summaryrefslogtreecommitdiffstats
path: root/contrib/opie/libopie
diff options
context:
space:
mode:
authormarkm <markm@FreeBSD.org>2002-03-21 22:50:02 +0000
committermarkm <markm@FreeBSD.org>2002-03-21 22:50:02 +0000
commit4cdfa7814cda254acabe1040a2b2d0c4f5bc4295 (patch)
tree3963fa14a58ff656d6d5388aa2a8a871e994212b /contrib/opie/libopie
parente1012a939e55b506c4b67a7b8b5b03d34d46fcad (diff)
downloadFreeBSD-src-4cdfa7814cda254acabe1040a2b2d0c4f5bc4295.zip
FreeBSD-src-4cdfa7814cda254acabe1040a2b2d0c4f5bc4295.tar.gz
Vendor import of OPIE 2.4
Diffstat (limited to 'contrib/opie/libopie')
-rw-r--r--contrib/opie/libopie/Makefile.in14
-rw-r--r--contrib/opie/libopie/accessfile.c2
-rw-r--r--contrib/opie/libopie/atob8.c6
-rw-r--r--contrib/opie/libopie/btoa8.c8
-rw-r--r--contrib/opie/libopie/btoe.c15
-rw-r--r--contrib/opie/libopie/btoh.c7
-rw-r--r--contrib/opie/libopie/challenge.c8
-rw-r--r--contrib/opie/libopie/generator.c364
-rw-r--r--contrib/opie/libopie/getsequence.c2
-rw-r--r--contrib/opie/libopie/getutmpentry.c4
-rw-r--r--contrib/opie/libopie/hash.c34
-rw-r--r--contrib/opie/libopie/hashlen.c44
-rw-r--r--contrib/opie/libopie/insecure.c28
-rw-r--r--contrib/opie/libopie/keycrunch.c8
-rw-r--r--contrib/opie/libopie/lock.c7
-rw-r--r--contrib/opie/libopie/login.c25
-rw-r--r--contrib/opie/libopie/logwtmp.c27
-rw-r--r--contrib/opie/libopie/lookup.c4
-rw-r--r--contrib/opie/libopie/md4c.c2
-rw-r--r--contrib/opie/libopie/md5c.c2
-rw-r--r--contrib/opie/libopie/newseed.c109
-rw-r--r--contrib/opie/libopie/open.c26
-rw-r--r--contrib/opie/libopie/parsechallenge.c8
-rw-r--r--contrib/opie/libopie/passcheck.c2
-rw-r--r--contrib/opie/libopie/passwd.c16
-rw-r--r--contrib/opie/libopie/randomchallenge.c8
-rw-r--r--contrib/opie/libopie/readpass.c2
-rw-r--r--contrib/opie/libopie/readrec.c19
-rw-r--r--contrib/opie/libopie/unlock.c2
-rw-r--r--contrib/opie/libopie/verify.c67
-rw-r--r--contrib/opie/libopie/version.c2
-rw-r--r--contrib/opie/libopie/writerec.c17
32 files changed, 643 insertions, 246 deletions
diff --git a/contrib/opie/libopie/Makefile.in b/contrib/opie/libopie/Makefile.in
index 2b3c96c..dfc1c6f 100644
--- a/contrib/opie/libopie/Makefile.in
+++ b/contrib/opie/libopie/Makefile.in
@@ -2,30 +2,34 @@
# Makefile.in/Makefile: Directions for building libopie.
#
# %%% copyright-cmetz-96
-# This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-# The Inner Net License Version 2 applies to this software.
+# This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+# The Inner Net License Version 3 applies to this software.
# You should have received a copy of the license with this software. If
# you didn't get a copy, you may request one from <license@inner.net>.
#
# History:
#
+# Modified by cmetz for OPIE 2.4. Add libmissing to include header path.
+# Use ar 'cr' instead of 'r'. Renamed realclean to distclean.
# Modified by cmetz for OPIE 2.31. Added logwtmp.o
# Created by cmetz for OPIE 2.3 using old Makefiles as a guide.
OBJS=md4c.o md5c.o atob8.o btoa8.o btoh.o challenge.o getsequence.o hash.o hashlen.o keycrunch.o lock.o lookup.o newseed.o parsechallenge.o passcheck.o passwd.o randomchallenge.o readpass.o unlock.o verify.o version.o btoe.o accessfile.o generator.o insecure.o getutmpentry.o readrec.o writerec.o login.o open.o logwtmp.o # sha.o
CC=@CC@
-CFLAGS=$(CFL) -I..
+CFLAGS=$(CFL) -I.. -I../libmissing
TARGET=libopie.a
all: $(TARGET)
$(TARGET): $(OBJS)
- ar r $(TARGET) $(OBJS)
+ ar cr $(TARGET) $(OBJS)
@RANLIB@ $(TARGET)
clean:
-rm -f $(OBJS) $(TARGET)
-realclean: clean
+realclean: distclean
+
+distclean: clean
-rm -f *~ core* "\#*\#" *.o *.a Makefile
diff --git a/contrib/opie/libopie/accessfile.c b/contrib/opie/libopie/accessfile.c
index 0fe1d12..8e2765f 100644
--- a/contrib/opie/libopie/accessfile.c
+++ b/contrib/opie/libopie/accessfile.c
@@ -2,7 +2,7 @@
overrides.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/atob8.c b/contrib/opie/libopie/atob8.c
index 78a7d43..77367f1 100644
--- a/contrib/opie/libopie/atob8.c
+++ b/contrib/opie/libopie/atob8.c
@@ -1,7 +1,7 @@
/* atob8.c: The opieatob8() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -14,6 +14,7 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg.
Modified by cmetz for OPIE 2.3. Return the output variable.
Don't check parameters.
Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
@@ -27,10 +28,11 @@ License Agreement applies to this software.
/* Convert 8-byte hex-ascii string to binary array
*/
-char *opieatob8 FUNCTION((out, in), char *out AND char *in)
+char *opieatob8 FUNCTION((out, in), struct opie_otpkey *outkey AND char *in)
{
register int i;
register int val;
+ unsigned char *out = (unsigned char *)outkey;
for (i = 0; i < 8; i++) {
while (*in == ' ' || *in == '\t')
diff --git a/contrib/opie/libopie/btoa8.c b/contrib/opie/libopie/btoa8.c
index 2b3e885..b66306f 100644
--- a/contrib/opie/libopie/btoa8.c
+++ b/contrib/opie/libopie/btoa8.c
@@ -1,13 +1,14 @@
/* btoa8.c: The opiebtoa8() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg.
Created by cmetz for OPIE 2.3 (quick re-write).
*/
@@ -17,9 +18,10 @@ you didn't get a copy, you may request one from <license@inner.net>.
static char hextochar[16] =
{'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
-char *opiebtoa8 FUNCTION((out, in), char *out AND char *in)
+char *opiebtoa8 FUNCTION((out, in), char *out AND struct opie_otpkey *inkey)
{
int i;
+ unsigned char *in = (unsigned char *)inkey;
char *c = out;
for (i = 0; i < 8; i++) {
diff --git a/contrib/opie/libopie/btoe.c b/contrib/opie/libopie/btoe.c
index b7ed3cde..fa91077 100644
--- a/contrib/opie/libopie/btoe.c
+++ b/contrib/opie/libopie/btoe.c
@@ -3,7 +3,7 @@
64 bit OTP.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -16,6 +16,7 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg.
Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
Remove unnecessary address futzing with Wp in opiebtoe.
Changed unsigned long to UINT4 for Alpha.
@@ -2088,13 +2089,13 @@ static char Wp[2048][4] =
};
/* Encode 8 bytes in 'c' as a string of English words. */
-char *opiebtoe FUNCTION((engout, c), char *engout AND char *c)
+char *opiebtoe FUNCTION((engout, c), char *engout AND struct opie_otpkey *c)
{
- char cp[9]; /* add in room for the parity 2 bits */
+ char cp[sizeof(struct opie_otpkey) + 1]; /* add in room for the parity 2 bits */
int p, i;
engout[0] = '\0';
- memcpy(cp, c, 8);
+ memcpy(cp, c, sizeof(struct opie_otpkey));
/* compute parity */
for (p = 0, i = 0; i < 64; i += 2)
p += extract(cp, i, 2);
@@ -2120,7 +2121,7 @@ char *opiebtoe FUNCTION((engout, c), char *engout AND char *c)
* -1 badly formed in put ie > 4 char word
* -2 words OK but parity is wrong
*/
-int opieetob FUNCTION((out, e), char *out AND char *e)
+int opieetob FUNCTION((out, e), struct opie_otpkey *out AND char *e)
{
char *word, *c, *input, b[9];
int i, p, v, l, low, high, rval = -1;
@@ -2137,7 +2138,7 @@ int opieetob FUNCTION((out, e), char *out AND char *e)
strncpy(input, e, i);
input[i] = 0;
memset(b, 0, sizeof(b));
- memset(out, 0, 8);
+ memset(out, 0, sizeof(struct opie_otpkey));
for (i = 0, p = 0, word = c = input; i < 6; i++, p += 11) {
while (*c && !isalpha(*c)) c++;
@@ -2187,7 +2188,7 @@ int opieetob FUNCTION((out, e), char *out AND char *e)
goto opiebtoeret;
}
- memcpy(out, b, 8);
+ memcpy(out, b, sizeof(struct opie_otpkey));
rval = 1;
diff --git a/contrib/opie/libopie/btoh.c b/contrib/opie/libopie/btoh.c
index c5ed150..45fb4c8 100644
--- a/contrib/opie/libopie/btoh.c
+++ b/contrib/opie/libopie/btoh.c
@@ -1,8 +1,8 @@
/* btoh.c: The opiebtoh() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
@@ -17,10 +17,11 @@ you didn't get a copy, you may request one from <license@inner.net>.
static char hextochar[16] =
{'0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'};
-char *opiebtoh FUNCTION((out, in), char *out AND char *in)
+char *opiebtoh FUNCTION((out, in), char *out AND struct opie_otpkey *inkey)
{
int i;
char *c = out;
+ unsigned char *in = (unsigned char *)inkey;
for (i = 0; i < 4; i++) {
*(c++) = hextochar[((*in) >> 4) & 0x0f];
diff --git a/contrib/opie/libopie/challenge.c b/contrib/opie/libopie/challenge.c
index 0f3fec5..149403d 100644
--- a/contrib/opie/libopie/challenge.c
+++ b/contrib/opie/libopie/challenge.c
@@ -1,7 +1,7 @@
/* challenge.c: The opiechallenge() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -66,11 +66,11 @@ int opiechallenge FUNCTION((mp, name, ss), struct opie *mp AND char *name AND ch
#endif /* DEBUG */
}
- if (rval) {
+ if (rval ||
+ (snprintf(ss, OPIE_CHALLENGE_MAX, "otp-%s %d %s ext", algids[MDX], mp->opie_n - 1, mp->opie_seed) >= OPIE_CHALLENGE_MAX)) {
opierandomchallenge(ss);
memset(mp, 0, sizeof(*mp));
- } else
- sprintf(ss, "otp-%s %d %s ext", algids[MDX], mp->opie_n - 1, mp->opie_seed);
+ }
return rval;
}
diff --git a/contrib/opie/libopie/generator.c b/contrib/opie/libopie/generator.c
index 618a131..24c6a73 100644
--- a/contrib/opie/libopie/generator.c
+++ b/contrib/opie/libopie/generator.c
@@ -1,7 +1,7 @@
/* generator.c: The opiegenerator() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -9,6 +9,9 @@ you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. Added opieauto code based on
+ previously released test code. Renamed buffer to challenge.
+ Use struct opie_otpkey for keys.
Modified by cmetz for OPIE 2.32. If secret=NULL, always return
as if opieauto returned "get the secret". Renamed
_opieparsechallenge() to __opieparsechallenge(). Check
@@ -31,73 +34,362 @@ you didn't get a copy, you may request one from <license@inner.net>.
#if HAVE_STRING_H
#include <string.h>
#endif /* HAVE_STRING_H */
+#if OPIEAUTO
+#include <errno.h>
+#if HAVE_STDLIB_H
+#include <stdlib.h>
+#endif /* HAVE_STDLIB_H */
+#include <sys/stat.h>
+
+#include <sys/socket.h>
+#include <sys/un.h>
+#endif /* OPIEAUTO */
+#if DEBUG
+#include <syslog.h>
+#endif /* DEBUG */
#include "opie.h"
static char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" };
-int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *secret AND char *response)
+#if OPIEAUTO
+#ifndef max
+#define max(x, y) (((x) > (y)) ? (x) : (y))
+#endif /* max */
+
+static int opieauto_connect FUNCTION_NOARGS
+{
+ int s;
+ struct sockaddr_un sun;
+ char buffer[1024];
+ char *c, *c2 ="/.opieauto";
+ uid_t myuid = getuid(), myeuid = geteuid();
+
+ if (!myuid || !myeuid || (myuid != myeuid)) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opieauto_connect: superuser and/or setuid not allowed");
+#endif /* DEBUG */
+ return -1;
+ };
+
+ memset(&sun, 0, sizeof(struct sockaddr_un));
+ sun.sun_family = AF_UNIX;
+
+ if (!(c = getenv("HOME"))) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opieauto_connect: no HOME variable?");
+#endif /* DEBUG */
+ return -1;
+ };
+
+ if (strlen(c) > (sizeof(sun.sun_path) - strlen(c2) - 1)) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opieauto_connect: HOME is too long: %s", c);
+#endif /* DEBUG */
+ return -1;
+ };
+
+ strcpy(sun.sun_path, c);
+ strcat(sun.sun_path, c2);
+
+ if ((s = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opieauto_connect: socket: %s(%d)", strerror(errno), errno);
+#endif /* DEBUG */
+ return -1;
+ };
+
+ {
+ struct stat st;
+
+ if (stat(sun.sun_path, &st) < 0) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opieauto_connect: stat: %s(%d)\n", strerror(errno), errno);
+#endif /* DEBUG */
+ goto ret;
+ };
+
+ if (connect(s, (struct sockaddr *)&sun, sizeof(struct sockaddr_un))) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opieauto_connect: connect: %s(%d)\n", strerror(errno), errno);
+#endif /* DEBUG */
+ goto ret;
+ };
+
+ if ((st.st_uid != myuid) || (!S_ISSOCK(st.st_mode)) || ((st.st_mode & 07777) != 0600)) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opieauto_connect: something's fishy about the socket\n");
