEED_MAX + 48 + 1];
+ while (sequence-- != 0)
+ opiehash(key, algorithm);
+
if (opienewseed(strcpy(newseed, seed)) < 0)
return -1;
@@ -66,43 +73,15 @@ int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *se
for (i = 0; i < 499; i++)
opiehash(newkey, algorithm);
- if (opiekeycrunch(algorithm | 0x10, cko, seed, secret))
- return -1;
-
- if (opiekeycrunch(algorithm | 0x10, ckn, newseed, secret))
- return -1;
-
- for (i = 0; i < 8; i++)
- ckxor[i] = cko[i] ^ ckn[i];
-
- strcpy(response, "init:");
+ strcpy(response, "init-hex:");
strcat(response, opiebtoh(buf, key));
sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed);
strcat(response, buf);
strcat(response, opiebtoh(buf, newkey));
- strcat(response, ":");
- strcat(response, opiebtoh(buf, ckxor));
- strcat(response, ":");
-
- c = buf;
- memcpy(c, ckn, sizeof(ckn)); c += sizeof(ckn);
- memcpy(c, key, sizeof(key)); c += sizeof(key);
-#ifdef HAVE_ANSISPRINTF
- c += sprintf(c, "%s 499 %s", algids[algorithm], newseed);
-#else /* HAVE_ANSISPRINTF */
- sprintf(c, "%s 499 %s", algids[algorithm], newseed);
- while(*c) c++;
-#endif /* HAVE_ANSISPRINTF */
- memcpy(c, newkey, sizeof(newkey)); c += sizeof(newkey);
- memcpy(c, ckxor, sizeof(ckxor)); c += sizeof(ckxor);
- memcpy(c, ckn, sizeof(ckn)); c += sizeof(ckn);
- opiehashlen(algorithm, buf, cv, (unsigned int)c - (unsigned int)buf);
-
- strcat(response, opiebtoh(buf, cv));
} else {
while (sequence-- != 0)
opiehash(key, algorithm);
-
+
opiebtoh(response, key);
}
diff --git a/contrib/opie/libopie/getsequence.c b/contrib/opie/libopie/getsequence.c
index f0a6e78..44a34ce 100644
--- a/contrib/opie/libopie/getsequence.c
+++ b/contrib/opie/libopie/getsequence.c
@@ -1,7 +1,7 @@
/* getsequence.c: The opiegetsequence() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/getutmpentry.c b/contrib/opie/libopie/getutmpentry.c
index 8013f87..1c9ed0f 100644
--- a/contrib/opie/libopie/getutmpentry.c
+++ b/contrib/opie/libopie/getutmpentry.c
@@ -1,13 +1,14 @@
/* getutmpentry.c: The __opiegetutmpentry() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.31. Cache result.
Created by cmetz for OPIE 2.3 (re-write).
*/
@@ -18,6 +19,7 @@ you didn't get a copy, you may request one from <license@inner.net>.
#if DOUTMPX
#include <utmpx.h>
+#define setutent setutxent
#define getutline(x) getutxline(x)
#define utmp utmpx
#endif /* DOUTMPX */
@@ -31,30 +33,40 @@ you didn't get a copy, you may request one from <license@inner.net>.
#endif /* DEBUG */
#include "opie.h"
-#if !HAVE_GETUTLINE
+#if !HAVE_GETUTLINE && !DOUTMPX
struct utmp *getutline __P((struct utmp *));
-#endif /* HAVE_GETUTLINE */
+#endif /* HAVE_GETUTLINE && !DOUTMPX */
+
+static struct utmp u;
int __opiegetutmpentry FUNCTION((line, utmp), char *line AND struct utmp *utmp)
{
- struct utmp u, *pu;
+ struct utmp *pu;
+
+ if (u.ut_line[0]) {
+ pu = &u;
+ goto gotit;
+ };
memset(&u, 0, sizeof(u));
if (!strncmp(line, "/dev/", 5)) {
strncpy(u.ut_line, line + 5, sizeof(u.ut_line));
+ setutent();
if ((pu = getutline(&u)))
goto gotit;
#ifdef hpux
strcpy(u.ut_line, "pty/");
strncpy(u.ut_line + 4, line + 5, sizeof(u.ut_line) - 4);
+ setutent();
if ((pu = getutline(&u)))
goto gotit;
#endif /* hpux */
}
strncpy(u.ut_line, line, sizeof(u.ut_line));
+ setutent();
if ((pu = getutline(&u)))
goto gotit;
diff --git a/contrib/opie/libopie/hash.c b/contrib/opie/libopie/hash.c
index 4029fa9..4b72d6b 100644
--- a/contrib/opie/libopie/hash.c
+++ b/contrib/opie/libopie/hash.c
@@ -1,24 +1,24 @@
/* hash.c: The opiehash() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Updated by cmetz for OPIE 2.31. Added SHA support (which may
+ not be correct). Backed out previous optimizations as
+ they killed thread-safety.
Created by cmetz for OPIE 2.3 using the old hash.c as a guide.
