diff options
author | kris <kris@FreeBSD.org> | 2000-04-10 11:09:42 +0000 |
---|---|---|
committer | kris <kris@FreeBSD.org> | 2000-04-10 11:09:42 +0000 |
commit | aee7d5e2d9b6409777977e7e84bb592b3ec3bd30 (patch) | |
tree | 2a4ae68749c83823fce59d928ca92442a2879aa0 /contrib/opie/libopie | |
parent | 5bec5470a59d584c74e9b1d1a9790293fb566048 (diff) | |
download | FreeBSD-src-aee7d5e2d9b6409777977e7e84bb592b3ec3bd30.zip FreeBSD-src-aee7d5e2d9b6409777977e7e84bb592b3ec3bd30.tar.gz |
Upgrade to OPIE 2.32, from http://www.inner.net/pub/opie/
Diffstat (limited to 'contrib/opie/libopie')
32 files changed, 143 insertions, 96 deletions
diff --git a/contrib/opie/libopie/Makefile.in b/contrib/opie/libopie/Makefile.in index 17ca829..2b3c96c 100644 --- a/contrib/opie/libopie/Makefile.in +++ b/contrib/opie/libopie/Makefile.in @@ -2,7 +2,7 @@ # Makefile.in/Makefile: Directions for building libopie. # # %%% copyright-cmetz-96 -# This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +# This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. # The Inner Net License Version 2 applies to this software. # You should have received a copy of the license with this software. If # you didn't get a copy, you may request one from <license@inner.net>. diff --git a/contrib/opie/libopie/accessfile.c b/contrib/opie/libopie/accessfile.c index 39e3d82..0fe1d12 100644 --- a/contrib/opie/libopie/accessfile.c +++ b/contrib/opie/libopie/accessfile.c @@ -2,7 +2,7 @@ overrides. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/atob8.c b/contrib/opie/libopie/atob8.c index d548ef9..78a7d43 100644 --- a/contrib/opie/libopie/atob8.c +++ b/contrib/opie/libopie/atob8.c @@ -1,7 +1,7 @@ /* atob8.c: The opieatob8() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/btoa8.c b/contrib/opie/libopie/btoa8.c index 7e53d40..2b3e885 100644 --- a/contrib/opie/libopie/btoa8.c +++ b/contrib/opie/libopie/btoa8.c @@ -1,7 +1,7 @@ /* btoa8.c: The opiebtoa8() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. diff --git a/contrib/opie/libopie/btoe.c b/contrib/opie/libopie/btoe.c index 7cd7c29..b7ed3cde 100644 --- a/contrib/opie/libopie/btoe.c +++ b/contrib/opie/libopie/btoe.c @@ -3,7 +3,7 @@ 64 bit OTP. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/btoh.c b/contrib/opie/libopie/btoh.c index 11e3c5d..c5ed150 100644 --- a/contrib/opie/libopie/btoh.c +++ b/contrib/opie/libopie/btoh.c @@ -1,7 +1,7 @@ /* btoh.c: The opiebtoh() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. diff --git a/contrib/opie/libopie/challenge.c b/contrib/opie/libopie/challenge.c index a52e5fa..0f3fec5 100644 --- a/contrib/opie/libopie/challenge.c +++ b/contrib/opie/libopie/challenge.c @@ -1,7 +1,7 @@ /* challenge.c: The opiechallenge() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,8 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.32. Added extended response set + identifier to the challenge. Modified by cmetz for OPIE 2.3. Use opie_ prefix. Send debug info to syslog. Add sha plumbing. Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al. @@ -68,7 +70,7 @@ int opiechallenge FUNCTION((mp, name, ss), struct opie *mp AND char *name AND ch opierandomchallenge(ss); memset(mp, 0, sizeof(*mp)); } else - sprintf(ss, "otp-%s %d %s", algids[MDX], mp->opie_n - 1, mp->opie_seed); + sprintf(ss, "otp-%s %d %s ext", algids[MDX], mp->opie_n - 1, mp->opie_seed); return rval; } diff --git a/contrib/opie/libopie/generator.c b/contrib/opie/libopie/generator.c index 02167bf..618a131 100644 --- a/contrib/opie/libopie/generator.c +++ b/contrib/opie/libopie/generator.c @@ -1,7 +1,7 @@ /* generator.c: The opiegenerator() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -9,15 +9,21 @@ you didn't get a copy, you may request one from <license@inner.net>. History: + Modified by cmetz for OPIE 2.32. If secret=NULL, always return + as if opieauto returned "get the secret". Renamed + _opieparsechallenge() to __opieparsechallenge(). Check + challenge for extended response support and don't send + an init-hex response if extended response support isn't + indicated in the challenge. Modified by cmetz for OPIE 2.31. Renamed "init" to "init-hex". - Removed active attack protection support. Fixed fairly - bug in how init response was computed (i.e., dead wrong). + Removed active attack protection support. Fixed fairly + bug in how init response was computed (i.e., dead wrong). Modified by cmetz for OPIE 2.3. Use _opieparsechallenge(). ifdef - around string.h. Output hex responses by default, output - OTP re-init extended responses (same secret) if sequence - number falls below 10. + around string.h. Output hex responses by default, output + OTP re-init extended responses (same secret) if sequence + number falls below 10. Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al. - Bug fixes. + Bug fixes. Created at NRL for OPIE 2.2. */ @@ -36,26 +42,33 @@ int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *se char *seed; char key[8]; int i; + int exts; if (!(buffer = strstr(buffer, "otp-"))) return 1; buffer += 4; - if (_opieparsechallenge(buffer, &algorithm, &sequence, &seed)) + if (__opieparsechallenge(buffer, &algorithm, &sequence, &seed, &exts)) return 1; if ((sequence < 2) || (sequence > 9999)) return 1; + if (!secret[0]) + return 2; + if (opiepasscheck(secret)) return -2; if (i = opiekeycrunch(algorithm, key, seed, secret)) return i; - if (sequence < 10) { + if (!(exts & 1)) + return 1; + + { char newseed[OPIE_SEED_MAX + 1]; char newkey[8]; char *c; @@ -78,6 +91,7 @@ int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *se sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed); strcat(response, buf); strcat(response, opiebtoh(buf, newkey)); + }; } else { while (sequence-- != 0) opiehash(key, algorithm); diff --git a/contrib/opie/libopie/getsequence.c b/contrib/opie/libopie/getsequence.c index 44a34ce..e6c96c5 100644 --- a/contrib/opie/libopie/getsequence.c +++ b/contrib/opie/libopie/getsequence.c @@ -1,7 +1,7 @@ /* getsequence.c: The opiegetsequence() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/getutmpentry.c b/contrib/opie/libopie/getutmpentry.c index 1c9ed0f..531820e 100644 --- a/contrib/opie/libopie/getutmpentry.c +++ b/contrib/opie/libopie/getutmpentry.c @@ -1,7 +1,7 @@ /* getutmpentry.c: The __opiegetutmpentry() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. diff --git a/contrib/opie/libopie/hash.c b/contrib/opie/libopie/hash.c index 4b72d6b..ef80a79 100644 --- a/contrib/opie/libopie/hash.c +++ b/contrib/opie/libopie/hash.c @@ -1,7 +1,7 @@ /* hash.c: The opiehash() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. diff --git a/contrib/opie/libopie/hashlen.c b/contrib/opie/libopie/hashlen.c index f1463d2..1284a7b 100644 --- a/contrib/opie/libopie/hashlen.c +++ b/contrib/opie/libopie/hashlen.c @@ -1,7 +1,7 @@ /* hashlen.c: The