diff options
author | kris <kris@FreeBSD.org> | 2000-04-10 11:09:42 +0000 |
---|---|---|
committer | kris <kris@FreeBSD.org> | 2000-04-10 11:09:42 +0000 |
commit | aee7d5e2d9b6409777977e7e84bb592b3ec3bd30 (patch) | |
tree | 2a4ae68749c83823fce59d928ca92442a2879aa0 /contrib/opie/opielogin.c | |
parent | 5bec5470a59d584c74e9b1d1a9790293fb566048 (diff) | |
download | FreeBSD-src-aee7d5e2d9b6409777977e7e84bb592b3ec3bd30.zip FreeBSD-src-aee7d5e2d9b6409777977e7e84bb592b3ec3bd30.tar.gz |
Upgrade to OPIE 2.32, from http://www.inner.net/pub/opie/
Diffstat (limited to 'contrib/opie/opielogin.c')
-rw-r--r-- | contrib/opie/opielogin.c | 210 |
1 files changed, 104 insertions, 106 deletions
diff --git a/contrib/opie/opielogin.c b/contrib/opie/opielogin.c index c2fecb9..eacfac9 100644 --- a/contrib/opie/opielogin.c +++ b/contrib/opie/opielogin.c @@ -1,7 +1,7 @@ /* opielogin.c: The infamous /bin/login %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,10 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.32. Partially handle environment + variables on the command line (a better implementation is + coming soon). Handle failure to issue a challenge more + gracefully. Modified by cmetz for OPIE 2.31. Use _PATH_NOLOGIN. Move Solaris drain bamage kluge after rflag check; it breaks rlogin. Use TCSAFLUSH instead of TCSANOW (except where it flushes @@ -638,7 +642,8 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) int i; char *p; char opieprompt[OPIE_CHALLENGE_MAX + 1]; - int pwok, otpok, af_pwok; + int af_pwok; + int authsok; char *pp; char buf[256]; int uid; @@ -700,111 +705,104 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) } #endif /* DEBUG */ -/* Some OSs pass environment variables on the command line. All of them except - for TERM get eaten. */ - - i = argc; - while (--i) - if (strchr(argv[i], '=')) { -#ifdef DEBUG - syslog(LOG_DEBUG, "eating %s", argv[i]); -#endif /* DEBUG */ - argc--; - if (!strncmp(argv[i], "TERM=", 5)) { - strncpy(term, &(argv[i][5]), sizeof(term)); - term[sizeof(term) - 1] = 0; -#ifdef DEBUG - syslog(LOG_DEBUG, "passed TERM=%s, ouroptind = %d", term, i); -#endif /* DEBUG */ - } - } /* Implement our own getopt()-like functionality, but do so in a much more strict manner to prevent security problems. */ for (ouroptind = 1; ouroptind < argc; ouroptind++) { - i = 0; - if (argv[ouroptind]) - if (argv[ouroptind][0] == '-') - if (i = argv[ouroptind][1]) - if (!argv[ouroptind][2]) - switch (i) { - case 'd': - if (++ouroptind == argc) - exit(1); + if (!argv[ouroptind]) + continue; + + if (argv[ouroptind][0] == '-') { + char *c = argv[ouroptind] + 1; + + while(*c) { + switch(*(c++)) { + case 'd': + if (*c || (++ouroptind == argc)) + exit(1); + /* The '-d' option is apparently a performance hack to get around ttyname() being slow. The potential does exist for it to be used for malice, and it does not seem to be strictly necessary, so we will just eat it. */ - break; + break; - case 'r': - if (rflag || hflag || fflag) { - printf("Other options not allowed with -r\n"); - exit(1); - } - if (++ouroptind == argc) - exit(1); - - ouroptarg = argv[ouroptind]; - - if (!ouroptarg) - exit(1); - - rflag = -1; - if (!doremotelogin(ouroptarg)) - rflag = 1; - - strncpy(host, ouroptarg, sizeof(host)); - break; + case 'r': + if (rflag || hflag || fflag) { + fprintf(stderr, "Other options not allowed with -r\n"); + exit(1); + } - case 'h': - if (!getuid()) { - if (rflag || hflag || fflag) { - printf("Other options not allowed with -h\n"); - exit(1); - } - hflag = 1; + if (*c || (++ouroptind == argc)) + exit(1); - if (++ouroptind == argc) - exit(1); + if (!(ouroptarg = argv[ouroptind])) + exit(1); - ouroptarg = argv[ouroptind]; + rflag = -1; + if (!doremotelogin(ouroptarg)) + rflag = 1; + + strncpy(host, ouroptarg, sizeof(host)); + break; - if (!ouroptarg) - exit(1); - - strncpy(host, ouroptarg, sizeof(host)); - } - break; - - case 'f': - if (rflag) { - printf("Only one of -r and -f allowed\n"); + case 'h': + if (!getuid()) { + if (rflag || hflag || fflag) { + fprintf(stderr, "Other options not allowed with -h\n"); exit(1); } - fflag = 1; + hflag = 1; - if (++ouroptind == argc) + if (*c || (++ouroptind == argc)) exit(1); - ouroptarg = argv[ouroptind]; - - if (!ouroptarg) + if (!