+#endif /* DEBUG */
+ goto ret;
+ };
+ };
+
+ return s;
+
+ret:
+ close(s);
+ return -1;
+};
+#endif /* OPIEAUTO */
+
+int opiegenerator FUNCTION((challenge, secret, response), char *challenge AND char *secret AND char *response)
{
int algorithm;
int sequence;
char *seed;
- char key[8];
+ struct opie_otpkey key;
int i;
int exts;
+#if OPIEAUTO
+ int s;
+ int window;
+ char cmd[1+1+1+1+4+1+OPIE_SEED_MAX+1+4+1+4+1+4+1+4+1];
+ char *c;
+#endif /* OPIEAUTO */
- if (!(buffer = strstr(buffer, "otp-")))
+ if (!(challenge = strstr(challenge, "otp-")))
return 1;
- buffer += 4;
+ challenge += 4;
- if (__opieparsechallenge(buffer, &algorithm, &sequence, &seed, &exts))
+ if (__opieparsechallenge(challenge, &algorithm, &sequence, &seed, &exts))
return 1;
if ((sequence < 2) || (sequence > 9999))
return 1;
- if (!secret[0])
- return 2;
+ if (*secret) {
+ if (opiepasscheck(secret))
+ return -2;
- if (opiepasscheck(secret))
- return -2;
+ if (i = opiekeycrunch(algorithm, &key, seed, secret))
+ return i;
+
+ if (sequence <= OPIE_SEQUENCE_RESTRICT) {
+ if (!(exts & 1))
+ return 1;
+
+ {
+ char newseed[OPIE_SEED_MAX + 1];
+ struct opie_otpkey newkey;
+ char *c;
+ char buf[OPIE_SEED_MAX + 48 + 1];
+
+ while (sequence-- != 0)
+ opiehash(&key, algorithm);
+
+ if (opienewseed(strcpy(newseed, seed)) < 0)
+ return -1;
+
+ if (opiekeycrunch(algorithm, &newkey, newseed, secret))
+ return -1;
- if (i = opiekeycrunch(algorithm, key, seed, secret))
- return i;
+ for (i = 0; i < 499; i++)
+ opiehash(&newkey, algorithm);
- if (sequence < 10) {
- if (!(exts & 1))
- return 1;
+ strcpy(response, "init-hex:");
+ strcat(response, opiebtoh(buf, &key));
+ if (snprintf(buf, sizeof(buf), ":%s 499 %s:", algids[algorithm],
+ newseed) >= sizeof(buf)) {
+#ifdef DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: snprintf truncation at init-hex");
+#endif /* DEBUG */
+ return -1;
+ }
+ strcat(response, buf);
+ strcat(response, opiebtoh(buf, &newkey));
+ };
+ };
+ };
+
+#if OPIEAUTO
+ if ((s = opieauto_connect()) >= 0) {
+ if ((i = read(s, cmd, sizeof(cmd)-1)) < 0) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: read: %s(%d)\n", strerror(errno), errno);
+#endif /* DEBUG */
+ close(s);
+ s = -1;
+ goto l0;
+ };
+ cmd[i] = 0;
+ if ((cmd[0] != 'C') || (cmd[1] != '+') || (cmd[2] != ' ')) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: got invalid/failing C+ response: %s\n", cmd);
+#endif /* DEBUG */
+ close(s);
+ s = -1;
+ goto l0;
+ };
+
+ window = strtoul(&cmd[3], &c, 10);
+ if (!window || (window >= (OPIE_SEQUENCE_MAX - OPIE_SEQUENCE_RESTRICT)) || !isspace(*c)) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: got bogus option response: %s\n", cmd);
+#endif /* DEBUG */
+ close(s);
+ s = -1;
+ goto l0;
+ };
+ };
+
+l0:
+ if (*secret) {
+ int j;
+
+ if (s < 0) {
+ j = 0;
+ goto l1;
+ };
+
+ j = max(sequence - window + 1, OPIE_SEQUENCE_RESTRICT);
+
+ for (i = j; i > 0; i--)
+ opiehash(&key, algorithm);
{
- char newseed[OPIE_SEED_MAX + 1];
- char newkey[8];
- char *c;
- char buf[OPIE_SEED_MAX + 48 + 1];
+ char buf[16+1];
- while (sequence-- != 0)
- opiehash(key, algorithm);
+ opiebtoa8(buf, &key);
- if (opienewseed(strcpy(newseed, seed)) < 0)
- return -1;
+ if (snprintf(cmd, sizeof(cmd), "S= %d %d %s %s\n", algorithm, sequence,
+ seed, buf) >= sizeof(cmd)) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: snprintf truncation at S=\n");
+#endif /* DEBUG */
+ goto l1;
+ }
+ }
- if (opiekeycrunch(algorithm, newkey, newseed, secret))
- return -1;
+ if (write(s, cmd, i = strlen(cmd)) != i) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: write: %s(%d)\n", strerror(errno), errno);
+#endif /* DEBUG */
+ goto l1;
+ };
- for (i = 0; i < 499; i++)
- opiehash(newkey, algorithm);
+ if ((i = read(s, cmd, sizeof(cmd))) < 0) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: read: %s(%d)\n", strerror(errno), errno);
+#endif /* DEBUG */
+ };
+ close(s);
- strcpy(response, "init-hex:");
- strcat(response, opiebtoh(buf, key));
- sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed);
- strcat(response, buf);
- strcat(response, opiebtoh(buf, newkey));
+ cmd[i] = 0;
+ i = strlen(seed);
+ if ((cmd[0] != 'S') || (cmd[1] != '+') || (cmd[2] != ' ') || (strtoul(&cmd[3], &c, 10) != algorithm) || (strtoul(c + 1, &c, 10) != sequence) || strncmp(++c, seed, i) || (*(c + i) != '\n')) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: got invalid/failing S+ response: %s\n", cmd);
+#endif /* DEBUG */
};
+
+l1:
+ for (i = sequence - j; i > 0; i--)
+ opiehash(&key, algorithm);
+
+ opiebtoh(response, &key);
} else {
+ if (s < 0)
+ goto l2;
+
+ if ((snprintf(cmd, sizeof(cmd), "s= %d %d %s\n", algorithm, sequence,
+ seed) >= sizeof(cmd))) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: snprintf truncation at s=\n");
+#endif /* DEBUG */
+ goto l2;
+ }
+
+ if (write(s, cmd, i = strlen(cmd)) != i) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: write: %s(%d)\n", strerror(errno), errno);
+#endif /* DEBUG */
+ goto l2;
+ };
+
+ if ((i = read(s, cmd, sizeof(cmd))) < 0) {
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: read: %s(%d)\n", strerror(errno), errno);
+#endif /* DEBUG */
+ goto l2;
+ };
+ close(s);
+
+ i = strlen(seed);
+
+ if ((cmd[0] != 's') || (cmd[2] != ' ') || (strtoul(&cmd[3], &c, 10) != algorithm) || (strtoul(c + 1, &c, 10) != sequence) || strncmp(++c, seed, i)) {
+#if DEBUG
+ if (c)
+ *c = 0;
+ else
+ cmd[3] = 0;
+
+ syslog(LOG_DEBUG, "opiegenerator: got bogus/invalid s response: %s\n", cmd);
+#endif /* DEBUG */
+ goto l2;
+ };
+
+ c += i;
+
+ if (cmd[1] == '-') {
+#if DEBUG
+ if (*c != '\n') {
+ *c = 0;
+ syslog(LOG_DEBUG, "opiegenerator: got invalid s- response: %s\n", cmd);
+ };
+#endif /* DEBUG */
+ goto l2;
+ };
+
+ if (cmd[1] != '+') {
+#if DEBUG
+ *c = 0;
+ syslog(LOG_DEBUG, "opiegenerator: got invalid s response: %s\n", cmd);
