This commit is contained in:
Kris Kennaway
2000-04-10 11:09:42 +00:00
parent 32fb311063
commit dd9cf0235c
69 changed files with 629 additions and 527 deletions
+8 -5
View File
@@ -1,6 +1,9 @@
OPIE Software Distribution, Release 2.31 Bug Reporting Form OPIE Software Distribution, Release 2.32 Bug Reporting Form
======================================== ================== ======================================== ==================
Before submitting a bug report, please check the README file and make
sure that your "bug" is not a known problem.
Please make a copy of this file and then edit it with your favorite Please make a copy of this file and then edit it with your favorite
text editor to include the answers to the following questions: text editor to include the answers to the following questions:
@@ -8,9 +11,9 @@ text editor to include the answers to the following questions:
If you can provide multiple addresses, please do so in case we If you can provide multiple addresses, please do so in case we
are unable to reply to the first one. are unable to reply to the first one.
2. Your exact operating system vendor, name, and version number. 2. Your exact operating system vendor, name, and version number. If available,
Please be more specific than "UNIX" -- most vendors have a name please provide the output of "uname -a" and/or the version of your C
for their particular flavor of UNIX. runtime library. Please be more specific than "UNIX".
3. The exact hardware the system was installed upon. 3. The exact hardware the system was installed upon.
@@ -73,7 +76,7 @@ Copyright
========= =========
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -75,7 +75,7 @@ Copyright
========= =========
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -2,7 +2,7 @@
# Makefile.source and Makefile: Directions for building and installing OPIE. # Makefile.source and Makefile: Directions for building and installing OPIE.
# #
# %%% portions-copyright-cmetz-96 # %%% portions-copyright-cmetz-96
# Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights # Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
# Reserved. The Inner Net License Version 2 applies to these portions of # Reserved. The Inner Net License Version 2 applies to these portions of
# the software. # the software.
# You should have received a copy of the license with this software. If # You should have received a copy of the license with this software. If
+23 -5
View File
@@ -1,4 +1,4 @@
OPIE Software Distribution, Release 2.31 Important Information OPIE Software Distribution, Release 2.32 Important Information
======================================== ===================== ======================================== =====================
Introduction Introduction
@@ -75,6 +75,13 @@ original Bellcore S/Key(tm) Version 1 software:
A Glance at What's New A Glance at What's New
====================== ======================
2.32 January 1, 1998.
Indicate support for extended responses in challenges and check for
such indication before generating any extended responses.
Lots of portability and bug fixes.
2.31 March 20, 1997. 2.31 March 20, 1997.
Removed active attack protection support due to patent problems. Removed active attack protection support due to patent problems.
@@ -225,6 +232,10 @@ it easier to coordinate bug hunting.
Gotchas Gotchas
======= =======
Solaris 2.x is just a lose. It does a lot of nonstandard and downright
broken things. If you want OPIE to be reliable on your box, upgrade to NetBSD
or Linux.
While an almost universal "feature", most people remain unaware that While an almost universal "feature", most people remain unaware that
an intruder can log into a system, then log in again by running the "login" an intruder can log into a system, then log in again by running the "login"
command from a shell. Because the second login is from the local host, the command from a shell. Because the second login is from the local host, the
@@ -324,9 +335,7 @@ and reasonable getty sources (try sunsite.unc.edu:/pub/Linux/system/Serial, at
least one of agetty, mingetty, and getty_ps should work) and replacing the least one of agetty, mingetty, and getty_ps should work) and replacing the
Solaris versions with these. OPIE should work *much* more happily with these Solaris versions with these. OPIE should work *much* more happily with these
programs than the ones that come with Solaris. However, there could be negative programs than the ones that come with Solaris. However, there could be negative
side effects -- this is not a procedure recommended for the faint of heart. An side effects -- this is not a procedure recommended for the faint of heart.
even more drastic solution more likely to make OPIE happy is to install Linux
or NetBSD on your box ;)
OPIE is a lot more fussy than it used to be about lock files and where OPIE is a lot more fussy than it used to be about lock files and where
it puts them. The lock file directory must be a directory used only for OPIE it puts them. The lock file directory must be a directory used only for OPIE
@@ -387,22 +396,31 @@ community effort. These contributors include:
Mowgli Assor Mowgli Assor
Lawrie Brown Lawrie Brown
Andrew Davis Andrew Davis
Dennis Glatting
Ben Golding
Axel Grewe Axel Grewe
"Hobbit" "Hobbit"
Kojima Hajime Kojima Hajime
Darren Hosking Darren Hosking
Matt Hucke
Charles Karney
Jeff Kletsky
Martijn Koster Martijn Koster
Osamu Kurati Osamu Kurati
Ayamura Kikuchi Ayamura Kikuchi
Ronald van der Meer
Hiroshi Nakano Hiroshi Nakano
Ikuo Nakagawa Ikuo Nakagawa
Angelo Neri Angelo Neri
C. R. Oldham C. R. Oldham
D. Jason Penney D. Jason Penney
John Perkins John Perkins
Steve Price
Jim Simmons Jim Simmons
Steve Simmons
Brad Smith Brad Smith
Werner Wiethege Werner Wiethege
Ken-ichi Yamasaki
Wietse Venema Wietse Venema
OPIE development at NRL was sponsored by the Information Security OPIE development at NRL was sponsored by the Information Security
@@ -427,7 +445,7 @@ trademarked by anyone.
Copyrights Copyrights
========== ==========
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -1,7 +1,7 @@
/* acconfig.h: Extra commentary for Autoheader /* acconfig.h: Extra commentary for Autoheader
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
-3
View File
@@ -176,9 +176,6 @@
/* Defined if su should not switch to disabled accounts */ /* Defined if su should not switch to disabled accounts */
#undef SU_STAR_CHECK #undef SU_STAR_CHECK
/* Defined if user locking is to be used */
#undef USER_LOCKING
/* Define if you have the bcopy function. */ /* Define if you have the bcopy function. */
#undef HAVE_BCOPY #undef HAVE_BCOPY
+262 -248
View File
File diff suppressed because it is too large Load Diff
+18 -14
View File
@@ -1,7 +1,7 @@
dnl configure.in: Input for Autoconf dnl configure.in: Input for Autoconf
dnl dnl
dnl %%% portions-copyright-cmetz-96 dnl %%% portions-copyright-cmetz-96
dnl Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights dnl Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
dnl Reserved. The Inner Net License Version 2 applies to these portions of dnl Reserved. The Inner Net License Version 2 applies to these portions of
dnl the software. dnl the software.
dnl You should have received a copy of the license with this software. If dnl You should have received a copy of the license with this software. If
@@ -14,6 +14,9 @@ dnl License Agreement applies to this software.
dnl dnl
dnl History: dnl History:
dnl dnl
dnl Modified by cmetz for OPIE 2.32. Substitute default for LOCK_DIR.
dnl Fix the --disable-user-locking bug. AC_DEFINE variables to 1.
dnl Really check for ut_host.
dnl Modified by cmetz for OPIE 2.31. Put back manual utmp[x]/wtmp[x] dnl Modified by cmetz for OPIE 2.31. Put back manual utmp[x]/wtmp[x]
dnl checks -- too many OSs can't be trusted to tell us where they are. dnl checks -- too many OSs can't be trusted to tell us where they are.
