1 files changed, 25 insertions, 9 deletions

diff --git a/contrib/opie/libopie/generator.c b/contrib/opie/libopie/generator.c
index 02167bf..eef7cac 100644
--- a/contrib/opie/libopie/generator.c
+++ b/contrib/opie/libopie/generator.c
@@ -1,7 +1,7 @@
 /* generator.c: The opiegenerator() library function.
 
 %%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights
+Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
 Reserved. The Inner Net License Version 2 applies to these portions of
 the software.
 You should have received a copy of the license with this software. If
@@ -9,16 +9,24 @@ you didn't get a copy, you may request one from <license@inner.net>.
 
         History:
 
+	Modified by cmetz for OPIE 2.32. If secret=NULL, always return
+		as if opieauto returned "get the secret". Renamed
+		_opieparsechallenge() to __opieparsechallenge(). Check
+		challenge for extended response support and don't send
+		an init-hex response if extended response support isn't
+		indicated in the challenge.
 	Modified by cmetz for OPIE 2.31. Renamed "init" to "init-hex".
-	      Removed active attack protection support. Fixed fairly
-              bug in how init response was computed (i.e., dead wrong).
+		Removed active attack protection support. Fixed fairly
+		bug in how init response was computed (i.e., dead wrong).
 	Modified by cmetz for OPIE 2.3. Use _opieparsechallenge(). ifdef
-	      around string.h. Output hex responses by default, output
-	      OTP re-init extended responses (same secret) if sequence
-	      number falls below 10.
+		around string.h. Output hex responses by default, output
+		OTP re-init extended responses (same secret) if sequence
+		number falls below 10.
 	Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
-              Bug fixes.
+		Bug fixes.
 	Created at NRL for OPIE 2.2.
+
+$FreeBSD$
 */
 
 #include "opie_cfg.h"
@@ -36,26 +44,33 @@ int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *se
   char *seed;
   char key[8];
   int i;
+  int exts;
 
   if (!(buffer = strstr(buffer, "otp-")))
     return 1;
 
   buffer += 4;
 
-  if (_opieparsechallenge(buffer, &algorithm, &sequence, &seed))
+  if (__opieparsechallenge(buffer, &algorithm, &sequence, &seed, &exts))
     return 1;
 
   if ((sequence < 2) || (sequence > 9999))
     return 1;
 
+  if (!secret[0])
+   return 2;
+
   if (opiepasscheck(secret))
     return -2;
 
   if (i = opiekeycrunch(algorithm, key, seed, secret))
     return i;
 
-
   if (sequence < 10) {
+    if (!(exts & 1))
+      return 1;
+
+    {
     char newseed[OPIE_SEED_MAX + 1];
     char newkey[8];
     char *c;
@@ -78,6 +93,7 @@ int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *se
     sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed);
     strcat(response, buf);
     strcat(response, opiebtoh(buf, newkey));
+    };
   } else {
     while (sequence-- != 0)
       opiehash(key, algorithm);