+#endif /* DEBUG */
+ goto l2;
+ };
+
+ {
+ char *c2;
+
+ if (!(c2 = strchr(++c, '\n'))) {
+#if DEBUG
+ *c = 0;
+ syslog(LOG_DEBUG, "opiegenerator: got invalid s+ response: %s\n", cmd);
+#endif /* DEBUG */
+ goto l2;
+ };
+
+ *c2++ = 0;
+ };
+
+ if (!opieatob8(&key, c))
+ goto l2;
+
+ opiebtoh(response, &key);
+ };
+
+ if (s >= 0)
+ close(s);
+#else /* OPIEAUTO */
+ if (*secret) {
while (sequence-- != 0)
- opiehash(key, algorithm);
+ opiehash(&key, algorithm);
- opiebtoh(response, key);
- }
+ opiebtoh(response, &key);
+ } else
+ return -2;
+#endif /* OPIEAUTO */
return 0;
-}
+
+#if OPIEAUTO
+l2:
+#if DEBUG
+ syslog(LOG_DEBUG, "opiegenerator: no opieauto response available.\n");
+#endif /* DEBUG */
+ if (s >= 0)
+ close(s);
+
+ return -2;
+#endif /* OPIEAUTO */
+};
diff --git a/contrib/opie/libopie/getsequence.c b/contrib/opie/libopie/getsequence.c
index e6c96c5..77fd5a2 100644
--- a/contrib/opie/libopie/getsequence.c
+++ b/contrib/opie/libopie/getsequence.c
@@ -1,7 +1,7 @@
/* getsequence.c: The opiegetsequence() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/getutmpentry.c b/contrib/opie/libopie/getutmpentry.c
index 531820e..f3afe0c 100644
--- a/contrib/opie/libopie/getutmpentry.c
+++ b/contrib/opie/libopie/getutmpentry.c
@@ -1,8 +1,8 @@
/* getutmpentry.c: The __opiegetutmpentry() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
diff --git a/contrib/opie/libopie/hash.c b/contrib/opie/libopie/hash.c
index ef80a79..e89508c 100644
--- a/contrib/opie/libopie/hash.c
+++ b/contrib/opie/libopie/hash.c
@@ -1,14 +1,15 @@
/* hash.c: The opiehash() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
- Updated by cmetz for OPIE 2.31. Added SHA support (which may
+ Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg.
+ Modified by cmetz for OPIE 2.31. Added SHA support (which may
not be correct). Backed out previous optimizations as
they killed thread-safety.
Created by cmetz for OPIE 2.3 using the old hash.c as a guide.
@@ -20,20 +21,21 @@ you didn't get a copy, you may request one from <license@inner.net>.
#endif /* 0 */
#include "opie.h"
-VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm)
+VOIDRET opiehash FUNCTION((x, algorithm), struct opie_otpkey *results AND
+unsigned algorithm)
{
- UINT4 *results = (UINT4 *)x;
-
switch(algorithm) {
#if 0
case 3:
{
SHA_CTX sha;
+
SHAInit(&sha);
- SHAUpdate(&sha, (unsigned char *)x, 8);
+ SHAUpdate(&sha, (unsigned char *)results, 8);
SHAFinal(&sha);
- results[0] = sha.buffer[0] ^ sha.buffer[2] ^ sha.buffer[4];
- results[1] = sha.buffer[1] ^ sha.buffer[3];
+
+ results->words[0] = sha.buffer[0] ^ sha.buffer[2] ^ sha.buffer[4];
+ results->words[1] = sha.buffer[1] ^ sha.buffer[3];
};
break;
#endif /* 0 */
@@ -43,10 +45,11 @@ VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm)
UINT4 mdx_tmp[4];
opiemd4init(&mdx);
- opiemd4update(&mdx, (unsigned char *)x, 8);
+ opiemd4update(&mdx, (unsigned char *)results, 8);
opiemd4final((unsigned char *)mdx_tmp, &mdx);
- results[0] = mdx_tmp[0] ^ mdx_tmp[2];
- results[1] = mdx_tmp[1] ^ mdx_tmp[3];
+
+ results->words[0] = mdx_tmp[0] ^ mdx_tmp[2];
+ results->words[1] = mdx_tmp[1] ^ mdx_tmp[3];
};
break;
case 5:
@@ -55,10 +58,11 @@ VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm)
UINT4 mdx_tmp[4];
opiemd5init(&mdx);
- opiemd5update(&mdx, (unsigned char *)x, 8);
+ opiemd5update(&mdx, (unsigned char *)results, 8);
opiemd5final((unsigned char *)mdx_tmp, &mdx);
- results[0] = mdx_tmp[0] ^ mdx_tmp[2];
- results[1] = mdx_tmp[1] ^ mdx_tmp[3];
+
+ results->words[0] = mdx_tmp[0] ^ mdx_tmp[2];
+ results->words[1] = mdx_tmp[1] ^ mdx_tmp[3];
};
break;
}
diff --git a/contrib/opie/libopie/hashlen.c b/contrib/opie/libopie/hashlen.c
index 1284a7b..09390c3 100644
--- a/contrib/opie/libopie/hashlen.c
+++ b/contrib/opie/libopie/hashlen.c
@@ -1,51 +1,63 @@
/* hashlen.c: The opiehashlen() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. Use struct opie_otpkey, isolate variables.
Created by cmetz for OPIE 2.3.
*/
#include "opie_cfg.h"
#include "opie.h"
-VOIDRET opiehashlen FUNCTION((algorithm, in, out, n), int algorithm AND VOIDPTR in AND VOIDPTR out AND int n)
+VOIDRET opiehashlen FUNCTION((algorithm, in, out, n), int algorithm AND
+VOIDPTR in AND struct opie_otpkey *results AND int n)
{
- UINT4 *results = (UINT4 *)out;
- struct opiemdx_ctx mdx;
- UINT4 mdx_tmp[4];
-#if 0
- SHA_INFO sha;
-#endif /* 0 */
-
switch(algorithm) {
#if 0
case 3:
+ {
+ SHA_INFO sha;
+
sha_init(&sha);
sha_update(&sha, (BYTE *)in, n);
sha_final(&sha);
- results[0] = sha.digest[0] ^ sha.digest[2] ^ sha.digest[4];
- results[1] = sha.digest[1] ^ sha.digest[3] ^ sha.digest[5];
+
+ results->words[0] = sha.digest[0] ^ sha.digest[2] ^ sha.digest[4];
+ results->words[1] = sha.digest[1] ^ sha.digest[3] ^ sha.digest[5];
+ };
break;
#endif /* 0 */
case 4:
+ {
+ struct opiemdx_ctx mdx;
+ UINT4 mdx_tmp[4];
+
opiemd4init(&mdx);
opiemd4update(&mdx, (unsigned char *)in, n);
opiemd4final((unsigned char *)mdx_tmp, &mdx);
- results[0] = mdx_tmp[0] ^ mdx_tmp[2];
- results[1] = mdx_tmp[1] ^ mdx_tmp[3];
+
+ results->words[0] = mdx_tmp[0] ^ mdx_tmp[2];
+ results->words[1] = mdx_tmp[1] ^ mdx_tmp[3];
+ }
break;
case 5:
+ {
+ struct opiemdx_ctx mdx;
+ UINT4 mdx_tmp[4];
+
opiemd5init(&mdx);
opiemd5update(&mdx, (unsigned char *)in, n);
opiemd5final((unsigned char *)mdx_tmp, &mdx);
- results[0] = mdx_tmp[0] ^ mdx_tmp[2];
- results[1] = mdx_tmp[1] ^ mdx_tmp[3];
+
+ results->words[0] = mdx_tmp[0] ^ mdx_tmp[2];
+ results->words[1] = mdx_tmp[1] ^ mdx_tmp[3];
+ }
break;
}
}
diff --git a/contrib/opie/libopie/insecure.c b/contrib/opie/libopie/insecure.c
index a7fda7b..383206f 100644
--- a/contrib/opie/libopie/insecure.c
+++ b/contrib/opie/libopie/insecure.c
@@ -1,7 +1,7 @@
/* insecure.c: The opieinsecure() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -14,6 +14,8 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.4. Do utmp checks on utmpx systems.
