summaryrefslogtreecommitdiff
path: root/usr.bin/skeyinit
diff options
context:
space:
mode:
authorTim van der Molen <tim@cvs.openbsd.org>2015-10-06 15:09:09 +0000
committerTim van der Molen <tim@cvs.openbsd.org>2015-10-06 15:09:09 +0000
commitc4c451df192404de602af70cb6a21bc3d42cee30 (patch)
treec54ded8292df0ec6920bb5ab6e69d9df7283fffd /usr.bin/skeyinit
parente42aa2308bf5dbd8daddd3649e090cabafad307e (diff)
Remove the -C option that converts an S/Key database to the new format. It has
been 13 years since the new format was introduced. OK millert@
Diffstat (limited to 'usr.bin/skeyinit')
-rw-r--r--usr.bin/skeyinit/skeyinit.114
-rw-r--r--usr.bin/skeyinit/skeyinit.c94
2 files changed, 11 insertions, 97 deletions
diff --git a/usr.bin/skeyinit/skeyinit.1 b/usr.bin/skeyinit/skeyinit.1
index c3312af9b6f..8c5647f2b25 100644
--- a/usr.bin/skeyinit/skeyinit.1
+++ b/usr.bin/skeyinit/skeyinit.1
@@ -1,8 +1,8 @@
-.\" $OpenBSD: skeyinit.1,v 1.39 2015/01/16 16:16:36 schwarze Exp $
+.\" $OpenBSD: skeyinit.1,v 1.40 2015/10/06 15:09:08 tim Exp $
.\" $NetBSD: skeyinit.1,v 1.4 1995/07/07 22:24:09 jtc Exp $
.\" @(#)skeyinit.1 1.1 10/28/93
.\"
-.Dd $Mdocdate: January 16 2015 $
+.Dd $Mdocdate: October 6 2015 $
.Dt SKEYINIT 1
.Os
.Sh NAME
@@ -11,7 +11,7 @@
.Sh SYNOPSIS
.Nm skeyinit
.Bk -words
-.Op Fl CDErsx
+.Op Fl DErsx
.Op Fl a Ar auth-type
.Op Fl n Ar count
.Op Fl md5 | rmd160 | sha1
@@ -72,14 +72,6 @@ This option allows the authentication type to be specified, such as
.Dq passwd
or
.Dq skey .
-.It Fl C
-Converts from the old-style
-.Pa /etc/skeykeys
-database to a new-style database where user records are stored in the
-.Pa /etc/skey
-directory.
-If an entry already exists in the new-style database it will not
-be overwritten.
.It Fl D
Disables access to the S/Key database.
Only the superuser may use the
diff --git a/usr.bin/skeyinit/skeyinit.c b/usr.bin/skeyinit/skeyinit.c
index 10a913acaf4..a375c2e52fe 100644
--- a/usr.bin/skeyinit/skeyinit.c
+++ b/usr.bin/skeyinit/skeyinit.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: skeyinit.c,v 1.59 2015/10/03 13:10:47 tim Exp $ */
+/* $OpenBSD: skeyinit.c,v 1.60 2015/10/06 15:09:08 tim Exp $ */
/* OpenBSD S/Key (skeyinit.c)
*
@@ -41,13 +41,12 @@
void usage(void);
void secure_mode(int *, char *, char *, size_t, char *, size_t);
void normal_mode(char *, int, char *, char *);
-void convert_db(void);
void enable_db(int);
int
main(int argc, char **argv)
{
- int rval, i, l, n, defaultsetup, rmkey, hexmode, enable, convert;
+ int rval, i, l, n, defaultsetup, rmkey, hexmode, enable;
char hostname[HOST_NAME_MAX+1];
char seed[SKEY_MAX_SEED_LEN + 1];
char buf[256], key[SKEY_BINKEY_SIZE], filename[PATH_MAX], *ht;
@@ -56,7 +55,7 @@ main(int argc, char **argv)
struct skey skey;
struct passwd *pp;
- n = rmkey = hexmode = enable = convert = 0;
