diff options
author | ache <ache@FreeBSD.org> | 1997-09-29 10:33:14 +0000 |
---|---|---|
committer | ache <ache@FreeBSD.org> | 1997-09-29 10:33:14 +0000 |
commit | 84d99714d1477366dbfa55ae6ce02a180261fe21 (patch) | |
tree | ef364fe60a840446b1bac6b8e282b719fec563dc /contrib/opie/libopie | |
parent | 0de5e596d7801e4eaca33ff33867f972156e3611 (diff) | |
download | FreeBSD-src-84d99714d1477366dbfa55ae6ce02a180261fe21.zip FreeBSD-src-84d99714d1477366dbfa55ae6ce02a180261fe21.tar.gz |
Merge
Diffstat (limited to 'contrib/opie/libopie')
-rw-r--r-- | contrib/opie/libopie/generator.c | 48 | ||||
-rw-r--r-- | contrib/opie/libopie/hash.c | 42 | ||||
-rw-r--r-- | contrib/opie/libopie/hashlen.c | 4 |
3 files changed, 40 insertions, 54 deletions
diff --git a/contrib/opie/libopie/generator.c b/contrib/opie/libopie/generator.c index 539a1f9..02167bf 100644 --- a/contrib/opie/libopie/generator.c +++ b/contrib/opie/libopie/generator.c @@ -1,7 +1,7 @@ /* generator.c: The opiegenerator() library function. -%%% portions-copyright-cmetz -Portions of this software are Copyright 1996 by Craig Metz, All Rights +%%% portions-copyright-cmetz-96 +Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -9,6 +9,9 @@ you didn't get a copy, you may request one from <license@inner.net>. History: + Modified by cmetz for OPIE 2.31. Renamed "init" to "init-hex". + Removed active attack protection support. Fixed fairly + bug in how init response was computed (i.e., dead wrong). Modified by cmetz for OPIE 2.3. Use _opieparsechallenge(). ifdef around string.h. Output hex responses by default, output OTP re-init extended responses (same secret) if sequence @@ -45,21 +48,22 @@ int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *se if ((sequence < 2) || (sequence > 9999)) return 1; - if (!secret[0]) - return 2; - if (opiepasscheck(secret)) return -2; if (i = opiekeycrunch(algorithm, key, seed, secret)) return i; + if (sequence < 10) { char newseed[OPIE_SEED_MAX + 1]; - char newkey[8], cko[8], ckn[8], ckxor[8], cv[8]; + char newkey[8]; char *c; char buf[OPIE_SEED_MAX + 48 + 1]; + while (sequence-- != 0) + opiehash(key, algorithm); + if (opienewseed(strcpy(newseed, seed)) < 0) return -1; @@ -69,43 +73,15 @@ int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *se for (i = 0; i < 499; i++) opiehash(newkey, algorithm); - if (opiekeycrunch(algorithm | 0x10, cko, seed, secret)) - return -1; - - if (opiekeycrunch(algorithm | 0x10, ckn, newseed, secret)) - return -1; - - for (i = 0; i < 8; i++) - ckxor[i] = cko[i] ^ ckn[i]; - - strcpy(response, "init:"); + strcpy(response, "init-hex:"); strcat(response, opiebtoh(buf, key)); sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed); strcat(response, buf); strcat(response, opiebtoh(buf, newkey)); - strcat(response, ":"); - strcat(response, opiebtoh(buf, ckxor)); - strcat(response, ":"); - - c = buf; - memcpy(c, ckn, sizeof(ckn)); c += sizeof(ckn); - memcpy(c, key, sizeof(key)); c += sizeof(key); -#ifdef HAVE_ANSISPRINTF - c += sprintf(c, "%s 499 %s", algids[algorithm], newseed); -#else /* HAVE_ANSISPRINTF */ - sprintf(c, "%s 499 %s", algids[algorithm], newseed); - while(*c) c++; -#endif /* HAVE_ANSISPRINTF */ - memcpy(c, newkey, sizeof(newkey)); c += sizeof(newkey); - memcpy(c, ckxor, sizeof(ckxor)); c += sizeof(ckxor); - memcpy(c, ckn, sizeof(ckn)); c += sizeof(ckn); - opiehashlen(algorithm, buf, cv, (unsigned int)c - (unsigned int)buf); - - strcat(response, opiebtoh(buf, cv)); } else { while (sequence-- != 0) opiehash(key, algorithm); - + opiebtoh(response, key); } diff --git a/contrib/opie/libopie/hash.c b/contrib/opie/libopie/hash.c index 0f1e497..a2ffca3 100644 --- a/contrib/opie/libopie/hash.c +++ b/contrib/opie/libopie/hash.c @@ -1,27 +1,28 @@ /* hash.c: The opiehash() library function. -%%% copyright-cmetz -This software is Copyright 1996 by Craig Metz, All Rights Reserved. +%%% copyright-cmetz-96 +This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. History: + Updated by cmetz for OPIE 2.31. Added SHA support (which may + not be correct). Backed out previous optimizations as + they killed thread-safety. Created by cmetz for OPIE 2.3 using the old hash.c as a guide. */ #include "opie_cfg.h" +#if 0 +#include "sha.h" +#endif /* 0 */ #include "opie.h" #include <md4.h> #include <md5.h> -static UINT4 mdx_tmp[4]; -#if 0 -static SHA_INFO sha; -#endif /* 0 */ - VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm) { UINT4 *results = (UINT4 *)x; @@ -29,30 +30,39 @@ VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm) switch(algorithm) { #if 0 case 3: - sha_init(&sha); - sha_update(&sha, (BYTE *)x, 8); - sha_final(&sha); - results[0] = sha.digest[0] ^ sha.digest[2] ^ sha.digest[4]; - results[1] = sha.digest[1] ^ sha.digest[3] ^ sha.digest[5]; + { + SHA_CTX sha; + SHAInit(&sha); + SHAUpdate(&sha, (unsigned char *)x, 8); + SHAFinal(&sha); + results[0] = sha.buffer[0] ^ sha.buffer[2] ^ sha.buffer[4]; + results[1] = sha.buffer[1] ^ sha.buffer[3]; + }; break; #endif /* 0 */ - case 4: { + case 4: + { MD4_CTX mdx; + UINT4 mdx_tmp[4]; + MD4Init(&mdx); MD4Update(&mdx, (unsigned char *)x, 8); MD4Final((unsigned char *)mdx_tmp, &mdx); results[0] = mdx_tmp[0] ^ mdx_tmp[2]; results[1] = mdx_tmp[1] ^ mdx_tmp[3]; + }; break; - } - case 5: { + case 5: + { MD5_CTX mdx; + UINT4 mdx_tmp[4]; + MD5Init(&mdx); MD5Update(&mdx, (unsigned char *)x, 8); MD5Final((unsigned char *)mdx_tmp, &mdx); results[0] = mdx_tmp[0] ^ mdx_tmp[2]; results[1] = mdx_tmp[1] ^ mdx_tmp[3]; + }; break; - } } } diff --git a/contrib/opie/libopie/hashlen.c b/contrib/opie/libopie/hashlen.c index 7205004..5668b68 100644 --- a/contrib/opie/libopie/hashlen.c +++ b/contrib/opie/libopie/hashlen.c @@ -1,7 +1,7 @@ /* hashlen.c: The opiehashlen() library function. -%%% copyright-cmetz -This software is Copyright 1996 by Craig Metz, All Rights Reserved. +%%% copyright-cmetz-96 +This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. |