*/
#include "opie_cfg.h"
-#include "opie.h"
-
-static struct opiemdx_ctx mdx;
-static UINT4 mdx_tmp[4];
#if 0
-static SHA_INFO sha;
+#include "sha.h"
#endif /* 0 */
+#include "opie.h"
VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm)
{
@@ -27,26 +27,39 @@ VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm)
switch(algorithm) {
#if 0
case 3:
- sha_init(&sha);
- sha_update(&sha, (BYTE *)x, 8);
- sha_final(&sha);
- results[0] = sha.digest[0] ^ sha.digest[2] ^ sha.digest[4];
- results[1] = sha.digest[1] ^ sha.digest[3] ^ sha.digest[5];
+ {
+ SHA_CTX sha;
+ SHAInit(&sha);
+ SHAUpdate(&sha, (unsigned char *)x, 8);
+ SHAFinal(&sha);
+ results[0] = sha.buffer[0] ^ sha.buffer[2] ^ sha.buffer[4];
+ results[1] = sha.buffer[1] ^ sha.buffer[3];
+ };
break;
#endif /* 0 */
case 4:
+ {
+ struct opiemdx_ctx mdx;
+ UINT4 mdx_tmp[4];
+
opiemd4init(&mdx);
opiemd4update(&mdx, (unsigned char *)x, 8);
opiemd4final((unsigned char *)mdx_tmp, &mdx);
results[0] = mdx_tmp[0] ^ mdx_tmp[2];
results[1] = mdx_tmp[1] ^ mdx_tmp[3];
+ };
break;
case 5:
+ {
+ struct opiemdx_ctx mdx;
+ UINT4 mdx_tmp[4];
+
opiemd5init(&mdx);
opiemd5update(&mdx, (unsigned char *)x, 8);
opiemd5final((unsigned char *)mdx_tmp, &mdx);
results[0] = mdx_tmp[0] ^ mdx_tmp[2];
results[1] = mdx_tmp[1] ^ mdx_tmp[3];
+ };
break;
}
}
diff --git a/contrib/opie/libopie/hashlen.c b/contrib/opie/libopie/hashlen.c
index 110eef4..f1463d2 100644
--- a/contrib/opie/libopie/hashlen.c
+++ b/contrib/opie/libopie/hashlen.c
@@ -1,7 +1,7 @@
/* hashlen.c: The opiehashlen() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
diff --git a/contrib/opie/libopie/insecure.c b/contrib/opie/libopie/insecure.c
index afab006..999d6e7 100644
--- a/contrib/opie/libopie/insecure.c
+++ b/contrib/opie/libopie/insecure.c
@@ -1,7 +1,7 @@
/* insecure.c: The opieinsecure() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -14,6 +14,7 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.31. Fixed a logic bug. Call endut[x]ent().
Modified by cmetz for OPIE 2.3. Added result caching. Use
__opiegetutmpentry(). Ifdef around ut_host check. Eliminate
unused variable.
@@ -37,6 +38,7 @@ License Agreement applies to this software.
#if DOUTMPX
#include <utmpx.h>
#define utmp utmpx
+#define endutent endutxent
#endif /* DOUTMPX */
#if HAVE_SYS_UTSNAME_H
@@ -45,6 +47,8 @@ License Agreement applies to this software.
#include "opie.h"
+char *remote_terms[] = { "xterm", "xterms", "kterm", NULL };
+
int opieinsecure FUNCTION_NOARGS
{
#ifndef NO_INSECURE_CHECK
@@ -89,7 +93,7 @@ int opieinsecure FUNCTION_NOARGS
int n2 = s - display_name;
if (n < n2)
n2 = n;
- if (!strncmp(utsname.nodename, display_name, n))
+ if (!strncmp(utsname.nodename, display_name, n2))
insecure = 0;
} /* endif display_name is '.' */
} /* endif hostname != display_name */
@@ -106,12 +110,19 @@ int opieinsecure FUNCTION_NOARGS
with an rlogin or telnet to our system. If it were a local
xterm, then the DISPLAY environment variable would
have to exist. rja */
- if (!display_name && !term_name && !strcmp("xterm", term_name))
- return (result = 1);
+ if (!display_name && term_name) {
+ int i;
+ for (i = 0; remote_terms[i]; i++)
+ if (!strcmp(term_name, remote_terms[i]))
+ return (result = 1);
+ };
#if HAVE_UT_HOST
memset(&utmp, 0, sizeof(struct utmp));
- if (!__opiegetutmpentry(ttyname(0), &utmp) && utmp.ut_host[0]) {
+ {
+ int i = __opiegetutmpentry(ttyname(0), &utmp);
+ endutent();
+ if (!i && utmp.ut_host[0]) {
insecure = 1;
if (s = strchr(utmp.ut_host, ':')) {
@@ -135,6 +146,7 @@ int opieinsecure FUNCTION_NOARGS
}
}
}
+ };
#endif /* HAVE_UT_HOST */
if (insecure)
return (result = 1);
diff --git a/contrib/opie/libopie/keycrunch.c b/contrib/opie/libopie/keycrunch.c
index 7df86d9..fccdc3c 100644
--- a/contrib/opie/libopie/keycrunch.c
+++ b/contrib/opie/libopie/keycrunch.c
@@ -1,7 +1,7 @@
/* keycrunch.c: The opiekeycrunch() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
diff --git a/contrib/opie/libopie/lock.c b/contrib/opie/libopie/lock.c
index d6ea56e..40999de 100644
--- a/contrib/opie/libopie/lock.c
+++ b/contrib/opie/libopie/lock.c
@@ -1,7 +1,7 @@
/* lock.c: The opielock() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -14,6 +14,8 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.31. Put locks in a separate dir.
+ Bug fixes.
Modified by cmetz for OPIE 2.3. Do refcounts whether or not we
actually lock. Fixed USER_LOCKING=0 case.
Modified by cmetz for OPIE 2.22. Added reference count for locks.
@@ -33,12 +35,19 @@ License Agreement applies to this software.
