- Do coarse locking on /etc/skeykeys. Fixes a race that could allow

  a replay attempt to succeed.
- OpenBSD tags

4 files changed, 28 insertions, 15 deletions

diff --git a/lib/libskey/put.c b/lib/libskey/put.c
index fc5d891024c..fb4c18b02c2 100644
--- a/lib/libskey/put.c
+++ b/lib/libskey/put.c
@@ -8,7 +8,7 @@
  *
  * Dictionary lookup and extraction.
  *
- * $Id: put.c,v 1.8 1997/07/26 19:42:44 millert Exp $
+ * $OpenBSD: put.c,v 1.9 1997/07/27 21:36:04 millert Exp $
  */
 
 #include <stdio.h>
diff --git a/lib/libskey/skey.h b/lib/libskey/skey.h
index 434e1788bd6..c7d2b069bf1 100644
--- a/lib/libskey/skey.h
+++ b/lib/libskey/skey.h
@@ -8,10 +8,11 @@
  *
  * Modifications:
  *          Scott Chasin <chasin@crimelab.com>
+ *          Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Main client header
  *
- * $Id: skey.h,v 1.9 1997/07/23 06:53:12 millert Exp $
+ * $OpenBSD: skey.h,v 1.10 1997/07/27 21:36:05 millert Exp $
  */
 
 /* Server-side data structure for reading keys file during login */
diff --git a/lib/libskey/skeylogin.c b/lib/libskey/skeylogin.c
index 83c2c999789..9466149d70d 100644
--- a/lib/libskey/skeylogin.c
+++ b/lib/libskey/skeylogin.c
@@ -6,12 +6,16 @@
  *          John S. Walden <jsw@thumper.bellcore.com>
  *          Scott Chasin <chasin@crimelab.com>
  *
+ * Modifications:
+ *          Todd C. Miller <Todd.Miller@courtesan.com>
+ *
  * S/KEY verification check, lookups, and authentication.
  * 
- * $OpenBSD: skeylogin.c,v 1.18 1997/07/27 21:20:27 millert Exp $
+ * $OpenBSD: skeylogin.c,v 1.19 1997/07/27 21:36:05 millert Exp $
  */
 
 #include <sys/param.h>
+#include <sys/file.h>
 #ifdef	QUOTA
 #include <sys/quota.h>
 #endif
@@ -254,7 +258,7 @@ skeyverify(mp, response)
 	struct tm *tm;
 	char tbuf[27];
 	char *cp;
-	int oldpri;
+	int i, rval;
 
 	time(&now);
 	tm = localtime(&now);
@@ -279,18 +283,25 @@ skeyverify(mp, response)
 	f(fkey);
 
 	/*
-	 * In order to make the window of update as short as possible
-	 * we must do the comparison here and if OK write it back
-	 * other wise the same password can be used twice to get in
-	 * to the system
+	 * Obtain an exclusive lock on the key file so the same password
+	 * cannot be used twice to get in to the system.
 	 */
-	oldpri = getpriority(PRIO_PROCESS, 0);
-	(void)setpriority(PRIO_PROCESS, 0, -4);
+	for (i = 0; i < 300; i++) {
+		if ((rval = flock(fileno(mp->keyfile), LOCK_EX|LOCK_NB)) == 0 ||
+		    errno != EWOULDBLOCK)
+			break;
+		usleep(100000);			/* Sleep for 0.1 seconds */
+	}
+	if (rval == -1) {			/* Can't get exclusive lock */
+		warn("flock");  /* XXX */
+		errno = EAGAIN;
+		return(-1);
+	}
 
-	/* reread the file record NOW */
+	/* Reread the file record NOW */
 	(void)fseek(mp->keyfile, mp->recstart, SEEK_SET);
 	if (fgets(mp->buf, sizeof(mp->buf), mp->keyfile) != mp->buf) {
-		(void)setpriority(PRIO_PROCESS, 0, oldpri);
+		(void)flock(fileno(mp->keyfile), LOCK_UN);
 		(void)fclose(mp->keyfile);
 		return(-1);
 	}
@@ -307,7 +318,7 @@ skeyverify(mp, response)
 	/* Do actual comparison */
 	if (memcmp(filekey, fkey, SKEY_BINKEY_SIZE) != 0){
 		/* Wrong response */
-		(void)setpriority(PRIO_PROCESS, 0, oldpri);
+		(void)flock(fileno(mp->keyfile), LOCK_UN);
 		(void)fclose(mp->keyfile);
 		return(1);
 	}
@@ -329,9 +340,9 @@ skeyverify(mp, response)
 			      mp->logname, skey_get_algorithm(), mp->n,
 			      mp->seed, mp->val, tbuf);
 
+	(void)flock(fileno(mp->keyfile), LOCK_UN);
 	(void)fclose(mp->keyfile);
 	
-	(void)setpriority(PRIO_PROCESS, 0, oldpri);
 	return(0);
 }
 
diff --git a/lib/libskey/skeysubr.c b/lib/libskey/skeysubr.c
index 26f81150ae6..e6ac43e4f16 100644
--- a/lib/libskey/skeysubr.c
+++ b/lib/libskey/skeysubr.c
@@ -7,10 +7,11 @@
  *
  * Modifications: 
  *          Scott Chasin <chasin@crimelab.com>
+ *          Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * S/KEY misc routines.
  *
- * $Id: skeysubr.c,v 1.16 1997/07/24 23:00:27 millert Exp $
+ * $OpenBSD: skeysubr.c,v 1.17 1997/07/27 21:36:06 millert Exp $
  */
 
 #include <stdio.h>