+ Handle unterminated ut_host.
Modified by cmetz for OPIE 2.31. Fixed a logic bug. Call endut[x]ent().
Modified by cmetz for OPIE 2.3. Added result caching. Use
__opiegetutmpentry(). Ifdef around ut_host check. Eliminate
@@ -56,9 +58,9 @@ int opieinsecure FUNCTION_NOARGS
char *s;
char *term_name;
int insecure = 0;
-#if HAVE_UT_HOST
+#if HAVE_UT_HOST || DOUTMPX
struct utmp utmp;
-#endif /* HAVE_UT_HOST */
+#endif /* HAVE_UT_HOST || DOUTMPX */
static int result = -1;
if (result != -1)
@@ -117,30 +119,34 @@ int opieinsecure FUNCTION_NOARGS
return (result = 1);
};
-#if HAVE_UT_HOST
+#if HAVE_UT_HOST || DOUTMPX
if (isatty(0)) {
memset(&utmp, 0, sizeof(struct utmp));
{
int i = __opiegetutmpentry(ttyname(0), &utmp);
endutent();
if (!i && utmp.ut_host[0]) {
+ char host[sizeof(utmp.ut_host) + 1];
insecure = 1;
- if (s = strchr(utmp.ut_host, ':')) {
- int n = s - utmp.ut_host;
+ strncpy(host, utmp.ut_host, sizeof(utmp.ut_host));
+ host[sizeof(utmp.ut_host)] = 0;
+
+ if (s = strchr(host, ':')) {
+ int n = s - host;
if (!n)
insecure = 0;
else
if (display_name) {
- if (!strncmp(utmp.ut_host, display_name, n))
+ if (!strncmp(host, display_name, n))
insecure = 0;
-#ifdef SOLARIS
+#if 1 /* def SOLARIS */
else
- if (s = strchr(utmp.ut_host, ' ')) {
+ if (s = strchr(host, ' ')) {
*s = ':';
if (s = strchr(s + 1, ' '))
*s = '.';
- if (!strncmp(utmp.ut_host, display_name, n))
+ if (!strncmp(host, display_name, n))
insecure = 0;
}
#endif /* SOLARIS */
@@ -149,7 +155,7 @@ int opieinsecure FUNCTION_NOARGS
}
};
};
-#endif /* HAVE_UT_HOST */
+#endif /* HAVE_UT_HOST || DOUTMPX */
if (insecure)
return (result = 1);
diff --git a/contrib/opie/libopie/keycrunch.c b/contrib/opie/libopie/keycrunch.c
index 94a1a53..2ca57e0 100644
--- a/contrib/opie/libopie/keycrunch.c
+++ b/contrib/opie/libopie/keycrunch.c
@@ -1,13 +1,14 @@
/* keycrunch.c: The opiekeycrunch() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for arg.
Created by cmetz for OPIE 2.3 using the old keycrunch.c as a guide.
*/
@@ -23,7 +24,8 @@ you didn't get a copy, you may request one from <license@inner.net>.
#include "opie.h"
-int opiekeycrunch FUNCTION((algorithm, result, seed, secret), int algorithm AND char *result AND char *seed AND char *secret)
+int opiekeycrunch FUNCTION((algorithm, result, seed, secret), int algorithm AND
+struct opie_otpkey *result AND char *seed AND char *secret)
{
int i, rval = -1;
char *c;
diff --git a/contrib/opie/libopie/lock.c b/contrib/opie/libopie/lock.c
index fc449d4..bd92607 100644
--- a/contrib/opie/libopie/lock.c
+++ b/contrib/opie/libopie/lock.c
@@ -1,7 +1,7 @@
/* lock.c: The opielock() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -14,6 +14,7 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.4. Use snprintf.
Modified by cmetz for OPIE 2.31. Put locks in a separate dir.
Bug fixes.
Modified by cmetz for OPIE 2.3. Do refcounts whether or not we
@@ -194,7 +195,9 @@ int opielock FUNCTION((principal), char *principal)
if (!S_ISREG(statbuf[0].st_mode) || (statbuf[0].st_mode != statbuf[1].st_mode) || (statbuf[0].st_ino != statbuf[1].st_ino))
goto lockret;
- sprintf(buffer, "%d\n%d\n", getpid(), time(0));
+ if (snprintf(buffer, sizeof(buffer), "%d\n%d\n", getpid(), time(0)) >= sizeof(buffer))
+ goto lockret;
+
i = strlen(buffer) + 1;
if (lseek(fh, 0, SEEK_SET)) {
close(fh);
diff --git a/contrib/opie/libopie/login.c b/contrib/opie/libopie/login.c
index ca39143..6c6ca79 100644
--- a/contrib/opie/libopie/login.c
+++ b/contrib/opie/libopie/login.c
@@ -1,13 +1,15 @@
/* login.c: The opielogin() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. Add support for ut_id and
+ ut_syslen. Don't zero-terminate ut_name and ut_host.
Modified by cmetz for OPIE 2.31. If the OS won't tell us where
_PATH_WTMP[X] is, try playing the SVID game, then use
Autoconf-discovered values. Fixed gettimeofday() call
@@ -38,12 +40,15 @@ you didn't get a copy, you may request one from <license@inner.net>.