#if HAVE_UNISTD_H
#include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#include <sys/stat.h>
+#include <syslog.h>
#include <fcntl.h>
#if HAVE_STDLIB_H
#include <stdlib.h>
#endif /* HAVE_STDLIB_H */
+#include <errno.h>
#include "opie.h"
+#if !HAVE_LSTAT
+#define lstat(x, y) stat(x, y)
+#endif /* !HAVE_LSTAT */
+
int __opie_lockrefcount = 0;
#if USER_LOCKING
@@ -75,22 +84,70 @@ int opielock FUNCTION((principal), char *principal)
#if USER_LOCKING
int fh, waits = 0, rval = -1, pid, t, i;
char buffer[128], buffer2[128], *c, *c2;
+ struct stat statbuf[2];
+
+ if (getuid() && geteuid()) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opielock: requires superuser priveleges");
+#endif /* DEBUG */
+ return -1;
+ };
if (__opie_lockfilename) {
__opie_lockrefcount++;
return 0;
}
- if (!(__opie_lockfilename = (char *)malloc(sizeof(OPIE_LOCK_PREFIX) + strlen(principal))))
+ if (!(__opie_lockfilename = (char *)malloc(sizeof(OPIE_LOCK_DIR) + 1 + strlen(principal))))
+ return -1;
+
+ strcpy(__opie_lockfilename, OPIE_LOCK_DIR);
+
+ if (mkdir(__opie_lockfilename, 0700) < 0)
+ if (errno != EEXIST)
+ return -1;
+
+ if (lstat(__opie_lockfilename, &statbuf[0]) < 0)
+ return -1;
+
+ if (statbuf[0].st_uid) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opielock: %s isn't owned by the superuser.", __opie_lockfilename);
+#endif /* DEBUG */
+ return -1;
+ };
+
+ if (!S_ISDIR(statbuf[0].st_mode)) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opielock: %s isn't a directory.", __opie_lockfilename);
+#endif /* DEBUG */
+ return -1;
+ };
+
+ if ((statbuf[0].st_mode & 0777) != 00700) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opielock: permissions on %s are not correct.", __opie_lockfilename);
+#endif /* DEBUG */
return -1;
+ };
- strcpy(__opie_lockfilename, OPIE_LOCK_PREFIX);
+ strcat(__opie_lockfilename, "/");
strcat(__opie_lockfilename, principal);
- fh = 0;
- while (!fh)
+ fh = -1;
+ while (fh < 0) {
+ if (!lstat(__opie_lockfilename, &statbuf[0]))
+ if (!S_ISREG(statbuf[0].st_mode))
+ goto lockret;
+
if ((fh = open(__opie_lockfilename, O_WRONLY | O_CREAT | O_EXCL, 0600)) < 0) {
- if ((fh = open(__opie_lockfilename, O_RDWR, 0600)) < 0)
+ if (lstat(__opie_lockfilename, &statbuf[1]) < 0)
+ goto lockret;
+ if (statbuf[0].st_ino != statbuf[1].st_ino)
+ goto lockret;
+ if (statbuf[0].st_mode != statbuf[1].st_mode)
+ goto lockret;
+ if ((fh = open(__opie_lockfilename, O_RDONLY, 0600)) < 0)
goto lockret;
if ((i = read(fh, buffer, sizeof(buffer))) <= 0)
goto lockret;
@@ -114,7 +171,7 @@ int opielock FUNCTION((principal), char *principal)
if (!(t = atoi(c)))
break;
- if ((time(0) + OPIE_LOCK_TIMEOUT) < t)
+ if ((t + OPIE_LOCK_TIMEOUT) < time(0))
break;
if (kill(pid, 0))
@@ -128,6 +185,14 @@ int opielock FUNCTION((principal), char *principal)
goto lockret;
};
};
+ };
+
+ if (lstat(__opie_lockfilename, &statbuf[0]) < 0)
+ goto lockret;
+ if (fstat(fh, &statbuf[1]) < 0)
+ goto lockret;
+ if (!S_ISREG(statbuf[0].st_mode) || (statbuf[0].st_mode != statbuf[1].st_mode) || (statbuf[0].st_ino != statbuf[1].st_ino))
+ goto lockret;
sprintf(buffer, "%d\n%d\n", getpid(), time(0));
i = strlen(buffer) + 1;
@@ -165,8 +230,12 @@ int opielock FUNCTION((principal), char *principal)
atexit(opieunlockaeh);
lockret:
- if (fh)
+ if (fh >= 0)
close(fh);
+ if (!__opie_lockrefcount) {
+ free (__opie_lockfilename);
+ __opie_lockfilename = NULL;
+ };
return rval;
#else /* USER_LOCKING */
__opie_lockrefcount++;
diff --git a/contrib/opie/libopie/login.c b/contrib/opie/libopie/login.c
index d70280f..f7082c9 100644
--- a/contrib/opie/libopie/login.c
+++ b/contrib/opie/libopie/login.c
@@ -1,13 +1,18 @@
/* login.c: The opielogin() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.31. If the OS won't tell us where
+ _PATH_WTMP[X] is, try playing the SVID game, then use
+ Autoconf-discovered values. Fixed gettimeofday() call
+ and updwtmpx() call. Call endutxent for utmpx. Added
+ DISABLE_UTMP.
Created by cmetz for OPIE 2.3.
*/
@@ -19,6 +24,7 @@ you didn't get a copy, you may request one from <license@inner.net>.