dnl Check for sys/select.h. Spell endutent right. Replace strtoul() dnl Check for sys/select.h. Spell endutent right. Replace strtoul()
@@ -48,31 +51,30 @@ ACCESS_FILE="$enable_access_file"
AC_SUBST(ACCESS_FILE) AC_SUBST(ACCESS_FILE)
AC_ARG_ENABLE(server-md4, [ --enable-server-md4 Use MD4 instead of MD5 for the server], AC_DEFINE(MDX, 4), AC_DEFINE(MDX, 5)) AC_ARG_ENABLE(server-md4, [ --enable-server-md4 Use MD4 instead of MD5 for the server], AC_DEFINE(MDX, 4), AC_DEFINE(MDX, 5))
set do_user_locking=1;
AC_ARG_ENABLE(user-locking, [ --disable-user-locking Disable user locking AC_ARG_ENABLE(user-locking, [ --disable-user-locking Disable user locking
--enable-user-locking[=DIR] --enable-user-locking[=DIR]
Put user lock files in DIR [/etc/opielocks]],, set do_user_locking=0) Put user lock files in DIR [/etc/opielocks]],,)
if $do_user_locking; if test "$enable_user_locking" != no;
then then
AC_DEFINE(USER_LOCKING)
if test -z "$enable_user_locking" if test -z "$enable_user_locking"
then then
AC_DEFINE(OPIE_LOCK_DIR, "/etc/opielocks") AC_DEFINE(OPIE_LOCK_DIR, "/etc/opielocks")
LOCK_DIR="/etc/opielocks"
else else
AC_DEFINE_UNQUOTED(OPIE_LOCK_DIR, "$enable_user_locking") AC_DEFINE_UNQUOTED(OPIE_LOCK_DIR, "$enable_user_locking")
LOCK_DIR="$enable_user_locking"
fi fi
fi fi
LOCK_DIR="$enable_user_locking"
AC_SUBST(LOCK_DIR) AC_SUBST(LOCK_DIR)
AC_ARG_ENABLE(retype, [ --enable-retype Ask users to re-type their secret pass phrases], AC_DEFINE(RETYPE)) AC_ARG_ENABLE(retype, [ --enable-retype Ask users to re-type their secret pass phrases], AC_DEFINE(RETYPE, 1))
AC_ARG_ENABLE(su-star-check, [ --enable-su-star-check Refuse to switch to disabled accounts], AC_DEFINE(SU_STAR_CHECK)) AC_ARG_ENABLE(su-star-check, [ --enable-su-star-check Refuse to switch to disabled accounts], AC_DEFINE(SU_STAR_CHECK, 1))
AC_ARG_ENABLE(new-prompts, [ --disable-new-prompts Use more compatible (but less informative) prompts],, AC_DEFINE(NEW_PROMPTS)) AC_ARG_ENABLE(new-prompts, [ --disable-new-prompts Use more compatible (but less informative) prompts],, AC_DEFINE(NEW_PROMPTS, 1))
AC_ARG_ENABLE(insecure-override, [ --enable-insecure-override AC_ARG_ENABLE(insecure-override, [ --enable-insecure-override
Allow users to override insecure checks], AC_DEFINE(INSECURE_OVERRIDE)) Allow users to override insecure checks], AC_DEFINE(INSECURE_OVERRIDE, 1))
AC_ARG_ENABLE(anonymous-ftp, [ --enable-anonymous-ftp Enable anonymous FTP support], AC_DEFINE(DOANONYMOUS) echo "Enabling anonymous FTP support in ftp -- don't say we didn't warn you!") AC_ARG_ENABLE(anonymous-ftp, [ --enable-anonymous-ftp Enable anonymous FTP support], AC_DEFINE(DOANONYMOUS, 1) echo "Enabling anonymous FTP support in ftp -- don't say we didn't warn you!")
AC_ARG_ENABLE(utmp, [ --disable-utmp Disable utmp logging], AC_DEFINE(DISABLE_UTMP) echo "Disabling utmp logging") AC_ARG_ENABLE(utmp, [ --disable-utmp Disable utmp logging], AC_DEFINE(DISABLE_UTMP, 1) echo "Disabling utmp logging")
AC_ARG_ENABLE(wtmp, [ --disable-wtmp Disable wtmp logging], AC_DEFINE(DISABLE_UTMP) echo "Disabling wtmp logging") AC_ARG_ENABLE(wtmp, [ --disable-wtmp Disable wtmp logging], AC_DEFINE(DISABLE_UTMP, 1) echo "Disabling wtmp logging")
dnl Checks for programs. dnl Checks for programs.
AC_PROG_CC AC_PROG_CC
@@ -479,7 +481,9 @@ AC_TRY_COMPILE([#include <sys/types.h>
dnl AC_MSG_CHECKING(for ut_user in struct utmp) dnl AC_MSG_CHECKING(for ut_user in struct utmp)
dnl AC_TRY_COMPILE([#include <sys/types.h> dnl AC_TRY_COMPILE([#include <sys/types.h>
dnl #include <utmp.h>], [struct utmp foo; return (int)foo.ut_user[0];], AC_DEFINE(HAVE_UT_USER) AC_MSG_RESULT(yes), AC_MSG_RESULT(no)) dnl #include <utmp.h>], [struct utmp foo; return (int)foo.ut_user[0];], AC_DEFINE(HAVE_UT_USER) AC_MSG_RESULT(yes), AC_MSG_RESULT(no))
AC_DEFINE(HAVE_UT_HOST) AC_MSG_CHECKING(for ut_host in struct utmp)
AC_TRY_COMPILE([#include <sys/types.h>
#include <utmp.h>], [struct utmp foo; return (int)foo.ut_host[0];], AC_DEFINE(HAVE_UT_HOST) AC_MSG_RESULT(yes), AC_MSG_RESULT(no))
dnl Checks for library functions. dnl Checks for library functions.
dnl AC_PROG_GCC_TRADITIONAL dnl AC_PROG_GCC_TRADITIONAL
+1 -1
View File
@@ -1,7 +1,7 @@
/* ftpcmd.y: yacc parser for the FTP daemon. /* ftpcmd.y: yacc parser for the FTP daemon.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+3 -2
View File
@@ -1,7 +1,7 @@
/* glob.c: The csh et al glob pattern matching routines. /* glob.c: The csh et al glob pattern matching routines.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
@@ -13,6 +13,8 @@ License Agreement applies to this software.
History: History:
Modified by cmetz for OPIE 2.32. Remove include of dirent.h here; it's
done already (and conditionally) in opie_cfg.h.
Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al. Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
Remove useless strings. Prototype right. Remove useless strings. Prototype right.
Modified at NRL for OPIE 2.0. Modified at NRL for OPIE 2.0.
@@ -62,7 +64,6 @@ License Agreement applies to this software.
#endif /* HAVE_SYS_PARAM_H */ #endif /* HAVE_SYS_PARAM_H */
#include <sys/stat.h> #include <sys/stat.h>
#include <dirent.h>
#if HAVE_PWD_H #if HAVE_PWD_H
#include <pwd.h> #include <pwd.h>
#endif /* HAVE_PWD_H */ #endif /* HAVE_PWD_H */
+1 -1
View File
@@ -2,7 +2,7 @@
# Makefile.in/Makefile: Directions for building libmissing. # Makefile.in/Makefile: Directions for building libmissing.
# #
# %%% copyright-cmetz-96 # %%% copyright-cmetz-96
# This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. # This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
# The Inner Net License Version 2 applies to this software. # The Inner Net License Version 2 applies to this software.
# You should have received a copy of the license with this software. If # You should have received a copy of the license with this software. If
# you didn't get a copy, you may request one from <license@inner.net>. # you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -1,7 +1,7 @@
/* endutent.c: A replacement for the endutent function /* endutent.c: A replacement for the endutent function
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+5 -3
View File
@@ -1,13 +1,15 @@
/* getutline.c: A replacement for the getutline() function /* getutline.c: A replacement for the getutline() function
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
History: History:
Modified by cmetz for OPIE 2.32. Fixed check for fread() return
value.
Modified by cmetz for OPIE 2.31. If the OS won't tell us where Modified by cmetz for OPIE 2.31. If the OS won't tell us where
_PATH_UTMP is, play the SVID game, then use _PATH_UTMP is, play the SVID game, then use
Autoconf-discovered values. Autoconf-discovered values.
@@ -41,14 +43,14 @@ struct utmp *getutline FUNCTION((utmp), struct utmp *utmp)
if (i = ttyslot()) { if (i = ttyslot()) {
if (fseek(f, i * sizeof(struct utmp), SEEK_SET) < 0) if (fseek(f, i * sizeof(struct utmp), SEEK_SET) < 0)
goto ret; goto ret;
if (fread(&u, sizeof(struct utmp), 1, f) != sizeof(struct utmp)) if (fread(&u, sizeof(struct utmp), 1, f) != 1)
goto ret; goto ret;
fclose(f); fclose(f);
return &u; return &u;
} }
#endif /* HAVE_TTYSLOT */ #endif /* HAVE_TTYSLOT */
while(fread(&u, sizeof(struct utmp), 1, f) == sizeof(struct utmp)) { while(fread(&u, sizeof(struct utmp), 1, f) == 1) {
if (!strncmp(utmp->ut_line, u.ut_line, sizeof(u.ut_line) - 1)) { if (!strncmp(utmp->ut_line, u.ut_line, sizeof(u.ut_line) - 1)) {
fclose(f); fclose(f);
return &u; return &u;
+4 -2
View File
@@ -1,13 +1,15 @@
/* pututline.c: A replacement for the pututline() function /* pututline.c: A replacement for the pututline() function
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
History: History:
Modified by cmetz for OPIE 2.32. Fixed check for fread() return
value.