+ n = rmkey = hexmode = enable = 0;
defaultsetup = 1;
ht = auth_type = NULL;
@@ -106,9 +105,6 @@ main(int argc, char **argv)
errx(1, "count must be > 0 and < %d",
SKEY_MAX_SEQ);
break;
- case 'C':
- convert = 1;
- break;
case 'D':
enable = -1;
break;
@@ -130,16 +126,12 @@ main(int argc, char **argv)
argv += i;
argc -= i;
- if (argc > 1 || (enable && convert) || (enable && argc) ||
- (convert && argc))
+ if (argc > 1 || (enable && argc))
usage();
- /* Handle -C, -D, and -E */
- if (convert || enable) {
- if (convert)
- convert_db();
- else
- enable_db(enable);
+ /* Handle -D and -E */
+ if (enable) {
+ enable_db(enable);
exit(0);
}
@@ -477,82 +469,12 @@ enable_db(int op)
}
}
-#define _PATH_SKEYKEYS "/etc/skeykeys"
-void
-convert_db(void)
-{
- struct passwd *pp;
- uid_t uid;
- FILE *keyfile;
- FILE *newfile;
- char buf[256], *logname, *hashtype, *seed, *val, *cp;
- char filename[PATH_MAX];
- const char *errstr;
- int fd, n;
-
- if ((keyfile = fopen(_PATH_SKEYKEYS, "r")) == NULL)
- err(1, "can't open %s", _PATH_SKEYKEYS);
- if (flock(fileno(keyfile), LOCK_EX) != 0)
- err(1, "can't lock %s", _PATH_SKEYKEYS);
- enable_db(1);
-
- /*
- * Loop over each entry in _PATH_SKEYKEYS, creating a file
- * in _PATH_SKEYDIR for each one.
- */
- while (fgets(buf, sizeof(buf), keyfile) != NULL) {
- if (buf[0] == '#')
- continue;
- if ((logname = strtok(buf, " \t")) == NULL)
- continue;
- if ((cp = strtok(NULL, " \t")) == NULL)
- continue;
- if (!isalpha((unsigned char)*cp))
- continue;
- hashtype = cp;
- if ((cp = strtok(NULL, " \t")) == NULL)
- continue;
- n = strtonum(cp, 0, SKEY_MAX_SEQ, &errstr);
- if (errstr)
- continue;
- if ((seed = strtok(NULL, " \t")) == NULL)
- continue;
- if ((val = strtok(NULL, " \t")) == NULL)
- continue;
-
- if ((pp = getpwnam(logname)) != NULL)
- uid = pp->pw_uid;
- else
- uid = 0;
-
- /* Now write the new-style record. */
- if (snprintf(filename, sizeof(filename), "%s/%s", _PATH_SKEYDIR,
- logname) >= sizeof(filename)) {
- warnc(ENAMETOOLONG, "%s", logname);
- continue;
- }
- fd = open(filename, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
- if (fd == -1 || flock(fd, LOCK_EX) != 0 ||
- (newfile = fdopen(fd, "r+")) == NULL) {
- warn("%s", logname);
- continue;
- }
- (void)fprintf(newfile, "%s\n%s\n%04d\n%s\n%s\n", logname,
- hashtype, n, seed, val);
- (void)fchown(fileno(newfile), uid, -1);
- (void)fclose(newfile);
- }
- printf("%s has been populated. NOTE: %s has *not* been removed.\n"
- "It should be removed once you have verified that the new keys "
- "work.\n", _PATH_SKEYDIR, _PATH_SKEYKEYS);
-}
-
void
usage(void)
{
extern char *__progname;
- (void)fprintf(stderr, "usage: %s [-CDErsx] [-a auth-type] [-n count]"
+ (void)fprintf(stderr, "usage: %s [-DErsx] [-a auth-type] [-n count]"
"\n\t[-md5 | -rmd160 | -sha1] [user]\n", __progname);
exit(1);
}