#if DOUTMPX
#include <utmpx.h>
#define pututline(x) pututxline(x)
+#define endutent endutxent
#define utmp utmpx
#endif /* DOUTMPX */
@@ -37,6 +43,7 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h
struct utmp u;
int rval = 0;
+#if !DISABLE_UTMP
if (__opiegetutmpentry(line, &u)) {
#if DEBUG
syslog(LOG_DEBUG, "opielogin: __opiegetutmpentry(line=%s, &u) failed", line);
@@ -60,21 +67,21 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h
#if HAVE_UT_NAME
strncpy(u.ut_name, name, sizeof(u.ut_name));
- u.ut_name[sizeof(u.ut_name)] = 0;
+ u.ut_name[sizeof(u.ut_name)-1] = 0;
#else /* HAVE_UT_NAME */
#error No ut_name field in struct utmp? (Please send in a bug report)
#endif /* HAVE_UT_NAME */
#if HAVE_UT_HOST
strncpy(u.ut_host, host, sizeof(u.ut_host));
- u.ut_host[sizeof(u.ut_host)] = 0;
+ u.ut_host[sizeof(u.ut_host)-1] = 0;
#endif /* HAVE_UT_HOST */
#if DOUTMPX
#ifdef HAVE_ONE_ARG_GETTIMEOFDAY
- gettimeofday(&u->ut_tv);
+ gettimeofday(&u.ut_tv);
#else /* HAVE_ONE_ARG_GETTIMEOFDAY */
- gettimeofday(&u->ut_tv, NULL);
+ gettimeofday(&u.ut_tv, NULL);
#endif /* HAVE_ONE_ARG_GETTIMEOFDAY */
#else /* DOUTMPX */
time(&u.ut_time);
@@ -86,36 +93,11 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h
#if DEBUG
syslog(LOG_DEBUG, "opielogin: utmp suceeded");
#endif /* DEBUG */
+#endif /* !DISABLE_UTMP */
dowtmp:
- {
- FILE *f;
-
-#if DOUTMPX
- updutmpx(_PATH_WTMPX, &u);
-#else /* DOUTMPX */
- if (!(f = __opieopen(_PATH_WTMP, 2, 0664))) {
- rval = -1;
-#if DEBUG
- syslog(LOG_DEBUG, "opielogin: wtmp open failed: %s (%d)", strerror(errno), errno);
-#endif /* DEBUG */
- goto dosetlogin;
- }
-
- if (fwrite(&u, sizeof(struct utmp), 1, f) != sizeof(struct utmp)) {
-#if DEBUG
- syslog(LOG_DEBUG, "opielogin: wtmp write failed: %s (%d)", strerror(errno), errno);
-#endif /* DEBUG */
- rval = -1;
- }
-
- fclose(f);
-#endif /* DOUTMPX */
- }
-
-#if DEBUG
- syslog(LOG_DEBUG, "opielogin: wtmp suceeded");
-#endif /* DEBUG */
+ opielogwtmp(line, name, host);
+ opielogwtmp(NULL, NULL, NULL);
dosetlogin:
#if HAVE_SETLOGIN
diff --git a/contrib/opie/libopie/logwtmp.c b/contrib/opie/libopie/logwtmp.c
new file mode 100644
index 0000000..efc1def
--- /dev/null
+++ b/contrib/opie/libopie/logwtmp.c
@@ -0,0 +1,170 @@
+/* logwtmp.c: Put an entry in the wtmp file.
+
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
+Reserved. The Inner Net License Version 2 applies to these portions of
+the software.
+You should have received a copy of the license with this software. If
+you didn't get a copy, you may request one from <license@inner.net>.
+
+Portions of this software are Copyright 1995 by Randall Atkinson and Dan
+McDonald, All Rights Reserved. All Rights under this copyright are assigned
+to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
+License Agreement applies to this software.
+
+ History:
+
+ Modified by cmetz for OPIE 2.31. Move wtmp log functions here, to
+ improve portability. Added DISABLE_WTMP.
+ Modified by cmetz for OPIE 2.22. Call gettimeofday() properly.
+ Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
+ Ifdef around some headers. Added file close hook.
+ Modified at NRL for OPIE 2.1. Set process type for HPUX.
+ Modified at NRL for OPIE 2.0.
+ Originally from BSD.
+*/
+/*
+ * Copyright (c) 1988 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+#include "opie_cfg.h"
+
+#include <sys/types.h>
+#if HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif /* HAVE_SYS_TIME_H */
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <utmp.h>
+#if HAVE_UNISTD_H
+#include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#if HAVE_STRING_H
+#include <string.h>
+#endif /* HAVE_STRING_H */
+
+#include "opie.h"
+
+static int fd = -1;
+
+#if DOUTMPX
+static int fdx = -1;
+#include <utmpx.h>
+#endif /* DOUTMPX */
+
+#ifndef _PATH_WTMP
+#ifdef WTMP_FILE
+#define _PATH_WTMP WTMP_FILE
+#else /* WTMP_FILE */
+#ifdef PATH_WTMP_AC
+#define _PATH_WTMP PATH_WTMP_AC
+#endif /* PATH_WTMP_AC */
+#endif /* WTMP_FILE */
+#endif /* _PATH_WTMP */
+
+#ifndef _PATH_WTMPX
+#ifdef WTMPX_FILE
+#define _PATH_WTMPX WTMPX_FILE
+#else /* WTMPX_FILE */
+#ifdef PATH_WTMPX_AC
+#define _PATH_WTMPX PATH_WTMPX_AC
+#endif /* PATH_WTMPX_AC */
+#endif /* WTMPX_FILE */
+#endif /* _PATH_WTMPX */
+
+/*
+ * Modified version of logwtmp that holds wtmp file open
+ * after first call, for use with ftp (which may chroot
+ * after login, but before logout).