Modified by cmetz for OPIE 2.31. If the OS won't tell us where Modified by cmetz for OPIE 2.31. If the OS won't tell us where
_PATH_UTMP is, use Autoconf-discovered values. _PATH_UTMP is, use Autoconf-discovered values.
Created by cmetz for OPIE 2.3. Created by cmetz for OPIE 2.3.
@@ -40,7 +42,7 @@ void pututline FUNCTION((utmp), struct utmp *utmp)
} }
#endif /* HAVE_TTYSLOT */ #endif /* HAVE_TTYSLOT */
while(fread(&u, sizeof(struct utmp), 1, f) == sizeof(struct utmp)) { while(fread(&u, sizeof(struct utmp), 1, f) == 1) {
if (!strncmp(utmp->ut_line, u.ut_line, sizeof(u.ut_line) - 1)) { if (!strncmp(utmp->ut_line, u.ut_line, sizeof(u.ut_line) - 1)) {
if ((i = ftell(f)) < 0) if ((i = ftell(f)) < 0)
goto ret; goto ret;
+1 -1
View File
@@ -1,7 +1,7 @@
/* setutent.c: A replacement for the setutent function /* setutent.c: A replacement for the setutent function
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -2,7 +2,7 @@
# Makefile.in/Makefile: Directions for building libopie. # Makefile.in/Makefile: Directions for building libopie.
# #
# %%% copyright-cmetz-96 # %%% copyright-cmetz-96
# This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. # This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
# The Inner Net License Version 2 applies to this software. # The Inner Net License Version 2 applies to this software.
# You should have received a copy of the license with this software. If # You should have received a copy of the license with this software. If
# you didn't get a copy, you may request one from <license@inner.net>. # you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -2,7 +2,7 @@
overrides. overrides.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -1,7 +1,7 @@
/* atob8.c: The opieatob8() library function. /* atob8.c: The opieatob8() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -1,7 +1,7 @@
/* btoa8.c: The opiebtoa8() library function. /* btoa8.c: The opiebtoa8() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -3,7 +3,7 @@
64 bit OTP. 64 bit OTP.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -1,7 +1,7 @@
/* btoh.c: The opiebtoh() library function. /* btoh.c: The opiebtoh() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+4 -2
View File
@@ -1,7 +1,7 @@
/* challenge.c: The opiechallenge() library function. /* challenge.c: The opiechallenge() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -14,6 +14,8 @@ License Agreement applies to this software.
History: History:
Modified by cmetz for OPIE 2.32. Added extended response set
identifier to the challenge.
Modified by cmetz for OPIE 2.3. Use opie_ prefix. Send debug info to Modified by cmetz for OPIE 2.3. Use opie_ prefix. Send debug info to
syslog. Add sha plumbing. syslog. Add sha plumbing.
Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al. Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
@@ -68,7 +70,7 @@ int opiechallenge FUNCTION((mp, name, ss), struct opie *mp AND char *name AND ch
opierandomchallenge(ss); opierandomchallenge(ss);
memset(mp, 0, sizeof(*mp)); memset(mp, 0, sizeof(*mp));
} else } else
sprintf(ss, "otp-%s %d %s", algids[MDX], mp->opie_n - 1, mp->opie_seed); sprintf(ss, "otp-%s %d %s ext", algids[MDX], mp->opie_n - 1, mp->opie_seed);
return rval; return rval;
} }
+17 -3
View File
@@ -1,7 +1,7 @@
/* generator.c: The opiegenerator() library function. /* generator.c: The opiegenerator() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -9,6 +9,12 @@ you didn't get a copy, you may request one from <license@inner.net>.
History: History:
Modified by cmetz for OPIE 2.32. If secret=NULL, always return
as if opieauto returned "get the secret". Renamed
_opieparsechallenge() to __opieparsechallenge(). Check
challenge for extended response support and don't send
an init-hex response if extended response support isn't
indicated in the challenge.
Modified by cmetz for OPIE 2.31. Renamed "init" to "init-hex". Modified by cmetz for OPIE 2.31. Renamed "init" to "init-hex".
Removed active attack protection support. Fixed fairly Removed active attack protection support. Fixed fairly
bug in how init response was computed (i.e., dead wrong). bug in how init response was computed (i.e., dead wrong).
@@ -36,26 +42,33 @@ int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *se
char *seed; char *seed;
char key[8]; char key[8];
int i; int i;
int exts;
if (!(buffer = strstr(buffer, "otp-"))) if (!(buffer = strstr(buffer, "otp-")))
return 1; return 1;
buffer += 4; buffer += 4;
if (_opieparsechallenge(buffer, &algorithm, &sequence, &seed)) if (__opieparsechallenge(buffer, &algorithm, &sequence, &seed, &exts))
return 1; return 1;
if ((sequence < 2) || (sequence > 9999)) if ((sequence < 2) || (sequence > 9999))
return 1; return 1;
if (!secret[0])
return 2;
if (opiepasscheck(secret)) if (opiepasscheck(secret))
return -2; return -2;
if (i = opiekeycrunch(algorithm, key, seed, secret)) if (i = opiekeycrunch(algorithm, key, seed, secret))
return i; return i;
if (sequence < 10) { if (sequence < 10) {
if (!(exts & 1))
return 1;
{
char newseed[OPIE_SEED_MAX + 1]; char newseed[OPIE_SEED_MAX + 1];
char newkey[8]; char newkey[8];
char *c; char *c;
@@ -78,6 +91,7 @@ int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *se
sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed); sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed);
strcat(response, buf); strcat(response, buf);
strcat(response, opiebtoh(buf, newkey)); strcat(response, opiebtoh(buf, newkey));
};
} else { } else {
while (sequence-- != 0) while (sequence-- != 0)
opiehash(key, algorithm); opiehash(key, algorithm);
+1 -1
View File
@@ -1,7 +1,7 @@
/* getsequence.c: The opiegetsequence() library function. /* getsequence.c: The opiegetsequence() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -1,7 +1,7 @@
/* getutmpentry.c: The __opiegetutmpentry() library function. /* getutmpentry.c: The __opiegetutmpentry() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -1,7 +1,7 @@
/* hash.c: The opiehash() library function. /* hash.c: The opiehash() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -1,7 +1,7 @@
/* hashlen.c: The opiehashlen() library function. /* hashlen.c: The opiehashlen() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+3 -1
View File
@@ -1,7 +1,7 @@
/* insecure.c: The opieinsecure() library function. /* insecure.c: The opieinsecure() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -118,6 +118,7 @@ int opieinsecure FUNCTION_NOARGS
}; };
#if HAVE_UT_HOST #if HAVE_UT_HOST
if (isatty(0)) {
memset(&utmp, 0, sizeof(struct utmp)); memset(&utmp, 0, sizeof(struct utmp));
{ {
int i = __opiegetutmpentry(ttyname(0), &utmp); int i = __opiegetutmpentry(ttyname(0), &utmp);
@@ -147,6 +148,7 @@ int opieinsecure FUNCTION_NOARGS
} }
} }
}; };
};
#endif /* HAVE_UT_HOST */ #endif /* HAVE_UT_HOST */
if (insecure) if (insecure)
return (result = 1); return (result = 1);
+1 -1
View File
@@ -1,7 +1,7 @@
/* keycrunch.c: The opiekeycrunch() library function. /* keycrunch.c: The opiekeycrunch() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -1,7 +1,7 @@
/* lock.c: The opielock() library function. /* lock.c: The opielock() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -1,7 +1,7 @@
/* login.c: The opielogin() library function. /* login.c: The opielogin() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+10 -4
View File
@@ -1,7 +1,7 @@
/* logwtmp.c: Put an entry in the wtmp file. /* logwtmp.c: Put an entry in the wtmp file.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -14,6 +14,9 @@ License Agreement applies to this software.
History: History:
Modified by cmetz for OPIE 2.32. Don't leave line=NULL, skip
past /dev/ in line. Fill in ut_host on systems with UTMPX and
ut_host.
Modified by cmetz for OPIE 2.31. Move wtmp log functions here, to Modified by cmetz for OPIE 2.31. Move wtmp log functions here, to
improve portability. Added DISABLE_WTMP. improve portability. Added DISABLE_WTMP.
Modified by cmetz for OPIE 2.22. Call gettimeofday() properly. Modified by cmetz for OPIE 2.22. Call gettimeofday() properly.
