d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't ever ask for password if it is impossible to confirm it

Browse Source 
It happens if 1) regular passwords not allowed, 2) skey database
not activated for given user.
Under some rare circumstanes skey_challenge can return empty
diagnostic or even previous buffer, fix it.
This commit is contained in:
Andrey A. Chernov 1996-10-17 17:06:04 +00:00
parent 6903b42cd8
commit 28ed0fe08b
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=18989
3 changed files with 22 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libexec/ftpd/extern.h
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* @(#)extern.h 8.2 (Berkeley) 4/4/94 * @(#)extern.h 8.2 (Berkeley) 4/4/94
* $Id$ * $Id: extern.h,v 1.4 1996/09/22 21:53:21 wosch Exp $
*/ */
void blkfree __P((char **)); void blkfree __P((char **));
@ -68,5 +68,5 @@ void user __P((char *));
void yyerror __P((char *)); void yyerror __P((char *));
int yyparse __P((void)); int yyparse __P((void));
#if defined(SKEY) && defined(_PWD_H_) /* XXX evil */ #if defined(SKEY) && defined(_PWD_H_) /* XXX evil */
char *skey_challenge __P((char *, struct passwd *, int)); char *skey_challenge __P((char *, struct passwd *, int, int *));
#endif #endif

15
libexec/ftpd/ftpd.c
View File

@ -30,7 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $Id: ftpd.c,v 1.22 1996/08/09 09:02:26 markm Exp $ * $Id: ftpd.c,v 1.23 1996/08/09 22:22:30 julian Exp $
*/ */
#if 0 #if 0
@ -182,6 +182,7 @@ char proctitle[LINE_MAX]; /* initial part of title */
#ifdef SKEY #ifdef SKEY
int pwok = 0; int pwok = 0;
int sflag;
char addr_string[20]; /* XXX */ char addr_string[20]; /* XXX */
#endif #endif
@ -627,7 +628,17 @@ user(name)
strncpy(curname, name, sizeof(curname)-1); strncpy(curname, name, sizeof(curname)-1);
#ifdef SKEY #ifdef SKEY
pwok = skeyaccess(name, NULL, remotehost, addr_string); pwok = skeyaccess(name, NULL, remotehost, addr_string);
reply(331, "%s", skey_challenge(name, pw, pwok)); cp = skey_challenge(name, pw, pwok, &sflag);
if (!pwok && sflag) {
reply(530, cp);
if (logging)
syslog(LOG_NOTICE,
"FTP LOGIN REFUSED FROM %s, %s",
remotehost, name);
pw = (struct passwd *) NULL;
return;
}
reply(331, cp);
#else #else
reply(331, "Password required for %s.", name); reply(331, "Password required for %s.", name);
#endif #endif

12
libexec/ftpd/skey-stuff.c
View File

@ -1,6 +1,6 @@
/* Author: Wietse Venema, Eindhoven University of Technology. /* Author: Wietse Venema, Eindhoven University of Technology.
* *
* $Id$ * $Id: skey-stuff.c,v 1.3 1996/09/22 21:53:34 wosch Exp $
*/ */
#include <stdio.h> #include <stdio.h>
@ -10,18 +10,20 @@
/* skey_challenge - additional password prompt stuff */ /* skey_challenge - additional password prompt stuff */
char *skey_challenge(name, pwd, pwok) char *skey_challenge(name, pwd, pwok, sflag)
char *name; char *name;
struct passwd *pwd; struct passwd *pwd;
int pwok; int pwok;
int *sflag;
{ {
static char buf[128]; static char buf[128];
struct skey skey; struct skey skey;
char *username = pwd ? pwd->pw_name : ":";
/* Display s/key challenge where appropriate. */ /* Display s/key challenge where appropriate. */
if (pwd == 0 || skeychallenge(&skey, pwd->pw_name, buf) != 0) *sflag = skeychallenge(&skey, username, buf);
sprintf(buf, "%s required for %s.", sprintf(buf, "%s required for %s.",
pwok ? "Password" : "S/Key password", name); pwok ? "Password" : "S/Key password", name);
return (buf); return (buf);
} }