+ */
+VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND char *host)
+{
+#if !DISABLE_WTMP
+ struct utmp ut;
+
+#if DOUTMPX && defined(_PATH_WTMPX)
+ struct utmpx utx;
+#endif /* DOUTMPX && defined(_PATH_WTMPX) */
+ struct stat buf;
+
+ memset(&ut, 0, sizeof(struct utmp));
+
+ if (!line) {
+ close(fd);
+#if DOUTMPX && defined(_PATH_WTMPX)
+ close(fdx);
+#endif /* DOUTMPX && defined(_PATH_WTMPX) */
+ }
+
+ if (fd < 0 && (fd = open(_PATH_WTMP, O_WRONLY | O_APPEND, 0)) < 0)
+ return;
+ if (fstat(fd, &buf) == 0) {
+#if HAVE_UT_TYPE && defined(USER_PROCESS)
+ ut.ut_type = USER_PROCESS;
+#endif /* HAVE_UT_TYPE && defined(USER_PROCESS) */
+#if HAVE_UT_PID
+ ut.ut_pid = getpid();
+#endif /* HAVE_UT_PID */
+ strncpy(ut.ut_line, line, sizeof(ut.ut_line));
+ strncpy(ut.ut_name, name, sizeof(ut.ut_name));
+#if !DOUTMPX
+ strncpy(ut.ut_host, host, sizeof(ut.ut_host));
+#endif /* !DOUTMPX */
+ time(&ut.ut_time);
+ if (write(fd, (char *) &ut, sizeof(struct utmp)) !=
+ sizeof(struct utmp))
+ ftruncate(fd, buf.st_size);
+ }
+
+#if DOUTMPX && defined(_PATH_WTMPX)
+ memset(&utx, 0, sizeof(struct utmpx));
+
+ if (fdx < 0 && (fdx = open(_PATH_WTMPX, O_WRONLY | O_APPEND, 0)) < 0)
+ return;
+ if (fstat(fdx, &buf) == 0) {
+ strncpy(utx.ut_line, line, sizeof(utx.ut_line));
+ strncpy(utx.ut_name, name, sizeof(utx.ut_name));
+ strncpy(utx.ut_host, host, sizeof(utx.ut_host));
+#if HAVE_GETTIMEOFDAY
+#if HAVE_ONE_ARG_GETTIMEOFDAY
+ gettimeofday(&utx.ut_tv);
+#else /* HAVE_ONE_ARG_GETTIMEOFDAY */
+ gettimeofday(&utx.ut_tv, NULL);
+#endif /* HAVE_ONE_ARG_GETTIMEOFDAY */
+#endif /* HAVE_GETTIMEOFDAY */
+ if (write(fdx, (char *) &utx, sizeof(struct utmpx)) != sizeof(struct utmpx))
+ ftruncate(fdx, buf.st_size);
+ }
+#endif /* DOUTMPX && defined(_PATH_WTMPX) */
+#endif /* !DISABLE_WTMP */
+}
diff --git a/contrib/opie/libopie/lookup.c b/contrib/opie/libopie/lookup.c
index e3df681..39fab48 100644
--- a/contrib/opie/libopie/lookup.c
+++ b/contrib/opie/libopie/lookup.c
@@ -1,7 +1,7 @@
/* lookup.c: The opielookup() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
diff --git a/contrib/opie/libopie/md4c.c b/contrib/opie/libopie/md4c.c
index fd46857..343cb8f 100644
--- a/contrib/opie/libopie/md4c.c
+++ b/contrib/opie/libopie/md4c.c
@@ -1,7 +1,7 @@
/* md4c.c: "RSA Data Security, Inc. MD4 Message-Digest Algorithm"
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/md5c.c b/contrib/opie/libopie/md5c.c
index 6b20508..d2a9390 100644
--- a/contrib/opie/libopie/md5c.c
+++ b/contrib/opie/libopie/md5c.c
@@ -1,8 +1,8 @@
/* md5c.c: "RSA Data Security, Inc. MD5 Message-Digest Algorithm"
"derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm"
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/newseed.c b/contrib/opie/libopie/newseed.c
index af4cac7..5073850 100644
--- a/contrib/opie/libopie/newseed.c
+++ b/contrib/opie/libopie/newseed.c
@@ -1,17 +1,21 @@
/* newseed.c: The opienewseed() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.31. Added time.h.
Created by cmetz for OPIE 2.22.
*/
#include "opie_cfg.h"
+#if HAVE_TIME_H
+#include <time.h>
+#endif /* HAVE_TIME_H */
#if HAVE_STRING_H
#include <string.h>
#endif /* HAVE_STRING_H */
diff --git a/contrib/opie/libopie/open.c b/contrib/opie/libopie/open.c
index 0082c34..3a1dccc 100644
--- a/contrib/opie/libopie/open.c
+++ b/contrib/opie/libopie/open.c
@@ -1,7 +1,7 @@
/* open.c: The __opieopen() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
diff --git a/contrib/opie/libopie/parsechallenge.c b/contrib/opie/libopie/parsechallenge.c
index 9dca1e6..e3e314e 100644
--- a/contrib/opie/libopie/parsechallenge.c
+++ b/contrib/opie/libopie/parsechallenge.c
@@ -1,7 +1,7 @@
/* parsechallenge.c: The _opieparsechallenge() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
diff --git a/contrib/opie/libopie/passcheck.c b/contrib/opie/libopie/passcheck.c
index 3b30d70..8d60931 100644
--- a/contrib/opie/libopie/passcheck.c
+++ b/contrib/opie/libopie/passcheck.c
@@ -1,7 +1,7 @@
/* passcheck.c: The opiepasscheck() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/passwd.c b/contrib/opie/libopie/passwd.c
index e50bf17..17df424 100644
--- a/contrib/opie/libopie/passwd.c
+++ b/contrib/opie/libopie/passwd.c
@@ -1,17 +1,19 @@
/* passwd.c: The opiepasswd() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.31. Removed active attack protection
+ support.
