diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 1996-09-30 06:30:44 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 1996-09-30 06:30:44 +0000 |
commit | 6d25818866952ab596e315eb9fdeccc53e5a2d3a (patch) | |
tree | 7e09eb9f2ac25b2b8e4d32c1d4eeba713b27020c /usr.bin | |
parent | 8b07d37c42b0daca0465677d03de9b0ac420fe66 (diff) |
In -s mode, now checks that seed is pure alphanum and converts chars
to lowercase. Also fixed prompt in -s mode to be rfc1938 compliant.
You may now enter "s/key" as the password and get in via an s/key
challenge, the lack of which was pointed out by dm.
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/skeyinit/skeyinit.c | 62 |
1 files changed, 42 insertions, 20 deletions
diff --git a/usr.bin/skeyinit/skeyinit.c b/usr.bin/skeyinit/skeyinit.c index 65694f0f097..23f9a72700b 100644 --- a/usr.bin/skeyinit/skeyinit.c +++ b/usr.bin/skeyinit/skeyinit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: skeyinit.c,v 1.9 1996/09/29 23:11:04 millert Exp $ */ +/* $OpenBSD: skeyinit.c,v 1.10 1996/09/30 06:30:43 millert Exp $ */ /* $NetBSD: skeyinit.c,v 1.6 1995/06/05 19:50:48 pk Exp $ */ /* S/KEY v1.1b (skeyinit.c) @@ -115,20 +115,22 @@ main(argc, argv) } salt = pp->pw_passwd; - (void)setpriority(PRIO_PROCESS, 0, -4); - if (getuid() != 0) { - (void)setpriority(PRIO_PROCESS, 0, -4); - pw = getpass("Password:"); - p = crypt(pw, salt); - - (void)setpriority(PRIO_PROCESS, 0, 0); - - if (pp && strcmp(p, pp->pw_passwd)) - errx(1, "Password incorrect."); + if (strcasecmp(pw, "s/key") == 0) { + if (skey_haskey(me)) + exit(1); + if (skey_authenticate(me)) + errx(1, "Password incorrect."); + } else { + p = crypt(pw, salt); + if (strcmp(p, pp->pw_passwd)) + errx(1, "Password incorrect."); + } } + (void)setpriority(PRIO_PROCESS, 0, -4); + rval = skeylookup(&skey, pp->pw_name); switch (rval) { case -1: @@ -177,20 +179,37 @@ main(argc, argv) for (i = 0;; i++) { if (i >= 2) exit(1); + (void)printf("Enter sequence count from 1 to %d: ", SKEY_MAXSEQ); (void)fgets(tmp, sizeof(tmp), stdin); n = atoi(tmp); if (n > 0 && n < SKEY_MAXSEQ) break; /* Valid range */ - (void)printf("\n Error: Count must be > 0 and < %d\n", + (void)printf("Error: Count must be > 0 and < %d\n", SKEY_MAXSEQ); } - (void)printf("Enter new key [default %s]: ", defaultseed); - (void)fflush(stdout); - (void)fgets(seed, sizeof(seed), stdin); - rip(seed); + for (i = 0;; i++) { + if (i >= 2) + exit(1); + + (void)printf("Enter new key [default %s]: ", + defaultseed); + (void)fgets(seed, sizeof(seed), stdin); + rip(seed); + for (p = seed; *p; p++) { + if (isalpha(*p)) { + if (isupper(*p)) + *p = tolower(*p); + } else if (!isdigit(*p)) { + (void)puts("Error: seed may only contain alpha numeric characters"); + break; + } + } + if (*p == '\0') + break; /* Valid seed */ + } if (strlen(seed) > 16) { (void)puts("Notice: Seed truncated to 16 characters."); seed[16] = '\0'; @@ -202,8 +221,8 @@ main(argc, argv) if (i >= 2) exit(1); - (void)printf("skey %d %s\nskey access password: ", - n, seed); + (void)printf("otp-%s %d %s\nS/Key access password: ", + skey_get_algorithm(), n, seed); (void)fgets(tmp, sizeof(tmp), stdin); rip(tmp); backspace(tmp); @@ -268,9 +287,12 @@ main(argc, argv) (void)fprintf(skey.keyfile, "%s %s %04d %-16s %s %-21s\n", pp->pw_name, skey_get_algorithm(), n, seed, skey.val, tbuf); (void)fclose(skey.keyfile); - (void)printf("\nID %s skey is %d %s\n", pp->pw_name, n, seed); - (void)printf("Next login password: %s\n", hexmode ? put8(buf, key) : btoe(buf, key)); + (void)setpriority(PRIO_PROCESS, 0, 0); + + (void)printf("\nID %s skey is %d %s\n", pp->pw_name, n, seed); + (void)printf("Next login password: %s\n\n", + hexmode ? put8(buf, key) : btoe(buf, key)); exit(0); } |