@@ -124,7 +127,10 @@ VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND c
#if DOUTMPX && defined(_PATH_WTMPX) #if DOUTMPX && defined(_PATH_WTMPX)
close(fdx); close(fdx);
#endif /* DOUTMPX && defined(_PATH_WTMPX) */ #endif /* DOUTMPX && defined(_PATH_WTMPX) */
} line = "";
} else
if (!strncmp(line, "/dev/", 5))
line += 5;
if (fd < 0 && (fd = open(_PATH_WTMP, O_WRONLY | O_APPEND, 0)) < 0) if (fd < 0 && (fd = open(_PATH_WTMP, O_WRONLY | O_APPEND, 0)) < 0)
return; return;
@@ -137,9 +143,9 @@ VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND c
#endif /* HAVE_UT_PID */ #endif /* HAVE_UT_PID */
strncpy(ut.ut_line, line, sizeof(ut.ut_line)); strncpy(ut.ut_line, line, sizeof(ut.ut_line));
strncpy(ut.ut_name, name, sizeof(ut.ut_name)); strncpy(ut.ut_name, name, sizeof(ut.ut_name));
#if !DOUTMPX #if HAVE_UT_HOST
strncpy(ut.ut_host, host, sizeof(ut.ut_host)); strncpy(ut.ut_host, host, sizeof(ut.ut_host));
#endif /* !DOUTMPX */ #endif /* HAVE_UT_HOST */
time(&ut.ut_time); time(&ut.ut_time);
if (write(fd, (char *) &ut, sizeof(struct utmp)) != if (write(fd, (char *) &ut, sizeof(struct utmp)) !=
sizeof(struct utmp)) sizeof(struct utmp))
+1 -1
View File
@@ -1,7 +1,7 @@
/* lookup.c: The opielookup() library function. /* lookup.c: The opielookup() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -1,7 +1,7 @@
/* md4c.c: "RSA Data Security, Inc. MD4 Message-Digest Algorithm" /* md4c.c: "RSA Data Security, Inc. MD4 Message-Digest Algorithm"
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -2,7 +2,7 @@
"derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm" "derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm"
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+8 -4
View File
@@ -1,13 +1,14 @@
/* newseed.c: The opienewseed() library function. /* newseed.c: The opienewseed() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
History: History:
Modified by cmetz for OPIE 2.32. Added syslog.h if DEBUG.
Modified by cmetz for OPIE 2.31. Added time.h. Modified by cmetz for OPIE 2.31. Added time.h.
Created by cmetz for OPIE 2.22. Created by cmetz for OPIE 2.22.
*/ */
@@ -27,6 +28,9 @@ you didn't get a copy, you may request one from <license@inner.net>.
#include <sys/utsname.h> #include <sys/utsname.h>
#endif /* HAVE_SYS_UTSNAME_H */ #endif /* HAVE_SYS_UTSNAME_H */
#include <errno.h> #include <errno.h>
#if DEBUG
#include <syslog.h>
#endif /* DEBUG */
#include "opie.h" #include "opie.h"
int opienewseed FUNCTION((seed), char *seed) int opienewseed FUNCTION((seed), char *seed)
@@ -87,9 +91,9 @@ int opienewseed FUNCTION((seed), char *seed)
struct utsname utsname; struct utsname utsname;
if (uname(&utsname) < 0) { if (uname(&utsname) < 0) {
#if 0 #if DEBUG
perror("uname"); syslog(LOG_DEBUG, "uname: %s(%d)", strerror(errno), errno);
#endif /* 0 */ #endif /* DEBUG */
utsname.nodename[0] = 'k'; utsname.nodename[0] = 'k';
utsname.nodename[1] = 'e'; utsname.nodename[1] = 'e';
} }
+1 -1
View File
@@ -1,7 +1,7 @@
/* open.c: The __opieopen() library function. /* open.c: The __opieopen() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+12 -4
View File
@@ -1,13 +1,15 @@
/* parsechallenge.c: The _opieparsechallenge() library function. /* parsechallenge.c: The __opieparsechallenge() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
History: History:
Modified by cmetz for OPIE 2.32. Check for extended response sets.
Change prefix to double underscore.
Created by cmetz for OPIE 2.3 using generator.c as a guide. Created by cmetz for OPIE 2.3 using generator.c as a guide.
*/ */
@@ -29,7 +31,7 @@ static struct algorithm algorithms[] = {
{ NULL, 0 }, { NULL, 0 },
}; };
int _opieparsechallenge FUNCTION((buffer, algorithm, sequence, seed), char *buffer AND int *algorithm AND int *sequence AND char **seed) int __opieparsechallenge FUNCTION((buffer, algorithm, sequence, seed, exts), char *buffer AND int *algorithm AND int *sequence AND char **seed AND int *exts)
{ {
char *c; char *c;
@@ -64,7 +66,13 @@ int _opieparsechallenge FUNCTION((buffer, algorithm, sequence, seed), char *buff
} }
*seed = buffer; *seed = buffer;
*c = 0; *(c++) = 0;
while(*c && !isspace(*c)) c++;
if (*c && !strncmp(c, "ext", 3))
*exts = 1;
else
*exts = 0;
return 0; return 0;
} }
+1 -1
View File
@@ -1,7 +1,7 @@
/* passcheck.c: The opiepasscheck() library function. /* passcheck.c: The opiepasscheck() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+10 -4
View File
@@ -1,13 +1,16 @@
/* passwd.c: The opiepasswd() library function. /* passwd.c: The opiepasswd() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
History: History:
Modified by cmetz for OPIE 2.32. Renamed mode to flags. Made flag
values symbolic constants. Added a flag for insecure override
support.
Modified by cmetz for OPIE 2.31. Removed active attack protection Modified by cmetz for OPIE 2.31. Removed active attack protection
support. support.
Modified by cmetz for OPIE 2.3. Split most of the function off Modified by cmetz for OPIE 2.3. Split most of the function off
@@ -20,12 +23,15 @@ you didn't get a copy, you may request one from <license@inner.net>.
#include "opie_cfg.h" #include "opie_cfg.h"
#include "opie.h" #include "opie.h"
int opiepasswd FUNCTION((old, mode, principal, n, seed, ks), struct opie *old AND int mode AND char *principal AND int n AND char *seed AND char *ks) int opiepasswd FUNCTION((old, flags, principal, n, seed, ks), struct opie *old AND int flags AND char *principal AND int n AND char *seed AND char *ks)
{ {
int i; int i;
struct opie opie; struct opie opie;
if ((mode & 1) && opieinsecure()) if ((flags & OPIEPASSWD_CONSOLE) && opieinsecure())
#if INSECURE_OVERRIDE
if (!(flags & OPIEPASSWD_FORCE))
#endif /* INSECURE_OVERRIDE */
return -1; return -1;
memset(&opie, 0, sizeof(struct opie)); memset(&opie, 0, sizeof(struct opie));
@@ -42,7 +48,7 @@ int opiepasswd FUNCTION((old, mode, principal, n, seed, ks), struct opie *old AN
if (ks) { if (ks) {
char key[8]; char key[8];
if (mode & 1) { if (flags & OPIEPASSWD_CONSOLE) {
if (opiekeycrunch(MDX, key, seed, ks)) if (opiekeycrunch(MDX, key, seed, ks))
return -1; return -1;
for (i = n; i; i--) for (i = n; i; i--)
+5 -3
View File
@@ -1,7 +1,7 @@
/* randomchallenge.c: The opierandomchallenge() library function. /* randomchallenge.c: The opierandomchallenge() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -14,6 +14,8 @@ License Agreement applies to this software.
History: History:
Modified by cmetz for OPIE 2.32. Initialize algids[] with 0s
instead of NULL.
Modified by cmetz for OPIE 2.3. Add sha support. Modified by cmetz for OPIE 2.3. Add sha support.
Modified by cmetz for OPIE 2.22. Don't include stdio.h. Modified by cmetz for OPIE 2.22. Don't include stdio.h.
Use opienewseed(). Don't include unneeded headers. Use opienewseed(). Don't include unneeded headers.
@@ -26,7 +28,7 @@ License Agreement applies to this software.