#endif /* DEBUG */
#include "opie.h"
+#define IDLEN 4
+
int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *host)
{
- struct utmp u;
int rval = 0;
-
#if !DISABLE_UTMP
+ struct utmp u;
+ char id[IDLEN + 1] = "";
+
if (__opiegetutmpentry(line, &u)) {
#if DEBUG
syslog(LOG_DEBUG, "opielogin: __opiegetutmpentry(line=%s, &u) failed", line);
@@ -58,6 +63,11 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h
#endif /* DEBUG */
}
+#if DOUTMPX || HAVE_UT_ID
+ strncpy(id, u.ut_id, sizeof(u.ut_id));
+ id[sizeof(id)-1] = 0;
+#endif /* DOUTMPX || HAVE_UT_ID */
+
#if HAVE_UT_TYPE && defined(USER_PROCESS)
u.ut_type = USER_PROCESS;
#endif /* HAVE_UT_TYPE && defined(USER_PROCESS) */
@@ -67,15 +77,16 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h
#if HAVE_UT_NAME
strncpy(u.ut_name, name, sizeof(u.ut_name));
- u.ut_name[sizeof(u.ut_name)-1] = 0;
#else /* HAVE_UT_NAME */
#error No ut_name field in struct utmp? (Please send in a bug report)
#endif /* HAVE_UT_NAME */
#if HAVE_UT_HOST
strncpy(u.ut_host, host, sizeof(u.ut_host));
- u.ut_host[sizeof(u.ut_host)-1] = 0;
#endif /* HAVE_UT_HOST */
+#if DOUTMPX && HAVE_UTX_SYSLEN
+ u.ut_syslen = strlen(host) + 1;
+#endif /* DOUTMPX && HAVE_UT_SYSLEN */
#if DOUTMPX
#ifdef HAVE_ONE_ARG_GETTIMEOFDAY
@@ -96,7 +107,7 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h
#endif /* !DISABLE_UTMP */
dowtmp:
- opielogwtmp(line, name, host);
+ opielogwtmp(line, name, host, id);
opielogwtmp(NULL, NULL, NULL);
dosetlogin:
diff --git a/contrib/opie/libopie/logwtmp.c b/contrib/opie/libopie/logwtmp.c
index a42fdec..873ca9b 100644
--- a/contrib/opie/libopie/logwtmp.c
+++ b/contrib/opie/libopie/logwtmp.c
@@ -1,7 +1,7 @@
/* logwtmp.c: Put an entry in the wtmp file.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -14,6 +14,8 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.4. Set process to dead if name is null.
+ Added support for ut_id and ut_syslen.
Modified by cmetz for OPIE 2.32. Don't leave line=NULL, skip
past /dev/ in line. Fill in ut_host on systems with UTMPX and
ut_host.
@@ -110,7 +112,7 @@ static int fdx = -1;
* after first call, for use with ftp (which may chroot
* after login, but before logout).
*/
-VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND char *host)
+VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND char *host AND char *id)
{
#if !DISABLE_WTMP
struct utmp ut;
@@ -136,8 +138,15 @@ VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND c
return;
if (fstat(fd, &buf) == 0) {
#if HAVE_UT_TYPE && defined(USER_PROCESS)
- ut.ut_type = USER_PROCESS;
+ if (name && *name)
+ ut.ut_type = USER_PROCESS;
+ else
+ ut.ut_type = DEAD_PROCESS;
#endif /* HAVE_UT_TYPE && defined(USER_PROCESS) */
+#if HAVE_UT_ID
+ if (id)
+ strncpy(ut.ut_id, id, sizeof(ut.ut_id));
+#endif /* HAVE_UT_ID */
#if HAVE_UT_PID
ut.ut_pid = getpid();
#endif /* HAVE_UT_PID */
@@ -161,6 +170,18 @@ VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND c
strncpy(utx.ut_line, line, sizeof(utx.ut_line));
strncpy(utx.ut_name, name, sizeof(utx.ut_name));
strncpy(utx.ut_host, host, sizeof(utx.ut_host));
+#ifdef USER_PROCESS
+ if (name && *name)
+ utx.ut_type = USER_PROCESS;
+ else
+ utx.ut_type = DEAD_PROCESS;
+#endif /* USER_PROCESS */
+ if (id)
+ strncpy(utx.ut_id, id, sizeof(utx.ut_id));
+ utx.ut_pid = getpid();
+#if HAVE_UTX_SYSLEN
+ utx.ut_syslen = strlen(utx.ut_host) + 1;
+#endif /* HAVE_UTX_SYSLEN */
#if HAVE_GETTIMEOFDAY
#if HAVE_ONE_ARG_GETTIMEOFDAY
gettimeofday(&utx.ut_tv);
diff --git a/contrib/opie/libopie/lookup.c b/contrib/opie/libopie/lookup.c
index d05e1fa..3003da7 100644
--- a/contrib/opie/libopie/lookup.c
+++ b/contrib/opie/libopie/lookup.c
@@ -1,8 +1,8 @@
/* lookup.c: The opielookup() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
diff --git a/contrib/opie/libopie/md4c.c b/contrib/opie/libopie/md4c.c
index acc8857..f6adc67 100644
--- a/contrib/opie/libopie/md4c.c
+++ b/contrib/opie/libopie/md4c.c
@@ -1,7 +1,7 @@
/* md4c.c: "RSA Data Security, Inc. MD4 Message-Digest Algorithm"
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/md5c.c b/contrib/opie/libopie/md5c.c
index 09611a5..cdd21e0 100644
--- a/contrib/opie/libopie/md5c.c
+++ b/contrib/opie/libopie/md5c.c
@@ -2,7 +2,7 @@
"derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm"
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/newseed.c b/contrib/opie/libopie/newseed.c
index b351798..0455857 100644
--- a/contrib/opie/libopie/newseed.c
+++ b/contrib/opie/libopie/newseed.c
@@ -1,13 +1,15 @@
/* newseed.c: The opienewseed() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. Greatly simplified increment. Now does
+ not add digits. Reformatted the code.
Modified by cmetz for OPIE 2.32. Added syslog.h if DEBUG.
Modified by cmetz for OPIE 2.31. Added time.h.
Created by cmetz for OPIE 2.22.
@@ -35,73 +37,54 @@ you didn't get a copy, you may request one from <license@inner.net>.
int opienewseed FUNCTION((seed), char *seed)
{
- if (!seed)
- return -1;
-
- if (seed[0]) {
- int i;
-
- if ((i = strlen(seed)) >= OPIE_SEED_MIN) {
- long j;
- char *c;
-
- if (i > OPIE_SEED_MAX)
- i = OPIE_SEED_MAX;
-
- c = seed + i - 1;
-
- while(c != seed) {
- if (!isdigit(*c))
- break;
- c--;
- }
-
- c++;
-
- if (j = strtol(c, (char **)0, 10)) {
- char buf[OPIE_SEED_MAX];
-
- *c = 0;
- strcpy(buf, seed);
-
- if (errno == ERANGE) {
- j = 1;
- } else {
- int k = 1, l = OPIE_SEED_MAX - strlen(buf);
- while(l--) k *= 10;
-
- if (++j >= k)
- j = 1;
+ if (!seed)
+ return -1;
+
+ if (seed[0]) {
+ char *c, *end;
+ unsigned int i, max;
+
+ if ((i = strlen(seed)) > OPIE_SEED_MAX)
+ i = OPIE_SEED_MAX;
+
+ for (c = end = seed + i - 1, max = 1;
+ (c > seed) && isdigit(*c); c--)
+ max *= 10;
+
+ if ((i = strtoul(++c, (char **)0, 10)) < max) {
+ if (++i >= max)
+ i = 1;
+
+ snprintf(c, end - c, "%d", i);
+ seed[OPIE_SEED_MAX] = 0;
+ return 0;
+ }
}
- sprintf(seed, "%s%04d", buf, j);
- return 0;
- }
- }
- }
+ {
+ time_t now;
- {
- {
- time_t now;
- time(&now);
- srand(now);
- }
+ time(&now);
+ srand(now);
+ }
- {
- struct utsname utsname;
+ {
+ struct utsname utsname;
- if (uname(&utsname) < 0) {
+ if (uname(&utsname) < 0) {
#if DEBUG
- syslog(LOG_DEBUG, "uname: %s(%d)", strerror(errno), errno);
+ syslog(LOG_DEBUG, "uname: %s(%d)", strerror(errno),
+ errno);
#endif /* DEBUG */
- utsname.nodename[0] = 'k';
- utsname.nodename[1] = 'e';
- }
- utsname.nodename[2] = 0;
-
- sprintf(seed, "%s%04d", utsname.nodename, (rand() % 9999) + 1);
- return 0;
- }
- }
+ utsname.nodename[0] = 'k';
+ utsname.nodename[1] = 'e';
+ }
+ utsname.nodename[2] = 0;
+
+ if (snprintf(seed, OPIE_SEED_MAX+1, "%s%04d", utsname.nodename,
+ (rand() % 9999) + 1) >= OPIE_SEED_MAX+1)
+ return -1;
+ return 0;
+ }
}
diff --git a/contrib/opie/libopie/open.c b/contrib/opie/libopie/open.c
index dac03a8..c0c76c2 100644
--- a/contrib/opie/libopie/open.c
+++ b/contrib/opie/libopie/open.c
@@ -1,13 +1,15 @@
/* open.c: The __opieopen() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. More portable way to get the mode
+ string for fopen.
