diff options
author | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 1998-07-03 02:06:23 +0000 |
---|---|---|
committer | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 1998-07-03 02:06:23 +0000 |
commit | a05783f4c321f76bddf5693c2ba20bad8a1f5c8c (patch) | |
tree | 03c8018644e5e240299f27670f21341e52b7133d | |
parent | 35844ceb8137ae04e06e87e6885e234a3ebd94b7 (diff) |
Change the random file path, add a sanity check on file size.
-rw-r--r-- | lib/libskey/skey.h | 4 | ||||
-rw-r--r-- | lib/libskey/skeylogin.c | 3 |
2 files changed, 4 insertions, 3 deletions
diff --git a/lib/libskey/skey.h b/lib/libskey/skey.h index e074d8c9329..ae0c0fce0f2 100644 --- a/lib/libskey/skey.h +++ b/lib/libskey/skey.h @@ -12,7 +12,7 @@ * * Main client header * - * $OpenBSD: skey.h,v 1.11 1998/07/03 01:08:11 angelos Exp $ + * $OpenBSD: skey.h,v 1.12 1998/07/03 02:06:21 angelos Exp $ */ /* Server-side data structure for reading keys file during login */ @@ -65,7 +65,7 @@ struct mc { #define SKEY_BINKEY_SIZE 8 /* Location of random file for bogus challenges */ -#define _SKEY_RAND_FILE_PATH_ "/etc/skey.random" +#define _SKEY_RAND_FILE_PATH_ "/etc/host.random" /* Prototypes */ void f __P((char *x)); diff --git a/lib/libskey/skeylogin.c b/lib/libskey/skeylogin.c index a38cf5ed34b..909e181098e 100644 --- a/lib/libskey/skeylogin.c +++ b/lib/libskey/skeylogin.c @@ -12,7 +12,7 @@ * * S/KEY verification check, lookups, and authentication. * - * $OpenBSD: skeylogin.c,v 1.27 1998/07/03 02:02:01 angelos Exp $ + * $OpenBSD: skeylogin.c,v 1.28 1998/07/03 02:06:22 angelos Exp $ */ #include <sys/param.h> @@ -467,6 +467,7 @@ skey_authenticate(username) /* See if the random file's there */ if ((fd = open(_SKEY_RAND_FILE_PATH_, O_RDONLY)) != -1) { if ((fstat(fd, &sb) != -1) && + (sb.st_size > SKEY_MAX_SEED_LEN) && ((up = SHA1Data(username, strlen(username), NULL)) != NULL)) { /* Collapse the hash */ |