#include "opie_cfg.h" #include "opie_cfg.h"
#include "opie.h" #include "opie.h"
static char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" }; static char *algids[] = { 0, 0, 0, "sha1", "md4", "md5" };
/* Generate a random challenge */ /* Generate a random challenge */
/* This could grow into quite a monster, really. Random is good enough for /* This could grow into quite a monster, really. Random is good enough for
@@ -39,5 +41,5 @@ VOIDRET opierandomchallenge FUNCTION((prompt), char *prompt)
if (opienewseed(buf)) if (opienewseed(buf))
strcpy(buf, "ke4452"); strcpy(buf, "ke4452");
sprintf(prompt, "otp-%s %d %s", algids[MDX], (rand() % 499) + 1, buf); sprintf(prompt, "otp-%s %d %s ext", algids[MDX], (rand() % 499) + 1, buf);
} }
+1 -1
View File
@@ -1,7 +1,7 @@
/* readpass.c: The opiereadpass() library function. /* readpass.c: The opiereadpass() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+9 -3
View File
@@ -1,7 +1,7 @@
/* readrec.c: The __opiereadrec() library function. /* readrec.c: The __opiereadrec() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
@@ -52,8 +52,14 @@ static int parserec FUNCTION((opie), struct opie *opie)
*(c2++) = 0; *(c2++) = 0;
if (!(opie->opie_n = atoi(c))) {
char *c3;
opie->opie_n = strtoul(c, &c3, 10);
if (*c3)
return -1; return -1;
};
if (!(c2 = strchr(opie->opie_seed = c2, ' '))) if (!(c2 = strchr(opie->opie_seed = c2, ' ')))
return -1; return -1;
@@ -112,7 +118,7 @@ int __opiereadrec FUNCTION((opie), struct opie *opie)
} }
if (!opie->opie_principal) if (!opie->opie_principal)
return -1; goto ret;
{ {
char *c, principal[OPIE_PRINCIPAL_MAX]; char *c, principal[OPIE_PRINCIPAL_MAX];
+1 -1
View File
@@ -1,7 +1,7 @@
/* unlock.c: The opieunlock() library function. /* unlock.c: The opieunlock() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+9 -12
View File
@@ -1,13 +1,17 @@
/* verify.c: The opieverify() library function. /* verify.c: The opieverify() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
History: History:
Modified by cmetz for OPIE 2.32. Renamed _opieparsechallenge() to
__opieparsechallenge() and handle new argument. Fixed init
response parsing bug.
Modified by cmetz for OPIE 2.31. Renamed "init" to "init-hex".
Modified by cmetz for OPIE 2.31. Renamed "init" and "RESPONSE_INIT" Modified by cmetz for OPIE 2.31. Renamed "init" and "RESPONSE_INIT"
to "init-hex" and "RESPONSE_INIT_HEX". Removed active attack to "init-hex" and "RESPONSE_INIT_HEX". Removed active attack
protection support. protection support.
@@ -126,8 +130,6 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
case RESPONSE_INIT_WORD: case RESPONSE_INIT_WORD:
{ {
char *c2; char *c2;
char newkey[8];
char buf[OPIE_SEED_MAX + 48 + 1];
if (!(c2 = strchr(c, ':'))) if (!(c2 = strchr(c, ':')))
goto verret; goto verret;
@@ -165,22 +167,17 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
*(c2++) = 0; *(c2++) = 0;
{ {
int j; int j, k;
if (_opieparsechallenge(c, &j, &(opie->opie_n), &(opie->opie_seed)) || (j != MDX)) if (__opieparsechallenge(c, &j, &(opie->opie_n), &(opie->opie_seed), &k) || (j != MDX) || k)
goto verret; goto verret;
} }
if (!(c2 = strchr(c = c2, ':')))
goto verret;
*(c2++) = 0;
if (i == RESPONSE_INIT_HEX) { if (i == RESPONSE_INIT_HEX) {
if (!opieatob8(newkey, c)) if (!opieatob8(key, c2))
goto verret; goto verret;
} else { } else {
if (opieetob(newkey, c) != 1) if (opieetob(key, c2) != 1)
goto verret; goto verret;
} }
} }
+1 -1
View File
@@ -1,7 +1,7 @@
/* version.c: The opieversion() library function. /* version.c: The opieversion() library function.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -1,7 +1,7 @@
/* writerec.c: The __opiewriterec() library function. /* writerec.c: The __opiewriterec() library function.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -1,7 +1,7 @@
.\" opie.4: Overview of the OPIE software. .\" opie.4: Overview of the OPIE software.
.\" .\"
.\" %%% portions-copyright-cmetz-96 .\" %%% portions-copyright-cmetz-96
.\" Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights .\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
.\" Reserved. The Inner Net License Version 2 applies to these portions of .\" Reserved. The Inner Net License Version 2 applies to these portions of
.\" the software. .\" the software.
.\" You should have received a copy of the license with this software. If .\" You should have received a copy of the license with this software. If
+8 -1
View File
@@ -2,7 +2,7 @@
system that a program might need. system that a program might need.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -15,6 +15,8 @@ License Agreement applies to this software.
History: History:
Modified by cmetz for OPIE 2.32. Added symbolic flag names for
opiepasswd(). Added __opieparsechallenge() prototype.
Modified by cmetz for OPIE 2.31. Removed active attack protection. Modified by cmetz for OPIE 2.31. Removed active attack protection.
Modified by cmetz for OPIE 2.3. Renamed PTR to VOIDPTR. Added Modified by cmetz for OPIE 2.3. Renamed PTR to VOIDPTR. Added
re-init key and extension file fields to struct opie. Added re-init key and extension file fields to struct opie. Added
@@ -218,5 +220,10 @@ FILE *__opieopen __P((char *, int, int));
#endif /* EOF */ #endif /* EOF */
int __opiereadrec __P((struct opie *)); int __opiereadrec __P((struct opie *));
int __opiewriterec __P((struct opie *)); int __opiewriterec __P((struct opie *));
int __opieparsechallenge __P((char *buffer, int *algorithm, int *sequence, char **seed, int *exts));
#endif /* _OPIE */ #endif /* _OPIE */
#define OPIEPASSWD_CONSOLE 1
#define OPIEPASSWD_FORCE 2
#endif /* _OPIE_H */ #endif /* _OPIE_H */
+6 -3
View File
@@ -1,7 +1,7 @@
/* opie_cfg.h: Various configuration-type pieces of information for OPIE. /* opie_cfg.h: Various configuration-type pieces of information for OPIE.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -14,6 +14,8 @@ License Agreement applies to this software.
History: History:
Modified by cmetz for OPIE 2.32. Include <sys/types.h> before
<dirent.h> to make *BSD happy.
Modified by cmetz for OPIE 2.31. Added 4.4BSD-Lite pathnames.h Modified by cmetz for OPIE 2.31. Added 4.4BSD-Lite pathnames.h
definitions from ftpd. Added struct spwd definition and definitions from ftpd. Added struct spwd definition and
HAVE_SHADOW logic for SunOS C2 shadow password support. HAVE_SHADOW logic for SunOS C2 shadow password support.
@@ -49,8 +51,8 @@ License Agreement applies to this software.
#ifndef _OPIE_CFG_H #ifndef _OPIE_CFG_H
#define _OPIE_CFG_H 1 #define _OPIE_CFG_H 1
#define VERSION "2.31" #define VERSION "2.32"
#define DATE "Thursday, March 20, 1997" #define DATE "Thursday, January 1, 1998"
#ifndef unix #ifndef unix
#define unix 1 #define unix 1
@@ -66,6 +68,7 @@ License Agreement applies to this software.
#define DOUTMPX 0 #define DOUTMPX 0
#endif /* HAVE_GETUTXLINE && HAVE_UTMPX_H */ #endif /* HAVE_GETUTXLINE && HAVE_UTMPX_H */
#include <sys/types.h>
/* Adapted from the Autoconf hypertext info pages */ /* Adapted from the Autoconf hypertext info pages */
#if HAVE_DIRENT_H #if HAVE_DIRENT_H
#include <dirent.h> #include <dirent.h>
+3 -2
View File
@@ -1,7 +1,7 @@
/* opieftpd.c: Main program for an FTP daemon. /* opieftpd.c: Main program for an FTP daemon.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -14,6 +14,8 @@ License Agreement applies to this software.
History: History:
Modified by cmetz for OPIE 2.32. Remove include of dirent.h here; it's
done already (and conditionally) in opie_cfg.h.
Modified by cmetz for OPIE 2.31. Merged in some 4.4BSD-Lite changes. Modified by cmetz for OPIE 2.31. Merged in some 4.4BSD-Lite changes.
Merged in a security fix to BSD-derived ftpds. Merged in a security fix to BSD-derived ftpds.
Modified by cmetz for OPIE 2.3. Fixed the filename at the top. Modified by cmetz for OPIE 2.3. Fixed the filename at the top.
@@ -111,7 +113,6 @@ License Agreement applies to this software.
