Support OPIE as an alternative to S/Key.
Sponsored by: DARPA, NAI Labs
This commit is contained in:
Dag-Erling Smørgrav
parent
ba11afcc21
commit
edb557f8bb
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=99046
@ -1,4 +1,5 @@
|
||||
/* $Id: acconfig.h,v 1.138 2002/06/12 16:57:15 mouring Exp $ */
|
||||
/* $FreeBSD$ */
|
||||
|
||||
#ifndef _CONFIG_H
|
||||
#define _CONFIG_H
|
||||
@ -213,6 +214,9 @@
|
||||
/* Define if you want S/Key support */
|
||||
#undef SKEY
|
||||
|
||||
/* Define if you want OPIE support */
|
||||
#undef OPIE
|
||||
|
||||
/* Define if you want TCP Wrappers support */
|
||||
#undef LIBWRAP
|
||||
|
||||
|
||||
@ -23,10 +23,19 @@
|
||||
*/
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: auth-skey.c,v 1.19 2002/06/19 00:27:55 deraadt Exp $");
|
||||
RCSID("$FreeBSD$");
|
||||
|
||||
#ifdef SKEY
|
||||
|
||||
#ifdef OPIE
|
||||
#include <opie.h>
|
||||
#define skey opie
|
||||
#define skeychallenge(k, u, c) opiechallenge((k), (u), (c))
|
||||
#define skey_haskey(u) opie_haskey((u))
|
||||
#define skey_passcheck(u, r) opie_passverify((u), (r))
|
||||
#else
|
||||
#include <skey.h>
|
||||
#endif
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "auth.h"
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
/* $OpenBSD: auth.h,v 1.39 2002/05/31 11:35:15 markus Exp $ */
|
||||
/* $FreeBSD$ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
@ -188,5 +189,12 @@ void auth_debug_reset(void);
|
||||
#define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2)
|
||||
#define AUTH_FAIL_MSG "Too many authentication failures for %.100s"
|
||||
|
||||
#ifdef SKEY
|
||||
#ifdef OPIE
|
||||
#define SKEY_PROMPT "\nOPIE Password: "
|
||||
#else
|
||||
#define SKEY_PROMPT "\nS/Key Password: "
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
# $Id: configure.ac,v 1.67 2002/06/21 00:01:19 mouring Exp $
|
||||
# $FreeBSD$
|
||||
|
||||
AC_INIT
|
||||
AC_CONFIG_SRCDIR([ssh.c])
|
||||
@ -508,6 +509,41 @@ int main() { char *ff = skey_keyinfo(""); ff=""; return 0; }
|
||||
]
|
||||
)
|
||||
|
||||
# Check whether user wants OPIE support
|
||||
OPIE_MSG="no"
|
||||
AC_ARG_WITH(opie,
|
||||
[ --with-opie[[=PATH]] Enable OPIE support
|
||||
(optionally in PATH)],
|
||||
[
|
||||
if test "x$withval" != "xno" ; then
|
||||
|
||||
if test "x$withval" != "xyes" ; then
|
||||
CPPFLAGS="$CPPFLAGS -I${withval}/include"
|
||||
LDFLAGS="$LDFLAGS -L${withval}/lib"
|
||||
fi
|
||||
|
||||
AC_DEFINE(SKEY)
|
||||
AC_DEFINE(OPIE)
|
||||
LIBS="-lopie $LIBS"
|
||||
OPIE_MSG="yes"
|
||||
|
||||
AC_MSG_CHECKING([for opie support])
|
||||
AC_TRY_RUN(
|
||||
[
|
||||
#include <sys/types.h>
|
||||
#include <stdio.h>
|
||||
#include <opie.h>
|
||||
int main() { char *ff = opie_keyinfo(""); ff=""; return 0; }
|
||||
],
|
||||
[AC_MSG_RESULT(yes)],
|
||||
[
|
||||
AC_MSG_RESULT(no)
|
||||
AC_MSG_ERROR([** Incomplete or missing opie libraries.])
|
||||
])
|
||||
fi
|
||||
]
|
||||
)
|
||||
|
||||
# Check whether user wants TCP wrappers support
|
||||
TCPW_MSG="no"
|
||||
AC_ARG_WITH(tcp-wrappers,
|
||||
@ -1583,7 +1619,11 @@ AC_CACHE_CHECK([whether getopt has optreset support],
|
||||
ac_cv_have_getopt_optreset, [
|
||||
AC_TRY_LINK(
|
||||
[
|
||||
#if HAVE_GETOPT_H
|
||||
#include <getopt.h>
|
||||
#elif HAVE_UNISTD_H
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
],
|
||||
[ extern int optreset; optreset = 0; ],
|
||||
[ ac_cv_have_getopt_optreset="yes" ],
|
||||
@ -2391,6 +2431,7 @@ echo " KerberosV support: $KRB5_MSG"
|
||||
echo " Smartcard support: $SCARD_MSG"
|
||||
echo " AFS support: $AFS_MSG"
|
||||
echo " S/KEY support: $SKEY_MSG"
|
||||
echo " OPIE support: $OPIE_MSG"
|
||||
echo " TCP Wrappers support: $TCPW_MSG"
|
||||
echo " MD5 password support: $MD5_MSG"
|
||||
echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
|
||||
|
||||
@ -26,12 +26,21 @@
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: monitor.c,v 1.16 2002/06/21 05:50:51 djm Exp $");
|
||||
RCSID("$FreeBSD$");
|
||||
|
||||
#include <openssl/dh.h>
|
||||
|
||||
#ifdef SKEY
|
||||
#ifdef OPIE
|
||||
#include <opie.h>
|
||||
#define skey opie
|
||||
#define skeychallenge(k, u, c) opiechallenge((k), (u), (c))
|
||||
#define skey_haskey(u) opie_haskey((u))
|
||||
#define skey_passcheck(u, r) opie_passverify((u), (r))
|
||||
#else
|
||||
#include <skey.h>
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#include "ssh.h"
|
||||
#include "auth.h"
|
||||
|
||||
@ -767,6 +767,7 @@ mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses)
|
||||
return ((authok == 0) ? -1 : 0);
|
||||
}
|
||||
|
||||
#ifdef SKEY
|
||||
int
|
||||
mm_skey_query(void *ctx, char **name, char **infotxt,
|
||||
u_int *numprompts, char ***prompts, u_int **echo_on)
|
||||
@ -829,6 +830,7 @@ mm_skey_respond(void *ctx, u_int numresponses, char **responses)
|
||||
|
||||
return ((authok == 0) ? -1 : 0);
|
||||
}
|
||||
#endif
|
||||
|
||||
void
|
||||
mm_ssh1_session_id(u_char session_id[16])
|
||||
|
||||
Loading…
Reference in New Issue
Block a user