Modified by cmetz for OPIE 2.3. Split most of the function off
- and turned this into a front-end for the new __opiewriterec().
- Added code to compute the key from the secret. Use the opie_
- prefix. Use new opieatob8() and opiebtoa8() return values.
+ and turned this into a front-end for the new __opiewriterec().
+ Added code to compute the key from the secret. Use the opie_
+ prefix. Use new opieatob8() and opiebtoa8() return values.
Created by cmetz for OPIE 2.22.
*/
@@ -31,7 +33,6 @@ int opiepasswd FUNCTION((old, mode, principal, n, seed, ks), struct opie *old AN
if (old) {
opie.opie_flags = old->opie_flags;
opie.opie_recstart = old->opie_recstart;
- opie.opie_extrecstart = old->opie_extrecstart;
}
opie.opie_principal = principal;
@@ -48,12 +49,6 @@ int opiepasswd FUNCTION((old, mode, principal, n, seed, ks), struct opie *old AN
opiehash(key, MDX);
if (!(opie.opie_val = opiebtoa8(opie.opie_buf, key)))
return -1;
-
- if (opiekeycrunch(MDX | 0x10, key, seed, ks))
- return -1;
-
- if (!(opie.opie_reinitkey = opiebtoa8(opie.opie_extbuf, key)))
- return -1;
} else {
if ((opieetob(key, ks) != 1) && !opieatob8(key, ks))
return 1;
diff --git a/contrib/opie/libopie/randomchallenge.c b/contrib/opie/libopie/randomchallenge.c
index 6e0d5b7..021da77 100644
--- a/contrib/opie/libopie/randomchallenge.c
+++ b/contrib/opie/libopie/randomchallenge.c
@@ -1,7 +1,7 @@
/* randomchallenge.c: The opierandomchallenge() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/readpass.c b/contrib/opie/libopie/readpass.c
index 4dc22e2..48b5699 100644
--- a/contrib/opie/libopie/readpass.c
+++ b/contrib/opie/libopie/readpass.c
@@ -1,7 +1,7 @@
/* readpass.c: The opiereadpass() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -14,6 +14,9 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.31. Use usleep() to delay after setting
+ the terminal attributes; this might help certain buggy
+ systems.
Modified by cmetz for OPIE 2.3. Use TCSAFLUSH always.
Modified by cmetz for OPIE 2.22. Replaced echo w/ flags.
Really use FUNCTION.
@@ -194,8 +197,16 @@ char *opiereadpass FUNCTION((buf, len, flags), char *buf AND int len AND int fla
}
#endif /* VEOF */
+#if HAVE_USLEEP
+ usleep(1);
+#endif /* HAVE_USLEEP */
+
if (tcsetattr(0, TCSAFLUSH, &attr))
goto error;
+
+#if HAVE_USLEEP
+ usleep(1);
+#endif /* HAVE_USLEEP */
}
#else /* unix */
erase[0] = CONTROL('H');
diff --git a/contrib/opie/libopie/readrec.c b/contrib/opie/libopie/readrec.c
index c98daaa..d26002d 100644
--- a/contrib/opie/libopie/readrec.c
+++ b/contrib/opie/libopie/readrec.c
@@ -1,19 +1,23 @@
/* readrec.c: The __opiereadrec() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.31. Removed active attack protection
+ support. Fixed a debug message typo. Keep going after bogus
+ records. Set read flag.
Created by cmetz for OPIE 2.3.