(ouroptarg = argv[ouroptind])) exit(1); + + strncpy(host, ouroptarg, sizeof(host)); + } + break; - strncpy(name, ouroptarg, sizeof(name)); - break; + case 'f': + if (rflag) { + fprintf(stderr, "Only one of -r and -f allowed\n"); + exit(1); + } + fflag = 1; + + if (*c || (++ouroptind == argc)) + exit(1); + + if (!(ouroptarg = argv[ouroptind])) + exit(1); + + strncpy(name, ouroptarg, sizeof(name)); + break; + case 'p': + pflag = 1; + break; + }; + }; + continue; + }; - case 'p': - pflag = 1; - break; - } else - i = 0; - if (!i) { - ouroptarg = argv[ouroptind++]; - strncpy(name, ouroptarg, sizeof(name)); - break; - } - } + if (strchr(argv[ouroptind], '=')) { + if (!strncmp(argv[ouroptind], "TERM=", 5)) { + strncpy(term, &(argv[ouroptind][5]), sizeof(term)); + term[sizeof(term) - 1] = 0; +#ifdef DEBUG + syslog(LOG_DEBUG, "passed TERM=%s, ouroptind = %d", term, ouroptind); +#endif /* DEBUG */ + } else { +#ifdef DEBUG + syslog(LOG_DEBUG, "eating %s, ouroptind = %d", argv[ouroptind], ouroptind); +#endif /* DEBUG */ + }; + continue; + }; + + strncpy(name, argv[ouroptind], sizeof(name)); + }; #ifdef TIOCNXCL /* BSDism: not sure how to rewrite for POSIX. rja */ @@ -1063,6 +1061,7 @@ completeness, but these are set within appropriate defines for portability. */ if (invalid && !name[0]) { getloginname(); invalid = lookupuser(); + authsok = 0; } #ifdef DEBUG syslog(LOG_DEBUG, "login name is +%s+, of length %d, [0] = %d", name, strlen(name), name[0]); @@ -1092,11 +1091,9 @@ completeness, but these are set within appropriate defines for portability. */ if ((i < 0) || (i > 1)) { syslog(LOG_ERR, "error: opiechallenge() returned %d, errno=%d!\n", i, errno); - fprintf(stderr, "System error; can't issue challenge!\n"); - otpok = 0; } else { printf("%s\n", opieprompt); - otpok = 1; + authsok |= 1; } if (!memcmp(&thisuser, &nouser, sizeof(thisuser))) @@ -1107,28 +1104,29 @@ completeness, but these are set within appropriate defines for portability. */ syslog(LOG_WARNING, "Invalid login attempt for %s on %s.", name, tty); - pwok = af_pwok && opiealways(thisuser.pw_dir); + if (af_pwok && opiealways(thisuser.pw_dir)) + authsok |= 2; + #if DEBUG - syslog(LOG_DEBUG, "af_pwok = %d, pwok = %d", af_pwok, pwok); + syslog(LOG_DEBUG, "af_pwok = %d, authsok = %d", af_pwok, authsok); #endif /* DEBUG */ - if (!pwok && !otpok) { - fprintf(stderr, "Can't authenticate %s!\n", name); - exit(1); - } + if (!authsok) + syslog(LOG_ERR, "no authentication methods are available for %s!", name); #if NEW_PROMPTS - if (otpok) + if ((authsok & 1) || !authsok) printf("Response"); - if (otpok && pwok) + if (((authsok & 3) == 3) || !authsok) printf(" or "); - if (pwok) + if ((authsok & 2) || !authsok) printf("Password"); printf(": "); - if (!opiereadpass(buf, sizeof(buf), !pwok)) + fflush(stdout); + if (!opiereadpass(buf, sizeof(buf), !(authsok & 2))) invalid = TRUE; #else /* NEW_PROMPTS */ - if (!pwok) + if (!(authsok & 1) && authsok) printf("(OTP response required)\n"); printf("Password:"); fflush(stdout); @@ -1136,8 +1134,8 @@ completeness, but these are set within appropriate defines for portability. */ invalid = TRUE; #endif /* NEW_PROMPTS */ - if (!buf[0] && otpok) { - pwok = 0; + if (!buf[0] && (authsok & 1)) { + authsok &= ~2; /* Null line entered, so display appropriate prompt & flush current data. */ #if NEW_PROMPTS @@ -1149,7 +1147,7 @@ completeness, but these are set within appropriate defines for portability. */ invalid = TRUE; } - if (otpok) { + if (authsok & 1) { i = opiegetsequence(&opie); opiepassed = !opieverify(&opie, buf); @@ -1159,7 +1157,7 @@ completeness, but these are set within appropriate defines for portability. */ } if (!invalid) { - if (otpok && opiepassed) { + if ((authsok & 1) && opiepassed) { if (i < 10) { printf("Warning: Re-initialize your OTP information"); if (i < 5) @@ -1167,7 +1165,7 @@ completeness, but these are set within appropriate defines for portability. */ printf("\n"); } } else { - if (pwok) { + if (authsok & 2) { pp = crypt(buf, thisuser.pw_passwd); invalid = strcmp(pp, thisuser.pw_passwd); } else |