Created by cmetz for OPIE 2.3.
*/
#include "opie_cfg.h"
@@ -51,9 +53,23 @@ FILE *__opieopen FUNCTION((file, rw, mode), char *file AND int rw AND int mode)
return NULL;
{
- char *fmodes[] = { "r", "r+", "a" };
-
- if (!(f = fopen(file, fmodes[rw])))
+ char *fmode;
+
+ switch(rw) {
+ case 0:
+ fmode = "r";
+ break;
+ case 1:
+ fmode = "r+";
+ break;
+ case 2:
+ fmode = "a";
+ break;
+ default:
+ return NULL;
+ };
+
+ if (!(f = fopen(file, fmode)))
return NULL;
}
diff --git a/contrib/opie/libopie/parsechallenge.c b/contrib/opie/libopie/parsechallenge.c
index 2035c38..2b23a35 100644
--- a/contrib/opie/libopie/parsechallenge.c
+++ b/contrib/opie/libopie/parsechallenge.c
@@ -1,13 +1,15 @@
/* parsechallenge.c: The __opieparsechallenge() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. Use OPIE_SEQUENCE_MAX, check for
+ sequence number of zero.
Modified by cmetz for OPIE 2.32. Check for extended response sets.
Change prefix to double underscore.
Created by cmetz for OPIE 2.3 using generator.c as a guide.
@@ -48,7 +50,7 @@ int __opieparsechallenge FUNCTION((buffer, algorithm, sequence, seed, exts), cha
*algorithm = a->num;
}
- if ((*sequence = strtoul(++c, &c, 10)) > 9999)
+ if (((*sequence = strtoul(++c, &c, 10)) > OPIE_SEQUENCE_MAX) || !*sequence)
return -1;
while(*c && isspace(*c)) c++;
diff --git a/contrib/opie/libopie/passcheck.c b/contrib/opie/libopie/passcheck.c
index 8bfa87d..140b8fb 100644
--- a/contrib/opie/libopie/passcheck.c
+++ b/contrib/opie/libopie/passcheck.c
@@ -1,7 +1,7 @@
/* passcheck.c: The opiepasscheck() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/passwd.c b/contrib/opie/libopie/passwd.c
index 6bac249..1c3b1ab6 100644
--- a/contrib/opie/libopie/passwd.c
+++ b/contrib/opie/libopie/passwd.c
@@ -1,8 +1,8 @@
/* passwd.c: The opiepasswd() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
@@ -46,19 +46,19 @@ int opiepasswd FUNCTION((old, flags, principal, n, seed, ks), struct opie *old A
opie.opie_seed = seed;
if (ks) {
- char key[8];
+ struct opie_otpkey key;
if (flags & OPIEPASSWD_CONSOLE) {
- if (opiekeycrunch(MDX, key, seed, ks))
+ if (opiekeycrunch(MDX, &key, seed, ks))
return -1;
for (i = n; i; i--)
- opiehash(key, MDX);
- if (!(opie.opie_val = opiebtoa8(opie.opie_buf, key)))
+ opiehash(&key, MDX);
+ if (!(opie.opie_val = opiebtoa8(opie.opie_buf, &key)))
return -1;
} else {
- if ((opieetob(key, ks) != 1) && !opieatob8(key, ks))
+ if ((opieetob(&key, ks) != 1) && !opieatob8(&key, ks))
return 1;
- if (!(opie.opie_val = opiebtoa8(opie.opie_buf, key)))
+ if (!(opie.opie_val = opiebtoa8(opie.opie_buf, &key)))
return 1;
}
}
diff --git a/contrib/opie/libopie/randomchallenge.c b/contrib/opie/libopie/randomchallenge.c
index 99b4c48..7cf18bb 100644
--- a/contrib/opie/libopie/randomchallenge.c
+++ b/contrib/opie/libopie/randomchallenge.c
@@ -1,7 +1,7 @@
/* randomchallenge.c: The opierandomchallenge() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
@@ -14,6 +14,7 @@ License Agreement applies to this software.
History:
+ Modified by cmetz for OPIE 2.4. Use snprintf().
Modified by cmetz for OPIE 2.32. Initialize algids[] with 0s
instead of NULL.
Modified by cmetz for OPIE 2.3. Add sha support.
@@ -35,11 +36,12 @@ static char *algids[] = { 0, 0, 0, "sha1", "md4", "md5" };
most situations; it is certainly better than a fixed string */
VOIDRET opierandomchallenge FUNCTION((prompt), char *prompt)
{
- char buf[OPIE_SEED_MAX + 1];
+ char buf[OPIE_SEED_MAX+1];
buf[0] = 0;
if (opienewseed(buf))
strcpy(buf, "ke4452");
- sprintf(prompt, "otp-%s %d %s ext", algids[MDX], (rand() % 499) + 1, buf);
+ snprintf(prompt, OPIE_CHALLENGE_MAX+1, "otp-%s %d %s ext", algids[MDX],
+ (rand() % 499) + 1, buf);
}
diff --git a/contrib/opie/libopie/readpass.c b/contrib/opie/libopie/readpass.c
index 5808f02..bd24b02 100644
--- a/contrib/opie/libopie/readpass.c
+++ b/contrib/opie/libopie/readpass.c
@@ -1,7 +1,7 @@
/* readpass.c: The opiereadpass() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/readrec.c b/contrib/opie/libopie/readrec.c
index f6361eb..98ec658 100644
--- a/contrib/opie/libopie/readrec.c
+++ b/contrib/opie/libopie/readrec.c
@@ -1,13 +1,15 @@
/* readrec.c: The __opiereadrec() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. Check that seed, sequence number, and
+ response values are valid.
Modified by cmetz for OPIE 2.31. Removed active attack protection
support. Fixed a debug message typo. Keep going after bogus
records. Set read flag.