*/
#include "opie_cfg.h"
#include <stdio.h>
#include <sys/types.h>
+#include <errno.h>
#if HAVE_UNISTD_H
#include <unistd.h>
#endif /* HAVE_UNISTD_H */
@@ -66,61 +70,29 @@ static int parserec FUNCTION((opie), struct opie *opie)
return 0;
}
-static int parseextrec FUNCTION((opie), struct opie *opie)
-{
- char *c;
-
- if (!(c = strchr(opie->opie_extbuf, ' ')))
- return -1;
-
- *(c++) = 0;
- while(*c == ' ') c++;
-
- if (!(c = strchr(opie->opie_reinitkey = c, ' ')))
- return -1;
-
- *(c++) = 0;
-
- return 0;
-}
-
int __opiereadrec FUNCTION((opie), struct opie *opie)
{
- FILE *f = NULL, *f2 = NULL;
+ FILE *f = NULL;
int rval = -1;
- if (!(f = __opieopen(STD_KEY_FILE, 0, 0644))) {
+ if (!(f = __opieopen(KEY_FILE, 0, 0644))) {
#if DEBUG
- syslog(LOG_DEBUG, "__opiereadrec: __opieopen(STD_KEY_FILE..) failed!");
+ syslog(LOG_DEBUG, "__opiereadrec: __opieopen(KEY_FILE..) failed!");
#endif /* DEBUG */
goto ret;
}
- if (!(f2 = __opieopen(EXT_KEY_FILE, 0, 0600))) {
-#if DEBUG
- syslog(LOG_DEBUG, "__opiereadrec: __opieopen(EXT_KEY_FILE..) failed!");
-#endif /* DEBUG */
- }
-
{
int i;
- if ((i = open(STD_KEY_FILE, O_RDWR)) < 0) {
+ if ((i = open(KEY_FILE, O_RDWR)) < 0) {
opie->opie_flags &= ~__OPIE_FLAGS_RW;
#if DEBUG
- syslog(LOG_DEBUG, "__opiereadrec: open(STD_KEY_FILE, O_RDWR) failed: %s", strerror(errno));
+ syslog(LOG_DEBUG, "__opiereadrec: open(KEY_FILE, O_RDWR) failed: %s", strerror(errno));
#endif /* DEBUG */
} else {
close(i);
- if ((i = open(EXT_KEY_FILE, O_RDWR)) < 0) {
- opie->opie_flags &= ~__OPIE_FLAGS_RW;
-#if DEBUG
- syslog(LOG_DEBUG, "__opiereadrec: open(STD_KEY_FILE, O_RDWR) failed: %s", strerror(errno));
-#endif /* DEBUG */
- } else {
- close(i);
- opie->opie_flags |= __OPIE_FLAGS_RW;
- }
+ opie->opie_flags |= __OPIE_FLAGS_RW;
}
}
@@ -134,31 +106,14 @@ int __opiereadrec FUNCTION((opie), struct opie *opie)
if (parserec(opie))
goto ret;
- if (opie->opie_extbuf[0]) {
- if (!f2) {
-#if DEBUG
- syslog(LOG_DEBUG, "__opiereadrec: can't read ext file, but could before?");
-#endif /* DEBUG */
- goto ret;
- }
-
- if (fseek(f2, opie->opie_extrecstart, SEEK_SET))
- goto ret;
-
- if (fgets(opie->opie_extbuf, sizeof(opie->opie_extbuf), f2))
- goto ret;
-
- if (parseextrec(opie))
- goto ret;
- }
-
+ opie->opie_flags |= __OPIE_FLAGS_READ;
rval = 0;
goto ret;
}
if (!opie->opie_principal)
return -1;
-
+
{
char *c, principal[OPIE_PRINCIPAL_MAX];
int i;
@@ -180,39 +135,14 @@ int __opiereadrec FUNCTION((opie), struct opie *opie)
}
if (parserec(opie))
- goto ret;
+ continue;
} while (strcmp(principal, opie->opie_principal));
- if (!f2) {
- opie->opie_extbuf[0] = rval = 0;
- goto ret;
- }
-
- do {
- if ((opie->opie_extrecstart = ftell(f2)) < 0)
- goto ret;
-
- if (!fgets(opie->opie_extbuf, sizeof(opie->opie_extbuf), f2)) {
- if (feof(f2)) {
- opie->opie_reinitkey = NULL;
- rval = 0;
- } else
- rval = 1;
- goto ret;
- }
-
- if (parseextrec(opie))
- goto ret;
- } while (strcmp(principal, opie->opie_extbuf));
-
rval = 0;
}
ret:
if (f)
fclose(f);
- if (f2)
- fclose(f2);
return rval;
}
-
diff --git a/contrib/opie/libopie/unlock.c b/contrib/opie/libopie/unlock.c
index 35c266d..4dac0c4 100644
--- a/contrib/opie/libopie/unlock.c
+++ b/contrib/opie/libopie/unlock.c
@@ -1,7 +1,7 @@
/* unlock.c: The opieunlock() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -14,6 +14,7 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.31. Bug fix.
Modified by cmetz for OPIE 2.3. Do refcounts whether or not
we actually lock. Fixed USER_LOCKING=0 case.
Modified by cmetz for OPIE 2.22. Added reference count support.
@@ -77,8 +78,7 @@ int opieunlock FUNCTION_NOARGS
if (!(t = atoi(c)))
goto unlockret;
- if ((pid != getpid()) && (time(NULL) + OPIE_LOCK_TIMEOUT <= t) &&
- (!kill(pid, 0))) {
+ if ((pid != getpid()) && (time(0) <= OPIE_LOCK_TIMEOUT + t) && (!kill(pid, 0))) {
rval = 1;
goto unlockret1;
}
diff --git a/contrib/opie/libopie/verify.c b/contrib/opie/libopie/verify.c
index 7388a8a..52698d41 100644
--- a/contrib/opie/libopie/verify.c
+++ b/contrib/opie/libopie/verify.c
@@ -1,13 +1,16 @@
/* verify.c: The opieverify() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.31. Renamed "init" and "RESPONSE_INIT"
+ to "init-hex" and "RESPONSE_INIT_HEX". Removed active attack
+ protection support.
Created by cmetz for OPIE 2.3 using the old verify.c as a guide.
*/
@@ -20,7 +23,7 @@ you didn't get a copy, you may request one from <license@inner.net>.
