diff options
-rw-r--r-- | include/paths.h | 3 | ||||
-rw-r--r-- | lib/libskey/put.c | 3 | ||||
-rw-r--r-- | lib/libskey/shlib_version | 2 | ||||
-rw-r--r-- | lib/libskey/skey.h | 13 | ||||
-rw-r--r-- | lib/libskey/skeylogin.c | 103 |
5 files changed, 97 insertions, 27 deletions
diff --git a/include/paths.h b/include/paths.h index 1dfbdc0704c..96c7462041f 100644 --- a/include/paths.h +++ b/include/paths.h @@ -1,4 +1,4 @@ -/* $OpenBSD: paths.h,v 1.7 1997/06/12 00:35:18 deraadt Exp $ */ +/* $OpenBSD: paths.h,v 1.8 1997/07/23 06:53:10 millert Exp $ */ /* $NetBSD: paths.h,v 1.7 1994/10/26 00:56:12 cgd Exp $ */ /* @@ -62,6 +62,7 @@ #define _PATH_RSH "/usr/bin/rsh" #define _PATH_SENDMAIL "/usr/sbin/sendmail" #define _PATH_SHELLS "/etc/shells" +#define _PATH_SKEYKEYS "/etc/skeykeys" #define _PATH_TTY "/dev/tty" #define _PATH_UNIX "/bsd" #define _PATH_VI "/usr/bin/vi" diff --git a/lib/libskey/put.c b/lib/libskey/put.c index 5ed70ce64a1..496a41ba49f 100644 --- a/lib/libskey/put.c +++ b/lib/libskey/put.c @@ -8,13 +8,14 @@ * * Dictionary lookup and extraction. * - * $Id: put.c,v 1.5 1996/11/03 18:57:28 millert Exp $ + * $Id: put.c,v 1.6 1997/07/23 06:53:11 millert Exp $ */ #include <stdio.h> #include <string.h> #include <assert.h> #include <ctype.h> + #include "skey.h" static unsigned long extract __P ((char *s, int start, int length)); diff --git a/lib/libskey/shlib_version b/lib/libskey/shlib_version index 0e9ba6803ff..ce4bda5219d 100644 --- a/lib/libskey/shlib_version +++ b/lib/libskey/shlib_version @@ -1,2 +1,2 @@ major=0 -minor=5 +minor=6 diff --git a/lib/libskey/skey.h b/lib/libskey/skey.h index c20d5638bb4..434e1788bd6 100644 --- a/lib/libskey/skey.h +++ b/lib/libskey/skey.h @@ -11,12 +11,11 @@ * * Main client header * - * $Id: skey.h,v 1.8 1997/07/23 00:42:26 millert Exp $ + * $Id: skey.h,v 1.9 1997/07/23 06:53:12 millert Exp $ */ /* Server-side data structure for reading keys file during login */ -struct skey -{ +struct skey { FILE *keyfile; char buf[256]; char *logname; @@ -27,8 +26,7 @@ struct skey }; /* Client-side structure for scanning data stream for challenge */ -struct mc -{ +struct mc { char buf[256]; int skip; int cnt; @@ -89,5 +87,6 @@ int getskeyprompt __P((struct skey *mp, char *name, char *prompt)); int atob8 __P((char *out, char *in)); int btoa8 __P((char *out, char *in)); int htoi __P((int c)); -const char * skey_get_algorithm __P((void)); -char * skey_set_algorithm __P((char *new)); +const char *skey_get_algorithm __P((void)); +char *skey_set_algorithm __P((char *new)); +int skeygetnext __P((struct skey *mp)); diff --git a/lib/libskey/skeylogin.c b/lib/libskey/skeylogin.c index ce2aca19eff..bc113f56db5 100644 --- a/lib/libskey/skeylogin.c +++ b/lib/libskey/skeylogin.c @@ -8,7 +8,7 @@ * * S/KEY verification check, lookups, and authentication. * - * $Id: skeylogin.c,v 1.13 1997/07/23 03:52:12 millert Exp $ + * $Id: skeylogin.c,v 1.14 1997/07/23 06:53:12 millert Exp $ */ #include <sys/param.h> @@ -18,24 +18,21 @@ #include <sys/stat.h> #include <sys/time.h> #include <sys/resource.