opiehashlen() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. diff --git a/contrib/opie/libopie/insecure.c b/contrib/opie/libopie/insecure.c index 999d6e7..a7fda7b 100644 --- a/contrib/opie/libopie/insecure.c +++ b/contrib/opie/libopie/insecure.c @@ -1,7 +1,7 @@ /* insecure.c: The opieinsecure() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -118,34 +118,36 @@ int opieinsecure FUNCTION_NOARGS }; #if HAVE_UT_HOST - memset(&utmp, 0, sizeof(struct utmp)); - { - int i = __opiegetutmpentry(ttyname(0), &utmp); - endutent(); - if (!i && utmp.ut_host[0]) { - insecure = 1; - - if (s = strchr(utmp.ut_host, ':')) { - int n = s - utmp.ut_host; - if (!n) - insecure = 0; - else - if (display_name) { - if (!strncmp(utmp.ut_host, display_name, n)) - insecure = 0; + if (isatty(0)) { + memset(&utmp, 0, sizeof(struct utmp)); + { + int i = __opiegetutmpentry(ttyname(0), &utmp); + endutent(); + if (!i && utmp.ut_host[0]) { + insecure = 1; + + if (s = strchr(utmp.ut_host, ':')) { + int n = s - utmp.ut_host; + if (!n) + insecure = 0; + else + if (display_name) { + if (!strncmp(utmp.ut_host, display_name, n)) + insecure = 0; #ifdef SOLARIS - else - if (s = strchr(utmp.ut_host, ' ')) { - *s = ':'; - if (s = strchr(s + 1, ' ')) - *s = '.'; - if (!strncmp(utmp.ut_host, display_name, n)) - insecure = 0; - } + else + if (s = strchr(utmp.ut_host, ' ')) { + *s = ':'; + if (s = strchr(s + 1, ' ')) + *s = '.'; + if (!strncmp(utmp.ut_host, display_name, n)) + insecure = 0; + } #endif /* SOLARIS */ - } - } - } + } + } + } + }; }; #endif /* HAVE_UT_HOST */ if (insecure) diff --git a/contrib/opie/libopie/keycrunch.c b/contrib/opie/libopie/keycrunch.c index fccdc3c..94a1a53 100644 --- a/contrib/opie/libopie/keycrunch.c +++ b/contrib/opie/libopie/keycrunch.c @@ -1,7 +1,7 @@ /* keycrunch.c: The opiekeycrunch() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. diff --git a/contrib/opie/libopie/lock.c b/contrib/opie/libopie/lock.c index 40999de..fc449d4 100644 --- a/contrib/opie/libopie/lock.c +++ b/contrib/opie/libopie/lock.c @@ -1,7 +1,7 @@ /* lock.c: The opielock() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/login.c b/contrib/opie/libopie/login.c index f7082c9..ca39143 100644 --- a/contrib/opie/libopie/login.c +++ b/contrib/opie/libopie/login.c @@ -1,7 +1,7 @@ /* login.c: The opielogin() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. diff --git a/contrib/opie/libopie/logwtmp.c b/contrib/opie/libopie/logwtmp.c index efc1def..a42fdec 100644 --- a/contrib/opie/libopie/logwtmp.c +++ b/contrib/opie/libopie/logwtmp.c @@ -1,7 +1,7 @@ /* logwtmp.c: Put an entry in the wtmp file. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,11 +14,14 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.32. Don't leave line=NULL, skip + past /dev/ in line. Fill in ut_host on systems with UTMPX and + ut_host. Modified by cmetz for OPIE 2.31. Move wtmp log functions here, to - improve portability. Added DISABLE_WTMP. + improve portability. Added DISABLE_WTMP. Modified by cmetz for OPIE 2.22. Call gettimeofday() properly. Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al. - Ifdef around some headers. Added file close hook. + Ifdef around some headers. Added file close hook. Modified at NRL for OPIE 2.1. Set process type for HPUX. Modified at NRL for OPIE 2.0. Originally from BSD. @@ -124,7 +127,10 @@ VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND c #if DOUTMPX && defined(_PATH_WTMPX) close(fdx); #endif /* DOUTMPX && defined(_PATH_WTMPX) */ - } + line = ""; + } else + if (!strncmp(line, "/dev/", 5)) + line += 5; if (fd < 0 && (fd = open(_PATH_WTMP, O_WRONLY | O_APPEND, 0)) < 0) return; @@ -137,9 +143,9 @@ VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND c #endif /* HAVE_UT_PID */ strncpy(ut.ut_line, line, sizeof(ut.ut_line)); strncpy(ut.ut_name, name, sizeof(ut.ut_name)); -#if !DOUTMPX +#if HAVE_UT_HOST strncpy(ut.ut_host, host, sizeof(ut.ut_host)); -#endif /* !DOUTMPX */ +#endif /* HAVE_UT_HOST */ time(&ut.ut_time); if (write(fd, (char *) &ut, sizeof(struct utmp)) != sizeof(struct utmp)) diff --git a/contrib/opie/libopie/lookup.c b/contrib/opie/libopie/lookup.c index 39fab48..d05e1fa 100644 --- a/contrib/opie/libopie/lookup.c +++ b/contrib/opie/libopie/lookup.c @@ -1,7 +1,7 @@ /* lookup.c: The opielookup() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. diff --git a/contrib/opie/libopie/md4c.c b/contrib/opie/libopie/md4c.c index 343cb8f..acc8857 100644 --- a/contrib/opie/libopie/md4c.c +++ b/contrib/opie/libopie/md4c.c @@ -1,7 +1,7 @@ /* md4c.c: "RSA Data Security, Inc. MD4 Message-Digest Algorithm" %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/md5c.c b/contrib/opie/libopie/md5c.c index d2a9390..09611a5 100644 --- a/contrib/opie/libopie/md5c.c +++ b/contrib/opie/libopie/md5c.c @@ -2,7 +2,7 @@ "derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm" %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/newseed.c b/contrib/opie/libopie/newseed.c index 5073850..b351798 100644 --- a/contrib/opie/libopie/newseed.c +++ b/contrib/opie/libopie/newseed.c @@ -1,13 +1,14 @@ /* newseed.c: The opienewseed() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. History: + Modified by cmetz for OPIE 2.32. Added syslog.h if DEBUG. Modified by cmetz for OPIE 2.31. Added time.h. Created by cmetz for OPIE 2.22. */ @@ -27,6 +28,9 @@ you didn't get a copy, you may request one from <license@inner.net>. #include <sys/utsname.h> #endif /* HAVE_SYS_UTSNAME_H */ #include <errno.h> +#if DEBUG +#include <syslog.h> +#endif /* DEBUG */ #include "opie.h" int opienewseed FUNCTION((seed), char *seed) @@ -87,9 +91,9 @@ int opienewseed FUNCTION((seed), char *seed) struct utsname utsname; if (uname(&utsname) < 0) { -#if 0 - perror("uname"); -#endif /* 0 */ +#if DEBUG + syslog(LOG_DEBUG, "uname: %s(%d)", strerror(errno), errno); +#endif /* DEBUG */ utsname.nodename[0] = 'k'; utsname.nodename[1] = 'e'; } diff --git a/contrib/opie/libopie/open.c b/contrib/opie/libopie/open.c index 3a1dccc..dac03a8 100644 --- a/contrib/opie/libopie/open.c +++ b/contrib/opie/libopie/open.c @@ -1,7 +1,7 @@ /* open.c: The __opieopen() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. diff --git a/contrib/opie/libopie/parsechallenge.c b/contrib/opie/libopie/parsechallenge.c index e3e314e..2035c38 100644 --- a/contrib/opie/libopie/parsechallenge.c +++ b/contrib/opie/libopie/parsechallenge.c @@ -1,13 +1,15 @@ -/* parsechallenge.c: The _opieparsechallenge() library function. +/* parsechallenge.c: The __opieparsechallenge() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. History: + Modified by cmetz for OPIE 2.32. Check for extended response sets. + Change prefix to double underscore. Created by cmetz for OPIE 2.3 using generator.c as a guide. */ @@ -29,7 +31,7 @@ static struct algorithm algorithms[] = { { NULL, 0 }, }; -int _opieparsechallenge FUNCTION((buffer, algorithm, sequence, seed), char *buffer AND int *algorithm AND int *sequence AND char **seed) +int __opieparsechallenge FUNCTION((buffer, algorithm, sequence, seed, exts), char *buffer AND int *algorithm AND int *sequence AND char **seed AND int *exts) { char *c; @@ -64,7 +66,13 @@ int _opieparsechallenge FUNCTION((buffer, algorithm, sequence, seed), char *buff } *seed = buffer; - *c = 0; + *(c++) = 0; + + while(*c && !isspace(*c)) c++; + if (*c && !strncmp(c, "ext", 3)) + *exts = 1; + else + *exts = 0; return 0; } diff --git a/contrib/opie/libopie/passcheck.c b/contrib/opie/libopie/passcheck.c index 8d60931..8bfa87d 100644 --- a/contrib/opie/libopie/passcheck.c +++ b/contrib/opie/libopie/passcheck.c @@ -1,7 +1,7 @@ /* passcheck.c: The opiepasscheck() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/passwd.c b/contrib/opie/libopie/passwd.c index 17df424..6bac249 100644 --- a/contrib/opie/libopie/passwd.c +++ b/contrib/opie/libopie/passwd.c @@ -1,13 +1,16 @@ /* passwd.c: The opiepasswd() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. History: + Modified by cmetz for OPIE 2.32. Renamed mode to flags. Made flag + values symbolic constants. Added a flag for insecure override + support. Modified by cmetz for OPIE 2.31. Removed active attack protection support. Modified by cmetz for OPIE 2.3. Split most of the function off @@ -20,12 +23,15 @@ you didn't get a copy, you may request one from <license@inner.net>. #include "opie_cfg.h" #include "opie.h" -int opiepasswd FUNCTION((old, mode, principal, n, seed, ks), struct opie *old AND int mode AND char *principal AND int n AND char *seed AND char *ks) +int opiepasswd FUNCTION((old, flags, principal, n, seed, ks), struct opie *old AND int flags AND char *principal AND int n AND char *seed AND char *ks) { int i; struct opie opie; - if ((mode & 1) && opieinsecure()) + if ((flags & OPIEPASSWD_CONSOLE) && opieinsecure()) +#if INSECURE_OVERRIDE + if (!(flags & OPIEPASSWD_FORCE)) +#endif /* INSECURE_OVERRIDE */ return -1; memset(&opie, 0, sizeof(struct opie)); @@ -42,7 +48,7 @@ int opiepasswd FUNCTION((old, mode, principal, n, seed, ks), struct opie *old AN if (ks) { char key[8]; - if (mode & 1) { + if (flags & OPIEPASSWD_CONSOLE) { if (opiekeycrunch(MDX, key, seed, ks)) return -1; for (i = n; i; i--) diff --git a/contrib/opie/libopie/randomchallenge.c b/contrib/opie/libopie/randomchallenge.c index 021da77..99b4c48 100644 --- a/contrib/opie/libopie/randomchallenge.c +++ b/contrib/opie/libopie/randomchallenge.c @@ -1,7 +1,7 @@ /* randomchallenge.c: The opierandomchallenge() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,8 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.32. Initialize algids[] with 0s + instead of NULL. Modified by cmetz for OPIE 2.3. Add sha support. Modified by cmetz for OPIE 2.22. Don't include stdio.h. Use opienewseed(). Don't include unneeded headers. @@ -26,7 +28,7 @@ License Agreement applies to this software. #include "opie_cfg.h" #include "opie.h" -static char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" }; +static char *algids[] = { 0, 0, 0, "sha1", "md4", "md5" }; /* Generate a random challenge */ /* This could grow into quite a monster, really. Random is good enough for @@ -39,5 +41,5 @@ VOIDRET opierandomchallenge FUNCTION((prompt), char *prompt) if (opienewseed(buf)) strcpy(buf, "ke4452"); - sprintf(prompt, "otp-%s %d %s", algids[MDX], (rand() % 499) + 1, buf); + sprintf(prompt, "otp-%s %d %s ext", algids[MDX], (rand() % 499) + 1, buf); } diff --git a/contrib/opie/libopie/readpass.c b/contrib/opie/libopie/readpass.c index 48b5699..5808f02 100644 --- a/contrib/opie/libopie/readpass.c +++ b/contrib/opie/libopie/readpass.c @@ -1,7 +1,7 @@ /* readpass.c: The opiereadpass() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/readrec.c b/contrib/opie/libopie/readrec.c index d26002d..f6361eb 100644 --- a/contrib/opie/libopie/readrec.c +++ b/contrib/opie/libopie/readrec.c @@ -1,7 +1,7 @@ /* readrec.c: The __opiereadrec() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. @@ -52,8 +52,14 @@ static int parserec FUNCTION((opie), struct opie *opie) *(c2++) = 0; - if (!(opie->opie_n = atoi(c))) + { + char *c3; + + opie->opie_n = strtoul(c, &c3, 10); + + if (*c3) return -1; + }; if (!(c2 = strchr(opie->opie_seed = c2, ' '))) return -1; @@ -112,7 +118,7 @@ int __opiereadrec FUNCTION((opie), struct opie *opie) } if (!opie->opie_principal) - return -1; + goto ret; { char *c, principal[OPIE_PRINCIPAL_MAX]; diff --git a/contrib/opie/libopie/unlock.c b/contrib/opie/libopie/unlock.c index 4dac0c4..4c01a5c 100644 --- a/contrib/opie/libopie/unlock.c +++ b/contrib/opie/libopie/unlock.c @@ -1,7 +1,7 @@ /* unlock.c: The opieunlock() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/verify.c b/contrib/opie/libopie/verify.c index 52698d41..990e293 100644 --- a/contrib/opie/libopie/verify.c +++ b/contrib/opie/libopie/verify.c @@ -1,13 +1,17 @@ /* verify.c: The opieverify() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. History: + Modified by cmetz for OPIE 2.32. Renamed _opieparsechallenge() to + __opieparsechallenge() and handle new argument. Fixed init + response parsing bug. + Modified by cmetz for OPIE 2.31. Renamed "init" to "init-hex". Modified by cmetz for OPIE 2.31. Renamed "init" and "RESPONSE_INIT" to "init-hex" and "RESPONSE_INIT_HEX". Removed active attack protection support. @@ -126,8 +130,6 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response) case RESPONSE_INIT_WORD: { char *c2; - char newkey[8]; - char buf[OPIE_SEED_MAX + 48 + 1]; if (!(c2 = strchr(c, ':'))) goto verret; @@ -165,22 +167,17 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response) *(c2++) = 0; { - int j; + int j, k; - if (_opieparsechallenge(c, &j, &(opie->opie_n), &(opie->opie_seed)) || (j != MDX)) + if (__opieparsechallenge(c, &j, &(opie->opie_n), &(opie->opie_seed), &k) || (j != MDX) || k) goto verret; } - if (!(c2 = strchr(c = c2, ':'))) - goto verret; - - *(c2++) = 0; - if (i == RESPONSE_INIT_HEX) { - if (!opieatob8(newkey, c)) + if (!opieatob8(key, c2)) goto verret; } else { - if (opieetob(newkey, c) != 1) + if (opieetob(key, c2) != 1) goto verret; } } diff --git a/contrib/opie/libopie/version.c b/contrib/opie/libopie/version.c index 11e3394..ef6523d 100644 --- a/contrib/opie/libopie/version.c +++ b/contrib/opie/libopie/version.c @@ -1,7 +1,7 @@ /* version.c: The opieversion() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/writerec.c b/contrib/opie/libopie/writerec.c index 2246899..0843423 100644 --- a/contrib/opie/libopie/writerec.c +++ b/contrib/opie/libopie/writerec.c @@ -1,7 +1,7 @@ /* writerec.c: The __opiewriterec() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. +This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from <license@inner.net>. |