#define RESPONSE_STANDARD 0
#define RESPONSE_WORD 1
#define RESPONSE_HEX 2
-#define RESPONSE_INIT 3
+#define RESPONSE_INIT_HEX 3
#define RESPONSE_INIT_WORD 4
#define RESPONSE_UNKNOWN 5
@@ -32,7 +35,7 @@ struct _rtrans {
static struct _rtrans rtrans[] = {
{ RESPONSE_WORD, "word" },
{ RESPONSE_HEX, "hex" },
- { RESPONSE_INIT, "init" },
+ { RESPONSE_INIT_HEX, "init-hex" },
{ RESPONSE_INIT_WORD, "init-word" },
{ RESPONSE_STANDARD, "" },
{ RESPONSE_UNKNOWN, NULL }
@@ -119,11 +122,11 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
i = memcmp(fkey, lastkey, sizeof(key));
}
break;
- case RESPONSE_INIT:
+ case RESPONSE_INIT_HEX:
case RESPONSE_INIT_WORD:
{
char *c2;
- char newkey[8], ckxor[8], ck[8], cv[8], cvc[8];
+ char newkey[8];
char buf[OPIE_SEED_MAX + 48 + 1];
if (!(c2 = strchr(c, ':')))
@@ -131,7 +134,7 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
*(c2++) = 0;
- if (i == RESPONSE_INIT) {
+ if (i == RESPONSE_INIT_HEX) {
if (!opieatob8(key, c))
goto verret;
} else {
@@ -173,56 +176,13 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
*(c2++) = 0;
- if (i == RESPONSE_INIT) {
+ if (i == RESPONSE_INIT_HEX) {
if (!opieatob8(newkey, c))
goto verret;
} else {
if (opieetob(newkey, c) != 1)
goto verret;
}
-
- if (!opie->opie_reinitkey || (opie->opie_reinitkey[0] == '*'))
- goto verwrt;
-
- if (!(c2 = strchr(c = c2, ':')))
- goto verret;
-
- *(c2++) = 0;
-
- if (i == RESPONSE_INIT) {
- if (!opieatob8(ckxor, c))
- goto verret;
- if (!opieatob8(cv, c2))
- goto verret;
- } else {
- if (opieetob(ckxor, c) != 1)
- goto verret;
- if (opieetob(cv, c2) != 1)
- goto verret;
- }
-
- if (!opieatob8(ck, opie->opie_reinitkey))
- goto verret;
-
- c = buf;
- memcpy(c, ck, sizeof(ck)); c += sizeof(ck);
- memcpy(c, key, sizeof(key)); c += sizeof(key);
- c += sprintf(c, "%s 499 %s", algids[MDX], opie->opie_seed);
- memcpy(c, newkey, sizeof(newkey)); c += sizeof(newkey);
- memcpy(c, ckxor, sizeof(ckxor)); c += sizeof(ckxor);
- memcpy(c, ck, sizeof(ck)); c += sizeof(ck);
- opiehashlen(MDX, buf, cvc, (unsigned int)c - (unsigned int)buf);
-
- if (memcmp(cv, cvc, sizeof(cv)))
- goto verret;
-
- for (i = 0; i < 8; i++)
- ck[i] ^= ckxor[i];
-
- if (!opiebtoa8(opie->opie_reinitkey, ck))
- goto verret;
-
- memcpy(key, newkey, sizeof(key));
}
goto verwrt;
case RESPONSE_UNKNOWN:
diff --git a/contrib/opie/libopie/version.c b/contrib/opie/libopie/version.c
index 48b1dc5..11e3394 100644
--- a/contrib/opie/libopie/version.c
+++ b/contrib/opie/libopie/version.c
@@ -1,7 +1,7 @@
/* version.c: The opieversion() library function.
-%%% portions-copyright-cmetz
-Portions of this software are Copyright 1996 by Craig Metz, All Rights
+%%% portions-copyright-cmetz-96
+Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/writerec.c b/contrib/opie/libopie/writerec.c
index 6978669..2246899 100644
--- a/contrib/opie/libopie/writerec.c
+++ b/contrib/opie/libopie/writerec.c
@@ -1,13 +1,15 @@
/* writerec.c: The __opiewriterec() library function.
-%%% copyright-cmetz
-This software is Copyright 1996 by Craig Metz, All Rights Reserved.
+%%% copyright-cmetz-96
+This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.31. Removed active attack protection
+ support. Fixed passwd bug.
Created by cmetz for OPIE 2.3 from passwd.c.
*/
#include "opie_cfg.h"
@@ -46,23 +48,19 @@ int __opiewriterec FUNCTION((opie), struct opie *opie)
if (!(opie->opie_flags & __OPIE_FLAGS_READ)) {
struct opie opie2;
i = opielookup(&opie2, opie->opie_principal);
+ opie->opie_flags = opie2.opie_flags;
+ opie->opie_recstart = opie2.opie_recstart;
}
switch(i) {
case 0:
- if (!(f = __opieopen(STD_KEY_FILE, 1, 0644)))
- return -1;
- if (!(f2 = __opieopen(EXT_KEY_FILE, 1, 0600)))
+ if (!(f = __opieopen(KEY_FILE, 1, 0644)))
return -1;
if (fseek(f, opie->opie_recstart, SEEK_SET))
return -1;
- if (fseek(f2, opie->opie_extrecstart, SEEK_SET))
- return -1;
break;
case 1:
- if (!(f = __opieopen(STD_KEY_FILE, 2, 0644)))
- return -1;
- if (!(f2 = __opieopen(EXT_KEY_FILE, 2, 0600)))
+ if (!(f = __opieopen(KEY_FILE, 2, 0644)))
return -1;
break;
default:
@@ -74,12 +72,5 @@ int __opiewriterec FUNCTION((opie), struct opie *opie)
fclose(f);
- if (f2) {
- if (fprintf(f2, "%-32s %-16s %-77s\n", opie->opie_principal, opie->opie_reinitkey ? opie->opie_reinitkey : __opienone, "") < 1)
- return -1;
-
- fclose(f2);
- }
-
return 0;
}
OpenPOWER on IntegriCloud