summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAngelos D. Keromytis <angelos@cvs.openbsd.org>1998-07-03 02:06:23 +0000
committerAngelos D. Keromytis <angelos@cvs.openbsd.org>1998-07-03 02:06:23 +0000
commita05783f4c321f76bddf5693c2ba20bad8a1f5c8c (patch)
tree03c8018644e5e240299f27670f21341e52b7133d
parent35844ceb8137ae04e06e87e6885e234a3ebd94b7 (diff)
Change the random file path, add a sanity check on file size.
-rw-r--r--lib/libskey/skey.h4
-rw-r--r--lib/libskey/skeylogin.c3
2 files changed, 4 insertions, 3 deletions
diff --git a/lib/libskey/skey.h b/lib/libskey/skey.h
index e074d8c9329..ae0c0fce0f2 100644
--- a/lib/libskey/skey.h
+++ b/lib/libskey/skey.h
@@ -12,7 +12,7 @@
*
* Main client header
*
- * $OpenBSD: skey.h,v 1.11 1998/07/03 01:08:11 angelos Exp $
+ * $OpenBSD: skey.h,v 1.12 1998/07/03 02:06:21 angelos Exp $
*/
/* Server-side data structure for reading keys file during login */
@@ -65,7 +65,7 @@ struct mc {
#define SKEY_BINKEY_SIZE 8
/* Location of random file for bogus challenges */
-#define _SKEY_RAND_FILE_PATH_ "/etc/skey.random"
+#define _SKEY_RAND_FILE_PATH_ "/etc/host.random"
/* Prototypes */
void f __P((char *x));
diff --git a/lib/libskey/skeylogin.c b/lib/libskey/skeylogin.c
index a38cf5ed34b..909e181098e 100644
--- a/lib/libskey/skeylogin.c
+++ b/lib/libskey/skeylogin.c
@@ -12,7 +12,7 @@
*
* S/KEY verification check, lookups, and authentication.
*
- * $OpenBSD: skeylogin.c,v 1.27 1998/07/03 02:02:01 angelos Exp $
+ * $OpenBSD: skeylogin.c,v 1.28 1998/07/03 02:06:22 angelos Exp $
*/
#include <sys/param.h>
@@ -467,6 +467,7 @@ skey_authenticate(username)
/* See if the random file's there */
if ((fd = open(_SKEY_RAND_FILE_PATH_, O_RDONLY)) != -1) {
if ((fstat(fd, &sb) != -1) &&
+ (sb.st_size > SKEY_MAX_SEED_LEN) &&
((up = SHA1Data(username, strlen(username), NULL))
!= NULL)) {
/* Collapse the hash */