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <ctype.h> #include <err.h> +#include <errno.h> +#include <paths.h> #include <stdio.h> #include <stdlib.h> -#include <unistd.h> #include <string.h> -#include <ctype.h> -#include <sys/types.h> -#include <sys/stat.h> #include <time.h> -#include <errno.h> +#include <unistd.h> #include "skey.h" -#ifndef _PATH_KEYFILE -#define _PATH_KEYFILE "/etc/skeykeys" -#endif - char *skipspace __P((char *)); int skeylookup __P((struct skey *, char *)); @@ -101,7 +98,7 @@ skeychallenge(mp, name, ss) return -1; } return -1; /* Can't happen */ -} +} /* Find an entry in the One-time Password database. * Return codes: @@ -116,17 +113,17 @@ skeylookup(mp, name) { int found = 0; long recstart = 0; - char *cp, *ht; + char *cp, *ht = NULL; struct stat statbuf; - /* See if _PATH_KEYFILE exists, and create it if not */ - if (stat(_PATH_KEYFILE, &statbuf) == -1 && errno == ENOENT) { - mp->keyfile = fopen(_PATH_KEYFILE, "w+"); + /* See if _PATH_SKEYKEYS exists, and create it if not */ + if (stat(_PATH_SKEYKEYS, &statbuf) == -1 && errno == ENOENT) { + mp->keyfile = fopen(_PATH_SKEYKEYS, "w+"); if (mp->keyfile) fchmod(fileno(mp->keyfile), 0600); } else { /* Otherwise open normally for update */ - mp->keyfile = fopen(_PATH_KEYFILE, "r+"); + mp->keyfile = fopen(_PATH_SKEYKEYS, "r+"); if (mp->keyfile && (statbuf.st_mode & 0007777) != 0600) fchmod(fileno(mp->keyfile), 0600); } @@ -167,7 +164,79 @@ skeylookup(mp, name) if (found) { (void)fseek(mp->keyfile, recstart, SEEK_SET); /* Set hash type */ - if (skey_set_algorithm(ht) == NULL) { + if (ht && skey_set_algorithm(ht) == NULL) { + warnx("Unknown hash algorithm %s, using %s", ht, + skey_get_algorithm()); + } + return 0; + } else { + return 1; + } +} + +/* Get the next entry in the One-time Password database. + * Return codes: + * -1: error in opening database + * 0: next entry found, file R/W pointer positioned at beginning of record + * 1: no more entries, file R/W pointer positioned at EOF + */ +int +skeygetnext(mp) + struct skey *mp; +{ + long recstart = 0; + char *cp, *ht = NULL; + struct stat statbuf; + + /* See if _PATH_SKEYKEYS exists, and create it if not */ + if (mp->keyfile == NULL) { + if (stat(_PATH_SKEYKEYS, &statbuf) == -1 && errno == ENOENT) { + mp->keyfile = fopen(_PATH_SKEYKEYS, "w+"); + if (mp->keyfile) + fchmod(fileno(mp->keyfile), 0600); + } else { + /* Otherwise open normally for update */ + mp->keyfile = fopen(_PATH_SKEYKEYS, "r+"); + if (mp->keyfile && (statbuf.st_mode & 0007777) != 0600) + fchmod(fileno(mp->keyfile), 0600); + } + if (mp->keyfile == NULL) + return -1; + } + + /* Look up next user in database */ + while (!feof(mp->keyfile)) { + recstart = ftell(mp->keyfile); + mp->recstart = recstart; + if (fgets(mp->buf, sizeof(mp->buf), mp->keyfile) != mp->buf) + break; + rip(mp->buf); + if (mp->buf[0] == '#') + continue; /* Comment */ + if ((mp->logname = strtok(mp->buf, " \t")) == NULL) + continue; + if ((cp = strtok(NULL, " \t")) == NULL) + continue; + /* Save hash type if specified, else use md4 */ + if (isalpha(*cp)) { + ht = cp; + if ((cp = strtok(NULL, " \t")) == NULL) + continue; + } else { + ht = "md4"; + } + mp->n = atoi(cp); + if ((mp->seed = strtok(NULL, " \t")) == NULL) + continue; + if ((mp->val = strtok(NULL, " \t")) == NULL) + continue; + /* Got a real entry */ + break; + } + if (!feof(mp->keyfile)) { + (void)fseek(mp->keyfile, recstart, SEEK_SET); + /* Set hash type */ + if (ht && skey_set_algorithm(ht) == NULL) { warnx("Unknown hash algorithm %s, using %s", ht, skey_get_algorithm()); } |