@@ -57,7 +59,7 @@ static int parserec FUNCTION((opie), struct opie *opie)
opie->opie_n = strtoul(c, &c3, 10);
- if (*c3)
+ if (*c3 || (opie->opie_n <= 0) || (opie->opie_n > 9999))
return -1;
};
@@ -66,6 +68,10 @@ static int parserec FUNCTION((opie), struct opie *opie)
*(c2++) = 0;
+ for (c = opie->opie_seed; *c; c++)
+ if (!isalnum(*c))
+ return -1;
+
while(*c2 == ' ') c2++;
if (!(c2 = strchr(opie->opie_val = c2, ' ')))
@@ -73,6 +79,13 @@ static int parserec FUNCTION((opie), struct opie *opie)
*(c2++) = 0;
+ {
+ struct opie_otpkey otpkey;
+
+ if (!opieatob8(&otpkey, opie->opie_val))
+ return -1;
+ }
+
return 0;
}
diff --git a/contrib/opie/libopie/unlock.c b/contrib/opie/libopie/unlock.c
index 4c01a5c..0f607ab 100644
--- a/contrib/opie/libopie/unlock.c
+++ b/contrib/opie/libopie/unlock.c
@@ -1,7 +1,7 @@
/* unlock.c: The opieunlock() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/verify.c b/contrib/opie/libopie/verify.c
index 990e293..e6abec4 100644
--- a/contrib/opie/libopie/verify.c
+++ b/contrib/opie/libopie/verify.c
@@ -1,13 +1,15 @@
/* verify.c: The opieverify() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for keys.
+ Check that seed and sequence number are valid.
Modified by cmetz for OPIE 2.32. Renamed _opieparsechallenge() to
__opieparsechallenge() and handle new argument. Fixed init
response parsing bug.
@@ -67,7 +69,7 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
{
int i, rval = -1;
char *c;
- char key[8], fkey[8], lastkey[8];
+ struct opie_otpkey key, fkey, lastkey;
struct opie nopie;
if (!opie || !response)
@@ -80,7 +82,14 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
goto verret;
#endif /* DEBUG */
- if (!opieatob8(lastkey, opie->opie_val))
+ if (!opieatob8(&lastkey, opie->opie_val))
+ goto verret;
+
+ for (c = opie->opie_seed; *c; c++)
+ if (!isalnum(*c))
+ goto verret;
+
+ if (opie->opie_n <= 0)
goto verret;
if (c = strchr(response, ':')) {
@@ -97,33 +106,33 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
case RESPONSE_STANDARD:
i = 1;
- if (opieetob(key, response) == 1) {
- memcpy(fkey, key, sizeof(key));
- opiehash(fkey, MDX);
- i = memcmp(fkey, lastkey, sizeof(key));
+ if (opieetob(&key, response) == 1) {
+ memcpy(&fkey, &key, sizeof(struct opie_otpkey));
+ opiehash(&fkey, MDX);
+ i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey));
}
- if (i && opieatob8(key, response)) {
- memcpy(fkey, key, sizeof(key));
- opiehash(fkey, MDX);
- i = memcmp(fkey, lastkey, sizeof(key));
+ if (i && opieatob8(&key, response)) {
+ memcpy(&fkey, &key, sizeof(struct opie_otpkey));
+ opiehash(&fkey, MDX);
+ i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey));
}
break;
case RESPONSE_WORD:
i = 1;
- if (opieetob(key, c) == 1) {
- memcpy(fkey, key, sizeof(key));
- opiehash(fkey, MDX);
- i = memcmp(fkey, lastkey, sizeof(key));
+ if (opieetob(&key, c) == 1) {
+ memcpy(&fkey, &key, sizeof(struct opie_otpkey));
+ opiehash(&fkey, MDX);
+ i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey));
}
break;
case RESPONSE_HEX:
i = 1;
- if (opieatob8(key, c)) {
- memcpy(fkey, key, sizeof(key));
- opiehash(fkey, MDX);
- i = memcmp(fkey, lastkey, sizeof(key));
+ if (opieatob8(&key, c)) {
+ memcpy(&fkey, &key, sizeof(struct opie_otpkey));
+ opiehash(&fkey, MDX);
+ i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey));
}
break;
case RESPONSE_INIT_HEX:
@@ -137,17 +146,17 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
*(c2++) = 0;
if (i == RESPONSE_INIT_HEX) {
- if (!opieatob8(key, c))
+ if (!opieatob8(&key, c))
goto verret;
} else {
- if (opieetob(key, c) != 1)
+ if (opieetob(&key, c) != 1)
goto verret;
}
- memcpy(fkey, key, sizeof(key));
- opiehash(fkey, MDX);
+ memcpy(&fkey, &key, sizeof(struct opie_otpkey));
+ opiehash(&fkey, MDX);
- if (memcmp(fkey, lastkey, sizeof(key)))
+ if (memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey)))
goto verret;
if (changed(opie))
@@ -155,7 +164,7 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
opie->opie_n--;
- if (!opiebtoa8(opie->opie_val, key))
+ if (!opiebtoa8(opie->opie_val, &key))
goto verret;
if (__opiewriterec(opie))
@@ -174,10 +183,10 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
}
if (i == RESPONSE_INIT_HEX) {
- if (!opieatob8(key, c2))
+ if (!opieatob8(&key, c2))
goto verret;
} else {
- if (opieetob(key, c2) != 1)
+ if (opieetob(&key, c2) != 1)
goto verret;
}
}
@@ -201,7 +210,7 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
opie->opie_n--;
verwrt:
- if (!opiebtoa8(opie->opie_val, key))
+ if (!opiebtoa8(opie->opie_val, &key))
goto verret;
rval = __opiewriterec(opie);
diff --git a/contrib/opie/libopie/version.c b/contrib/opie/libopie/version.c
index ef6523d..2364e77 100644
--- a/contrib/opie/libopie/version.c
+++ b/contrib/opie/libopie/version.c
@@ -1,7 +1,7 @@
/* version.c: The opieversion() library function.
%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
diff --git a/contrib/opie/libopie/writerec.c b/contrib/opie/libopie/writerec.c
index 0843423..5ba53fe 100644
--- a/contrib/opie/libopie/writerec.c
+++ b/contrib/opie/libopie/writerec.c
@@ -1,13 +1,15 @@
/* writerec.c: The __opiewriterec() library function.
%%% copyright-cmetz-96
-This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
-The Inner Net License Version 2 applies to this software.
+This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
+The Inner Net License Version 3 applies to this software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.
History:
+ Modified by cmetz for OPIE 2.4. Check that seed and sequence number are
+ valid.
Modified by cmetz for OPIE 2.31. Removed active attack protection
support. Fixed passwd bug.
Created by cmetz for OPIE 2.3 from passwd.c.
@@ -30,6 +32,7 @@ you didn't get a copy, you may request one from <license@inner.net>.
#if HAVE_STDLIB_H
#include <stdlib.h>
#endif /* HAVE_STDLIB_H */
+#include <ctype.h>
#include "opie.h"
char *__opienone = "****************";
@@ -40,6 +43,7 @@ int __opiewriterec FUNCTION((opie), struct opie *opie)
time_t now;
FILE *f, *f2 = NULL;
int i = 0;
+ char *c;
time(&now);
if (strftime(buf2, sizeof(buf2), " %b %d,%Y %T", localtime(&now)) < 1)
@@ -51,7 +55,14 @@ int __opiewriterec FUNCTION((opie), struct opie *opie)
opie->opie_flags = opie2.opie_flags;
opie->opie_recstart = opie2.opie_recstart;
}
-
+
+ for (c = opie->opie_seed; *c; c++)
+ if (!isalnum(*c))
+ return -1;
+
+ if ((opie->opie_n < 0) || (opie->opie_n > 9999))
+ return -1;
+
switch(i) {
case 0:
if (!(f = __opieopen(KEY_FILE, 1, 0644)))
OpenPOWER on IntegriCloud