#include <arpa/telnet.h> #include <arpa/telnet.h>
#include <signal.h> #include <signal.h>
#include <dirent.h>
#include <fcntl.h> #include <fcntl.h>
#if HAVE_TIME_H #if HAVE_TIME_H
#include <time.h> #include <time.h>
+1 -1
View File
@@ -1,7 +1,7 @@
.\" opiegen.1: Manual page for the opiegen(1) program. .\" opiegen.1: Manual page for the opiegen(1) program.
.\" .\"
.\" %%% portions-copyright-cmetz-96 .\" %%% portions-copyright-cmetz-96
.\" Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights .\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
.\" Reserved. The Inner Net License Version 2 applies to these portions of .\" Reserved. The Inner Net License Version 2 applies to these portions of
.\" the software. .\" the software.
.\" You should have received a copy of the license with this software. If .\" You should have received a copy of the license with this software. If
+1 -1
View File
@@ -2,7 +2,7 @@
library routine. library routine.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -1,7 +1,7 @@
.\" opieinfo.1: Manual page for the opieinfo(1) program. .\" opieinfo.1: Manual page for the opieinfo(1) program.
.\" .\"
.\" %%% portions-copyright-cmetz-96 .\" %%% portions-copyright-cmetz-96
.\" Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights .\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
.\" Reserved. The Inner Net License Version 2 applies to these portions of .\" Reserved. The Inner Net License Version 2 applies to these portions of
.\" the software. .\" the software.
.\" You should have received a copy of the license with this software. If .\" You should have received a copy of the license with this software. If
+1 -1
View File
@@ -2,7 +2,7 @@
opieinfo: Print a user's current OPIE sequence number and seed opieinfo: Print a user's current OPIE sequence number and seed
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -1,7 +1,7 @@
.\" opiekey.1: Manual page for the opiekey(1) program. .\" opiekey.1: Manual page for the opiekey(1) program.
.\" .\"
.\" %%% portions-copyright-cmetz-96 .\" %%% portions-copyright-cmetz-96
.\" Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights .\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
.\" Reserved. The Inner Net License Version 2 applies to these portions of .\" Reserved. The Inner Net License Version 2 applies to these portions of
.\" the software. .\" the software.
.\" You should have received a copy of the license with this software. If .\" You should have received a copy of the license with this software. If
+2 -2
View File
@@ -5,7 +5,7 @@
and outputs a response. and outputs a response.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -312,7 +312,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
case RESPONSE_INIT_HEX: case RESPONSE_INIT_HEX:
case RESPONSE_INIT_WORD: case RESPONSE_INIT_WORD:
if (type == RESPONSE_INIT_HEX) { if (type == RESPONSE_INIT_HEX) {
strcpy(response, "init:"); strcpy(response, "init-hex:");
strcat(response, opiebtoh(buf, key)); strcat(response, opiebtoh(buf, key));
sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed); sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed);
strcat(response, buf); strcat(response, buf);
+5 -3
View File
@@ -1,4 +1,4 @@
.\" opieaccess.5: Manual page describing the /etc/opiekeys file. .\" opiekeys.5: Manual page describing the /etc/opiekeys file.
.\" .\"
.\" Portions of this software are Copyright 1995 by Randall Atkinson and Dan .\" Portions of this software are Copyright 1995 by Randall Atkinson and Dan
.\" McDonald, All Rights Reserved. All Rights under this copyright are assigned .\" McDonald, All Rights Reserved. All Rights under this copyright are assigned
@@ -7,14 +7,16 @@
.\" .\"
.\" History: .\" History:
.\" .\"
.\" Modified by cmetz for OPIE 2.32. This is opiekeys.5, not opiekeys.1 or
.\" opieaccess.5.
.\" Written at NRL for OPIE 2.0. .\" Written at NRL for OPIE 2.0.
.\" .\"
.ll 6i .ll 6i
.pl 10.5i .pl 10.5i
.\" @(#)opiekeys.1 2.0 (NRL) 1/10/95 .\" @(#)opiekeys.5 2.0 (NRL) 1/10/95
.\" .\"
.lt 6.0i .lt 6.0i
.TH OPIEKEYS 1 "January 10, 1995" .TH OPIEKEYS 5 "January 10, 1995"
.AT 3 .AT 3
.SH NAME .SH NAME
[/etc/]opiekeys \- OPIE database of user key information [/etc/]opiekeys \- OPIE database of user key information
+1 -1
View File
@@ -1,7 +1,7 @@
.\" opielogin.1: Manual page for the opielogin(1) program. .\" opielogin.1: Manual page for the opielogin(1) program.
.\" .\"
.\" %%% portions-copyright-cmetz-96 .\" %%% portions-copyright-cmetz-96
.\" Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights .\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
.\" Reserved. The Inner Net License Version 2 applies to these portions of .\" Reserved. The Inner Net License Version 2 applies to these portions of
.\" the software. .\" the software.
.\" You should have received a copy of the license with this software. If .\" You should have received a copy of the license with this software. If
+68 -70
View File
@@ -1,7 +1,7 @@
/* opielogin.c: The infamous /bin/login /* opielogin.c: The infamous /bin/login
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -14,6 +14,10 @@ License Agreement applies to this software.
History: History:
Modified by cmetz for OPIE 2.32. Partially handle environment
variables on the command line (a better implementation is
coming soon). Handle failure to issue a challenge more
gracefully.
Modified by cmetz for OPIE 2.31. Use _PATH_NOLOGIN. Move Solaris Modified by cmetz for OPIE 2.31. Use _PATH_NOLOGIN. Move Solaris
drain bamage kluge after rflag check; it breaks rlogin. drain bamage kluge after rflag check; it breaks rlogin.
Use TCSAFLUSH instead of TCSANOW (except where it flushes Use TCSAFLUSH instead of TCSANOW (except where it flushes
@@ -638,7 +642,8 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
int i; int i;
char *p; char *p;
char opieprompt[OPIE_CHALLENGE_MAX + 1]; char opieprompt[OPIE_CHALLENGE_MAX + 1];
int pwok, otpok, af_pwok; int af_pwok;
int authsok;
char *pp; char *pp;
char buf[256]; char buf[256];
int uid; int uid;
@@ -700,36 +705,21 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
} }
#endif /* DEBUG */ #endif /* DEBUG */
/* Some OSs pass environment variables on the command line. All of them except
for TERM get eaten. */
i = argc;
while (--i)
if (strchr(argv[i], '=')) {
#ifdef DEBUG
syslog(LOG_DEBUG, "eating %s", argv[i]);
#endif /* DEBUG */
argc--;
if (!strncmp(argv[i], "TERM=", 5)) {
strncpy(term, &(argv[i][5]), sizeof(term));
term[sizeof(term) - 1] = 0;
#ifdef DEBUG
syslog(LOG_DEBUG, "passed TERM=%s, ouroptind = %d", term, i);
#endif /* DEBUG */
}
}
/* Implement our own getopt()-like functionality, but do so in a much more /* Implement our own getopt()-like functionality, but do so in a much more
strict manner to prevent security problems. */ strict manner to prevent security problems. */
for (ouroptind = 1; ouroptind < argc; ouroptind++) { for (ouroptind = 1; ouroptind < argc; ouroptind++) {
i = 0; if (!argv[ouroptind])
if (argv[ouroptind]) continue;
if (argv[ouroptind][0] == '-')
if (i = argv[ouroptind][1]) if (argv[ouroptind][0] == '-') {
if (!argv[ouroptind][2]) char *c = argv[ouroptind] + 1;
switch (i) {
while(*c) {
switch(*(c++)) {
case 'd': case 'd':
if (++ouroptind == argc) if (*c || (++ouroptind == argc))
exit(1); exit(1);
/* The '-d' option is apparently a performance hack to get around /* The '-d' option is apparently a performance hack to get around
ttyname() being slow. The potential does exist for it to be used ttyname() being slow. The potential does exist for it to be used
