Implement alternative strategy if it is impossible to confirm
password: ask for it, but don't tell that S/key password required. It looks like non-s/key system from outside. Additionally tell that s/key required when it is so for normal case
This commit is contained in:
parent
9fe1a5aaab
commit
43658eac64
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=19018
@ -68,5 +68,5 @@ void user __P((char *));
|
|||||||
void yyerror __P((char *));
|
void yyerror __P((char *));
|
||||||
int yyparse __P((void));
|
int yyparse __P((void));
|
||||||
#if defined(SKEY) && defined(_PWD_H_) /* XXX evil */
|
#if defined(SKEY) && defined(_PWD_H_) /* XXX evil */
|
||||||
char *skey_challenge __P((char *, struct passwd *, int, int *));
|
char *skey_challenge __P((char *, struct passwd *, int));
|
||||||
#endif
|
#endif
|
||||||
|
@ -182,7 +182,6 @@ char proctitle[LINE_MAX]; /* initial part of title */
|
|||||||
|
|
||||||
#ifdef SKEY
|
#ifdef SKEY
|
||||||
int pwok = 0;
|
int pwok = 0;
|
||||||
int sflag;
|
|
||||||
char addr_string[20]; /* XXX */
|
char addr_string[20]; /* XXX */
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -628,17 +627,7 @@ user(name)
|
|||||||
strncpy(curname, name, sizeof(curname)-1);
|
strncpy(curname, name, sizeof(curname)-1);
|
||||||
#ifdef SKEY
|
#ifdef SKEY
|
||||||
pwok = skeyaccess(name, NULL, remotehost, addr_string);
|
pwok = skeyaccess(name, NULL, remotehost, addr_string);
|
||||||
cp = skey_challenge(name, pw, pwok, &sflag);
|
reply(331, "%s", skey_challenge(name, pw, pwok));
|
||||||
if (!pwok && sflag) {
|
|
||||||
reply(530, cp);
|
|
||||||
if (logging)
|
|
||||||
syslog(LOG_NOTICE,
|
|
||||||
"FTP LOGIN REFUSED FROM %s, %s",
|
|
||||||
remotehost, name);
|
|
||||||
pw = (struct passwd *) NULL;
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
reply(331, cp);
|
|
||||||
#else
|
#else
|
||||||
reply(331, "Password required for %s.", name);
|
reply(331, "Password required for %s.", name);
|
||||||
#endif
|
#endif
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/* Author: Wietse Venema, Eindhoven University of Technology.
|
/* Author: Wietse Venema, Eindhoven University of Technology.
|
||||||
*
|
*
|
||||||
* $Id: skey-stuff.c,v 1.4 1996/10/17 17:06:04 ache Exp $
|
* $Id: skey-stuff.c,v 1.3 1996/09/22 21:53:34 wosch Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
@ -10,21 +10,19 @@
|
|||||||
|
|
||||||
/* skey_challenge - additional password prompt stuff */
|
/* skey_challenge - additional password prompt stuff */
|
||||||
|
|
||||||
char *skey_challenge(name, pwd, pwok, sflag)
|
char *skey_challenge(name, pwd, pwok)
|
||||||
char *name;
|
char *name;
|
||||||
struct passwd *pwd;
|
struct passwd *pwd;
|
||||||
int pwok;
|
int pwok;
|
||||||
int *sflag;
|
|
||||||
{
|
{
|
||||||
static char buf[128];
|
static char buf[128];
|
||||||
struct skey skey;
|
struct skey skey;
|
||||||
char *username = pwd ? pwd->pw_name : ":";
|
|
||||||
|
|
||||||
/* Display s/key challenge where appropriate. */
|
/* Display s/key challenge where appropriate. */
|
||||||
|
|
||||||
*sflag = skeychallenge(&skey, username, buf);
|
if (pwd == NULL || skeychallenge(&skey, pwd->pw_name, buf))
|
||||||
if (*sflag)
|
sprintf(buf, "Password required for %s.", name);
|
||||||
sprintf(buf, "%s required for %s.",
|
else if (!pwok)
|
||||||
pwok ? "Password" : "S/Key password", name);
|
strcat(buf, " (s/key required)");
|
||||||
return (buf);
|
return (buf);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user