for malice, and it does not seem to be strictly necessary, so we for malice, and it does not seem to be strictly necessary, so we
@@ -738,15 +728,14 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
case 'r': case 'r':
if (rflag || hflag || fflag) { if (rflag || hflag || fflag) {
printf("Other options not allowed with -r\n"); fprintf(stderr, "Other options not allowed with -r\n");
exit(1); exit(1);
} }
if (++ouroptind == argc)
if (*c || (++ouroptind == argc))
exit(1); exit(1);
ouroptarg = argv[ouroptind]; if (!(ouroptarg = argv[ouroptind]))
if (!ouroptarg)
exit(1); exit(1);
rflag = -1; rflag = -1;
@@ -759,17 +748,15 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
case 'h': case 'h':
if (!getuid()) { if (!getuid()) {
if (rflag || hflag || fflag) { if (rflag || hflag || fflag) {
printf("Other options not allowed with -h\n"); fprintf(stderr, "Other options not allowed with -h\n");
exit(1); exit(1);
} }
hflag = 1; hflag = 1;
if (++ouroptind == argc) if (*c || (++ouroptind == argc))
exit(1); exit(1);
ouroptarg = argv[ouroptind]; if (!(ouroptarg = argv[ouroptind]))
if (!ouroptarg)
exit(1); exit(1);
strncpy(host, ouroptarg, sizeof(host)); strncpy(host, ouroptarg, sizeof(host));
@@ -778,33 +765,44 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
case 'f': case 'f':
if (rflag) { if (rflag) {
printf("Only one of -r and -f allowed\n"); fprintf(stderr, "Only one of -r and -f allowed\n");
exit(1); exit(1);
} }
fflag = 1; fflag = 1;
if (++ouroptind == argc) if (*c || (++ouroptind == argc))
exit(1); exit(1);
ouroptarg = argv[ouroptind]; if (!(ouroptarg = argv[ouroptind]))
if (!ouroptarg)
exit(1); exit(1);
strncpy(name, ouroptarg, sizeof(name)); strncpy(name, ouroptarg, sizeof(name));
break; break;
case 'p': case 'p':
pflag = 1; pflag = 1;
break; break;
} else };
i = 0; };
if (!i) { continue;
ouroptarg = argv[ouroptind++]; };
strncpy(name, ouroptarg, sizeof(name));
break; if (strchr(argv[ouroptind], '=')) {
} if (!strncmp(argv[ouroptind], "TERM=", 5)) {
} strncpy(term, &(argv[ouroptind][5]), sizeof(term));
term[sizeof(term) - 1] = 0;
#ifdef DEBUG
syslog(LOG_DEBUG, "passed TERM=%s, ouroptind = %d", term, ouroptind);
#endif /* DEBUG */
} else {
#ifdef DEBUG
syslog(LOG_DEBUG, "eating %s, ouroptind = %d", argv[ouroptind], ouroptind);
#endif /* DEBUG */
};
continue;
};
strncpy(name, argv[ouroptind], sizeof(name));
};
#ifdef TIOCNXCL #ifdef TIOCNXCL
/* BSDism: not sure how to rewrite for POSIX. rja */ /* BSDism: not sure how to rewrite for POSIX. rja */
@@ -1063,6 +1061,7 @@ completeness, but these are set within appropriate defines for portability. */
if (invalid && !name[0]) { if (invalid && !name[0]) {
getloginname(); getloginname();
invalid = lookupuser(); invalid = lookupuser();
authsok = 0;
} }
#ifdef DEBUG #ifdef DEBUG
syslog(LOG_DEBUG, "login name is +%s+, of length %d, [0] = %d", name, strlen(name), name[0]); syslog(LOG_DEBUG, "login name is +%s+, of length %d, [0] = %d", name, strlen(name), name[0]);
@@ -1092,11 +1091,9 @@ completeness, but these are set within appropriate defines for portability. */
if ((i < 0) || (i > 1)) { if ((i < 0) || (i > 1)) {
syslog(LOG_ERR, "error: opiechallenge() returned %d, errno=%d!\n", i, errno); syslog(LOG_ERR, "error: opiechallenge() returned %d, errno=%d!\n", i, errno);
fprintf(stderr, "System error; can't issue challenge!\n");
otpok = 0;
} else { } else {
printf("%s\n", opieprompt); printf("%s\n", opieprompt);
otpok = 1; authsok |= 1;
} }
if (!memcmp(&thisuser, &nouser, sizeof(thisuser))) if (!memcmp(&thisuser, &nouser, sizeof(thisuser)))
@@ -1107,28 +1104,29 @@ completeness, but these are set within appropriate defines for portability. */
syslog(LOG_WARNING, "Invalid login attempt for %s on %s.", syslog(LOG_WARNING, "Invalid login attempt for %s on %s.",
name, tty); name, tty);
pwok = af_pwok && opiealways(thisuser.pw_dir); if (af_pwok && opiealways(thisuser.pw_dir))
authsok |= 2;
#if DEBUG #if DEBUG
syslog(LOG_DEBUG, "af_pwok = %d, pwok = %d", af_pwok, pwok); syslog(LOG_DEBUG, "af_pwok = %d, authsok = %d", af_pwok, authsok);
#endif /* DEBUG */ #endif /* DEBUG */
if (!pwok && !otpok) { if (!authsok)
fprintf(stderr, "Can't authenticate %s!\n", name); syslog(LOG_ERR, "no authentication methods are available for %s!", name);
exit(1);
}
#if NEW_PROMPTS #if NEW_PROMPTS
if (otpok) if ((authsok & 1) || !authsok)
printf("Response"); printf("Response");
if (otpok && pwok) if (((authsok & 3) == 3) || !authsok)
printf(" or "); printf(" or ");
if (pwok) if ((authsok & 2) || !authsok)
printf("Password"); printf("Password");
printf(": "); printf(": ");
if (!opiereadpass(buf, sizeof(buf), !pwok)) fflush(stdout);
if (!opiereadpass(buf, sizeof(buf), !(authsok & 2)))
invalid = TRUE; invalid = TRUE;
#else /* NEW_PROMPTS */ #else /* NEW_PROMPTS */
if (!pwok) if (!(authsok & 1) && authsok)
printf("(OTP response required)\n"); printf("(OTP response required)\n");
printf("Password:"); printf("Password:");
fflush(stdout); fflush(stdout);
@@ -1136,8 +1134,8 @@ completeness, but these are set within appropriate defines for portability. */
invalid = TRUE; invalid = TRUE;
#endif /* NEW_PROMPTS */ #endif /* NEW_PROMPTS */
if (!buf[0] && otpok) { if (!buf[0] && (authsok & 1)) {
pwok = 0; authsok &= ~2;
/* Null line entered, so display appropriate prompt & flush current /* Null line entered, so display appropriate prompt & flush current
data. */ data. */
#if NEW_PROMPTS #if NEW_PROMPTS
@@ -1149,7 +1147,7 @@ completeness, but these are set within appropriate defines for portability. */
invalid = TRUE; invalid = TRUE;
} }
if (otpok) { if (authsok & 1) {
i = opiegetsequence(&opie); i = opiegetsequence(&opie);
opiepassed = !opieverify(&opie, buf); opiepassed = !opieverify(&opie, buf);
@@ -1159,7 +1157,7 @@ completeness, but these are set within appropriate defines for portability. */
} }
if (!invalid) { if (!invalid) {
if (otpok && opiepassed) { if ((authsok & 1) && opiepassed) {
if (i < 10) { if (i < 10) {
printf("Warning: Re-initialize your OTP information"); printf("Warning: Re-initialize your OTP information");
if (i < 5) if (i < 5)
@@ -1167,7 +1165,7 @@ completeness, but these are set within appropriate defines for portability. */
printf("\n"); printf("\n");
} }
} else { } else {
if (pwok) { if (authsok & 2) {
pp = crypt(buf, thisuser.pw_passwd); pp = crypt(buf, thisuser.pw_passwd);
invalid = strcmp(pp, thisuser.pw_passwd); invalid = strcmp(pp, thisuser.pw_passwd);
} else } else
+1 -1
View File
@@ -1,7 +1,7 @@
.\" opiepasswd.1: Manual page for the opiepasswd(1) program. .\" opiepasswd.1: Manual page for the opiepasswd(1) program.
.\" .\"
.\" %%% portions-copyright-cmetz-96 .\" %%% portions-copyright-cmetz-96
.\" Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights .\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
.\" Reserved. The Inner Net License Version 2 applies to these portions of .\" Reserved. The Inner Net License Version 2 applies to these portions of
.\" the software. .\" the software.
.\" You should have received a copy of the license with this software. If .\" You should have received a copy of the license with this software. If
+10 -8
View File
@@ -1,7 +1,7 @@
/* opiepasswd.c: Add/change an OTP password in the key database. /* opiepasswd.c: Add/change an OTP password in the key database.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -14,6 +14,8 @@ License Agreement applies to this software.
History: History:
Modified by cmetz for OPIE 2.32. Use OPIE_SEED_MAX instead of
hard coding the length. Unlock user on failed lookup.
Modified by cmetz for OPIE 2.3. Got of some variables and made some Modified by cmetz for OPIE 2.3. Got of some variables and made some
local to where they're used. Split out the finishing code. Use local to where they're used. Split out the finishing code. Use
opielookup() instead of opiechallenge() to find user. Three opielookup() instead of opiechallenge() to find user. Three
@@ -110,7 +112,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
{ {
struct opie opie; struct opie opie;
int rval, n = 499, i, mode = MODE_DEFAULT, force = 0; int rval, n = 499, i, mode = MODE_DEFAULT, force = 0;
char seed[18]; char seed[OPIE_SEED_MAX+1];
struct passwd *pp; struct passwd *pp;
memset(seed, 0, sizeof(seed)); memset(seed, 0, sizeof(seed));
@@ -126,7 +128,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
opieversion(); opieversion();
case 'f': case 'f':
#if INSECURE_OVERRIDE #if INSECURE_OVERRIDE
force = 1; force = OPIEPASSWD_FORCE;
#else /* INSECURE_OVERRIDE */ #else /* INSECURE_OVERRIDE */
fprintf(stderr, "Sorry, but the -f option is not supported by this build of OPIE.\n"); fprintf(stderr, "Sorry, but the -f option is not supported by this build of OPIE.\n");
#endif /* INSECURE_OVERRIDE */ #endif /* INSECURE_OVERRIDE */
@@ -185,10 +187,10 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
break; break;
case 2: case 2:
fprintf(stderr, "Error: Can't update key database.\n"); fprintf(stderr, "Error: Can't update key database.\n");
exit(1); finish(NULL);
default: default:
fprintf(stderr, "Error reading key database\n"); fprintf(stderr, "Error reading key database\n");
exit(1); finish(NULL);
} }
if (seed[0]) { if (seed[0]) {
@@ -308,7 +310,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
finish(NULL); finish(NULL);
} }
if (!(rval = opiepasswd(&opie, 0, pp->pw_name, n, seed, tmp))) if (!(rval = opiepasswd(&opie, force, pp->pw_name, n, seed, tmp)))
finish(pp->pw_name); finish(pp->pw_name);
if (rval < 0) { if (rval < 0) {
@@ -326,7 +328,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
fprintf(stderr, "Only use this method from the console; NEVER from remote. If you are using\n"); fprintf(stderr, "Only use this method from the console; NEVER from remote. If you are using\n");
fprintf(stderr, "telnet, xterm, or a dial-in, type ^C now or exit with no password.\n"); fprintf(stderr, "telnet, xterm, or a dial-in, type ^C now or exit with no password.\n");
fprintf(stderr, "Then run opiepasswd without the -c parameter.\n"); fprintf(stderr, "Then run opiepasswd without the -c parameter.\n");
if (opieinsecure()) { if (opieinsecure() && !force) {
fprintf(stderr, "Sorry, but you don't seem to be on the console or a secure terminal.\n"); fprintf(stderr, "Sorry, but you don't seem to be on the console or a secure terminal.\n");
if (force) if (force)
fprintf(stderr, "Warning: Continuing could disclose your secret pass phrase to an attacker!\n"); fprintf(stderr, "Warning: Continuing could disclose your secret pass phrase to an attacker!\n");
@@ -394,7 +396,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
fprintf(stderr, "Sorry, no match.\n"); fprintf(stderr, "Sorry, no match.\n");
} }
memset(passwd2, 0, sizeof(passwd2)); memset(passwd2, 0, sizeof(passwd2));
if (opiepasswd(&opie, 1, pp->pw_name, n, seed, passwd)) { if (opiepasswd(&opie, 1 | force, pp->pw_name, n, seed, passwd)) {
fprintf(stderr, "Error updating key database.\n"); fprintf(stderr, "Error updating key database.\n");
finish(NULL); finish(NULL);
} }
+1 -1
View File
@@ -1,7 +1,7 @@
.\" opieserv.1: Manual page for the opieserv(1) program. .\" opieserv.1: Manual page for the opieserv(1) program.
.\" .\"
.\" %%% portions-copyright-cmetz-96 .\" %%% portions-copyright-cmetz-96
.\" Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights .\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
.\" Reserved. The Inner Net License Version 2 applies to these portions of .\" Reserved. The Inner Net License Version 2 applies to these portions of
.\" the software. .\" the software.
.\" You should have received a copy of the license with this software. If .\" You should have received a copy of the license with this software. If
+1 -1
View File
@@ -2,7 +2,7 @@
opieverify() library routines. opieverify() library routines.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -1,7 +1,7 @@
.\" opiesu.c: Manual page for the opiesu(1) program. .\" opiesu.c: Manual page for the opiesu(1) program.
.\" .\"
.\" %%% portions-copyright-cmetz-96 .\" %%% portions-copyright-cmetz-96
.\" Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights .\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
.\" Reserved. The Inner Net License Version 2 applies to these portions of .\" Reserved. The Inner Net License Version 2 applies to these portions of
.\" the software. .\" the software.
.\" You should have received a copy of the license with this software. If .\" You should have received a copy of the license with this software. If
+6 -5
View File
@@ -1,7 +1,7 @@
/* opiesu.c: main body of code for the su(1m) program /* opiesu.c: main body of code for the su(1m) program
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
@@ -14,6 +14,7 @@ License Agreement applies to this software.
History: History:
Modified by cmetz for OPIE 2.32. Set up TERM and PATH correctly.
Modified by cmetz for OPIE 2.31. Fix sulog(). Replaced Getlogin() with Modified by cmetz for OPIE 2.31. Fix sulog(). Replaced Getlogin() with
currentuser. Fixed fencepost error in month printed by sulog(). currentuser. Fixed fencepost error in month printed by sulog().
Modified by cmetz for OPIE 2.3. Limit the length of TERM on full login. Modified by cmetz for OPIE 2.3. Limit the length of TERM on full login.
@@ -99,7 +100,7 @@ License Agreement applies to this software.
static char userbuf[16] = "USER="; static char userbuf[16] = "USER=";
static char homebuf[128] = "HOME="; static char homebuf[128] = "HOME=";
static char shellbuf[128] = "SHELL="; static char shellbuf[128] = "SHELL=";
static char pathbuf[128] = "PATH="; static char pathbuf[sizeof("PATH") + sizeof(DEFAULT_PATH) - 1] = "PATH=";
static char termbuf[32] = "TERM="; static char termbuf[32] = "TERM=";
static char *cleanenv[] = {userbuf, homebuf, shellbuf, pathbuf, 0, 0}; static char *cleanenv[] = {userbuf, homebuf, shellbuf, pathbuf, 0, 0};
static char *user = "root"; static char *user = "root";
@@ -268,7 +269,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
}; };
}; };
strcpy(pathbuf, DEFAULT_PATH); strcat(pathbuf, DEFAULT_PATH);
again: again:
if (argc > 1 && strcmp(argv[1], "-f") == 0) { if (argc > 1 && strcmp(argv[1], "-f") == 0) {
@@ -459,8 +460,8 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
if (thisuser.pw_shell && *thisuser.pw_shell) if (thisuser.pw_shell && *thisuser.pw_shell)
shell = thisuser.pw_shell; shell = thisuser.pw_shell;
if (fulllogin) { if (fulllogin) {
if (p = getenv("TERM")) { if ((p = getenv("TERM")) && (strlen(termbuf) + strlen(p) - 1 < sizeof(termbuf))) {
strncpy(termbuf, p, sizeof(termbuf)); strcat(termbuf, p);
cleanenv[4] = termbuf; cleanenv[4] = termbuf;
} }
environ = cleanenv; environ = cleanenv;
+1 -1
View File
@@ -9,7 +9,7 @@
on your system. The converse is not such a safe statement. on your system. The converse is not such a safe statement.
%%% copyright-cmetz-96 %%% copyright-cmetz-96
This software is Copyright 1996-1997 by Craig Metz, All Rights Reserved. This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
The Inner Net License Version 2 applies to this software. The Inner Net License Version 2 applies to this software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>. you didn't get a copy, you may request one from <license@inner.net>.
+1 -1
View File
@@ -2,7 +2,7 @@
functionality to set device permissions on login functionality to set device permissions on login
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If
+1 -1
View File
@@ -1,7 +1,7 @@
/* popen.c: A "safe" pipe open routine. /* popen.c: A "safe" pipe open routine.
%%% portions-copyright-cmetz-96 %%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1997 by Craig Metz, All Rights Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of Reserved. The Inner Net License Version 2 applies to these portions of
the software. the software.
You should have received a copy of the license with this software. If You should have received a copy of the license with this software. If